Re: Error installing Freeradius
Harshil Anil Kumar Shah wrote: > Yes > In the newer version I did not find CA.all file which I needed . Thats is > why I use Older version See raddb/certs/README This is documented. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Error installing Freeradius
Yes In the newer version I did not find CA.all file which I needed . Thats is why I use Older version Regards, Harshil, EmpID: 128522. From: freeradius-users-bounces+harshil_shah=infosys@lists.freeradius.org [freeradius-users-bounces+harshil_shah=infosys@lists.freeradius.org] On Behalf Of Alan DeKok [al...@deployingradius.com] Sent: Tuesday, March 09, 2010 12:07 PM To: FreeRadius users mailing list Subject: Re: Error installing Freeradius Harshil Anil Kumar Shah wrote: > > Hey I am installing freeradius-server-snapshot-20080628 Is there any reason you're installing a version that's 2 years old? > and getting following error Install an official release, like 2.1.8. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Error installing Freeradius
Ok. Thanks Regards, Harshil, EmpID: 128522. From: freeradius-users-bounces+harshil_shah=infosys@lists.freeradius.org [freeradius-users-bounces+harshil_shah=infosys@lists.freeradius.org] On Behalf Of Alan DeKok [al...@deployingradius.com] Sent: Tuesday, March 09, 2010 12:07 PM To: FreeRadius users mailing list Subject: Re: Error installing Freeradius Harshil Anil Kumar Shah wrote: > > Hey I am installing freeradius-server-snapshot-20080628 Is there any reason you're installing a version that's 2 years old? > and getting following error Install an official release, like 2.1.8. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html CAUTION - Disclaimer * This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely for the use of the addressee(s). If you are not the intended recipient, please notify the sender by e-mail and delete the original message. Further, you are not to copy, disclose, or distribute this e-mail or its contents to any other person and any such actions are unlawful. This e-mail may contain viruses. Infosys has taken every reasonable precaution to minimize this risk, but is not liable for any damage you may sustain as a result of any virus in this e-mail. You should carry out your own virus checks before opening the e-mail or attachment. Infosys reserves the right to monitor and review the content of all messages sent to or from this e-mail address. Messages sent to or from this e-mail address may be stored on the Infosys e-mail system. ***INFOSYS End of Disclaimer INFOSYS*** - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Error installing Freeradius
Harshil Anil Kumar Shah wrote: > > Hey I am installing freeradius-server-snapshot-20080628 Is there any reason you're installing a version that's 2 years old? > and getting following error Install an official release, like 2.1.8. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Error installing Freeradius
Hey I am installing freeradius-server-snapshot-20080628 and getting following error make[4]: Entering directory `/usr/src/802/radius/freeradius-server-snapshot-20080628/src/main' /usr/src/802/radius/freeradius-server-snapshot-20080628/libtool --mode=link gcc -export-dynamic -dlopen self \ -o radiusd acct.lo auth.lo client.lo conffile.lo crypt.lo exec.lo files.lo listen.lo log.lo mainconfig.lo modules.lo modcall.lo radiusd.lo radius_snmp.lo stats.lo session.lo smux.lo threads.lo util.lo valuepair.lo version.lo xlat.lo event.lo realms.lo evaluate.lo vmps.lo detail.lo \ /usr/src/802/radius/freeradius-server-snapshot-20080628/src/lib/libfreeradius-radius.la -lnsl -lresolv -lpthread \ -lcrypt -lltdl -L/usr/local/openssl/lib -lcrypto -lssl -lcrypto libtool: link: `radius_snmp.lo' is not a valid libtool object make[4]: *** [radiusd] Error 1 make[4]: Leaving directory `/usr/src/802/radius/freeradius-server-snapshot-20080628/src/main' make[3]: *** [common] Error 2 make[3]: Leaving directory `/usr/src/802/radius/freeradius-server-snapshot-20080628/src' make[2]: *** [all] Error 2 make[2]: Leaving directory `/usr/src/802/radius/freeradius-server-snapshot-20080628/src' make[1]: *** [common] Error 2 make[1]: Leaving directory `/usr/src/802/radius/freeradius-server-snapshot-20080628' make: *** [all] Error 2 Regards, Harshil. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Logging Packet-Type of reply packets from inner-tunnel
Bob Franklin wrote:
> However, I can't seem to do this with locally-handled packets -- I have
> 'post-auth' which runs for 'Access-Accept' and (optionally, through
> 'Post-Auth-Type REJECT'), 'Access-Reject'. But I would like to be able
> to log the intermediate 'Access-Challenge' packets.
>
> Putting %{reply:Packet-Type} at the end of the 'authorize' section
> doesn't work (I just get '0').
