Re: Access-Reject packet from host 127.0.0.1 port 1812, id=29, length=34
Hi, Hi, I am unable to locally authenticate a user from users file. Below is the log : what does the entry in your users file look like? alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Access-Reject packet from host 127.0.0.1 port 1812, id=29, length=34
No Worries .. I managed to get past the error. Actually, i was using a same username that was in my /etc/shadow . I renamed the user and it worked. Cheers On Sun, Mar 14, 2010 at 7:04 PM, Alan Buxey a.l.m.bu...@lboro.ac.uk wrote: Hi, Hi, I am unable to locally authenticate a user from users file. Below is the log : what does the entry in your users file look like? alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Access-Reject packet from host 127.0.0.1 port 1812, id=29, length=34
Hi, I am unable to locally authenticate a user from users file. Below is the log : Server : rad_recv: Access-Request packet from host 127.0.0.1 port 37881, id=29, length=57 User-Name = suman User-Password = hello NAS-IP-Address = 20x.20x.20x.20x NAS-Port = 0 +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = suman, looking up realm NULL [suffix] No such realm NULL ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[unix] returns updated [files] users: Matched entry suman at line 90 [files] expand: Hello, %{User-Name} - Hello, suman ++[files] returns ok ++[expiration] returns noop ++[logintime] returns noop ++[pap] returns updated Found Auth-Type = PAP +- entering group PAP {...} [pap] login attempt with password hello [pap] Using CRYPT encryption. [pap] Passwords don't match ++[pap] returns reject Failed to authenticate the user. Using Post-Auth-Type Reject +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} - suman attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 2 for 1 seconds Going to the next request Waking up in 0.10 seconds. Sending delayed reject for request 2 Sending Access-Reject of id 29 to 127.0.0.1 port 37881 Reply-Message = Hello, suman Waking up in 4.9 seconds. Cleaning up request 2 ID 29 with timestamp +164 Ready to process requests. Radtest sudo radtest suman hello 127.0.0.1 0 testing123 Log Sending Access-Request of id 203 to 127.0.0.1 port 1812 User-Name = suman User-Password = hello NAS-IP-Address = 204.232.205.196 NAS-Port = 0 rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=203, length=34 Reply-Message = Hello, suman Please let me know what i am doing wrong as i am a complete starter. Thanks and Regards Suman Dash - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Access-Reject packet from host 127.0.0.1 port 1812, id=29, length=34
On Sat, Mar 13, 2010 at 8:14 PM, Suman Dash sumand...@gmail.com wrote: +- entering group PAP {...} [pap] login attempt with password hello [pap] Using CRYPT encryption. [pap] Passwords don't match ++[pap] returns reject I don't think you used a crypt password in your users file - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Access-Reject packet from host 127.0.0.1 port 1812, id=29, length=34
No, The Password is in Cleartext. How do i disable / Enable the CRYPT password ? On Sun, Mar 14, 2010 at 1:45 AM, YvesDM ydm...@gmail.com wrote: On Sat, Mar 13, 2010 at 8:14 PM, Suman Dash sumand...@gmail.com wrote: +- entering group PAP {...} [pap] login attempt with password hello [pap] Using CRYPT encryption. [pap] Passwords don't match ++[pap] returns reject I don't think you used a crypt password in your users file - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Access-Reject packet from host 127.0.0.1 port 1812, id=29, length=34
