Thanks for your usual indulgence and assistance, Alan and all. Much appreciated.
I did the hopelessly illogical thing of testing it from an actual NAS
associated with the proxy. The home server, which had been returning those
rejects thus far, now accepted the user without fuss. Must be somethi
rlm_pap(5).
Without full debug logs, it's impossible to tell much more.
Matthew
>
> From: Matthew Newton
> To: FreeRadius users mailing list
> Sent: Friday, 3 May 2013 6:21 PM
> Subject: Re: Proxy Treatment of PAP/Chap Auth Types
>
Prashant Abhang wrote:
> I faced the same issue. I am using sql for storing user password. For
> solving issue I changed the password type from 'Cleartext-Password' to
> User-Password and it worked for me.
>
> But as you said, there is no difference and User-Password is deprecated.
> So what woul
James T Mugauri wrote:
> We have 2 RADIUS installations, thus:
> 1. FreeRADIUS/mysql Version 2.1.1, in whose radcheck, Password attribute
> is 'User-Password'
Change that to Cleartext-Password.
> 2. FreeRADIUS/mysql Version 2.1.10, in whose radcheck, Password
> attribute is 'Cleartext-Password'
the reason for the above issue?
Thanks & Regards,
Prashant
From: Matthew Newton
To: FreeRadius users mailing list
Sent: Friday, 3 May 2013 6:21 PM
Subject: Re: Proxy Treatment of PAP/Chap Auth Types
On Fri, May 03, 2013 at 04:46:27AM +0200, J
On Fri, May 03, 2013 at 04:46:27AM +0200, James T Mugauri wrote:
> attributes so: radtest -t iS_u2h4gna a2uwv localhost 1812
...
> [chap] login attempt by "iS_u2h4gna" with CHAP password
> [chap] Using clear text password "uz3f9" for user iS_u2h4gna authentication.
> [chap] Password check failed
.
Hi,
Hope someone can give me a pointer on this matter.
We have 2 RADIUS installations, thus:
1. FreeRADIUS/mysql Version 2.1.1, in whose radcheck, Password attribute
is 'User-Password'
2. FreeRADIUS/mysql Version 2.1.10, in whose radcheck, Password
attribute is 'Cleartext-Password'
On both f
Ramakrishna wrote:
> Could you please let me know the exact configuration changes which are to be
> done for this?
See the FAQ for examples.
This is documented.
> I have done what you told in default configuration file in
> raddb/sites-enabled directory. But I didnt see any change in the way
this message in context:
http://freeradius.1045715.n5.nabble.com/Authenticating-using-own-method-instead-of-standard-methos-like-PAP-CHAP-e-t-c-tp5713584p5713586.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http
Ramakrishna wrote:
> I have created one new module for my purpose and I have defined new methods
> for each function like authorizing, accounting and authenticating. When my
> server receives accounting request, accounting method in my module is being
> called but that is not happening in case of a
.
Thanks.
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Authenticating-using-own-method-instead-of-standard-methos-like-PAP-CHAP-e-t-c-tp5713584.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http
Thanks Nick, will have a look .
Ken if you crack it please share the doc.
Cheers,
Neo
On Thu, Mar 17, 2011 at 12:45 AM, Nick Owen wrote:
> In Wed, Mar 16, 2011 at 10:21 AM, Kenneth Marshall wrote:
>> On Wed, Mar 16, 2011 at 06:19:08PM +0530, pradyumna dash wrote:
>>> Hi,
>>>
>>> Need a doc/poi
In Wed, Mar 16, 2011 at 10:21 AM, Kenneth Marshall wrote:
> On Wed, Mar 16, 2011 at 06:19:08PM +0530, pradyumna dash wrote:
>> Hi,
>>
>> Need a doc/pointer on FreeRadius+OpenLDAP+Mobile-OTP configuration, I
>> would be implementing this in a SuSE server.
>>
>> Can any one help me how to do it?