The issue is that the response *might* be an Access-Challenge, or it
might be an Access-Reject. The final decision isn't made until after
all of the modules have been executed.
But I don't see why you want to log the intermediate Access-Challenges...
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Logging Packet-Type of reply packets from inner-tunnel
Hello,
I'm trying to log aspects of the reply packet returned to the NAS at
various stages during authentication using an inner tunnel, in particular
the Packet-Type. This is on FreeRADIUS 2.1.6.
My problem is that I can't find a way to retrieve this information in the
middle of the inner tunnel sequence -- if the request is proxied, I can
run a log module instance in 'post-proxy' to log
%{proxy-reply:Packet-Type} and see things like 'Access-Challenge',
'Access-Reject', etc.
However, I can't seem to do this with locally-handled packets -- I have
'post-auth' which runs for 'Access-Accept' and (optionally, through
'Post-Auth-Type REJECT'), 'Access-Reject'. But I would like to be able to
log the intermediate 'Access-Challenge' packets.
Putting %{reply:Packet-Type} at the end of the 'authorize' section doesn't
work (I just get '0').
Is this something I can do? If so, I'm sure I'm missing something obvious
- can someone please point me in the right direction? I would prefer to
do the logging from inside the inner tunnel virtual server to have access
to the inner tunnel attributes in the logging.
Thanks in advance,
- Bob
--
Bob Franklin +44 1223 748479
Network Division, University of Cambridge Computing Service
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user
On 03/08/2010 11:35 AM, omega bk wrote: ok, i put on the top of users file: You or somebody else have badly broken the default configuration. It appears as though there is nothing defined in /etc/raddb/sites-enabled. At a minimum /etc/raddb/sites-enabled should contain these symbolic links: default -> ../sites-available/default inner-tunnel -> ../sites-available/inner-tunnel You may also want (but is not necessary): control-socket -> ../sites-available/control-socket -- John Dennis Looking to carve out IT costs? www.redhat.com/carveoutcosts/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user
omega bk wrote:
> including files in directory /etc/freeradius/sites-enabled/
> main {
You have NOTHING in the sites-enabled directory. Go fix that.
You likely need "default" and "inner-tunnel".
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user
Hi, > including files in directory /etc/freeradius/sites-enabled/ ...empty..nothing in there > WARNING: Empty section. Using default return values. and hence nothing there too! ensure that you have a virtual server or more defined in the sites-enabled directory. the default sites should be in sites-available a default install from source code from www.freeradius.org will result in a working system. I'm not sure why your build isnt doing this basic stuff right - please contact whoever looks after your platform distribution because right now its broken badly! alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user
ok, i put on the top of users file:
###"
linatest Cleartext-Password := "linagora"
so run the rad test:
radtest linatest linagora 127.0.0.1 0 testing123
my rfreeradius -X
#"
freeradius -X
FreeRADIUS Version 2.1.8, for host i486-pc-linux-gnu, built on Mar 8 2010
at 15:54:37
Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License v2.
Starting - reading configuration files ...
including configuration file /etc/freeradius/radiusd.conf
including configuration file /etc/freeradius/proxy.conf
including configuration file /etc/freeradius/clients.conf
including files in directory /etc/freeradius/modules/
including configuration file /etc/freeradius/modules/mac2ip
including configuration file /etc/freeradius/modules/policy
including configuration file /etc/freeradius/modules/cui
including configuration file /etc/freeradius/modules/detail.log
including configuration file /etc/freeradius/modules/detail
including configuration file /etc/freeradius/modules/checkval
including configuration file /etc/freeradius/modules/expr
including configuration file /etc/freeradius/modules/files
including configuration file /etc/freeradius/modules/perl
including configuration file /etc/freeradius/modules/ntlm_auth
including configuration file /etc/freeradius/modules/ldap
including configuration file /etc/freeradius/modules/ippool
including configuration file /etc/freeradius/modules/otp
including configuration file /etc/freeradius/modules/exec
including configuration file /etc/freeradius/modules/sql_log
including configuration file /etc/freeradius/modules/pap
including configuration file /etc/freeradius/modules/krb5
including configuration file /etc/freeradius/modules/logintime
including configuration file /etc/freeradius/modules/mac2vlan
including configuration file /etc/freeradius/modules/radutmp
including configuration file /etc/freeradius/modules/wimax
including configuration file /etc/freeradius/modules/expiration
including configuration file /etc/freeradius/modules/unix
including configuration file /etc/freeradius/modules/always
