Can you do radtest from the machine on which chillispot is installed? If radtest does OK - it's a chilli bug. If radtest fails as well - crypto libraries on that machine are broken.
Ivan Kalik Kalik Informatika ISP Dana 7/4/2008, "SANDY KALUGDAN" <[EMAIL PROTECTED]> piše: >chillispot hotspotlogin.cgi contains > ># Shared secret used to encrypt challenge with. Prevents dictionary attacks. ># You should change this to your own shared secret. >$uamsecret = "testing123"; > ># Uncomment the following line if you want to use ordinary user-password ># for radius authentication. Must be used together with $uamsecret. >$userpassword=1; > >nas table >>+----+-----------+-----------+------+-------+------------+-----------+-------------+ >>| id | nasname | shortname | type | ports | secret | community | >>description | >>+----+-----------+-----------+------+-------+------------+-----------+-------------+ >>| 1 | 127.0.0.1 | localhost | NULL | NULL | testing123 | NULL | NULL >> | >>+----+-----------+-----------+------+-------+------------+-----------+-------------+ > >radcheck table >mysql> select * from radcheck; >+----+----------+--------------------+----+-------+ >| id | UserName | Attribute | op | Value | >+----+----------+--------------------+----+-------+ >| 1 | s | Cleartext-Password | := | sandy | >| 2 | steve | Cleartext-Password | := | s | >+----+----------+--------------------+----+-------+ >2 rows in set (0.00 sec) > >clients.conf >client 192.168.182.1/24 { > secret = testing123 > shortname = private-network >} > > >nas table and clients.conf are both on radius server. You need to make >testing123 secret on the portal that is sending those reqests. > >Ivan Kalik >Kalik Informatika ISP > > >Dana 7/4/2008, "SANDY KALUGDAN" <[EMAIL PROTECTED]> piĹĄe: > >>I've checked the clients.conf and it uses testing123 as the secret. >>I've created a record on nas >>mysql> select * from nas; >>+----+-----------+-----------+------+-------+------------+-----------+-------------+ >>| id | nasname | shortname | type | ports | secret | community | >>description | >>+----+-----------+-----------+------+-------+------------+-----------+-------------+ >>| 1 | 127.0.0.1 | localhost | NULL | NULL | testing123 | NULL | NULL >> | >>+----+-----------+-----------+------+-------+------------+-----------+-------------+ >> >>here is a portion of the radiusd -X output >> >>rlm_pap: Found existing Auth-Type, not changing it. >>++[pap] returns noop >> rad_check_password: Found Auth-Type >>auth: type Local >>auth: user supplied User-Password does NOT match local User-Password >>auth: Failed to validate the user. >>Login incorrect: [s/\365\010\343\323] (from client localhost port 0 cli >>00-1C-A4-6F-21-10) >> WARNING: Unprintable characters in the password. Double-check the >> shared secret on the server and the NAS! >> Found Post-Auth-Type Reject >>+- entering group REJECT >> expand: %{User-Name} -> s >> attr_filter: Matched entry DEFAULT at line 11 >> >> >> >>----- Original Message ---- >>From: Ivan Kalik <[EMAIL PROTECTED]> >>To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> >>Sent: Monday, April 7, 2008 16:22:38 >>Subject: Re: Freeradius + CHAP >> >>> User-Password = "\340\334\351\234" >> >>Shared secret in clents.conf and on the NAS is not the same. >> >>Ivan Kalik >>Kalik Informatika ISP >> >>- >>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html >> >> >> >> >>Send instant messages to your online friends http://uk.messenger.yahoo.com >> >>- >>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html >> >> > >- >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > > > > >Send instant messages to your online friends http://uk.messenger.yahoo.com > >- >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html