Re: MAC Auth. for Orinoco AP-1000 not working (log attached)
30-Jan-03 at 14:20, Shahid M. Bhatti ([EMAIL PROTECTED]) wrote : Hi, I'm trying to authenticate Wireless Access Point of Orinoco/Lucent/Avaya/Agere/Proxim with Free Radius server. I've made the user as AP's MAC address in /etc/raddb/users file and conf file, but when I start the radius server in debig mode I get the following messages which I have attached below. Please have a look at it and help me in figuring out what should I do? Thanks a bunch. Reading the documentation is easy, understanding it perhaps less so, but I have managed to make the following interpretation. I think I'm right here. users: Matched DEFAULT at 162 modcall[authorize]: module files returns ok modcall: group authorize returns ok Authorize is from files, rad_check_password: Found Auth-Type System auth: type System modcall: entering group authenticate modcall[authenticate]: module unix returns notfound modcall: group authenticate returns notfound auth: Failed to validate the user. And the module unix (the only one configured) returns notfound. Auth-Type System means to authenticate against /etc/passwd, /etc/shadow or similar From users file:- # You don't need to specify a password if you set Auth-Type += # System on the list of authentication requirements. The RADIUS # server will then check the system password file. Somewhere, you need to be setting Auth-Type Local, in the user's attributes. Regards, -- |-Simon White, Internet Services Manager, Certified Check Point CCSA. |-MTDS Internet, Security, Anti-Virus, Linux and Hosting Solutions. |-MTDS 14, rue du 16 novembre, Agdal, Rabat, Morocco. |-MTDS tel +212.3.767.4861 - fax +212.3.767.4863 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: MAC Auth. for Orinoco AP-1000 not working (log attached)
30-Jan-03 at 14:20, Shahid M. Bhatti ([EMAIL PROTECTED]) wrote : Hi, I'm trying to authenticate Wireless Access Point of Orinoco/Lucent/Avaya/Agere/Proxim with Free Radius server. I've made the user as AP's MAC address in /etc/raddb/users file and conf file, but when I start the radius server in debig mode I get the following messages which I have attached below. Please have a look at it and help me in figuring out what should I do? Thanks a bunch. If I am reading this right, you said that you put the MAC addresses of the AP's in the conf file. Which conf file? The only place that the MAC addresses should be is in the /etc/raddb/users file. In your clients.conf you should have the IP addresses and passwords for your APs. Your MAC addresses and such should also be at the end of your users file. Other than that, there really isn't much more to it. Mark Capelle - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: MAC Auth. for Orinoco AP-1000 not working (log attached)
You are right Mark, I have made the users only in users file and not anywhere else. -Shahid [EMAIL PROTECTED] wrote: 30-Jan-03 at 14:20, Shahid M. Bhatti ([EMAIL PROTECTED]) wrote : Hi, I'm trying to authenticate Wireless Access Point of Orinoco/Lucent/Avaya/Agere/Proxim with Free Radius server. I've made the user as AP's MAC address in /etc/raddb/users file and conf file, but when I start the radius server in debig mode I get the following messages which I have attached below. Please have a look at it and help me in figuring out what should I do? Thanks a bunch. If I am reading this right, you said that you put the MAC addresses of the AP's in the conf file. Which conf file? The only place that the MAC addresses should be is in the /etc/raddb/users file. In your clients.conf you should have the IP addresses and passwords for your APs. Your MAC addresses and such should also be at the end of your users file. Other than that, there really isn't much more to it. Mark Capelle - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
MAC Auth. for Orinoco AP-1000 not working (log attached)
Hi, I'm trying to authenticate Wireless Access Point of Orinoco/Lucent/Avaya/Agere/Proxim with Free Radius server. I've made the user as AP's MAC address in /etc/raddb/users file and conf file, but when I start the radius server in debig mode I get the following messages which I have attached below. Please have a look at it and help me in figuring out what should I do? Thanks a bunch. -Shahid Listening on IP address *, ports 1812/udp and 1813/udp, with proxy on 1814/udp. Ready to process requests. rad_recv: Access-Request packet from host 128.111.20.96:192, id=1, length=59 NAS-IP-Address = 128.111.20.96 User-Name = 00022d-677c37 User-Password = testing123 modcall: entering group authorize modcall[authorize]: module preprocess returns ok rlm_chap: Could not find proper Chap-Password attribute in request modcall[authorize]: module chap returns noop modcall[authorize]: module mschap returns notfound rlm_realm: No '@' in User-Name = 00022d-677c37, looking up realm NULL rlm_realm: No such realm NULL modcall[authorize]: module suffix returns noop users: Matched DEFAULT at 162 modcall[authorize]: module files returns ok modcall: group authorize returns ok rad_check_password: Found Auth-Type System auth: type System modcall: entering group authenticate modcall[authenticate]: module unix returns notfound modcall: group authenticate returns notfound auth: Failed to validate the user. Delaying request 0 for 1 seconds Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... rad_recv: Access-Request packet from host 128.111.20.96:192, id=1, length=59 Sending Access-Reject of id 1 to 128.111.20.96:192 --- Walking the entire request list --- Waking up in 5 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 1 with timestamp 3e39a2f4 Nothing to do. Sleeping until we see a request. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: MAC Auth. for Orinoco AP-1000 not working (log attached)