On Sun, Mar 14, 2010 at 8:35 AM, Suman Dash sumand...@gmail.com wrote: No, The Password is in Cleartext. How do i disable / Enable the CRYPT password ? On the first day google was born http://www.mail-archive.com/freeradius-users@lists.freeradius.org/msg61708.html kind regards - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=227, length=20
Hello, I use freeradius 2.1.0 package from ubuntu server 9.10 with freeradius-mysql installed. But I've got error message when tested. What should I do ? r...@radius:/etc/freeradius# radtest user localhost 1812 testing123 Sending Access-Request of id 227 to 127.0.0.1 port 1812 User-Name = user User-Password = NAS-IP-Address = 192.168.0.3 NAS-Port = 1812 rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=227, length=20 Below freeradius log on var/log/freeradius/radius.log Thu Feb 11 10:31:02 2010 : Error: [sql] database query error, SELECT groupname FROM radusergroup WHERE username = 'user' ORDER BY priority: Table 'radius.radusergroup' doesn't exist Thu Feb 11 10:31:02 2010 : Error: [sql] Error retrieving group list Thu Feb 11 10:31:02 2010 : Error: [sql] Error processing groups; rejecting user Thank You Teguh Kurniawan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Sending Access-Request of id 42 to 10.0.6.29 port 1812 User-Name = test User-Password = testing123 NAS-IP-Address = 10.30.1.104 NAS-Port = 1812 rad_recv: Access-Reject packet from host 10.0.6.29 p
hello! now i have this. i hope this time your answerme!!1 Sending Access-Request of id 42 to 10.0.6.29 port 1812 User-Name = test User-Password = testing123 NAS-IP-Address = 10.30.1.104 NAS-Port = 1812 rad_recv: Access-Reject packet from host 10.0.6.29 port 1812, id=42, length=88 State = 0xb58bf2bf2470c7b33a07ab72ff21378e Message-Authenticator = 0x53f17e1045e6a2f65d3a3f48704ea2c9 ¿? could you help me -- -- Silvero Martin - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Sending Access-Request of id 42 to 10.0.6.29 port 1812 User-Name = test User-Password = testing123 NAS-IP-Address = 10.30.1.104 NAS-Port = 1812 rad_recv: Access-Reject packet from host 10.0.6.
hi, you need to look at the debug log for the RADIUS server which lives at 10.0.6.29 as that is the thing doing the rejecting! alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Sending Access-Request of id 42 to 10.0.6.29 port 1812 User-Name = test User-Password = testing123 NAS-IP-Address = 10.30.1.104 NAS-Port = 1812 rad_recv: Access-Reject packet from host 10.0.6.
Martin Silvero wrote: now i have this. i hope this time your answerme!!1 Why? Is there some kind of contractual obligation requiring people here to respond? Sending Access-Request of id 42 to 10.0.6.29 http://10.0.6.29 port 1812 User-Name = test User-Password = testing123 NAS-IP-Address = 10.30.1.104 http://10.30.1.104 NAS-Port = 1812 rad_recv: Access-Reject packet from host 10.0.6.29 http://10.0.6.29 port 1812, id=42, length=88 State = 0xb58bf2bf2470c7b33a07ab72ff21378e Message-Authenticator = 0x53f17e1045e6a2f65d3a3f48704ea2c9 The RADIUS server isn't FreeRADIUS. Go ask the RADIUS server vendor what's going on. Don't be surprised if they ask for money before answering your questions. Questions about other RADIUS servers don't belong on this list. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Sending Access-Request of id 42 to 10.0.6.29 port 1812 User-Name = test User-Password = testing123 NAS-IP-Address = 10.30.1.104 NAS-Port = 1812 rad_recv: Access-Reject packet from host 10.0.6.
