Thanks Ivan, I don't get this in my config, probably because we are passing the password to an external script to do the authentication.
So I need to make the script send a message about possible mismatched secret if it see's unreadable characters. Many thanks for the help, niall 2008/5/14 Ivan Kalik <[EMAIL PROTECTED]>: > rad_recv: Access-Request packet from host 127.0.0.1:46636, id=35, > length=58 > User-Name = "proba1" > User-Password = > "\210\363\353\036\337S\342i\023c&\212\240\267\350\026" > NAS-IP-Address = 255.255.255.255 > NAS-Port = 2 > Processing the authorize section of radiusd.conf > modcall: entering group authorize for request 0 > modcall[authorize]: module "preprocess" returns ok for request 0 > modcall[authorize]: module "chap" returns noop for request 0 > modcall[authorize]: module "mschap" returns noop for request 0 > rlm_realm: No '@' in User-Name = "proba1", looking up realm NULL > rlm_realm: No such realm "NULL" > modcall[authorize]: module "suffix" returns noop for request 0 > rlm_eap: No EAP-Message, not doing EAP > modcall[authorize]: module "eap" returns noop for request 0 > modcall[authorize]: module "files" returns notfound for request 0 > radius_xlat: 'proba1' > rlm_sql (sql): sql_set_user escaped user --> 'proba1' > radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM > radcheck WHERE Username = 'proba1' ORDER BY id' > rlm_sql (sql): Reserving sql socket id: 3 > radius_xlat: 'SELECT > radgroupcheck.id > ,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op > FROM radgroupcheck,usergroup WHERE usergroup.Username = 'proba1' AND > usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' > radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM > radreply WHERE Username = 'proba1' ORDER BY id' > radius_xlat: 'SELECT > radgroupreply.id > ,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op > FROM radgroupreply,usergroup WHERE usergroup.Username = 'proba1' AND > usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' > rlm_sql (sql): Released sql socket id: 3 > rlm_sql (sql): No matching entry in the database for request from user > [proba1] > modcall[authorize]: module "sql" returns notfound for request 0 > rlm_pap: WARNING! No "known good" password found for the user. > Authentication may fail because of this. > modcall[authorize]: module "pap" returns noop for request 0 > modcall: leaving group authorize (returns ok) for request 0 > auth: No authenticate method (Auth-Type) configuration found for the > request: Rejecting the user > auth: Failed to validate the user. > Login incorrect: > [proba1/\210\363\353\036\337S\342i\023c&\212\240\267\350\026] > (from client localhost port 2) > WARNING: Unprintable characters in the password. ? Double-check the > shared secret on the server and the NAS! > > There it is at the end. This is 1.1.7 built from the source. > > Ivan Kalik > Kalik Informatika ISP > > > Dana 14/5/2008, "niall el-assaad" <[EMAIL PROTECTED]> piše: > > >Its 1.1.7 (actually 1.1.7-3.1.fc6) > >thanks, > > > >2008/5/14 Ivan Kalik <[EMAIL PROTECTED]>: > > > >> freeradius version? > >> > >> Ivan Kalik > >> Kalik Informatika ISP > >> > >> > >> Dana 14/5/2008, "niall el-assaad" <[EMAIL PROTECTED]> piše: > >> > >> >Yes capital X as in -X > >> >thanks, > >> > > >> >2008/5/14 Ivan Kalik <[EMAIL PROTECTED]>: > >> > > >> >> Are you using -X (capital X) or something else? > >> >> > >> >> Ivan Kalik > >> >> Kalik Informatika ISP > >> >> > >> >> > >> >> Dana 13/5/2008, "niall el-assaad" <[EMAIL PROTECTED]> piše: > >> >> > >> >> >Thanks Ivan, > >> >> >I don't have this message in the debug output, is this possibly > >> because > >> >> I'm > >> >> >running an external script? Or is there a chance that its not a > >> >> mismatched > >> >> >secret? > >> >> > > >> >> >thanks, > >> >> > > >> >> >2008/5/14 Ivan Kalik <[EMAIL PROTECTED]>: > >> >> > > >> >> >> Threre is a "Unprintable characters ..." warning about the > potential > >> >> >> shared secret mismatch in the debug. > >> >> >> > >> >> >> Ivan Kalik > >> >> >> Kalik Informatika ISP > >> >> >> > >> >> >> > >> >> >> Dana 13/5/2008, "niall el-assaad" <[EMAIL PROTECTED]> piše: > >> >> >> > >> >> >> >thanks alan, much appreciated. > >> >> >> >I think you may be right. Its just strange the FR server doesn't > >> >> mention > >> >> >> >this - or would it not know and only the radius client know > this? > >> >> >> > > >> >> >> >thanks again, > >> >> >> > > >> >> >> >On Tue, May 13, 2008 at 10:02 PM, <[EMAIL PROTECTED]> > wrote: > >> >> >> > > >> >> >> >> hi, > >> >> >> >> > >> >> >> >> incorrect shared secret between FR server and WLC? > >> >> >> >> > >> >> >> >> alan > >> >> >> >> - > >> >> >> >> List info/subscribe/unsubscribe? See > >> >> >> >> http://www.freeradius.org/list/users.html > >> >> >> >> > >> >> >> > > >> >> >> > > >> >> >> > >> >> >> - > >> >> >> List info/subscribe/unsubscribe? See > >> >> >> http://www.freeradius.org/list/users.html > >> >> >> > >> >> > > >> >> > >> >> - > >> >> List info/subscribe/unsubscribe? See > >> >> http://www.freeradius.org/list/users.html > >> >> > >> > > >> > >> - > >> List info/subscribe/unsubscribe? See > >> http://www.freeradius.org/list/users.html > >> > > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html >
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html