Could yo show us your sites-enabled/(server), who is listening on 1812 port?
No authenticate method (Auth-Type) configuration found for the request: Rejecting the user Failed to authenticate the user. 2009/8/7 ramesh p <rock786...@gmail.com>: > Hi Alan, > [r...@localhost sbin]# radtest radtest somepass 127.0.0.1 1813 testing123 > other > Sending Access-Request of id 134 to 127.0.0.1 port 1812 > User-Name = "radtest" > User-Password = "somepass" > NAS-IP-Address = 255.255.255.255 > NAS-Port = 1813 > Framed-Protocol = PPP > rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=134, length=20 > > > Debug messages: > > rad_recv: Access-Request packet from host 127.0.0.1 port 36433, id=134, > length=65 > User-Name = "radtest" > User-Password = "somepass" > NAS-IP-Address = 255.255.255.255 > NAS-Port = 1813 > Framed-Protocol = PPP > +- entering group authorize {...} > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > [suffix] No '@' in User-Name = "radtest", looking up realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] No EAP-Message, not doing EAP > ++[eap] returns noop > ++[unix] returns notfound > [files] users: Matched entry DEFAULT at line 172 > ++[files] returns ok > ++[expiration] returns noop > ++[logintime] returns noop > [pap] WARNING! No "known good" password found for the user. Authentication > may fail because of this. > ++[pap] returns noop > No authenticate method (Auth-Type) configuration found for the request: > Rejecting the user > Failed to authenticate the user. > Using Post-Auth-Type Reject > +- entering group REJECT {...} > [attr_filter.access_reject] expand: %{User-Name} -> radtest > attr_filter: Matched entry DEFAULT at line 11 > ++[attr_filter.access_reject] returns updated > Delaying reject of request 1 for 1 seconds > Going to the next request > Waking up in 0.9 seconds. > Sending delayed reject for request 1 > Sending Access-Reject of id 134 to 127.0.0.1 port 36433 > Waking up in 4.9 seconds. > Cleaning up request 1 ID 134 with timestamp +3582 > Ready to process requests. > > >> >> >> ------------------------------ >> >> Message: 2 >> Date: Fri, 7 Aug 2009 11:22:58 +0100 >> From: Alan Buxey <a.l.m.bu...@lboro.ac.uk> >> Subject: Re: Freeradius2.1.6 installation problem >> To: FreeRadius users mailing list >> <freeradius-users@lists.freeradius.org> >> Message-ID: <20090807102258.gc19...@lboro.ac.uk> >> Content-Type: text/plain; charset=us-ascii >> >> hi, >> >> your debug showed no actual traffic or packets hitting the >> freeradius server - so cannot help you. >> >> alan >> >> >> ------------------------------ >> >> Message: 3 >> Date: Fri, 7 Aug 2009 16:09:04 +0530 >> From: ramesh p <rock786...@gmail.com> >> Subject: Re: Freeradius-Users Digest, Vol 52, Issue 36 >> To: freeradius-users@lists.freeradius.org >> Message-ID: >> <6b6aa6710908070339w57559054lfa1637cf39e51...@mail.gmail.com> >> Content-Type: text/plain; charset="iso-8859-1" >> >> *> Have you added 127.0.0.1 in the clients.conf? >> >> *yes. >> >> client localhost { >> ipaddr = 127.0.0.1 >> secret = testing123 >> nastype = other >> require_message_authenticator = no >> } >> >> Thanks, >> Rams. >> >> * >> * >> On Fri, Aug 7, 2009 at 3:30 PM, < >> freeradius-users-requ...@lists.freeradius.org> wrote: >> >> > >> > >> > Message: 2 >> > Date: Fri, 7 Aug 2009 11:58:56 +0200 >> > From: Rokkhan <rokk...@gmail.com> >> > Subject: Re: Freeradius2.1.6 installation problem >> > To: FreeRadius users mailing list >> > <freeradius-users@lists.freeradius.org> >> > Message-ID: >> > <335289090908070258x710b5551n5faf93155ffee...@mail.gmail.com> >> > Content-Type: text/plain; charset=ISO-8859-1 >> > >> > *Have you added 127.0.0.1 in the clients.conf?* >> > >> > 2009/8/7 ramesh p <rock786...