preacct {...} for more modules to load Thu Aug 14 17:36:15 2008 : Debug: (Loaded rlm_acct_unique, checking if it's valid) Thu Aug 14 17:36:15 2008 : Debug: Module: Linked to module rlm_acct_unique Thu Aug 14 17:36:15 2008 : Debug: Module: Instantiating acct_unique Thu Aug 14 17:36:15 2008 : Debug: acct_unique { Thu Aug 14 17:36:15 2008 : Debug: key = User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port Thu Aug 14 17:36:15 2008 : Debug: } Thu Aug 14 17:36:15 2008 : Debug: Module: Checking accounting {...} for more modules to load Thu Aug 14 17:36:15 2008 : Debug: (Loaded rlm_detail, checking if it's valid) Thu Aug 14 17:36:15 2008 : Debug: Module: Linked to module rlm_detail Thu Aug 14 17:36:15 2008 : Debug: Module: Instantiating detail Thu Aug 14 17:36:15 2008 : Debug: detail { Thu Aug 14 17:36:15 2008 : Debug: detailfile = /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d Thu Aug 14 17:36:15 2008 : Debug: header = %t Thu Aug 14 17:36:15 2008 : Debug: detailperm = 384 Thu Aug 14 17:36:15 2008 : Debug: dirperm = 493 Thu Aug 14 17:36:15 2008 : Debug: locking = no Thu Aug 14 17:36:15 2008 : Debug: log_packet_header = no Thu Aug 14 17:36:15 2008 : Debug: } Thu Aug 14 17:36:15 2008 : Debug: Module: Instantiating attr_filter.accounting_response Thu Aug 14 17:36:15 2008 : Debug: attr_filter attr_filter.accounting_response { Thu Aug 14 17:36:15 2008 : Debug: attrsfile = /usr/local/etc/raddb/attrs.accounting_response Thu Aug 14 17:36:15 2008 : Debug: key = %{User-Name} Thu Aug 14 17:36:15 2008 : Debug: } Thu Aug 14 17:36:15 2008 : Debug: Module: Checking session {...} for more modules to load Thu Aug 14 17:36:15 2008 : Debug: Module: Checking post-proxy {...} for more modules to load Thu Aug 14 17:36:15 2008 : Debug: Module: Checking post-auth {...} for more modules to load Thu Aug 14 17:36:15 2008 : Debug: } Thu Aug 14 17:36:15 2008 : Debug: } Thu Aug 14 17:36:15 2008 : Debug: radiusd: Opening IP addresses and Ports Thu Aug 14 17:36:15 2008 : Debug: Listening on authentication address 10.30.1.104 port 1812 Thu Aug 14 17:36:15 2008 : Debug: Listening on accounting address 10.30.1.104 port 1813 Thu Aug 14 17:36:15 2008 : Debug: Listening on proxy address 10.30.1.104port 1814 Thu Aug 14 17:36:15 2008 : Debug: Ready to process requests. ok, and when i write : radtest test testing123 10.0.6.29 1812 testing123 i get: Sending Access-Request of id 74 to 10.0.6.29 port 1812 User-Name = test User-Password = testing123 NAS-IP-Address = 10.30.1.104 NAS-Port = 1812 rad_recv: Access-Reject packet from host 10.0.6.29 port 1812, id=74, length=88 State = 0xb58bf2bf2470c7b33a07ab72ff21378e Message-Authenticator = 0xbefeb88cc603cce206c6101378ca48b4 and to second alan, no understand very much you say. sorry my ingles, is not my lenguage native.. thanks for you time!!! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Sending Access-Request of id 42 to 10.0.6.29 port 1812 User-Name = test User-Password = testing123 NAS-IP-Address = 10.30.1.104 NAS-Port = 1812 rad_recv: Access-Reject packet from host 10.0.6.
Hi, hi ! to firts alan my server is 10.30.1.104 no 10.0.6.29 and when i write this: radiusd -i 10.30.1.104 -p 1812 -x -X : okay. your server is 10.30.1.104 ok, and when i write : radtest test testing123 10.0.6.29 1812 testing123 i get: do you know what that command means? you are sending a request for user 'test' with password 'testing123' to server 10.0.6.29 so WHAT is server 10.0.6.29 ? its certainly not the server you've just started. THAT server was 10.30.1.104 alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Sending Access-Request of id 42 to 10.0.6.29 port 1812 User-Name= test User-Password = testing123 NAS-IP-Address =10.30.1.104 NAS-Port = 1812 rad_recv: Access-Reject packet fromhost 10.0.6.29
hi ! to firts alan my server is 10.30.1.104 no 10.0.6.29 Fine. ok, and when i write : radtest test testing123 10.0.6.29 1812 testing123 So why are you sending the request to the wrong radius server? Read instructions how to use radtest again. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: access reject packet
i create a testuser by adding following to /etc/freeradius/users: lim User-Password == lim DEFAULT Auth-Type := sql Fall-Through := 1 and also change the shared radius secret for localhost in /etc/freeradius/clients.conf client 127.0.0.1 { secret = testing123nastype = other # localhost isn't usually a NAS... }but when i ran the radtest lim lim 127.0.0.1 0 testing123the access packet was rejected.any1 can show me the guide regarding this?thanks! - Original Message From: lim chee hong [EMAIL PROTECTED] To: freeradius-users@lists.freeradius.org Sent: Monday, September 3, 2007 11:37:25 AM Subject: access reject packet [EMAIL PROTECTED] raddb]# radtest lim lim localhost 1645 testing123 Sending Access-Request of id 194 to 127.0.0.1 port 1812 User-Name = lim User-Password = lim NAS-IP-Address = 255.255.255.255 NAS-Port = 1645 rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=194, length=20 this is the result when i ran my radtest for my freeradius 1.1.6 in fedora core 2. unfortunely i get the access reject packet for the result.i had edited in my radius.config and client.config but i think i did wrongly since i get the access rejected.anybody know how to solve this problem?where should i correct in the config file. thanks in advance for ur help.i'm new in freeradius and hope tat can seek the help from u all.once again thank you to u all. Send instant messages to your online friends http://uk.messenger.yahoo.com Send instant messages to your online friends http://uk.messenger.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: access reject packet
