Re: Still having issue with radtest
Atkins, Dwane P wrote: 1.) Since I attempting to use the sql database for authentication purpose, No you are not. You are trying to use sql for AUTHORIZATION. FreeRADIUS will do the AUTHENTICATION based on what it finds in the database during the AUTHORIZATION phase. Understand that and it will get you much further along. would it be best if I made sure that [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] (my username I chose) be in the users file and also be granted privileges on the sql database (I chose to call it radius as well) GRANT SELECT ON radius.* TO [EMAIL PROTECTED] IDENTIFIED BY 'somepassword' I think is what you want. You will probably also want to grant that user INSERT and UPDATE privs on the radacct table. somepassword is what you would use if you did this on the commandline: mysql -u radius -psomepassword radius It is *not* the password for the user trying to auth, nor the shared secret. 2.) When doing the radtest, would the proper syntax be radtest radius radiustest localhost 1645 baseball (with baseball being the shared secret also entered into the clients.conf file) or should there be quotes around the shared secret. My apologies for calling it a preshare key. This is an IPSec term that I have used for a few years. No quotes. 3.) I have read documentation. I have bought the O'Reilly Book and read it. I have reinstalled my server and all to no avail. I appreciate the help you all give, but I am stuck. I am sure I overlooked the issue, but at this point, I cannot see it. Read it again. Start working from the beginning, not the middle. Do a fresh install and DO NOT change the config files. Put a test user in the users file and make sure radtest works (no SQL until you make this work!). Then make 1 change at a time and work up to the config you want. -- Dennis Skinner Systems Administrator BlueFrog Internet http://www.bluefrog.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Still having issue with radtest
Atkins, Dwane P [EMAIL PROTECTED] wrote: I apologize for not using proper terms since this is new to me, I tend to associate to something I do know. Which can help sometimes. Not always. 1.) Since I attempting to use the sql database for authentication purpose, would it be best if I made sure that [EMAIL PROTECTED] (my username I chose) be in the users file and also be granted privileges on the sql database (I chose to call it radius as well) I'm not sure what that means. You're not being very specific about what's what. 2.) When doing the radtest, would the proper syntax be radtest radius radiustest localhost 1645 baseball (with baseball being the shared secret also entered into the clients.conf file) or should there be quotes around the shared secret. It's just another comman-line option. It doesn't need quotes. This is Unix 101. 3.) I have read documentation. I have bought the O'Reilly Book and read it. I have reinstalled my server and all to no avail. I appreciate the help you all give, but I am stuck. I am sure I overlooked the issue, but at this point, I cannot see it. I think you're trying to start by making complex configurations, without really understanding what the terminology is, what it means, or how the server works. Start off with the simplest configuration and test it. Then, work towards a more complex configuration. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Still having issue with radtest
Atkins, Dwane P [EMAIL PROTECTED] wrote: A couple questions I have not asked about this issue? Do both the [EMAIL PROTECTED] and localhost need access to the Sql database. I have no idea what that means. I am at loss as to why everytime I run this process, it tells me that I have an = invalid preshare key. No, it doesn't. The text isn't about preshare keys. It's about shared secrets. I think at least part of the reason you're having difficulty is your insistence on using terms and ideas you came up with, rather than using the ones in the docs and on the mailing list. Doing that makes it MUCH harder for anyone to understand you, and MUCH harder for you to understand any answer. If I have a user called radius with a password of radiustest and my localhost preshare is BASEBALL, then would my syntax be, radtest radius radiustest localhost 1645 BASEBALL ? Honestly, this question is addressed in the documentation. Please read it. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Still having issue with radtest
I apologize for not using proper terms since this is new to me, I tend to associate to something I do know. 1.) Since I attempting to use the sql database for authentication purpose, would it be best if I made sure that [EMAIL PROTECTED] (my username I chose) be in the users file and also be granted privileges on the sql database (I chose to call it radius as well) 2.) When doing the radtest, would the proper syntax be radtest radius radiustest localhost 1645 baseball (with baseball being the shared secret also entered into the clients.conf file) or should there be quotes around the shared secret. My apologies for calling it a preshare key. This is an IPSec term that I have used for a few years. 3.) I have read documentation. I have bought the O'Reilly Book and read it. I have reinstalled my server and all to no avail. I appreciate the help you all give, but I am stuck. I am sure I overlooked the issue, but at this point, I cannot see it. Thanks again. Dwane From: Atkins, Dwane PSent: Sat 3/25/2006 11:34 AMTo: freeradius-users@lists.freeradius.orgSubject: Still having issue with radtest A couple questions I have not asked about this issue? Do both the [EMAIL PROTECTED] and localhost need access to the Sql database. I am at a loss as to why everytime I run this process, it tells me that I have an invalid preshare key. Do they preshare keys need to be in quotes. If I have a user called radius with a password of radiustest and my localhost preshare is BASEBALL, then would my syntax be, radtest radius radiustest localhost 1645 BASEBALL ? Or woudl I need to put quotes around the alpha characters. I cannot move on until I get this resolved obviously and I am not sure where to try. I can get issues resolved with the SQL portion, but to get it to see the local host, I am at a loss. If anyone can think of anything else I can possibly try, please let me know. If not, I appreciate all your efforts. Dwane- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html