including configuration file /etc/freeradius/modules/echo
including configuration file /etc/freeradius/modules/inner-eap
including configuration file /etc/freeradius/modules/digest
including configuration file /etc/freeradius/modules/pam
including configuration file /etc/freeradius/modules/preprocess
including configuration file /etc/freeradius/modules/smsotp
including configuration file /etc/freeradius/modules/counter
including configuration file /etc/freeradius/modules/acct_unique
including configuration file /etc/freeradius/modules/passwd
including configuration file /etc/freeradius/modules/chap
including configuration file /etc/freeradius/modules/mschap
including configuration file /etc/freeradius/modules/attr_rewrite
including configuration file
/etc/freeradius/modules/sqlcounter_expire_on_login
including configuration file /etc/freeradius/modules/smbpasswd
including configuration file /etc/freeradius/modules/sradutmp
including configuration file /etc/freeradius/modules/linelog
including configuration file /etc/freeradius/modules/realm
including configuration file /etc/freeradius/modules/etc_group
including configuration file /etc/freeradius/modules/attr_filter
including configuration file /etc/freeradius/modules/detail.example.com
including configuration file /etc/freeradius/eap.conf
including configuration file /etc/freeradius/policy.conf
including files in directory /etc/freeradius/sites-enabled/
main {
user = "freerad"
group = "freerad"
allow_core_dumps = no
}
including dictionary file /etc/freeradius/dictionary
main {
prefix = "/usr"
localstatedir = "/var"
logdir = "/var/log/freeradius"
libdir = "/usr/lib/freeradius"
radacctdir = "/var/log/freeradius/radacct"
hostname_lookups = no
max_request_time = 30
cleanup_delay = 5
max_requests = 1024
pidfile = "/var/run/freeradius/freeradius.pid"
checkrad = "/usr/sbin/checkrad"
debug_level = 0
proxy_requests = yes
log {
stripped_names = no
auth = no
auth_badpass = yes
auth_goodpass = yes
}
security {
max_attributes = 200
reject_delay = 1
status_server = yes
}
}
radiusd: Loading Realms and Home Servers
proxy server {
retry_delay = 5
retry_count = 3
default_fallback = no
dead_time = 120
wake_all_if_all_dead = no
}
home_server localhost {
ipaddr = 127.0.0.1
port = 1812
type = "auth"
secret = "testing123"
response_window = 20
max_outstanding = 65536
require_message_authenticator = no
zombie_period = 40
status_check = "status-server"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 12
Re: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user
On 03/08/2010 10:04 AM, omega bk wrote: so know i need to authenticate my users with our openldap. [useless information not requested deleted] what i did before: If you want people to help please don't ignore what you've been asked to do. We need to see the *full* output of radiusd -X. -- John Dennis Looking to carve out IT costs? www.redhat.com/carveoutcosts/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user
still the same rad_recv: Access-Request packet from host 192.168.20.253 port 1645, id=3, length=155 User-Name = "linatest" Service-Type = Framed-User Framed-MTU = 1500 Called-Station-Id = "00-1A-A1-64-BB-1A" Calling-Station-Id = "00-18-8B-B5-26-B7" EAP-Message = 0x0202000d016c696e6174657374 Message-Authenticator = 0x671915501878ed97349cbff815409677 Cisco-NAS-Port = "FastEthernet0/24" NAS-Port = 50024 NAS-Port-Type = Ethernet NAS-IP-Address = 192.168.20.253 WARNING: Empty section. Using default return values. No authenticate method (Auth-Type) configuration found for the request: Rejecting the user Failed to authenticate the user. Delaying reject of request 0 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 0 Sending Access-Reject of id 3 to 192.168.20.253 port 1645 Waking up in 4.9 seconds. Cleaning up request 0 ID 3 with timestamp +20 Ready to process requests. please help me 2010/3/8 omega bk > I rebuild deb files so i got: > > -rw-r--r-- 1 root root1040 2010-03-08 15:52 freeradius_2.1.8+git.dsc > -rw-r--r-- 1 root root5212 2010-03-08 15:56 > freeradius_2.1.8+git_i386.changes > -rw-r--r-- 1 root root 1352152 2010-03-08 15:55 * > freeradius_2.1.8+git_i386.deb* > -rw-r--r-- 1 root root 3925016 2010-03-08 15:52 > freeradius_2.1.8+git.tar.gz > -rw-r--r-- 1 root root 212818 2010-03-08 15:56 * > freeradius-common_2.1.8+git_all.deb* > -rw-r--r-- 1 root root 1121616 2010-03-08 15:56 * > freeradius-dbg_2.1.8+git_i386.deb* > -rw-r--r-- 1 root root 118676 2010-03-08 > 15:56*freeradius-dialupadmin_2.1.8+git_all.deb > * > -rw-r--r-- 1 root root 18240 2010-03-08 15:56 > freeradius-iodbc_2.1.8+git_i386.deb > -rw-r--r-- 1 root root 19236 2010-03-08 15:56 > freeradius-krb5_2.1.8+git_i386.deb > -rw-r--r-- 1 root root 36732 2010-03-08 > 15:56*freeradius-ldap_2.1.8+git_i386.deb > * > -rw-r--r-- 1 root root 26068 2010-03-08 15:56 * > freeradius-mysql_2.1.8+git_i386.deb* > -rw-r--r-- 1 root root 36364 2010-03-08 15:56 > freeradius-postgresql_2.1.8+git_i386.deb > -rw-r--r-- 1 root root 74538 2010-03-08 > 15:55*freeradius-utils_2.1.8+git_i386.deb > * > -rw-r--r-- 1 root root 92308 2010-03-08 > 15:55*libfreeradius2_2.1.8+git_i386.deb > * > -rw-r--r-- 1 root