@gmail.com>: >> > > Unable to execute radtest. >> > > >> > > # radiusd -X >> > > FreeRADIUS Version 2.1.6, for host i686-pc-linux-gnu, built on Jul 30 >> > 2009 >> > > at 07:17:32 >> > > Copyright (C) 1999-2009 The FreeRADIUS server project and >> > > contributors. >> > > There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A >> > > PARTICULAR PURPOSE. >> > > You may redistribute copies of FreeRADIUS under the terms of the >> > > GNU General Public License v2. >> > > Starting - reading configuration files ... >> > > including configuration file /usr/local/fnmt/radius2//etc/ >> > >> >> > >> raddb/radiusd.conf >> > >> including configuration file >> > /usr/local/fnmt/radius2//etc/raddb/proxy.conf >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/clients.conf >> > >> including files in directory >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/ >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/ldap >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/pap >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/exec >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/expr >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/attr_filter >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/radutmp >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/preprocess >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/always >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/sqlcounter_expire_on_login >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/detail.example.com >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/attr_rewrite >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/etc_group >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/unix >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/mac2vlan >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/chap >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/smsotp >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/expiration >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/pam >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/inner-eap >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/acct_unique >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/wimax >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/smbpasswd >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/logintime >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/sql_log >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/realm >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/linelog >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/otp >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/mac2ip >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/checkval >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/krb5 >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/mschap >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/counter >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/detail >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/digest >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/passwd >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/sradutmp >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/files >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/policy >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/detail.log >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/perl >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/ippool >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/modules/echo >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/eap.conf >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/policy.conf >> > >> including files in directory >> > >> /usr/local/fnmt/radius2//etc/raddb/sites-enabled/ >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/sites-enabled/control-socket >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/sites-enabled/default >> > >> including configuration file >> > >> /usr/local/fnmt/radius2//etc/raddb/sites-enabled/inner-tunnel >> > >> including dictionary file >> > >> /usr/local/fnmt/radius2//etc/raddb/dictionary >> > >> main { >> > >> prefix = "/usr/local/fnmt/radius2/" >> > >> localstatedir = "/usr/local/fnmt/radius2//var" >> > >> logdir = "/usr/local/fnmt/radius2//var/log/radius" >> > >> libdir = "/usr/local/fnmt/radius2//lib" >> > >> radacctdir = >> > >> "/usr/local/fnmt/radius2//var/log/radius/radacct" >> > >> hostname_lookups = no >> > >> max_request_time = 30 >> > >> cleanup_delay = 5 >> > >> max_requests = 1024 >> > >> allow_core_dumps = no >> > >> pidfile = >> > >> "/usr/local/fnmt/radius2//var/run/radiusd/radiusd.pid" >> > >> checkrad = "/usr/local/fnmt/radius2//sbin/checkrad" >> > >> debug_level = 0 >> > >> proxy_requests = yes >> > >> log { >> > >> stripped_names = no >> > >> auth = no >> > >> auth_badpass = no >> > >> auth_goodpass = no >> > >> } >> > >> security { >> > >> max_attributes = 200 >> > >> reject_delay = 1 >> > >> status_server = yes >> > >> } >> > >> } >> > >> } >> > >> radiusd: #### Loading Realms and Home Servers #### >> > >> proxy server { >> > >> retry_delay = 5 >> > >> retry_count = 3 >> > >> default_fallback = no >> > >> dead_time = 120 >> > >> wake_all_if_all_dead = no >> > >> } >> > >> home_server localhost { >> > >> ipaddr = 127.0.0.1 >> > >> port = 1812 >> > >> type = "auth" >> > >> secret = "testing123" >> > >> response_window = 20 >> > >> max_outstanding = 65536 >> > >> require_message_authenticator = no >> > >> zombie_period = 40 >> > >> status_check = "status-server" >> > >> ping_interval = 30 >> > >> check_interval = 30 >> > >> num_answers_to_alive = 3 >> > >> num_pings_to_alive = 3 >> > >> revive_interval = 120 >> > >> status_check_timeout = 4 >> > >> irt = 2 >> > >> mrt = 16 >> > >> mrc = 5 >> > >> mrd = 30 >> > >> } >> > >> home_server_pool my_auth_failover { >> > >> type = fail-over >> > >> home_server = localhost >> > >> } >> > >> realm example.com { >> > >> auth_pool = my_auth_failover >> > >> } >> > >> realm LOCAL { >> > >> } >> > >> radiusd: #### Loading Clients #### >> > >> client localhost { >> > >> ipaddr = 127.0.0.1 >> > >> require_message_authenticator = no >> > >> secret = "testing123" >> > >> nastype = "other" >> > >> } >> > >> client xx.xx.xx.xx { >> > >> require_message_authenticator = no >> > >> secret = "testing123" >> > >> shortname = "rparsa" >> > >> nastype = "other" >> > >> login = "radtest" >> > >> } >> > >> radiusd: #### Instantiating modules #### >> > >> instantiate { >> > >> Module: Linked to module rlm_exec >> > >> Module: Instantiating exec >> > >> exec { >> > >> wait = no >> > >> input_pairs = "request" >> > >> shell_escape = yes >> > >> } >> > >> Module: Linked to module rlm_expr >> > >> Module: Instantiating expr >> > >> Module: Linked to module rlm_expiration >> > >> Module: Instantiating expiration >> > >> expiration { >> > >> reply-message = "Password Has Expired " >> > >> } >> > >> Module: Linked to module rlm_logintime >> > >> Module: Instantiating logintime >> > >> logintime { >> > >> reply-message = "You are calling outside your allowed >> > >> timespan >> > " >> > >> minimum-timeout = 60 >> > >> } >> > >> } >> > >> radiusd: #### Loading Virtual Servers #### >> > >> server inner-tunnel { >> > >> modules { >> > >> Module: Checking authenticate {...} for more modules to load >> > >> Module: Linked to module rlm_pap >> > >> Module: Instantiating pap >> > >> pap { >> > >> encryption_scheme = "auto" >> > >> auto_header = no >> > >> } >> > >> Module: Linked to module rlm_chap >> > >> Module: Instantiating chap >> > >> Module: Linked to module rlm_mschap >> > >> Module: Instantiating mschap >> > >> mschap { >> > >> use_mppe = yes >> > >> require_encryption = no >> > >> require_strong = no >> > >> with_ntdomain_hack = no >> > >> } >> > >> Module: Linked to module rlm_unix >> > >> Module: Instantiating unix >> > >> unix { >> > >> radwtmp = "/usr/local/fnmt/radius2//var/log/radius/radwtmp" >> > >> } >> > >> Module: Linked to module rlm_eap >> > >> Module: Instantiating eap >> > >> eap { >> > >> default_eap_type = "md5" >> > >> timer_expire = 60 >> > >> ignore_unknown_eap_types = no >> > >> cisco_accounting_username_bug = no >> > >> max_sessions = 2048 >> > >> } >> > >> Module: Linked to sub-module rlm_eap_md5 >> > >> Module: Instantiating eap-md5 >> > >> Module: Linked to sub-module rlm_eap_leap >> > >> Module: Instantiating eap-leap >> > >> Module: Linked to sub-module rlm_eap_gtc >> > >> Module: Instantiating eap-gtc >> > >> gtc { >> > >> challenge = "Password: " >> > >> auth_type = "PAP" >> > >> } >> > >> Module: Linked to sub-module rlm_eap_tls >> > >> Module: Instantiating eap-tls >> > >> tls { >> > >> rsa_key_exchange = no >> > >> dh_key_exchange = yes >> > >> rsa_key_length = 512 >> > >> dh_key_length = 512 >> > >> verify_depth = 0 >> > >> pem_file_type = yes >> > >> private_key_file = >> > >> "/usr/local/fnmt/radius2//etc/raddb/certs/server.pem" >> > >> certificate_file = >> > >> "/usr/local/fnmt/radius2//etc/raddb/certs/server.pem" >> > >> CA_file = "/usr/local/fnmt/radius2//etc/raddb/certs/ca.pem" >> > >> private_key_password = "whatever" >> > >> dh_file = "/usr/local/fnmt/radius2//etc/raddb/certs/dh" >> > >> random_file = >> > >> "/usr/local/fnmt/radius2//etc/raddb/certs/random" >> > >> fragment_size = 1024 >> > >> include_length = yes >> > >> check_crl = no >> > >> cipher_list = "DEFAULT" >> > >> make_cert_command = >> > >> "/usr/local/fnmt/radius2//etc/raddb/certs/bootstrap" >> > >> cache { >> > >> enable = no >> > >> lifetime = 24 >> > >> max_entries = 255 >> > >> } >> > >> } >> > >> Module: Linked to sub-module rlm_eap_ttls >> > >> Module: Instantiating eap-ttls >> > >> ttls { >> > >> default_eap_type = "md5" >> > >> copy_request_to_tunnel = no >> > >> use_tunneled_reply = no >> > >> virtual_server = "inner-tunnel" >> > >> include_length = yes >> > >> } >> > >> Module: Linked to sub-module rlm_eap_peap >> > >> Module: Instantiating eap-peap >> > >> peap { >> > >> default_eap_type = "mschapv2" >> > >> copy_request_to_tunnel = no >> > >> use_tunneled_reply = no >> > >> proxy_tunneled_request_as_eap = yes >> > >> virtual_server = "inner-tunnel" >> > >> } >> > >> Module: Linked to sub-module rlm_eap_mschapv2 >> > >> Module: Instantiating eap-mschapv2 >> > >> mschapv2 { >> > >> with_ntdomain_hack = no >> > >> } >> > >> Module: Checking authorize {...} for more modules to load >> > >> Module: Linked to module rlm_preprocess >> > >> Module: Instantiating preprocess >> > >> preprocess { >> > >> huntgroups = "/usr/local/fnmt/radius2//etc/raddb/huntgroups" >> > >> hints = "/usr/local/fnmt/radius2//etc/raddb/hints" >> > >> with_ascend_hack = no >> > >> ascend_channels_per_line = 23 >> > >> with_ntdomain_hack = no >> > >> with_specialix_jetstream_hack = no >> > >> with_cisco_vsa_hack = no >> > >> with_alvarion_vsa_hack = no >> > >> } >> > >> Module: Checking preacct {...} for more modules to load >> > >> Module: Linked to module rlm_acct_unique >> > >> Module: Instantiating acct_unique >> > >> acct_unique { >> > >> key = "User-Name, Acct-Session-Id, NAS-IP-Address, >> > >> Client-IP-Address, NAS-Port" >> > >> } >> > >> Module: Checking accounting {...} for more modules to load >> > >> Module: Linked to module rlm_detail >> > >> Module: Instantiating detail >> > >> detail { >> > >> detailfile = >> > >> >> > >> > "/usr/local/fnmt/radius2//var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d" >> > >> header = "%t" >> > >> detailperm = 384 >> > >> dirperm = 493 >> > >> locking = no >> > >> log_packet_header = no >> > >> } >> > >> Module: Instantiating attr_filter.accounting_response >> > >> attr_filter attr_filter.accounting_response { >> > >> attrsfile = >> > >> "/usr/local/fnmt/radius2//etc/raddb/attrs.accounting_response" >> > >> key = "%{User-Name}" >> > >> } >> > >> Module: Checking session {...} for more modules to load >> > >> Module: Checking post-proxy {...} for more modules to load >> > >> Module: Checking post-auth {...} for more modules to load >> > >> } # modules >> > >> } # server >> > >> radiusd: #### Opening IP addresses and Ports #### >> > >> listen { >> > >> type = "auth" >> > >> ipaddr = * >> > >> port = 0 >> > >> } >> > >> listen { >> > >> type = "acct" >> > >> ipaddr = * >> > >> port = 0 >> > >> } >> > >> listen { >> > >> type = "control" >> > >> listen { >> > >> socket = >> > >> "/usr/local/fnmt/radius2//var/run/radiusd/radiusd.sock" >> > >> } >> > >> } >> > >> Listening on authentication address * port 1812 >> > >> Listening on accounting address * port 1813 >> > >> Listening on command file >> > >> /usr/local/fnmt/radius2//var/run/radiusd/radiusd.sock >> > >> Listening on proxy address * port 1814 >> > >> Ready to process requests. >> > >> >> > >> I'm able to send packets using NTRadping tool however the packets are >> > >> rejected using radtest? >> > >> Why? Anthing wrong in the configuration? >> > >> >> > >> Thanks, >> > >> Rams. >> > > >> > > - >> > > List info/subscribe/unsubscribe? See >> > > http://www.freeradius.org/list/users.html >> > > >> > >> > >> > ------------------------------ >> > >> > - >> > List info/subscribe/unsubscribe? See >> > http://www.freeradius.org/list/users.html >> > >> > >> > End of Freeradius-Users Digest, Vol 52, Issue 36 >> > ************************************************ >> > >> -------------- next part -------------- >> An HTML attachment was scrubbed... >> URL: >> <https://lists.freeradius.org/pipermail/freeradius-users/attachments/20090807/65c37413/attachment.html> >> >> ------------------------------ >> >> - >> List info/subscribe/unsubscribe? See >> http://www.freeradius.org/list/users.html >> >> >> End of Freeradius-Users Digest, Vol 52, Issue 37 >> ************************************************ > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html