Have you tried it with "*Fall-Through = No" or without "**Fall-Through"*?
http://freeradius.org/radiusd/man/users.html 2009/7/28 Miguel Miranda <miguel.miran...@gmail.com> > Me too, but my questions is about the nas-ip-address entry that i posted as > example, acording to the docs, all users should be accepted, no matter what > user/pass combitantion they are using. > and in my case freeradius rejects the access > > > On Tue, Jul 28, 2009 at 1:19 PM, Dimitrios Giannakopoulos < > d.gianna...@gmail.com> wrote: > >> Hi Miranda >> I use the same users file and authorization configuration (with sql) >> and it is work fine. >> >> >> On Tue, Jul 28, 2009 at 9:28 PM, Miguel >> Miranda<miguel.miran...@gmail.com> wrote: >> > Well, that is not the only one nas i have , the sql module is requiered >> for >> > several other nas and hotspots users... >> > >> > On Tue, Jul 28, 2009 at 12:25 PM, Dimitrios Giannakopoulos >> > <d.gianna...@gmail.com> wrote: >> >> >> >> The problem is that the sql module returns reject >> >> you can remove the sql from authorization >> >> >> >> On Tue, Jul 28, 2009 at 8:53 PM, Miguel >> >> Miranda<miguel.miran...@gmail.com> wrote: >> >> > Hi, i want to accept all request coming from a specific >> nas-ip-assdress >> >> > , i >> >> > used to configure like this (in users file): >> >> > >> >> > DEFAULT NAS-IP-Address == "192.168.150.25", Auth-Type := Accept >> >> > Fall-Through = Yes >> >> > The above settings are not working now, this is the debug of a >> >> > transaction: >> >> > >> >> > rad_recv: Access-Request packet from host 192.168.150.25 port 1645, >> >> > id=52, >> >> > length=94 >> >> > NAS-IP-Address = 192.168.150.25 >> >> > NAS-Port = 108 >> >> > NAS-Port-Type = Async >> >> > User-Name = "123.com.sv" >> >> > Called-Station-Id = "22660321" >> >> > Calling-Station-Id = "22264218" >> >> > User-Password = "cisco" >> >> > Service-Type = Dialout-Framed-User >> >> > +- entering group authorize {...} >> >> > ++[preprocess] returns ok >> >> > ++[chap] returns noop >> >> > ++[mschap] returns noop >> >> > [suffix] No '@' in User-Name = "123.com.sv", looking up realm NULL >> >> > [suffix] No such realm "NULL" >> >> > ++[suffix] returns noop >> >> > [eap] No EAP-Message, not doing EAP >> >> > ++[eap] returns noop >> >> > ++[files] returns noop >> >> > expand: %{User-Name} -> 123.com.sv >> >> > [sql] sql_set_user escaped user --> '123.com.sv' >> >> > rlm_sql (sql): Reserving sql socket id: 22 >> >> > expand: SELECT id, username, attribute, value, op >> FROM >> >> > radcheck WHERE username = '%{SQL-User-Name}' >> ORDER >> >> > BY id >> >> > -> SELECT id, username, attribute, value, op FROM >> >> > radcheck WHERE username = '123.com.sv' ORDER BY >> id >> >> > expand: SELECT groupname FROM radusergroup >> >> > WHERE >> >> > username = '%{SQL-User-Name}' ORDER BY priority -> SELECT >> >> > groupname FROM radusergroup WHERE username = >> >> > '123.com.sv' ORDER BY priority >> >> > rlm_sql (sql): Released sql socket id: 22 >> >> > [sql] User 123.com.sv not found >> >> > ++[sql] returns notfound >> >> > ++[expiration] returns noop >> >> > ++[logintime] returns noop >> >> > [pap] WARNING! No "known good" password found for the user. >> >> > Authentication >> >> > may fail because of this. >> >> > ++[pap] returns noop >> >> > No authenticate method (Auth-Type) configuration found for the >> request: >> >> > Rejecting the user >> >> > Failed to authenticate the user. >> >> > Login incorrect: [123.com.sv/cisco] (from client tigo port 108 cli >> >> > 22264218) >> >> > Using Post-Auth-Type Reject >> >> > +- entering group REJECT {...} >> >> > expand: %{User-Name} -> 123.com.sv >> >> > attr_filter: Matched entry DEFAULT at line 11 >> >> > ++[attr_filter.access_reject] returns updated >> >> > Delaying reject of request 1 for 1 seconds >> >> > Going to the next request >> >> > >> >> > >> >> > Im using freeradius 2 and daloradius 0.9, and this a extract of >> relevant >> >> > radius.conf settings: >> >> > >> >> > authorize { >> >> > preprocess >> >> > chap >> >> > mschap >> >> > suffix >> >> > eap { >> >> > ok = return >> >> > } >> >> > >> >> > files >> >> > sql >> >> > expiration >> >> > logintime >> >> > pap >> >> > } >> >> > >> >> > >> >> > >> >> > authenticate { >> >> > Auth-Type PAP { >> >> > pap >> >> > } >> >> > >> >> > Auth-Type CHAP { >> >> > chap >> >> > } >> >> > >> >> > Auth-Type MS-CHAP { >> >> > mschap >> >> > } >> >> > eap >> >> > } >> >> > >> >> > >> >> > preacct { >> >> > preprocess >> >> > acct_unique >> >> > suffix >> >> > files >> >> > } >> >> > >> >> > accounting { >> >> > detail >> >> > sql >> >> > attr_filter.accounting_response >> >> > } >> >> > >> >> > >> >> > session { >> >> > radutmp >> >> > } >> >> > >> >> > >> >> > post-auth { >> >> > >> >> > >> >> > >> >> > >> >> > >> >> > exec >> >> > >> >> > Post-Auth-Type REJECT { >> >> > attr_filter.access_reject >> >> > } >> >> > } >> >> > >> >> > post-proxy { >> >> > eap >> >> > } >> >> > >> >> > >> >> > From the debug it appears that users file is not being processed >> >> > correctly, >> >> > what should i check? >> >> > regards >> >> > Miguel Miranda >> >> > >> >> > >> >> > >> >> > - >> >> > List info/subscribe/unsubscribe? See >> >> > http://www.freeradius.org/list/users.html >> >> > >> >> >> >> - >> >> List info/subscribe/unsubscribe? See >> >> http://www.freeradius.org/list/users.html >> > >> > >> > - >> > List info/subscribe/unsubscribe? See >> > http://www.freeradius.org/list/users.html >> > >> >> - >> List info/subscribe/unsubscribe? See >> http://www.freeradius.org/list/users.html >> > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html >
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html