root 126532 2010-03-08 > 15:55*libfreeradius-dev_2.1.8+git_i386.deb > * > > i checked for tls support > dpkg --contents freeradius_2.1.8+git_i386.deb | grep tls.so > lrwxrwxrwx root/root 0 2010-03-08 15:55 > ./usr/lib/freeradius/rlm_eap_tls.so -> rlm_eap_tls-2.1.8.so > lrwxrwxrwx root/root 0 2010-03-08 15:55 > ./usr/lib/freeradius/rlm_eap_ttls.so -> rlm_eap_ttls-2.1.8.so > > > so know i need to authenticate my users with our openldap. > > what i did before: > > first : > apt-get freeradius > apt-get freeradius-ldap > apt-get freeradius-mysql > > Secondly: > dpkg -i *freeradius_2.1.8+git_i386.deb* * > freeradius-ldap_2.1.8+git_i386.deb* *freeradius-mysql_2.1.8+git_i386.deb* > *freeradius2_2.1.8+git_i386.deb* > > > i just wanted before to change users file to support ldap , to check it > with Cleartext-password. > > so it fails > > 2 010/3/8 omega bk > > >> you're right my connexion is eap based and i did not build freeradius with >> ssl support >> how to make it work, please? >> >> >> thanks >> > > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Problems with PEAP/mschapv2
I've noticed recently that my PEAP/mschapv2 for my wireless network will randomly stop working and I have to reboot the server freeradius is running on. Don't ask me why this is working, but restarting the daemons won't fix it. Once I reboot everything works fine for a few days and then happens again. The only odd thing I can find is this in my log file: Mon Mar 8 10:21:02 2010 : Error: rlm_radutmp: Logout entry for NAS diller-wism-d.wsc.ma.edu port 29 has wrong ID Mon Mar 8 10:21:02 2010 : Error: rlm_radutmp: Logout entry for NAS diller-wism-a.wsc.ma.edu port 29 has wrong ID Mon Mar 8 10:21:02 2010 : Error: rlm_radutmp: Logout entry for NAS diller-wism-d.wsc.ma.edu port 29 has wrong ID Mon Mar 8 10:21:06 2010 : Error: rlm_radutmp: Logout entry for NAS diller-wism-b.wsc.ma.edu port 29 has wrong ID Mon Mar 8 10:21:12 2010 : Error: rlm_radutmp: Logout entry for NAS diller-wism-c.wsc.ma.edu port 29 has wrong ID Mon Mar 8 10:21:20 2010 : Error: rlm_radutmp: Logout entry for NAS chaplin-wism-b.wsc.ma.edu port 29 has wrong ID Mon Mar 8 10:21:23 2010 : Error: rlm_radutmp: Logout entry for NAS diller-wism-d.wsc.ma.edu port 29 has wrong ID Mon Mar 8 10:21:23 2010 : Error: rlm_radutmp: Logout entry for NAS diller-wism-a.wsc.ma.edu port 29 has wrong ID Mon Mar 8 10:21:27 2010 : Error: rlm_radutmp: Logout entry for NAS diller-wism-b.wsc.ma.edu port 29 has wrong ID Mon Mar 8 10:21:30 2010 : Error: rlm_radutmp: Logout entry for NAS diller-wism-a.wsc.ma.edu port 29 has wrong ID Mon Mar 8 10:21:34 2010 : Error: rlm_radutmp: Logout entry for NAS diller-wism-a.wsc.ma.edu port 29 has wrong ID Mon Mar 8 10:21:40 2010 : Error: rlm_radutmp: Logout entry for NAS diller-wism-b.wsc.ma.edu port 29 has wrong ID Mon Mar 8 10:21:42 2010 : Error: rlm_radutmp: Logout entry for NAS chaplin-wism-a.wsc.ma.edu port 29 has wrong ID Mon Mar 8 10:21:43 2010 : Error: rlm_radutmp: Logout entry for NAS diller-wism-a.wsc.ma.edu port 29 has wrong ID Mon Mar 8 10:21:44 2010 : Error: rlm_radutmp: Logout entry for NAS diller-wism-c.wsc.ma.edu port 29 has wrong ID Mon Mar 8 10:21:45 2010 : Error: rlm_radutmp: Logout entry for NAS abbott-wism-b.wsc.ma.edu port 29 has wrong ID Mon Mar 8 10:21:46 2010 : Error: rlm_radutmp: Logout entry for NAS diller-wism-c.wsc.ma.edu port 29 has wrong ID Mon Mar 8 10:21:48 2010 : Error: rlm_radutmp: Logout entry for NAS diller-wism-d.wsc.ma.edu port 29 has wrong ID Mon Mar 8 10:21:48 2010 : Error: rlm_radutmp: Logout entry for NAS diller-wism-b.wsc.ma.edu port 29 has wrong ID This is constant I get tons of these messages per day. IS this anything to worry about is it normal? And is it possible this could be causing the authentication to stop working randomly? Thomas E. Casartello, Jr. Staff Assistant - Wireless/Linux Administrator Information Technology Wilson 105A Westfield State College (413) 572-8245 Red Hat Certified Technician (RHCT) smime.p7s Description: S/MIME cryptographic signature - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius 2.1.8 : No authenticate method (Auth-Type) configuration found for the request: Rejecting the user / sites-enabled
Klaus Schinkinger wrote: > I got this error as you can see from the subject, as far as I have > learned now this is due to me not having any sites-enabled, problem is I > don't even know which ones to enable. The default install of 2.1.8 enables the ones you need. > So here's what I am actually trying to accomplish: > Currently we have a freeradius in the version 1.1.13 running on Debian > Etch and I want to port this to 2.1.18 on Lenny, which isn't that easy > as the config files/structure have completely changed... No. (1) It's 1.1.3 and 2.1.8, not 1.1.13 and 2.1.18. Details matter. (2) the *layout* has changed, but the contents have remained 90% or more identical. (3) i.e. Your configuration from 1.1.3 would very likely work with minor changes. (4) Don't use the config from 1.1.3. Instead, do a DEFAULT INSTALL of 2.1.8, and copy a piece of the configuration at a time. (5) see "man radiusd" in 2.1.8 for more instructions on how to go from a default install to a final configuration. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user
