Re: radiusd

Sun, 04 Aug 2024 00:49:47 -0700 

Thank-you for the reply.

The username/password is correct.  I know that because I run the
radiusctl program from a different OpenBSD box,and I see

% radiusctl test 10.0.1.1 secretstuff stuff password stuffpswd
Sending:
    Id                        = 67
    Code                      = Access-Request(1)
    User-Name                 = "stuff"
    User-Password             = "stuffpswd"
    NAS-Port                  = 0
    NAS-IP-Address            = 10.0.1.1

Received:
    Id                        = 67
    Code                      = Access-Accept(2)
    Authenticator             = Verified
    Message-Authenticator     = Verified
    Reply-Message             = "Authentication succeeded"




OK, I mangled the IP addresses  and the name/password stuff.

But the important point, to me, is that from another OpenBSD box, the
RADIUS query is verified and accepted.

So, the username/password seem to be OK.

That leaves the second comment you stated...

authentication method was not PAP
 (radiusd_bsdauth(8) supports only PAP)

OK, that's the likely problem.  My WiFi access point is an old Linksys,
an LAPN600.  When I go to the "Wireless Security" screen on the access
point, I see nothing to choose a protocol to use.

So, it seems I have to stick with freeradiusd (and OpenBSD's insecure
version of it) for the nonce.

{sigh}

btw, I can ~play and test things here~ if that is helpful for you.  It's
my home network, and I am always willing to help OpenBSD.

In any case, many thanks for your quick replies.

Most appreciated.



On 8/3/2024 11:43 PM, YASUOKA Masahiko wrote:
> Hello,
> 
> On Sat, 3 Aug 2024 21:37:12 -0400
> Mike <the.li...@mgm51.com> wrote:
>> OK, in that endeavor, I get an error message when I run radiusd -d, one
>> for which I cannot find any explanation.
>>
>> 2024-08-03 21:22:42:INFO: Received Access-Request(code=1) from
>> 10.11.4.234:45955 id=22 username=e5 q=1: `bsdauth' authentication is
>> starting
>>
>> 2024-08-03 21:22:42:INFO: Sending Access-Reject(code=3) to
>> 10.11.4.234:45955 id=22 q=1
>>
>> What, exactly, is that "reject" error message trying to tell me?
> 
> It shows radiusd(8) sends "Access-Reject" to the RADIUS client.
> 
>> What was incorrect?
> 
> username or password was incorrect
> 
> or
> 
> authentication method was not PAP
> (radiusd_bsdauth(8) supports only PAP)
> 
> ?
>

Reply via email to