lim chee hong wrote: i create a testuser by adding following to */etc/freeradius/users:* lim User-Password == lim DEFAULT Auth-Type := sql That's wrong. See the FAQ. but when i ran the radtest lim lim 127.0..0.1 0 testing123 the access packet was rejected.any1 can show me the guide regarding this? The README, FAQ, INSTALL, etc. all document this. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: access reject packet
hi rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=194, length=20 you should also post the output of radius -X , the relevant contents of radius.conf, clients.conf, huntgroups and the users file. without these, it's very difficult to tell anything - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
access reject packet
[EMAIL PROTECTED] raddb]# radtest lim lim localhost 1645 testing123 Sending Access-Request of id 194 to 127.0.0.1 port 1812 User-Name = lim User-Password = lim NAS-IP-Address = 255.255.255.255 NAS-Port = 1645 rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=194, length=20 this is the result when i ran my radtest for my freeradius 1.1.6 in fedora core 2. unfortunely i get the access reject packet for the result.i had edited in my radius.config and client.config but i think i did wrongly since i get the access rejected.anybody know how to solve this problem?where should i correct in the config file. thanks in advance for ur help.i'm new in freeradius and hope tat can seek the help from u all.once again thank you to u all. Send instant messages to your online friends http://uk.messenger.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
attribute Password in an Access-Reject packet
Hy all, I am trying to include two pairs attribute/value in my Radius Response Packet. This is my code: ... pairadd(request-reply-vps, pairmake(Password, ***\n, T_OP_EQ)); pairadd (request-reply-vps, pairmake(Reply-Message, TID-2002, T_OP_EQ)); ... When I do some tests, I observe this: 1) If my radius Response Packet is an Access-Accept, the FreeRadius server sends: Received response ID 255, code 2, length = 71 User-Password = ***\n Reply-Message = TID-2002 2) If my radius Response Packet is an Access-Reject, the FreeRadius server sends: Received response ID 252, code 3, length = 30 Reply-Message = TID-2002 * Why the Password attribute does not appear in the Access-Reject packet? * Why does the Password attribute (in the Access-Accept packet) appear like User-Password? Thank you very much Susana __ LLama Gratis a cualquier PC del Mundo. Llamadas a fijos y móviles desde 1 céntimo por minuto. http://es.voice.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: attribute Password in an Access-Reject packet
Susana Macias wrote: * Why the Password attribute does not appear in the Access-Reject packet? User-Password is not permitted in Access-Rejects; see the RFC. * Why does the Password attribute (in the Access-Accept packet) appear like User-Password? That's how it's defined in the dictionary file. josh. Thank you very much Susana __ LLama Gratis a cualquier PC del Mundo. Llamadas a fijos y móviles desde 1 céntimo por minuto. http://es.voice.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: attribute Password in an Access-Reject packet
--- Josh Howlett [EMAIL PROTECTED] escribió: Susana Macias wrote: * Why the Password attribute does not appear in the Access-Reject packet? User-Password is not permitted in Access-Rejects; see the RFC. Yes, but in the RFC says that the User-Password attribute is only used in Access-Request packets. However I have been able to send it in an Access-Accept packet (this is why I asked) * Why does the Password attribute (in the Access-Accept packet) appear like User-Password? That's how it's defined in the dictionary file. And is there any form to send Password instead User-Password? Thanks again josh. Thank you very much Susana __ LLama Gratis a cualquier PC del Mundo. Llamadas a fijos y móviles desde 1 céntimo por minuto. http://es.voice.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html __ LLama Gratis a cualquier PC del Mundo. Llamadas a fijos y móviles desde 1 céntimo por minuto. http://es.voice.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: attribute Password in an Access-Reject packet
Susana Macias [EMAIL PROTECTED] wrote: Yes, but in the RFC says that the User-Password attribute is only used in Access-Request packets. However I have been able to send it in an Access-Accept packet (this is why I asked) It's not a good idea to send passwords in Access-Accept. Technically, the RFC's should have forbidden that, too. And is there any form to send Password instead User-Password? The names are unimportant. They both refer to the same attribute: number 2. The names are used only by the server. See man dictionary for details. Perhaps you could explain why you're sending the password in response packets, and why you think it's useful. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
In which point does the FR sever send the Access-Accept or Access-Reject packet?