I rebuild deb files so i got: -rw-r--r-- 1 root root1040 2010-03-08 15:52 freeradius_2.1.8+git.dsc -rw-r--r-- 1 root root5212 2010-03-08 15:56 freeradius_2.1.8+git_i386.changes -rw-r--r-- 1 root root 1352152 2010-03-08 15:55 * freeradius_2.1.8+git_i386.deb* -rw-r--r-- 1 root root 3925016 2010-03-08 15:52 freeradius_2.1.8+git.tar.gz -rw-r--r-- 1 root root 212818 2010-03-08 15:56 * freeradius-common_2.1.8+git_all.deb* -rw-r--r-- 1 root root 1121616 2010-03-08 15:56 * freeradius-dbg_2.1.8+git_i386.deb* -rw-r--r-- 1 root root 118676 2010-03-08 15:56*freeradius-dialupadmin_2.1.8+git_all.deb * -rw-r--r-- 1 root root 18240 2010-03-08 15:56 freeradius-iodbc_2.1.8+git_i386.deb -rw-r--r-- 1 root root 19236 2010-03-08 15:56 freeradius-krb5_2.1.8+git_i386.deb -rw-r--r-- 1 root root 36732 2010-03-08 15:56*freeradius-ldap_2.1.8+git_i386.deb * -rw-r--r-- 1 root root 26068 2010-03-08 15:56 * freeradius-mysql_2.1.8+git_i386.deb* -rw-r--r-- 1 root root 36364 2010-03-08 15:56 freeradius-postgresql_2.1.8+git_i386.deb -rw-r--r-- 1 root root 74538 2010-03-08 15:55*freeradius-utils_2.1.8+git_i386.deb * -rw-r--r-- 1 root root 92308 2010-03-08 15:55*libfreeradius2_2.1.8+git_i386.deb * -rw-r--r-- 1 root root 126532 2010-03-08 15:55*libfreeradius-dev_2.1.8+git_i386.deb * i checked for tls support dpkg --contents freeradius_2.1.8+git_i386.deb | grep tls.so lrwxrwxrwx root/root 0 2010-03-08 15:55 ./usr/lib/freeradius/rlm_eap_tls.so -> rlm_eap_tls-2.1.8.so lrwxrwxrwx root/root 0 2010-03-08 15:55 ./usr/lib/freeradius/rlm_eap_ttls.so -> rlm_eap_ttls-2.1.8.so so know i need to authenticate my users with our openldap. what i did before: first : apt-get freeradius apt-get freeradius-ldap apt-get freeradius-mysql Secondly: dpkg -i *freeradius_2.1.8+git_i386.deb* *freeradius-ldap_2.1.8+git_i386.deb* *freeradius-mysql_2.1.8+git_i386.deb* *freeradius2_2.1.8+git_i386.deb* i just wanted before to change users file to support ldap , to check it with Cleartext-password. so it fails 2 010/3/8 omega bk > > you're right my connexion is eap based and i did not build freeradius with > ssl support > how to make it work, please? > > > thanks > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
freeradius 2.1.8 : No authenticate method (Auth-Type) configuration found for the request: Rejecting the user / sites-enabled
Hi guys! I got this error as you can see from the subject, as far as I have learned now this is due to me not having any sites-enabled, problem is I don't even know which ones to enable. So here's what I am actually trying to accomplish: Currently we have a freeradius in the version 1.1.13 running on Debian Etch and I want to port this to 2.1.18 on Lenny, which isn't that easy as the config files/structure have completely changed... The server does not ask for any user-names or passwords but simply authenticates/authorizes with certificates (which have to be "unlocked" with a password). I'd be very thankful if you could tell me what to enter to sites-enabled, further if you could look over my config to see if i got any other parameters set wrong: falcon:/etc/freeradius# freeradius -Xxx Mon Mar 8 15:02:43 2010 : Info: FreeRADIUS Version 2.1.8, for host i486-pc-linux-gnu, built on Jan 3 2010 at 15:51:52 Mon Mar 8 15:02:43 2010 : Info: Copyright (C) 1999-2009 The FreeRADIUS server project and contributors. Mon Mar 8 15:02:43 2010 : Info: There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A Mon Mar 8 15:02:43 2010 : Info: PARTICULAR PURPOSE. Mon Mar 8 15:02:43 2010 : Info: You may redistribute copies of FreeRADIUS under the terms of the Mon Mar 8 15:02:43 2010 : Info: GNU General Public License v2. Mon Mar 8 15:02:43 2010 : Info: Starting - reading configuration files ... Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/radiusd.conf Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/proxy.conf Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/clients.conf Mon Mar 8 15:02:43 2010 : Debug: including files in directory /etc/freeradius/modules/ Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/files Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/digest Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/detail.example.com Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/always Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/exec Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/perl Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/radutmp Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/sql_log Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/sqlcounter_expire_on_login Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/logintime Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/echo Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/sradutmp Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/etc_group Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/smbpasswd Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/expr Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/krb5 Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/ippool Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/chap Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/otp Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/mac2vlan Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/cui Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/policy Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/mac2ip Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/linelog Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/acct_unique Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/mschap Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/attr_filter Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/expiration Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/preprocess Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/pam Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/ntlm_auth Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/passwd Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/attr_rewrite Mon M
freeradius 2.1.8 : No authenticate method (Auth-Type) configuration found for the request: Rejecting the user / sites-enabled
Hi guys! I got this error as you can see from the subject, as far as I have learned now this is due to me not having any sites-enabled, problem is I don't even know which ones to enable. So here's what I am actually trying to accomplish: Currently we have a freeradius in the version 1.1.13 running on Debian Etch and I want to port this to 2.1.18 on Lenny, which isn't that easy as the config files/structure have completely changed... The server does not ask for any user-names or passwords but simply authenticates/authorizes with certificates (which have to be "unlocked" with a password). I'd be very thankful if you could tell me what to enter to sites-enabled, further if you could look over my config to see if i got any other parameters set wrong: falcon:/etc/freeradius# freeradius -Xxx Mon Mar 8 15:02:43 2010 : Info: FreeRADIUS Version 2.1.8, for host i486-pc-linux-gnu, built on Jan 3 2010 at 15:51:52 Mon Mar 8 15:02:43 2010 : Info: Copyright (C) 1999-2009 The FreeRADIUS server project and contributors. Mon Mar 8 15:02:43 2010 : Info: There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A Mon Mar 8 15:02:43 2010 : Info: PARTICULAR PURPOSE. Mon Mar 8 15:02:43 2010 : Info: You may redistribute copies of FreeRADIUS under the terms of the Mon Mar 8 15:02:43 2010 : Info: GNU General Public License v2. Mon Mar 8 15:02:43 2010 : Info: Starting - reading configuration files ... Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/radiusd.conf Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/proxy.conf Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/clients.conf Mon Mar 8 15:02:43 2010 : Debug: including files in directory /etc/freeradius/modules/ Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/files Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/digest Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/detail.example.com Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/always Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/exec Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/perl Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/radutmp Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/sql_log Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/sqlcounter_expire_on_login Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/logintime Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/echo Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/sradutmp Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/etc_group Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/smbpasswd Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/expr Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/krb5 Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/ippool Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/chap Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/otp Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/mac2vlan Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/cui Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/policy Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/mac2ip Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/linelog Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/acct_unique Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/mschap Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/attr_filter Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/expiration Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/preprocess Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/pam Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/ntlm_auth Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/passwd Mon Mar 8 15:02:43 2010 : Debug: including configuration file /etc/freeradius/modules/attr_rewrite Mon M
Re: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user
you're right my connexion is eap based and i did not build freeradius with ssl support how to make it work, please? thanks - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user
ok,
my all freeradis -X is:
Ready to process requests.
