I thing that authorization because the user can't be found in the users file... just look at the part of debug output:
Fri Jul 11 21:40:46 2008 : Debug: modsingle[authorize]: calling files (rlm_files) for request 1 Fri Jul 11 21:40:46 2008 : Debug: modsingle[authorize]: returned from files (rlm_files) for request 1 Fri Jul 11 21:40:46 2008 : Debug: ++[files] returns noop And this is the whole freerad request: rad_recv: Access-Request packet from host 127.0.0.1 port 32770, id=28, length=56 User-Name = "fred" User-Password = "somepass" NAS-IP-Address = 127.0.0.1 NAS-Port = 1813 Fri Jul 11 21:40:46 2008 : Debug: +- entering group authorize Fri Jul 11 21:40:46 2008 : Debug: modsingle[authorize]: calling preprocess (rlm_preprocess) for request 1 Fri Jul 11 21:40:46 2008 : Debug: modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 1 Fri Jul 11 21:40:46 2008 : Debug: ++[preprocess] returns ok Fri Jul 11 21:40:46 2008 : Debug: modsingle[authorize]: calling chap (rlm_chap) for request 1 Fri Jul 11 21:40:46 2008 : Debug: modsingle[authorize]: returned from chap (rlm_chap) for request 1 Fri Jul 11 21:40:46 2008 : Debug: ++[chap] returns noop Fri Jul 11 21:40:46 2008 : Debug: modsingle[authorize]: calling mschap (rlm_mschap) for request 1 Fri Jul 11 21:40:46 2008 : Debug: modsingle[authorize]: returned from mschap (rlm_mschap) for request 1 Fri Jul 11 21:40:46 2008 : Debug: ++[mschap] returns noop Fri Jul 11 21:40:46 2008 : Debug: modsingle[authorize]: calling suffix (rlm_realm) for request 1 Fri Jul 11 21:40:46 2008 : Debug: rlm_realm: No '@' in User-Name = "fred", looking up realm NULL Fri Jul 11 21:40:46 2008 : Debug: rlm_realm: No such realm "NULL" Fri Jul 11 21:40:46 2008 : Debug: modsingle[authorize]: returned from suffix (rlm_realm) for request 1 Fri Jul 11 21:40:46 2008 : Debug: ++[suffix] returns noop Fri Jul 11 21:40:46 2008 : Debug: modsingle[authorize]: calling eap (rlm_eap) for request 1 Fri Jul 11 21:40:46 2008 : Debug: rlm_eap: No EAP-Message, not doing EAP Fri Jul 11 21:40:46 2008 : Debug: modsingle[authorize]: returned from eap (rlm_eap) for request 1 Fri Jul 11 21:40:46 2008 : Debug: ++[eap] returns noop Fri Jul 11 21:40:46 2008 : Debug: modsingle[authorize]: calling unix (rlm_unix) for request 1 Fri Jul 11 21:40:46 2008 : Debug: modsingle[authorize]: returned from unix (rlm_unix) for request 1 Fri Jul 11 21:40:46 2008 : Debug: ++[unix] returns notfound Fri Jul 11 21:40:46 2008 : Debug: modsingle[authorize]: calling files (rlm_files) for request 1 Fri Jul 11 21:40:46 2008 : Debug: modsingle[authorize]: returned from files (rlm_files) for request 1 Fri Jul 11 21:40:46 2008 : Debug: ++[files] returns noop Fri Jul 11 21:40:46 2008 : Debug: modsingle[authorize]: calling expiration (rlm_expiration) for request 1 Fri Jul 11 21:40:46 2008 : Debug: modsingle[authorize]: returned from expiration (rlm_expiration) for request 1 Fri Jul 11 21:40:46 2008 : Debug: ++[expiration] returns noop Fri Jul 11 21:40:46 2008 : Debug: modsingle[authorize]: calling logintime (rlm_logintime) for request 1 Fri Jul 11 21:40:46 2008 : Debug: modsingle[authorize]: returned from logintime (rlm_logintime) for request 1 Fri Jul 11 21:40:46 2008 : Debug: ++[logintime] returns noop Fri Jul 11 21:40:46 2008 : Debug: modsingle[authorize]: calling pap (rlm_pap) for request 1 Fri Jul 11 21:40:46 2008 : Debug: rlm_pap: WARNING! No "known good" password found for the user. Authentication may fail because of this. Fri Jul 11 21:40:46 2008 : Debug: modsingle[authorize]: returned from pap (rlm_pap) for request 1 Fri Jul 11 21:40:46 2008 : Debug: ++[pap] returns noop Fri Jul 11 21:40:46 2008 : Debug: auth: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user Fri Jul 11 21:40:46 2008 : Debug: auth: Failed to validate the user. Fri Jul 11 21:40:46 2008 : Debug: Found Post-Auth-Type Reject Fri Jul 11 21:40:46 2008 : Debug: +- entering group REJECT Fri Jul 11 21:40:46 2008 : Debug: modsingle[post-auth]: calling attr_filter.access_reject (rlm_attr_filter) for request 1 Fri Jul 11 21:40:46 2008 : Debug: expand: %{User-Name} -> fred Fri Jul 11 21:40:46 2008 : Debug: attr_filter: Matched entry DEFAULT at line 11 Fri Jul 11 21:40:46 2008 : Debug: modsingle[post-auth]: returned from attr_filter.access_reject (rlm_attr_filter) for request 1 Fri Jul 11 21:40:46 2008 : Debug: ++[attr_filter.access_reject] returns updated Sending Access-Reject of id 28 to 127.0.0.1 port 32770 Fri Jul 11 21:40:46 2008 : Debug: Finished request 1. Fri