Hi Miranda I use the same users file and authorization configuration (with sql) and it is work fine.
On Tue, Jul 28, 2009 at 9:28 PM, Miguel Miranda<miguel.miran...@gmail.com> wrote: > Well, that is not the only one nas i have , the sql module is requiered for > several other nas and hotspots users... > > On Tue, Jul 28, 2009 at 12:25 PM, Dimitrios Giannakopoulos > <d.gianna...@gmail.com> wrote: >> >> The problem is that the sql module returns reject >> you can remove the sql from authorization >> >> On Tue, Jul 28, 2009 at 8:53 PM, Miguel >> Miranda<miguel.miran...@gmail.com> wrote: >> > Hi, i want to accept all request coming from a specific nas-ip-assdress >> > , i >> > used to configure like this (in users file): >> > >> > DEFAULT NAS-IP-Address == "192.168.150.25", Auth-Type := Accept >> > Fall-Through = Yes >> > The above settings are not working now, this is the debug of a >> > transaction: >> > >> > rad_recv: Access-Request packet from host 192.168.150.25 port 1645, >> > id=52, >> > length=94 >> > NAS-IP-Address = 192.168.150.25 >> > NAS-Port = 108 >> > NAS-Port-Type = Async >> > User-Name = "123.com.sv" >> > Called-Station-Id = "22660321" >> > Calling-Station-Id = "22264218" >> > User-Password = "cisco" >> > Service-Type = Dialout-Framed-User >> > +- entering group authorize {...} >> > ++[preprocess] returns ok >> > ++[chap] returns noop >> > ++[mschap] returns noop >> > [suffix] No '@' in User-Name = "123.com.sv", looking up realm NULL >> > [suffix] No such realm "NULL" >> > ++[suffix] returns noop >> > [eap] No EAP-Message, not doing EAP >> > ++[eap] returns noop >> > ++[files] returns noop >> > expand: %{User-Name} -> 123.com.sv >> > [sql] sql_set_user escaped user --> '123.com.sv' >> > rlm_sql (sql): Reserving sql socket id: 22 >> > expand: SELECT id, username, attribute, value, op FROM >> > radcheck WHERE username = '%{SQL-User-Name}' ORDER >> > BY id >> > -> SELECT id, username, attribute, value, op FROM >> > radcheck WHERE username = '123.com.sv' ORDER BY id >> > expand: SELECT groupname FROM radusergroup >> > WHERE >> > username = '%{SQL-User-Name}' ORDER BY priority -> SELECT >> > groupname FROM radusergroup WHERE username = >> > '123.com.sv' ORDER BY priority >> > rlm_sql (sql): Released sql socket id: 22 >> > [sql] User 123.com.sv not found >> > ++[sql] returns notfound >> > ++[expiration] returns noop >> > ++[logintime] returns noop >> > [pap] WARNING! No "known good" password found for the user. >> > Authentication >> > may fail because of this. >> > ++[pap] returns noop >> > No authenticate method (Auth-Type) configuration found for the request: >> > Rejecting the user >> > Failed to authenticate the user. >> > Login incorrect: [123.com.sv/cisco] (from client tigo port 108 cli >> > 22264218) >> > Using Post-Auth-Type Reject >> > +- entering group REJECT {...} >> > expand: %{User-Name} -> 123.com.sv >> > attr_filter: Matched entry DEFAULT at line 11 >> > ++[attr_filter.access_reject] returns updated >> > Delaying reject of request 1 for 1 seconds >> > Going to the next request >> > >> > >> > Im using freeradius 2 and daloradius 0.9, and this a extract of relevant >> > radius.conf settings: >> > >> > authorize { >> > preprocess >> > chap >> > mschap >> > suffix >> > eap { >> > ok = return >> > } >> > >> > files >> > sql >> > expiration >> > logintime >> > pap >> > } >> > >> > >> > >> > authenticate { >> > Auth-Type PAP { >> > pap >> > } >> > >> > Auth-Type CHAP { >> > chap >> > } >> > >> > Auth-Type MS-CHAP { >> > mschap >> > } >> > eap >> > } >> > >> > >> > preacct { >> > preprocess >> > acct_unique >> > suffix >> > files >> > } >> > >> > accounting { >> > detail >> > sql >> > attr_filter.accounting_response >> > } >> > >> > >> > session { >> > radutmp >> > } >> > >> > >> > post-auth { >> > >> > >> > >> > >> > >> > exec >> > >> > Post-Auth-Type REJECT { >> > attr_filter.access_reject >> > } >> > } >> > >> > post-proxy { >> > eap >> > } >> > >> > >> > From the debug it appears that users file is not being processed >> > correctly, >> > what should i check? >> > regards >> > Miguel Miranda >> > >> > >> > >> > - >> > List info/subscribe/unsubscribe? See >> > http://www.freeradius.org/list/users.html >> > >> >> - >> List info/subscribe/unsubscribe? See >> http://www.freeradius.org/list/users.html > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html