ok I removed the line from ysers sating that auth-type=system and that helped w/ authentication of the user... still have small problem... under the same conditions I get problem w. accounting stating that my shared secret is incorrect so accounting record is not accepted ... I dont get it completly espesially afther user went through succesfully.
I double checked my shared secret and it is ok. Below is debug: rad_recv: Access-Request packet from host xxx.147.xxx.xxx:62810, id=162, length=138 NAS-IP-Address = xxx.147.xxx.xxx NAS-Identifier = "lrc51.lrc-wireless.com" User-Name = "homepc" User-Password = "test" Service-Type = Login-User NAS-Port-Type = Ethernet NAS-Port = 1 Framed-IP-Address = 192.168.1.244 Called-Station-Id = "00:0d:b9:xx:xx:xx" Calling-Station-Id = "00:0b:6a:xx:xx:xx" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: No '@' in User-Name = "homepc", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 0 modcall[authorize]: module "files" returns notfound for request 0 radius_xlat: 'homepc' rlm_sql (sql): sql_set_user escaped user --> 'homepc' radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radcheck WHERE Username = 'homepc' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 3 rlm_sql_mysql: query: SELECT id, UserName, Attribute, Value, op FROM radcheck WHERE Username = 'homepc' ORDER BY id rlm_sql_mysql: MYSQL check_error: 2013, returning SQL_DOWN rlm_sql (sql): Attempting to connect rlm_sql_mysql #3 rlm_sql_mysql: Starting connect to MySQL server for #3 rlm_sql (sql): Connected new DB handle, #3 rlm_sql_mysql: query: SELECT id, UserName, Attribute, Value, op FROM radcheck WHERE Username = 'homepc' ORDER BY id radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'homepc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' rlm_sql_mysql: query: SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'homepc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radreply WHERE Username = 'homepc' ORDER BY id' rlm_sql_mysql: query: SELECT id, UserName, Attribute, Value, op FROM radreply WHERE Username = 'homepc' ORDER BY id radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'homepc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql_mysql: query: SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'homepc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id rlm_sql (sql): Released sql socket id: 3 modcall[authorize]: module "sql" returns ok for request 0 modcall: leaving group authorize (returns ok) for request 0 auth: type Local auth: user supplied User-Password matches local User-Password Sending Access-Accept of id 162 to xxx.147.xxx.xxx port 62810 Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... rad_recv: Accounting-Request packet from host xxx.147.xxx.xxx:62812, id=145, length=150 Received Accounting-Request packet from xxx.147.xxx.xxx with invalid signature! (Shared secret is incorrect.) Server rejecting request 1. Finished request 1 Going to the next request --- Walking the entire request list --- Waking up in 4 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 162 with timestamp 497e2a34 Waking up in 2 seconds... rad_recv: Accounting-Request packet from host xxx.147.xxx.xxx:62812, id=145, length=150 Discarding duplicate request from client home_segment:62812 - ID: 145 --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Cleaning up request 1 ID 145 with timestamp 497e2a36 Nothing to do. Sleeping until we see a request. rad_recv: Accounting-Request packet from host xxx.147.xxx.xxx:62812, id=145, length=150 Received Accounting-Request packet from xxx.147.xxx.xxx with invalid signature! (Shared secret is incorrect.) Server rejecting request 2. Finished request 2 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 2 ID 145 with timestamp 497e2a40 Nothing to do. Sleeping until we see a request. On Mon, Jan 26, 2009 at 3:59 PM, Alex M <freerad...@lrcommunications.net>wrote: > I'm using 1.5 > (for some reason cold not install 2.x) > Ok let me se if i can enable PAP > > > > On Mon, Jan 26, 2009 at 3:20 PM, <t...@kalik.net> wrote: > >> >ok here is the debug info. Note: there is an SQL error which is not a >> >problem... thats bug in mysql so it will onlyopen connection from second >> >request. also when i sue the same combination under radius ping with CHAP >> >all works good but w/o chap nothing works >> > >> >> What freeradius version is this? It looks old. >> >> .. >> > modcall[authorize]: module "preprocess" returns ok for request 0 >> > modcall[authorize]: module "chap" returns noop for request 0 >> > modcall[authorize]: module "mschap" returns noop for request 0 >> .. >> > modcall[authorize]: module "suffix" returns noop for request 0 >> .. >> > modcall[authorize]: module "eap" returns noop for request 0 >> > users: Matched entry DEFAULT at line 153 >> > modcall[authorize]: module "files" returns ok for request 0 >> >> You have been told to rem ove Auth-Type System. It's still there. >> >> .. >> > modcall[authorize]: module "sql" returns ok for request 0 >> >modcall: leaving group authorize (returns ok) for request 0 >> >> pap is not listed in authorize (this *is* a pap request). List it last. >> >> Ivan Kalik >> Kalik Informatika iSP >> >> - >> List info/subscribe/unsubscribe? See >> http://www.freeradius.org/list/users.html >> > >
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html