Hy all,I have a doubt about when FreeRadius server decides to send an Access-Accept or an Access-Reject packet. When the authenticate module returns with a RLM_MODULE_REJECT, does the FR server send an Access-Reject packet? ordoes it occurlater? When the authenticate module returns with a RLM_MODULE_OK, does the FR server send the Access-Accept packet? ordoes it occurlater? Thanks in advance, Marta Correo Yahoo!Comprueba qué es nuevo, aquíhttp://correo.yahoo.es- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: In which point does the FR sever send the Access-Accept or Access-Reject packet?
Marta Lajas [EMAIL PROTECTED] writes: I have a doubt about when FreeRadius server decides to send an Access-Accept or an Access-Reject packet. When the authenticate module returns with a RLM_MODULE_REJECT, does the FR server send an Access-Reject packet? or does it occur later? When the authenticate module returns with a RLM_MODULE_OK, does the FR server send the Access-Accept packet? or does it occur later? You can find the answers in src/main/modcall.c. The default authenticate actions are: { MOD_ACTION_RETURN, /* reject */ 1, /* fail */ MOD_ACTION_RETURN, /* ok */ MOD_ACTION_RETURN, /* handled */ 1, /* invalid */ MOD_ACTION_RETURN, /* userlock */ MOD_ACTION_RETURN, /* notfound */ 1, /* noop */ 1 /* updated */ }, Which means that both RLM_MODULE_REJECT and RLM_MODULE_OK will cause an immediate return action without calling any further modules in the authenticate section. Note that these actions may be modified by redundant or append module grouping, or even configured on code by code basis. See doc/configurable_failover The modules in postauth will of course still be called before sending Access-Reject or Access-Accept. Bjørn - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: In which point does the FR sever send the Access-Accept or Access-Reject packet?
Marta Lajas [EMAIL PROTECTED] wrote: I have a doubt about when FreeRadius server decides to send an Access-Accept or an Access-Reject packet. Why ask the list when you can run it yourself and see? When the authenticate module returns with a RLM_MODULE_REJECT, does the FR server send an Access-Reject packet? or does it occur later? Yes. It *may* occur later because of reject_delay. See radiusd.conf. When the authenticate module returns with a RLM_MODULE_OK, does the FR server send the Access-Accept packet? or does it occur later? Yes. And it's sent immediately. I can't help but think these questions are *not* the questions you want answered. What problem are you trying to solve? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Access-Reject packet from host 127.0.0.1:1812
Hi all, I am a complete newbie with radius. I have try to configure freeradius on fedora core 3 to authenticates against unix password /etc/passwd, /etc/shadow, but seem to be fail until now.. can any want pls guide me though this.. Besides, pls advice me if i doing anything wrong. My installation step:- 1) install freeradius using apt-get command:- = [EMAIL PROTECTED] ~]# apt-get install freeradius = 2) As i go though the doc, the default seem to be ok.., so i just start the services:- = [EMAIL PROTECTED] ~]# /etc/init.d/radiusd start Starting RADIUS server:[ OK ] [EMAIL PROTECTED] ~]# = 3) add a dummy user and assigh a password to user dummy:- = [EMAIL PROTECTED] ~]# adduser dummy [EMAIL PROTECTED] ~]# passwd dummy Changing password for user dummy. New UNIX password: testing BAD PASSWORD: it is based on a dictionary word Retype new UNIX password: testing passwd: all authentication tokens updated successfully. [EMAIL PROTECTED] ~]# = 4) testing to autheticate the user dummy:- = [EMAIL PROTECTED] ~]# radtest