I think it tells you in your debug what the problem is Gahn: Found Auth-Type = Local WARNING: Please update your configuration, and remove 'Auth-Type = Local'
--- On Sun, 19/9/10, gahn <ipfr...@yahoo.com> wrote: From: gahn <ipfr...@yahoo.com> Subject: still not working (newbie for radius) To: freeradius-users@lists.freeradius.org Date: Sunday, 19 September, 2010, 22:35 Hi all: I apologize for the emails for such simple issue...:) it is still not working. I have done all of your guys advised and tried to read through the documents, but...:( here is my "client.conf" file: client 192.168.255.138 { secret = testing123 nastype = juniper } for my "users" file: bob Auth-Type := Local User-Password = "bob", Juniper-Local-User-Name = "labrat" I started radius with "radiusd -X" and also started tcpdump process. here is what i got from freerediaus debugging: rad_recv: Access-Request packet from host 192.168.255.138 port 54462, id=202, length=57 User-Name = "bob" User-Password = "bob" NAS-Identifier = "lab-r8" NAS-IP-Address = 150.150.0.1 +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "bob", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[unix] returns notfound [files] users: Matched entry bob at line 1 ++[files] returns ok ++[expiration] returns noop ++[logintime] returns noop [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop Found Auth-Type = Local WARNING: Please update your configuration, and remove 'Auth-Type = Local' WARNING: Use the PAP or CHAP modules instead. No "known good" password was configured for the user. As a result, we cannot authenticate the user. Failed to authenticate the user. Using Post-Auth-Type Reject +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} -> bob attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 0 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 0 Sending Access-Reject of id 202 to 192.168.255.138 port 54462 Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 192.168.255.138 port 54462, id=202, length=57 Sending duplicate reply to client r8 port 54462 - ID: 202 Sending Access-Reject of id 202 to 192.168.255.138 port 54462 Waking up in 2.9 seconds. Cleaning up request 0 ID 202 with timestamp +11 rad_recv: Access-Request packet from host 192.168.255.138 port 54462, id=202, length=57 User-Name = "bob" User-Password = "bob" NAS-Identifier = "lab-r8" NAS-IP-Address = 150.150.0.1 +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "bob", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[unix] returns notfound [files] users: Matched entry bob at line 1 ++[files] returns ok ++[expiration] returns noop ++[logintime] returns noop [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop Found Auth-Type = Local WARNING: Please update your configuration, and remove 'Auth-Type = Local' WARNING: Use the PAP or CHAP modules instead. No "known good" password was configured for the user. As a result, we cannot authenticate the user. Failed to authenticate the user. Using Post-Auth-Type Reject +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} -> bob attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 1 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 1 Sending Access-Reject of id 202 to 192.168.255.138 port 54462 Waking up in 4.9 seconds. Cleaning up request 1 ID 202 with timestamp +18 Ready to process requests. for tcpdump: 17:07:11.998936 IP 192.168.255.138.54462 > 192.168.255.128.radius: RADIUS, Access Request (1), id: 0xca length: 57 17:07:14.999487 IP 192.168.255.138.54462 > 192.168.255.128.radius: RADIUS, Access Request (1), id: 0xca length: 57 Interestingly, I only saw 'Access Request" came in, but I didn't see Access Reject messages. any help would be greatly appreciated. gahn - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html