Hi all,
I have these users in my PGSQL table
username | pwd
----------+---------
u_3 | pwd_3
u_one | pwd_one
u_two | pwd_two
When testing with radtest:
========================================================
miham...@rktmb:~$ radtest u_one pwd_one radius20 10 cot357
Sending Access-Request of id 240 to 41.204.103.216 port 1812
User-Name = "u_one"
User-Password = "pwd_one"
NAS-IP-Address = 127.0.1.1
NAS-Port = 10
rad_recv: Access-Accept packet from host 41.204.103.216 port 1812, id=240,
length=26
Session-Timeout = 320
========================================================
and freeradius -X trace:
========================================================
[...]
auth: type Local
auth: user supplied User-Password matches local User-Password
Login OK: [u_one/pwd_one] (from client quarante_un_deux_cent_quatre port 10)
+- entering group post-auth
rlm_sql (sql): Processing sql_postauth
expand: %{User-Name} -> u_one
rlm_sql (sql): sql_set_user escaped user --> 'u_one'
expand: SELECT * FROM f_prepaid_activate('%{SQL-User-Name}') -> SELECT
* FROM f_prepaid_activate('u_one')
rlm_sql (sql) in sql_postauth: query is SELECT * FROM
f_prepaid_activate('u_one')
rlm_sql (sql): Reserving sql socket id: 3
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: query affected rows = 1 , fields = 1
rlm_sql (sql): Released sql socket id: 3
++[sql] returns ok
++[exec] returns noop
Sending Access-Accept of id 128 to 41.204.104.9 port 60642
Session-Timeout = 320
Finished request 18.
Going to the next request
Waking up in 4.9 seconds.
=======================================================
When trying through the coova web form, same login/pass: Failure.
Attached is the output of "freeradius -X"
My collegues tell me coova must use CHAP for this project.
What last setup is missing?
Thank you!
--
Architecte Informatique:
Administration Systeme, Recherche & Developpement
+ 261 32 11 401 65
Pensez a l'environnement avant d'imprimer ce message
rad_recv: Access-Request packet from host 41.204.104.68 port 2072, id=37,
length=304
Vendor-14559-Attr-8 = 0x312e302e3131
User-Name = "u_one"
CHAP-Challenge = 0x3e05e8c330102b96a377b004612fb0b8
CHAP-Password = 0x00a8a24ff230a41368ba7c0ceb0dccbd1f
NAS-IP-Address = 41.204.104.68
Service-Type = Login-User
Framed-IP-Address = 10.111.0.130
Calling-Station-Id = "00-14-2A-AB-4E-98"
Called-Station-Id = "00-1D-73-55-95-AD"
NAS-Identifier = "00-1D-73-55-95-AD"
Acct-Session-Id = "4a69b58200000001"
NAS-Port-Type = Wireless-802.11
NAS-Port = 1
WISPr-Location-ID = "isocc=MG,cc=,ac=,network=Coova,Blueline"
WISPr-Location-Name = "COT_HOTSPOT"
WISPr-Logoff-URL = "http://10.111.0.1:3660/logoff";
Message-Authenticator = 0x0e1108c35fb77d938cff62ae367289b0
+- entering group authorize
++[preprocess] returns ok
rlm_chap: Setting 'Auth-Type := CHAP'
++[chap] returns ok
rlm_realm: No '@' in User-Name = "u_one", looking up realm NULL
rlm_realm: No such realm "NULL"
++[suffix] returns noop
rlm_eap: No EAP-Message, not doing EAP
++[eap] returns noop
expand: %{User-Name} -> u_one
rlm_sql (sql): sql_set_user escaped user --> 'u_one'
rlm_sql (sql): Reserving sql socket id: 2
expand: SELECT * FROM
f_authorize_check_query2('%{SQL-User-Name}','%{User-Password}','%{NAS-IP-Address}')
-> SELECT * FROM f_authorize_check_query2('u_one','','41.204.104.68')
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: query affected rows = 1 , fields = 5
rlm_sql (sql): User found in radcheck table
expand: SELECT * FROM f_authorize_reply_query('%{SQL-User-Name}') ->
SELECT * FROM f_authorize_reply_query('u_one')
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: query affected rows = 1 , fields = 5
rlm_sql (sql): Released sql socket id: 2
++[sql] returns ok
++[expiration] returns noop
++[logintime] returns noop
rad_check_password: Found Auth-Type Reject
rad_check_password: Auth-Type = Reject, rejecting user
auth: Failed to validate the user.
Login incorrect: [u_one/<CHAP-Password>] (from client
quarante_un_deux_cent_quatre port 1 cli 00-14-2A-AB-4E-98)
Found Post-Auth-Type Reject
+- entering group REJECT
++- group REJECT returns noop
Delaying reject of request 19 for 4 seconds
Going to the next request
Waking up in 0.9 seconds.
Waking up in 2.9 seconds.
Sending delayed reject for request 19
Sending Access-Reject of id 37 to 41.204.104.68 port 2072
Session-Timeout = 320
Waking up in 4.9 seconds.
Cleaning up request 19 ID 37 with timestamp +331
Ready to process requests.
^C
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