dummy testing localhost:1812 1 testing123 Sending Access-Request of id 251 to 127.0.0.1:1812 User-Name = dummy User-Password = testing NAS-IP-Address = cerebro.osedge.com NAS-Port = 1 Re-sending Access-Request of id 251 to 127.0.0.1:1812 User-Name = dummy User-Password = \271g\343\034{~\235\364M\344ID%\345\021j NAS-IP-Address = cerebro.osedge.com NAS-Port = 1 rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=251, length=20 [EMAIL PROTECTED] ~]# = The output of /var/log/radius/radius.log = [EMAIL PROTECTED] radius]# tail -f /var/log/radius/radius.log Thu Jul 28 03:54:16 2005 : Info: rlm_exec: Wait=yes but no output defined. Did you mean output=none? Thu Jul 28 03:54:16 2005 : Info: Ready to process requests. Thu Jul 28 03:55:38 2005 : Info: Using deprecated naslist file. Support for this will go away soon. Thu Jul 28 03:55:38 2005 : Info: rlm_exec: Wait=yes but no output defined. Did you mean output=none? Thu Jul 28 03:55:38 2005 : Info: Ready to process requests. Thu Jul 28 03:55:42 2005 : Info: Using deprecated naslist file. Support for this will go away soon. Thu Jul 28 03:55:42 2005 : Info: rlm_exec: Wait=yes but no output defined. Did you mean output=none? Thu Jul 28 03:55:42 2005 : Info: Ready to process requests. Thu Jul 28 03:55:45 2005 : Auth: rlm_unix: [dummy]: invalid password Thu Jul 28 03:56:25 2005 : Auth: rlm_unix: [dummy]: invalid password Thu Jul 28 03:56:37 2005 : Auth: rlm_unix: [dummy]: invalid password = output of the command radiusd -X = Starting - reading configuration files ... reread_config: reading radiusd.conf Config: including file: /etc/raddb/proxy.conf Config: including file: /etc/raddb/clients.conf Config: including file: /etc/raddb/snmp.conf Config: including file: /etc/raddb/eap.conf Config: including file: /etc/raddb/sql.conf main: prefix = /usr main: localstatedir = /var main: logdir = /var/log/radius main: libdir = /usr/lib main: radacctdir = /var/log/radius/radacct main: hostname_lookups = no main: max_request_time = 30 main: cleanup_delay = 5 main: max_requests = 1024 main: delete_blocked_requests = 0 main: port = 0 main: allow_core_dumps = no main: log_stripped_names = no main: log_file = /var/log/radius/radius.log main: log_auth = no main: log_auth_badpass = no main: log_auth_goodpass = no main: pidfile = /var/run/radiusd/radiusd.pid main: user = radiusd main: group = radiusd main: usercollide = no main: lower_user = no main: lower_pass = no main: nospace_user = no main: nospace_pass = no main: checkrad = /usr/sbin/checkrad main: proxy_requests = yes proxy: retry_delay = 5 proxy: retry_count = 3 proxy: synchronous = no proxy: default_fallback = yes proxy: dead_time = 120 proxy: post_proxy_authorize = yes proxy: wake_all_if_all_dead = no security: max_attributes = 200 security: reject_delay = 1 security: status_server = no main: debug_level = 0 read_config_files: reading dictionary read_config_files: reading naslist Using deprecated naslist file. Support for this will go away soon
Re: Access-Reject packet from host 127.0.0.1:1812
Hi, BAD PASSWORD: it is based on a dictionary word I hope you dont let folk SSH into this box :-) [EMAIL PROTECTED] ~]# radtest dummy testing localhost:1812 1 testing123 Sending Access-Request of id 251 to 127.0.0.1:1812 User-Name = dummy User-Password = testing NAS-IP-Address = cerebro.osedge.com NAS-Port = 1 Re-sending Access-Request of id 251 to 127.0.0.1:1812 User-Name = dummy User-Password = \271g\343\034{~\235\364M\344ID%\345\021j NAS-IP-Address = cerebro.osedge.com NAS-Port = 1 rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=251, length=20 from a quick look att he logs, it looks as if the FreeRADIUS process is unable to read your /etc/passwd file alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Access-Reject packet from host 127.0.0.1:1812