rad_recv: Access-Request packet from host 192.168.20.253 port 1645, id=2,
length=155
User-Name = "linatest"
Service-Type = Framed-User
Framed-MTU = 1500
Called-Station-Id = "00-1A-A1-64-BB-1A"
Calling-Station-Id = "00-18-8B-B5-26-B7"
EAP-Message = 0x0202000d016c696e6174657374
Message-Authenticator = 0xe883c52a443c41c4f9b53935c0214d5b
Cisco-NAS-Port = "FastEthernet0/24"
NAS-Port = 50024
NAS-Port-Type = Ethernet
NAS-IP-Address = 192.168.20.253
WARNING: Empty section. Using default return values.
No authenticate method (Auth-Type) configuration found for the request:
Rejecting the user
Failed to authenticate the user.
Delaying reject of request 0 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 0
Sending Access-Reject of id 2 to 192.168.20.253 port 1645
Waking up in 4.9 seconds.
Cleaning up request 0 ID 2 with timestamp +16
Ready to process requests.
#
i tried a radtest:
radtest linatest linagora 10.75.128.251:1813 1 testing123
/usr/bin/radclient: error while loading shared libraries:
libfreeradius-radius-2.1.0.so: cannot open shared object file: No such file
or directory
#
so i tried also strace freeradius -V
##
execve("/usr/sbin/freeradius", ["freeradius", "-V"], [/* 21 vars */]) = 0
brk(0) = 0x978
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or
directory)
mmap2(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0xb77cd000
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or
directory)
open("/usr/lib/freeradius/tls/i686/sse2/cmov/libfreeradius-radius-2.1.8.so",
O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/lib/freeradius/tls/i686/sse2/cmov", 0xbf8c9d2c) = -1 ENOENT (No
such file or directory)
open("/usr/lib/freeradius/tls/i686/sse2/libfreeradius-radius-2.1.8.so",
O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/lib/freeradius/tls/i686/sse2", 0xbf8c9d2c) = -1 ENOENT (No such
file or directory)
open("/usr/lib/freeradius/tls/i686/cmov/libfreeradius-radius-2.1.8.so",
O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/lib/freeradius/tls/i686/cmov", 0xbf8c9d2c) = -1 ENOENT (No such
file or directory)
open("/usr/lib/freeradius/tls/i686/libfreeradius-radius-2.1.8.so", O_RDONLY)
= -1 ENOENT (No such file or directory)
stat64("/usr/lib/freeradius/tls/i686", 0xbf8c9d2c) = -1 ENOENT (No such file
or directory)
open("/usr/lib/freeradius/tls/sse2/cmov/libfreeradius-radius-2.1.8.so",
O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/lib/freeradius/tls/sse2/cmov", 0xbf8c9d2c) = -1 ENOENT (No such
file or directory)
open("/usr/lib/freeradius/tls/sse2/libfreeradius-radius-2.1.8.so", O_RDONLY)
= -1 ENOENT (No such file or directory)
stat64("/usr/lib/freeradius/tls/sse2", 0xbf8c9d2c) = -1 ENOENT (No such file
or directory)
open("/usr/lib/freeradius/tls/cmov/libfreeradius-radius-2.1.8.so", O_RDONLY)
= -1 ENOENT (No such file or directory)
stat64("/usr/lib/freeradius/tls/cmov", 0xbf8c9d2c) = -1 ENOENT (No such file
or directory)
open("/usr/lib/freeradius/tls/libfreeradius-radius-2.1.8.so", O_RDONLY) = -1
ENOENT (No such file or directory)
stat64("/usr/lib/freeradius/tls", 0xbf8c9d2c) = -1 ENOENT (No such file or
directory)
open("/usr/lib/freeradius/i686/sse2/cmov/libfreeradius-radius-2.1.8.so",
O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/lib/freeradius/i686/sse2/cmov", 0xbf8c9d2c) = -1 ENOENT (No
such file or directory)
open("/usr/lib/freeradius/i686/sse2/libfreeradius-radius-2.1.8.so",
O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/lib/freeradius/i686/sse2", 0xbf8c9d2c) = -1 ENOENT (No such
file or directory)
open("/usr/lib/freeradius/i686/cmov/libfreeradius-radius-2.1.8.so",
O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/lib/freeradius/i686/cmov", 0xbf8c9d2c) = -1 ENOENT (No such
file or directory)
open("/usr/lib/freeradius/i686/libfreeradius-radius-2.1.8.so", O_RDONLY) =
