Hi Alan,
Ok, after removing everything, reverting back to FreeRadius 1.1.6 release,
re-writing the configs, synchronizing the dictionaries properly - I managed to
make the radclient test work for me correctly, which means that the FreeRadius
server is working properly for me.
Now, I've attached the OpenSER SIP proxy, and now upon registration of a SIP
phone, the following can be seen from in the debug log:
--- Walking the entire request list ---
Cleaning up request 16 ID 204 with timestamp 469a4341
Sending Access-Reject of id 205 to 192.168.2.80 port 50226
Waking up in 4 seconds...
rad_recv: Access-Request packet from host 192.168.2.80:50227, id=206, length=67
User-Name = "[EMAIL PROTECTED]"
X-Ascend-PPP-VJ-1172 = 0x73757370656e646564
Service-Type = Voice
NAS-Port = 0
NAS-IP-Address = 192.168.2.80
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 18
modcall[authorize]: module "preprocess" returns ok for request 18
modcall[authorize]: module "chap" returns noop for request 18
modcall[authorize]: module "mschap" returns noop for request 18
modcall[authorize]: module "digest" returns noop for request 18
rlm_realm: Looking up realm "192.168.2.80" for User-Name = "[EMAIL
PROTECTED]"
rlm_realm: No such realm "192.168.2.80"
modcall[authorize]: module "suffix" returns noop for request 18
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 18
users: Matched entry DEFAULT at line 153
users: Matched entry DEFAULT at line 236
modcall[authorize]: module "files" returns ok for request 18
rlm_pap: Found existing Auth-Type, not changing it.
modcall[authorize]: module "pap" returns noop for request 18
modcall: leaving group authorize (returns ok) for request 18
rad_check_password: Found Auth-Type Reject
rad_check_password: Auth-Type = Reject, rejecting user
auth: Failed to validate the user.
Login incorrect: [EMAIL PROTECTED]/<no User-Password attribute>] (from client
private-network-1 port 0)
Delaying request 18 for 1 seconds
Finished request 18
Going to the next request
Waking up in 4 seconds...
I can understand now that authorize is working nicely, but the Authentication
section is wrong.
I know there's alot of shit in radiusd.conf, however, it shouldn't prevent from
the basics to work
correctly, no?
Z2L
----- Original Message -----
From: "Alan DeKok" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED], "FreeRadius users mailing list"
<freeradius-users@lists.freeradius.org>
Sent: 21:31:08 (GMT+0200) Asia/Jerusalem יום שלישי 17 יולי 2007
Subject: Re: RLM_PERL Integration Issue
FreeRadius-ML wrote:
> 1. I've removed all the rlm_perl configurations from the radiusd.conf file,
> and
> enabled the digest authentication back.
> 2. I've added to my users file the following lines:
>
> [EMAIL PROTECTED] Auth-Type := Digest, User-Password == "101"
> Reply-Message = "Authenticated"
Don't set Auth-Type. The server will figure it out on it's own.
Hmm.. the "digest" module wasn't updated to use Cleartext-Password.
Still, you should be using:
[EMAIL PROTECTED] Cleartext-Password := "101"
Reply-Message = "Authenticated".
> I'm using version 1.1.7pre3
Huh? 1.1.7 isn't out, and nothing we've released is called "-pre3".
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
