Hi, i want to accept all request coming from a specific nas-ip-assdress , i used to configure like this (in users file):
DEFAULT NAS-IP-Address == "192.168.150.25", Auth-Type := Accept Fall-Through = Yes The above settings are not working now, this is the debug of a transaction: rad_recv: Access-Request packet from host 192.168.150.25 port 1645, id=52, length=94 NAS-IP-Address = 192.168.150.25 NAS-Port = 108 NAS-Port-Type = Async User-Name = "123.com.sv" Called-Station-Id = "22660321" Calling-Station-Id = "22264218" User-Password = "cisco" Service-Type = Dialout-Framed-User +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "123.com.sv", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[files] returns noop expand: %{User-Name} -> 123.com.sv [sql] sql_set_user escaped user --> '123.com.sv' rlm_sql (sql): Reserving sql socket id: 22 expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = '123.com.sv' ORDER BY id expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = '123.com.sv' ORDER BY priority rlm_sql (sql): Released sql socket id: 22 [sql] User 123.com.sv not found ++[sql] returns notfound ++[expiration] returns noop ++[logintime] returns noop [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop No authenticate method (Auth-Type) configuration found for the request: Rejecting the user Failed to authenticate the user. Login incorrect: [123.com.sv/cisco] (from client tigo port 108 cli 22264218) Using Post-Auth-Type Reject +- entering group REJECT {...} expand: %{User-Name} -> 123.com.sv attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 1 for 1 seconds Going to the next request Im using freeradius 2 and daloradius 0.9, and this a extract of relevant radius.conf settings: authorize { preprocess chap mschap suffix eap { ok = return } files sql expiration logintime pap } authenticate { Auth-Type PAP { pap } Auth-Type CHAP { chap } Auth-Type MS-CHAP { mschap } eap } preacct { preprocess acct_unique suffix files } accounting { detail sql attr_filter.accounting_response } session { radutmp } post-auth { exec Post-Auth-Type REJECT { attr_filter.access_reject } } post-proxy { eap } >From the debug it appears that users file is not being processed correctly, what should i check? regards Miguel Miranda
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html