3. Re: Access-Reject packet from host 127.0.0.1:1812 -- Message: 3 Date: Wed, 27 Jul 2005 21:34:01 +0100 From: [EMAIL PROTECTED] Subject: Re: Access-Reject packet from host 127.0.0.1:1812 To: FreeRadius users mailing list freeradius-users@lists.freeradius.org Message-ID: [EMAIL PROTECTED] Content-Type: text/plain; charset=us-ascii Hi, BAD PASSWORD: it is based on a dictionary word I hope you dont let folk SSH into this box :-) [EMAIL PROTECTED] ~]# radtest dummy testing localhost:1812 1 testing123 Sending Access-Request of id 251 to 127.0.0.1:1812 User-Name = dummy User-Password = testing NAS-IP-Address = cerebro.osedge.com NAS-Port = 1 Re-sending Access-Request of id 251 to 127.0.0.1:1812 User-Name = dummy User-Password = \271g\343\034{~\235\364M\344ID%\345\021j NAS-IP-Address = cerebro.osedge.com NAS-Port = 1 rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=251, length=20 from a quick look att he logs, it looks as if the FreeRADIUS process is unable to read your /etc/passwd file alan Hi Alan, i have do some chown on the shadow file and everything seem to be work fine.. Thank you very much for your advices.. check the below output:- == [EMAIL PROTECTED] ~]# radtest dummy testing localhost:1812 1 testing123 Sending Access-Request of id 226 to 127.0.0.1:1812 User-Name = dummy User-Password = testing NAS-IP-Address = cerebro.osedge.com NAS-Port = 1 rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=226, length=20 [EMAIL PROTECTED] ~]# == Best Regards, -- Peter Cheng Chief Technical Officer Open Source Edge O.S. Edge Sdn Bhd Mobile: +6.012.4766.202 Office: +6.03.4023.0337/8337 Fax : +6.03.4023.2337 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
rad_recv: Access-Reject packet
Hi, I installed the freeRADIUS on my RedHat7.3 it was successfully installed and when i am trying using radtes in root mode. it is working very well. My problem is, i add new user in users file like : bob Auth-Type:=EAP,User-Password == test but when i am trying to radtes it is not working and i am getting the message: [EMAIL PROTECTED] root]# radtest boo test localhost 0 testing123 Sending Access-Request of id 125 to 127.0.0.1:1812 User-Name = boo User-Password = test NAS-IP-Address = localhost.localadmin NAS-Port = 0 rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=125, length=20 If anyone can help me or redirect me any usefull URL i willbe really thank full. __ Do you Yahoo!? Yahoo! Mail - Find what you need with new enhanced search. http://info.mail.yahoo.com/mail_250 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: rad_recv: Access-Reject packet
- Original Message - From: Abdul Lateef [EMAIL PROTECTED] To: freeradius-users@lists.freeradius.org Sent: Sunday, February 20, 2005 10:52 AM Subject: rad_recv: Access-Reject packet My problem is, i add new user in users file like : bob Auth-Type:=EAP,User-Password == test [EMAIL PROTECTED] root]# radtest boo test localhost 0 testing123 Sending Access-Request of id 125 to 127.0.0.1:1812 User-Name = boo User-Password = test If you have 'bob' in your users file but used 'boo' instead, then, you will surely get an Access-Reject message. Do another radtest as below: radtest bob test localhost 0 testing123 Or else post the unedited debug (radiusd -X) Goodluck! __ Do you Yahoo!? Yahoo! Mail - Find what you need with new enhanced search. http://info.mail.yahoo.com/mail_250 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html __ Do you Yahoo!? Yahoo! Mail - Find what you need with new enhanced search. http://info.mail.yahoo.com/mail_250 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html