Alan,
Radius -X is always on, and I went through the clients.conf file. -X gives a
lot information, since you asked here is my understanding. I'm not a
programmer so some of them are cryptic to me. I put in comments to what I
think they are, but they are only guesses. I would be very thankful if you
can shed lights on them.
Also, there is file experimental.conf stated in eap.conf, but did not exist.
It may have some useful information.
r...@crest raddb]# radtest cisco cisco 127.0.0.1 200 testing123
Sending Access-Request of id 187 to 127.0.0.1 port 1812
User-Name = "cisco"
User-Password = "cisco"
NAS-IP-Address = 127.0.0.1
NAS-Port = 200
rad_recv: Access-Request packet from host 127.0.0.1 port 43663, id=187,
length=57
User-Name = "cisco"
User-Password = "cisco"
NAS-IP-Address = 127.0.0.1
NAS-Port = 200
+- entering group authorize {...}
++[preprocess] returns ok ;what is preprocess and what does it do?
++[chap] returns noop ;I can tell that chap was not selected as a
protocol, right?
++[mschap] returns noop ;as above
[suffix] No '@' in User-Name = "cisco", looking up realm NULL ;why @ is
expected in a name or password?
[suffix] No such realm "NULL" ;what this mean?
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP ;eap is not auth protocol.
++[eap] returns noop
++[unix] returns notfound ;what is this?
++[files] returns noop ?
++[expiration] returns noop ?
++[logintime] returns noop ?
[pap] WARNING! No "known good" password found for the user. Authentication
may fail because of this. ;I do have a password (cisco).
++[pap] returns noop
No authenticate method (Auth-Type) configuration found for the request:
Rejecting the user ;this look like authentication protocol is a
must before the process can work, however, eap.conf file is there and eap is
uncommented out with it's arguments. ?
Failed to authenticate the user.
Using Post-Auth-Type Reject
+- entering group REJECT {...}
[attr_filter.access_reject] expand: %{User-Name} -> cisco
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 5 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 5
Sending Access-Reject of id 187 to 127.0.0.1 port 43663
Waking up in 4.9 seconds.
rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=187,
length=20
[r...@crest raddb]# Cleaning up request 5 ID 187 with timestamp +411
Ready to process requests.
Rgrds,
Alex
-----Original Message-----
From: freeradius-users-bounces+alexbahoor=sbcglobal....@lists.freeradius.org
[mailto:freeradius-users-bounces+alexbahoor=sbcglobal....@lists.freeradius.o
rg] On Behalf Of Alan Buxey
Sent: Thursday, December 10, 2009 2:07 AM
To: FreeRadius users mailing list
Subject: Re: Testing radius server
Hi,
> Now I know it's a config issue in the clients.conf, as radtest is failing.
I
> set user name and password, but radius is sending a reject. This is the
> first time I'm using radius. So please bear with me. Can some one mail me
> example of the minimum required configuration that needed for the radius
to
> work, no EAP or MSCAP ..etc.
hey, guess what - 'radiusd -X' this will be far more useful than
throwing random recommendations to you.
have you followed basic guidance regarding hwo to use clients.conf
eg
testuser Cleartext-Password := "testpassword"
alan
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
__________ Information from ESET NOD32 Antivirus, version of virus signature
database 4674 (20091209) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
__________ Information from ESET NOD32 Antivirus, version of virus signature
database 4676 (20091210) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
__________ Information from ESET NOD32 Antivirus, version of virus signature
database 4676 (20091210) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
