Re: authentication problem with mysql integration

[Peter Nixon]

On Tue 07 Aug 2007, ram wrote:
> > Those messages seem pretty clear to me.  Have you verified the secret is
> > the
> > same?
>
> yes i verified the secret is the same

yes, but unfortunately the code has verified that it is not...

-- 

Peter Nixon
http://peternixon.net/
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: authentication problem with mysql integration

[tnt]

If your secret is the same than your MD5 libraries are broken. It's far
more likely that secret is wrong. Type it in clients.conf again.

Ivan Kalik
Kalik Informatika ISP


Dana 7/8/2007, "ram" <[EMAIL PROTECTED]> piše:

>>
>> Those messages seem pretty clear to me.  Have you verified the secret is
>> the
>> same?
>
>
>
>yes i verified the secret is the same
>
>ram
>
>

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: authentication problem with mysql integration

[A . L . M . Buxey]

Hi,

> yes i verified the secret is the same

the shared secret is not the same OR it needs to be escaped in '' quotes

alan
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: authentication problem with mysql integration

[ram]

>
> Those messages seem pretty clear to me.  Have you verified the secret is
> the
> same?



yes i verified the secret is the same

ram
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: authentication problem with mysql integration

[Kevin Bonner]

On Tuesday 07 August 2007 12:08:07 ram wrote:
> rad_verify: Received Access-Reject packet from client x.x.x.x port 1812
> with invalid signature (err=2)!  (Shared secret is incorrect.)
...
>   WARNING: Unprintable characters in the password. ?  Double-check the
> shared secret on the server and the NAS!
...
> any suggestions.
>
> ram

Those messages seem pretty clear to me.  Have you verified the secret is the 
same?

-Kevin


signature.asc
Description: This is a digitally signed message part.
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

authentication problem with mysql integration

[ram]

I have installed freeradius-1.1.6

configured as mentioned

http://wiki.freeradius.org/SQL_HOWTO

when i do test


radtest 12345 12345 x.x.x.x  1645 secret
Sending Access-Request of id 2 to x.x.x.x port 1812
User-Name = "12345"
User-Password = "12345"
NAS-IP-Address = 255.255.255.255
NAS-Port = 1645
rad_recv: Access-Reject packet from host x.x.x.x:1812, id=2, length=20
rad_verify: Received Access-Reject packet from client x.x.x.x port 1812 with
invalid signature (err=2)!  (Shared secret is incorrect.)


rad_recv: Access-Request packet from host x.x.x.x:32772, id=2, length=57
User-Name = "12345"
User-Password = "\234\312\252Q\312\261\202\354\227X\364A\271\277"
NAS-IP-Address = 255.255.255.255
NAS-Port = 1645
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 9
  modcall[authorize]: module "preprocess" returns ok for request 9
  modcall[authorize]: module "chap" returns noop for request 9
  modcall[authorize]: module "mschap" returns noop for request 9
  modcall[authorize]: module "digest" returns noop for request 9
rlm_realm: No '@' in User-Name = "12345", looking up realm NULL
rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 9
radius_xlat:  '12345'
rlm_sql (sql): sql_set_user escaped user --> '12345'
radius_xlat:  'SELECT id, UserName, Attribute, Value, op   FROM
radcheck   WHERE Username = '12345'   ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 1
radius_xlat:  'SELECT radgroupcheck.id,radgroupcheck.GroupName,
radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op  FROM
radgroupcheck,usergroup WHERE usergroup.Username = '12345' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat:  'SELECT id, UserName, Attribute, Value, op   FROM
radreply   WHERE Username = '12345'   ORDER BY id'
radius_xlat:  'SELECT radgroupreply.id,radgroupreply.GroupName,
radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op  FROM
radgroupreply,usergroup WHERE usergroup.Username = '12345' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql (sql): Released sql socket id: 1
rlm_sql (sql): No matching entry in the database for request from user
[12345]
  modcall[authorize]: module "sql" returns notfound for request 9
modcall: leaving group authorize (returns ok) for request 9
auth: No authenticate method (Auth-Type) configuration found for the
request: Rejecting the user
auth: Failed to validate the user.
  WARNING: Unprintable characters in the password. ?  Double-check the
shared secret on the server and the NAS!
Delaying request 9 for 1 seconds
Finished request 9
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 2 to x.x.x.x port 32772
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 9 ID 2 with timestamp 46b896e7
Nothing to do.  Sleeping until we see a request.



any suggestions.

ram
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html