Re : Re: Re : Re: Re : Re: Freeradius2 configuration challenges ( Binding IP address & failure of radtest
Thanks John for being so helpful ! I will try to check evrything and review the recommended website Have a great day ! Al - Message d'origine - De: John Dennis Date: Vendredi, 16 Octobre 2009, 8:02 Objet: Re: Re : Re: Re : Re: Freeradius2 configuration challenges ( Binding IP address & failure of radtest À: FreeRadius users mailing list > On 10/15/2009 10:22 PM, adai...@vl.videotron.ca wrote: > > Hi Everyone > > I think I am getting ahead but now I got the following error: > > > > [pap] WARNING! No "known good" password found for the > user. Authentication may fail because of this. > > ++[pap] returns noop > > No authenticate method (Auth-Type) configuration found for the > request: Rejecting the user > > Failed to authenticate the user. > > > > > > I was just trying to setup PAP (testuser) on the radius > > > > Would you know what the error could be ? > > You have to configure FreeRADIUS to tell it where to find users > and > their passwords. Are they in the FreeRADIUS users file? Are they > system > users with login accounts? Are they in an ldap directory? Are > they in a > SQL database? > > If you're trying to just confirm PAP is working then have you > read and > followed the example here: > > http://deployingradius.com/documents/configuration/pap.html > > BTW, deployingradius.com is the only other web site besides the > FreeRADIUS site and it's wiki that is recommended because it's > run by > Alan DeKok the principal developer of FreeRADIUS. Other web > sites tend > to have out of date information or erroneous information. > > Also, note that the users file is read upon server start up, if > you > modify the users file (or any other file read by the server) > you'll have > to restart the server to see the change. There are other ways to > get the > server to reload it's files but since you're new to this we're > going to > keep it simple. As a side note, one advantage of using LDAP or > SQL as > your backend data source is you can add, remove, and edit the > data in > the backend and the FreeRADIUS server will immediately see the > change > without having to do anything special, thus you can immediately > see one > disadvantage of user data stored in files as opposed to a > dynamic backend. > > -- > John Dennis > > Looking to carve out IT costs? > www.redhat.com/carveoutcosts/ > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Re : Re: Re : Re: Freeradius2 configuration challenges ( Binding IP address & failure of radtest
On 10/15/2009 10:22 PM, adai...@vl.videotron.ca wrote: Hi Everyone I think I am getting ahead but now I got the following error: [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop No authenticate method (Auth-Type) configuration found for the request: Rejecting the user Failed to authenticate the user. I was just trying to setup PAP (testuser) on the radius Would you know what the error could be ? You have to configure FreeRADIUS to tell it where to find users and their passwords. Are they in the FreeRADIUS users file? Are they system users with login accounts? Are they in an ldap directory? Are they in a SQL database? If you're trying to just confirm PAP is working then have you read and followed the example here: http://deployingradius.com/documents/configuration/pap.html BTW, deployingradius.com is the only other web site besides the FreeRADIUS site and it's wiki that is recommended because it's run by Alan DeKok the principal developer of FreeRADIUS. Other web sites tend to have out of date information or erroneous information. Also, note that the users file is read upon server start up, if you modify the users file (or any other file read by the server) you'll have to restart the server to see the change. There are other ways to get the server to reload it's files but since you're new to this we're going to keep it simple. As a side note, one advantage of using LDAP or SQL as your backend data source is you can add, remove, and edit the data in the backend and the FreeRADIUS server will immediately see the change without having to do anything special, thus you can immediately see one disadvantage of user data stored in files as opposed to a dynamic backend. -- John Dennis Looking to carve out IT costs? www.redhat.com/carveoutcosts/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Re : Re: Re : Re: Freeradius2 configuration challenges ( Binding IP address & failure of radtest
> Hi Everyone > I think I am getting ahead but now I got the following error: > > [pap] WARNING! No "known good" password found for the user. > Authentication may fail because of this. > ++[pap] returns noop > No authenticate method (Auth-Type) configuration found for the request: > Rejecting the user > Failed to authenticate the user. > > > I was just trying to setup PAP (testuser) on the radius > > Would you know what the error could be ? Where is your password supposed to be? Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re : Re: Re : Re: Freeradius2 configuration challenges ( Binding IP address & failure of radtest
Hi Everyone I think I am getting ahead but now I got the following error: [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop No authenticate method (Auth-Type) configuration found for the request: Rejecting the user Failed to authenticate the user. I was just trying to setup PAP (testuser) on the radius Would you know what the error could be ? Thx - Message d'origine - De: adai...@vl.videotron.ca Date: Mercredi, 14 Octobre 2009, 21:16 Objet: Re : Re: Re : Re: Freeradius2 configuration challenges ( Binding IP address & failure of radtest À: FreeRadius users mailing list > Thanks John for your patience ! > I appreciate your explanation and will double check everything > > Al > > - Message d'origine - > De: John Dennis > Date: Mercredi, 14 Octobre 2009, 16:19 > Objet: Re: Re : Re: Freeradius2 configuration challenges ( > Binding IP address & failure of radtest > À: FreeRadius users mailing list us...@lists.freeradius.org> > > On 10/14/2009 03:45 PM, adai...@vl.videotron.ca wrote: > > > Thanks John for the quick reply on my questions, > > > > > > I already checked on Red_Hat_FAQ and I have not seen any > > answers to my challenges ! > > > > Did you read the section" > > How do I start and stop the FreeRADIUS service? > > > > Because it's obvious you've got two radius servers running. > You > > can't > > have the radius server running as a daemon *and* run another > > copy in the > > foreground with -X. If you want to run a copy in the > foreground > > you > > *must* stop any existing copies from running first. The only > way > > you can > > have another copy running is if you enabled the service for > boot > > start > > up with chkconfig or manually started it with > /usr/sbin/service > > or your > > manually executed /usr/sbin/radiusd. > > > > -- > > John Dennis > > > > Looking to carve out IT costs? > > www.redhat.com/carveoutcosts/ > > - > > List info/subscribe/unsubscribe? See > > http://www.freeradius.org/list/users.html > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re : Re: Re : Re: Freeradius2 configuration challenges ( Binding IP address & failure of radtest
Thanks John for your patience ! I appreciate your explanation and will double check everything Al - Message d'origine - De: John Dennis Date: Mercredi, 14 Octobre 2009, 16:19 Objet: Re: Re : Re: Freeradius2 configuration challenges ( Binding IP address & failure of radtest À: FreeRadius users mailing list > On 10/14/2009 03:45 PM, adai...@vl.videotron.ca wrote: > > Thanks John for the quick reply on my questions, > > > > I already checked on Red_Hat_FAQ and I have not seen any > answers to my challenges ! > > Did you read the section" > How do I start and stop the FreeRADIUS service? > > Because it's obvious you've got two radius servers running. You > can't > have the radius server running as a daemon *and* run another > copy in the > foreground with -X. If you want to run a copy in the foreground > you > *must* stop any existing copies from running first. The only way > you can > have another copy running is if you enabled the service for boot > start > up with chkconfig or manually started it with /usr/sbin/service > or your > manually executed /usr/sbin/radiusd. > > -- > John Dennis > > Looking to carve out IT costs? > www.redhat.com/carveoutcosts/ > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html