well it is sending mac address as username, you should perhaps set the usernames in users file as mac addresses. what do you have in users file now? Evren On Thu, 30 Jan 2003, Shahid M. Bhatti wrote: Hi, I'm trying to authenticate Wireless Access Point of Orinoco/Lucent/Avaya/Agere/Proxim with Free Radius server. I've made the user as AP's MAC address in /etc/raddb/users file and conf file, but when I start the radius server in debig mode I get the following messages which I have attached below. Please have a look at it and help me in figuring out what should I do? Thanks a bunch. -Shahid Listening on IP address *, ports 1812/udp and 1813/udp, with proxy on 1814/udp. Ready to process requests. rad_recv: Access-Request packet from host 128.111.20.96:192, id=1, length=59 NAS-IP-Address = 128.111.20.96 User-Name = 00022d-677c37 User-Password = testing123 modcall: entering group authorize modcall[authorize]: module preprocess returns ok rlm_chap: Could not find proper Chap-Password attribute in request modcall[authorize]: module chap returns noop modcall[authorize]: module mschap returns notfound rlm_realm: No '@' in User-Name = 00022d-677c37, looking up realm NULL rlm_realm: No such realm NULL modcall[authorize]: module suffix returns noop users: Matched DEFAULT at 162 modcall[authorize]: module files returns ok modcall: group authorize returns ok rad_check_password: Found Auth-Type System auth: type System modcall: entering group authenticate modcall[authenticate]: module unix returns notfound modcall: group authenticate returns notfound auth: Failed to validate the user. Delaying request 0 for 1 seconds Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... rad_recv: Access-Request packet from host 128.111.20.96:192, id=1, length=59 Sending Access-Reject of id 1 to 128.111.20.96:192 --- Walking the entire request list --- Waking up in 5 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 1 with timestamp 3e39a2f4 Nothing to do. Sleeping until we see a request. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: MAC Auth. for Orinoco AP-1000 not working (log attached)
That's true, and that's why I have included the MAC address of the Access Point and the Wireless PC Card both in the users file like this: #Access Point 3152C 00022d-191cb3 Auth-Type = Local, User-Password == testing123 Service-Type = Framed-User, #PC Card Orinoco Gold (Test Laptop) 00022d-677c37 Auth-Type = Local, User-Password == testing123 Service-Type = Framed-User, On Fri, 31 Jan 2003, Evren Yurtesen wrote: well it is sending mac address as username, you should perhaps set the usernames in users file as mac addresses. what do you have in users file now? Evren On Thu, 30 Jan 2003, Shahid M. Bhatti wrote: Hi, I'm trying to authenticate Wireless Access Point of Orinoco/Lucent/Avaya/Agere/Proxim with Free Radius server. I've made the user as AP's MAC address in /etc/raddb/users file and conf file, but when I start the radius server in debig mode I get the following messages which I have attached below. Please have a look at it and help me in figuring out what should I do? Thanks a bunch. -Shahid Listening on IP address *, ports 1812/udp and 1813/udp, with proxy on 1814/udp. Ready to process requests. rad_recv: Access-Request packet from host 128.111.20.96:192, id=1, length=59 NAS-IP-Address = 128.111.20.96 User-Name = 00022d-677c37 User-Password = testing123 modcall: entering group authorize modcall[authorize]: module preprocess returns ok rlm_chap: Could not find proper Chap-Password attribute in request modcall[authorize]: module chap returns noop modcall[authorize]: module mschap returns notfound rlm_realm: No '@' in User-Name = 00022d-677c37, looking up realm NULL rlm_realm: No such realm NULL modcall[authorize]: module suffix returns noop users: Matched DEFAULT at 162 modcall[authorize]: module files returns ok modcall: group authorize returns ok rad_check_password: Found Auth-Type System auth: type System modcall: entering group authenticate modcall[authenticate]: module unix returns notfound modcall: group authenticate returns notfound auth: Failed to validate the user. Delaying request 0 for 1 seconds Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... rad_recv: Access-Request packet from host 128.111.20.96:192, id=1, length=59 Sending Access-Reject of id 1 to 128.111.20.96:192 --- Walking the entire request list --- Waking up in 5 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 1 with timestamp 3e39a2f4 Nothing to do. Sleeping until we see a request. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