-1 ENOENT (No such file or directory)
stat64("/usr/lib/freeradius/i686", 0xbf8c9d2c) = -1 ENOENT (No such file or
directory)
open("/usr/lib/freeradius/sse2/cmov/libfreeradius-radius-2.1.8.so",
O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/lib/freeradius/sse2/cmov", 0xbf8c9d2c) = -1 ENOENT (No such
file or directory)
open("/usr/lib/freeradius/sse2/libfreeradius-radius-2.1.8.so", O_RDONLY) =
-1 ENOENT (No such file or directory)
stat64("/usr/lib/freeradius/sse2", 0xbf8c9d2c) = -1 ENOENT (No such file or
directory)
open("/usr/lib/freeradius/cmov/libfreeradius-radius-2.1.8.so", O_RDONLY) =
-1 ENOENT (No such file or directory)
stat64("/usr/lib/freeradius/cmov", 0xbf8c9d2c) = -1 ENOENT (No such file or
directory)
open("/usr/lib/freeradius/libfreeradius-radius-2.1.8.so", O_RDONLY) = 3
read(3,
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0
Re: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user
Hi, > i sucess dpkg-buildpackage (after reinstalling os ubuntu on my server test) > so i installed FreeRADIUS Version 2.1.8 via .deb file ok > > so know i tried the same configuration like before, but launching freeradius > -X ireturns > > rad_recv: Access-Request packet from host 192.168.20.253 port 1645, id=254, > length=155 > User-Name = "linatest" > Service-Type = Framed-User > Framed-MTU = 1500 > Called-Station-Id = "00-1A-A1-64-BB-1A" > Calling-Station-Id = "00-18-8B-B5-26-B7" > EAP-Message = 0x0202000d016c696e6174657374 > Message-Authenticator = 0xf55c29bf173484be884411a62582014c > Cisco-NAS-Port = "FastEthernet0/24" > NAS-Port = 50024 > NAS-Port-Type = Ethernet > NAS-IP-Address = 192.168.20.253 > WARNING: Empty section. Using default return values. > No authenticate method (Auth-Type) configuration found for the request: > Rejecting the user > Failed to authenticate the user. > > ?? => why? thats not the full output form debug. why do you not send all the output? how do you think this little bit you DID send to the list helps? i suspect that you dont have SSL support in your server and this connection is EAP based - and thus failing as it doesnt have the required code and modules to handle EAP alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
No authenticate method (Auth-Type) configuration found for the request: Rejecting the user
hello, i sucess dpkg-buildpackage (after reinstalling os ubuntu on my server test) so i installed FreeRADIUS Version 2.1.8 via .deb file ok so know i tried the same configuration like before, but launching freeradius -X ireturns rad_recv: Access-Request packet from host 192.168.20.253 port 1645, id=254, length=155 User-Name = "linatest" Service-Type = Framed-User Framed-MTU = 1500 Called-Station-Id = "00-1A-A1-64-BB-1A" Calling-Station-Id = "00-18-8B-B5-26-B7" EAP-Message = 0x0202000d016c696e6174657374 Message-Authenticator = 0xf55c29bf173484be884411a62582014c Cisco-NAS-Port = "FastEthernet0/24" NAS-Port = 50024 NAS-Port-Type = Ethernet NAS-IP-Address = 192.168.20.253 WARNING: Empty section. Using default return values. No authenticate method (Auth-Type) configuration found for the request: Rejecting the user Failed to authenticate the user. ?? => why? thanks - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Login Scrip
Dear FreeRadius Users I would like to put a script that maps a netowrk drive when a user logs in. I am using Ldap to authenticate users. everything is working fine just donno how and where to put the script. How to use the Exec-Progrm-Wait module? Where can i put it or look for it? is it possible to put a batch file? regards _ Your E-mail and More On-the-Go. Get Windows Live Hotmail Free. https://signup.live.com/signup.aspx?id=60969- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
