You NAS is sending the password in clear text and is not doing CHAP, so the RADIUS server needs to find either a clear text password or a hashed password. Where are you storing usernames/passwords? Make sure that you have an entry with for User-Name = aew...@domain.ca and Cleartext-Password := "password".
-------- Original Message -------- Subject: Auth configuration help Date: Wed, 24 Aug 2011 21:53:46 -0400 From: Dom <mailto:dvers...@tekcorner.ca> <dvers...@tekcorner.ca> To: freeradius-users@lists.freeradius.org I was hoping someone could help. We have a cisco 3825 with radius server pointed to our freeradius installation. When I test radius authentication using NTRadping using CHAP authentication everything works fine. However when we try to connect via a standard dsl connection we get these failures. I was hoping someone could help point me in the right direction to fix the issue. Thanks rad_recv: Access-Request packet from host 64.34.66.5 port 1645, id=26, length=134 Framed-Protocol = PPP User-Name = <mailto:aew...@domain.ca> "aew...@domain.ca" User-Password = "password" Calling-Station-Id = "bas105300000096" Connect-Info = "1000000000" NAS-Port-Type = Virtual NAS-Port = 26 NAS-Port-Id = "Uniq-Sess-ID26" Service-Type = Framed-User NAS-IP-Address = 64.34.xxxx.xxxx # Executing section authorize from file /etc/freeradius/sites-enabled/default +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop ++[digest] returns noop [suffix] Looking up realm "tekcorner.ca" for User-Name = <mailto:aew...@domain.ca> "aew...@domain.ca" [suffix] No such realm "domain.ca" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop [files] users: Matched entry DEFAULT at line 172 ++[files] returns ok ++[expiration] returns noop ++[logintime] returns noop [pap] WARNING! No "known good" password found for the user. <--- The PAP module could not find a password for the user. Authentication may fail because of this. ++[pap] returns noop ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Failed to authenticate the user. Using Post-Auth-Type Reject # Executing group from file /etc/freeradius/sites-enabled/default +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} -> aew...@domain.ca attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 0 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 0 Sending Access-Reject of id 26 to 64.34.xxx.xxx port 1645 Waking up in 4.9 seconds. Cleaning up request 0 ID 26 with timestamp +97 Ready to process requests.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html