Ok, I have removed encrypted-key in Redback router which was causing issue about shared secrets.
Now the subscriber config on Radius is as follows: a...@radius Cleartext-Password := "test" Service-Type = Framed-User, Framed-Protocol = PPP >From redius debug: rad_recv: Access-Request packet from host 10.205.1.1:1812, id=3, length=187 User-Name = "a...@radius" User-Password = "test" Service-Type = Framed-User Framed-Protocol = PPP NAS-Identifier = "Quiet" NAS-Port = 167903232 NAS-Real-Port = 2717909092 NAS-Port-Type = Virtual NAS-Port-Id = "10/2 vlan-id 100 pppoe 347" Medium-Type = DSL Mac-Addr = "00-0c-29-10-12-c3" Platform-Type = SmartEdge-800 OS-Version = "6.1.2.6p9" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 radius_xlat: '/usr/local/var/log/radius/radacct/10.205.1.1/auth-detail-20090616' rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m% d expands to /usr/local/var/log/radius/radacct/10.205.1.1/auth-detail-20090616 modcall[authorize]: module "auth_log" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: Looking up realm "RADIUS" for User-Name = "a...@radius" rlm_realm: No such realm "RADIUS" modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 0 users: Matched entry DEFAULT at line 152 users: Matched entry DEFAULT at line 171 users: Matched entry DEFAULT at line 183 modcall[authorize]: module "files" returns ok for request 0 modcall: leaving group authorize (returns ok) for request 0 rad_check_password: Found Auth-Type System auth: type "System" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 0 modcall[authenticate]: module "unix" returns notfound for request 0 modcall: leaving group authenticate (returns notfound) for request 0 auth: Failed to validate the user. Login incorrect: [...@radius/test] (from client SE-Quiet port 167903232) Delaying request 0 for 1 seconds Finished request 0 Unfortunately, the login is still failing with no obvious reason why. Any thoughts ? Thanks, Elias -----Original Message----- From: freeradius-users-bounces+elias.abou.zeid=ericsson....@lists.freeradius.o rg [mailto:freeradius-users-bounces+elias.abou.zeid=ericsson....@lists.free radius.org] On Behalf Of Alan DeKok Sent: June-16-09 3:50 PM To: FreeRadius users mailing list Subject: Re: Free Radius users record samples for SmartEdgerouter subcriberauthentication. Elias Abou Zeid wrote: > Sorry for the :=, == confusion. I was doing it right using ==. No, using == is wrong. > So now I have: > > a...@radius User-Password == "test" That's wrong. > Now after enabling the radius -X, I get: ... > WARNING: Unprintable characters in the password. ? Double-check the > shared secret on the server and the NAS! > > So it seems the password radius is receiving is different that what I > am giving. I checked the shared secret between server and NAS, it matches! > I am not sure why ? The shared secrets do NOT match. This is in the FAQ. Don't check them. Re-enter them. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html