Jul 11 21:40:46 2008 : Debug: Going to the next request Fri Jul 11 21:40:46 2008 : Debug: Waking up in 4.9 seconds. On Fri, 11 Jul 2008 15:30:19 -0400, Sambuddho Chakravarty <[EMAIL PROTECTED]> wrote: > Hello > I think I had a very similar problem couple of days back. I think your > authorization is working but authentication is failing right ? > > Thanks > Sambuddho > On Fri, 2008-07-11 at 21:21 +0200, Maciej Drobniuch wrote: >> I've cleaned the mess up like you've said, but i've got new errors for > you >> which are not familiar to me ;) >> >> Fri Jul 11 21:17:56 2008 : Debug: auth: No authenticate method > (Auth-Type) >> configuration found for the request: Rejecting the user >> Fri Jul 11 21:17:56 2008 : Debug: auth: Failed to validate the user. >> >> Am I using an old definition of Auth-Type in my users file? >> Or what ? >> >> fred Auth-Type := Local, Cleartext-Password =="somepass" >> Service-Type = Framed-User, >> Framed-Protocol = PPP >> >> With what should i replace the "Auth-Type" variable or variable name? >> Thanks for your tips! >> >> On Fri, 11 Jul 2008 19:30:26 +0100, "Ivan Kalik" <[EMAIL PROTECTED]> wrote: >> > You probably have two instances of the server installed. These files >> > don't belong to the server that is running. >> > >> > Ivan Kalik >> > Kalik Informatika ISP >> > >> > >> > Dana 11/7/2008, "Maciej Drobniuch" <[EMAIL PROTECTED]> piše: >> > >> >> >> >>Hi! >> >> >> >>>radtest fred somepass localhost 1813 somesecret >> >>Sending Access-Request of id 102 to 127.0.0.1 port 1812 >> >> User-Name = "fred" >> >> User-Password = "somepass" >> >> NAS-IP-Address = 127.0.0.1 >> >> NAS-Port = 1813 >> >>rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=102, >> >>length=20 >> >>rad_verify: Received Access-Reject packet from client 127.0.0.1 port > 1812 >> >>with invalid signature (err=2)! (Shared secret is incorrect.) >> >> >> >>>radiusd -X >> >>rad_recv: Access-Request packet from host 127.0.0.1 port 32770, > id=102, >> >>length=56 >> >> User-Name = "fred" >> >> User-Password = "h\347`\005\270\202\336<\336i~e\031\r\021[" >> >> NAS-IP-Address = 127.0.0.1 >> >> NAS-Port = 1813 >> >>+- entering group authorize >> >>++[preprocess] returns ok >> >>++[chap] returns noop >> >>++[mschap] returns noop >> >> rlm_realm: No '@' in User-Name = "fred", looking up realm NULL >> >> rlm_realm: No such realm "NULL" >> >>++[suffix] returns noop >> >> rlm_eap: No EAP-Message, not doing EAP >> >>++[eap] returns noop >> >>++[unix] returns notfound >> >>++[files] returns noop >> >>++[expiration] returns noop >> >>++[logintime] returns noop >> >>rlm_pap: WARNING! No "known good" password found for the user. >> >>Authentication may fail because of this. >> >>++[pap] returns noop >> >>auth: No authenticate method (Auth-Type) configuration found for the >> >>request: Rejecting the user >> >>auth: Failed to validate the user. >> >> WARNING: Unprintable characters in the password. Double-check >> > the >> >>shared secret on the server and the NAS! >> >> Found Post-Auth-Type Reject >> >>+- entering group REJECT >> >> expand: %{User-Name} -> fred >> >> attr_filter: Matched entry DEFAULT at line 11 >> >>++[attr_filter.access_reject] returns updated >> >>Sending Access-Reject of id 102 to 127.0.0.1 port 32770 >> >>Finished request 2. >> >>Going to the next request >> >>Waking up in 4.9 seconds. >> >>Cleaning up request 2 ID 102 with timestamp +151 >> >>Ready to process requests. >> >> >> >>>cat client.conf >> >>client 127.0.0.1 { >> >> secret = somesecret >> >> shortname = localhost >> >> nastype = other >> >>} >> >> >> >>>cat users >> >>fred Cleartext-Password =="somepass" >> >> Service-Type = Framed-User, >> >> Framed-Protocol = PPP >> >> >> >>wilma Auth-Type := CHAP, User-password =="somepass" >> >> Service-Type = Framed-User, >> >> Framed-Protocol = PPP >> >> >> >>barney Auth-Type := MS-CHAP, User-Password == "somepass" >> >> Service-Type = Framed-User, >> >> Framed-Protocol = PPP >> >> >> >>What's wrong with this line >User-Password = >> >>"h\347`\005\270\202\336<\336i~e\031\r\021[" ??? >> >>Thanks for the support! >> >> >> >>-- >> >>------------------------ >> >>Maciej Drobniuch >> >> >> >>- >> >>List info/subscribe/unsubscribe? See >> > http://www.freeradius.org/list/users.html >> >> >> >> >> > >> > - >> > List info/subscribe/unsubscribe? See >> > http://www.freeradius.org/list/users.html >> -- ------------------------ Maciej Drobniuch - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html