>>
On Wed, Mar 16, 2011 at 06:19:08PM +0530, pradyumna dash wrote:
> Hi,
>
> Need a doc/pointer on FreeRadius+OpenLDAP+Mobile-OTP configuration, I
> would be implementing this in a SuSE server.
>
> Can any one help me how to do it?
>
> Regards,
> Neo
I thought there was a link to a how-to for this
Hi,
Need a doc/pointer on FreeRadius+OpenLDAP+Mobile-OTP configuration, I
would be implementing this in a SuSE server.
Can any one help me how to do it?
Regards,
Neo
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Thanks for the feedback,
We have made contact with the NAS 'provider' and requested they resolve
the issue by replacing the string "void" with nothing. As the passed
string is the 'cause' of the problem we would rather them fix it than we
try and hack around it.
If these errors keep persisti
Hi,
> WARNING: Please update your configuration, and remove 'Auth-Type = Local'
> WARNING: Use the PAP or CHAP modules instead.
i'd follow that advice. FR knows what to do when it sees suitable things.
anyway, the 'void' is being sent by the NAS - and its being sent CHAP'd too
can your kit not d
Greetings all,
Instead of auth'ing a user on the 'User-Name' / 'Cleartext-Password'
method we are using the 'Caller-Station-Id' with a blank password.
...
# /etc/freeradius/sql/mysql/dialup.conf
sql_user_name = "%{Calling-Station-Id}"
...
We are using a mysql backend
Here are a few challenge
[EMAIL PROTECTED] wrote:
> Sorry, wasn't intentional. Someone set CHAP to a group which was assigned
> to all users. I've changed the group "Auth-Type := LOCAL", and everything
> is working now.
Until someone tries to use MSCHAP.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://w
> [EMAIL PROTECTED] wrote:
>> Here's the debug info when PAP is requested against same password:
>
> You are forcing "Auth-Type := CHAP", even when the user isn't doing
> CHAP.
>
> STOP IT.
>
> The server comes configured to work, and to do CHAP only when
> necessary. Stop breaking the serve
[EMAIL PROTECTED] wrote:
> Here's the debug info when PAP is requested against same password:
You are forcing "Auth-Type := CHAP", even when the user isn't doing
CHAP.
STOP IT.
The server comes configured to work, and to do CHAP only when
necessary. Stop breaking the server.
Alan DeKok
> [EMAIL PROTECTED] wrote:
>> Both PAP and CHAP modules are enabled in radiusd.conf. And you're
>> right, there is no authenticate_query in sql.conf.
>>
>> Being in clear text, when authentication by CHAP is requested, it's
>> fine.
>> But when PAP is requested against the same password, I get:
>>
"Thor Spruyt" <[EMAIL PROTECTED]> wrote:
> Here's something I find rather strange:
> In postgresql.conf you can change the authenticate_query:
> authenticate_query = "SELECT Value,Attribute FROM ${authcheck_table}
It's old, and now deleted.
Alan DeKok.
-
List info/subscribe/unsubscr
[EMAIL PROTECTED] wrote:
> Both PAP and CHAP modules are enabled in radiusd.conf. And you're
> right, there is no authenticate_query in sql.conf.
>
> Being in clear text, when authentication by CHAP is requested, it's
> fine.
> But when PAP is requested against the same password, I get:
>
> rlm
> [EMAIL PROTECTED] wrote:
>> Using FreeRadius v1.0.0-pre3 with MySQL v4.0.16.
>>
>> Given the password is stored in clear text, is there a way to
>> authenticate both PAP or CHAP against the same password?
>
> According to me, that's what it does by default.
> Check that the modules are enabled in
[EMAIL PROTECTED] wrote:
> Using FreeRadius v1.0.0-pre3 with MySQL v4.0.16.
>
> Given the password is stored in clear text, is there a way to
> authenticate both PAP or CHAP against the same password?
According to me, that's what it does by default.
Check that the modules are enabled in radiusd.co
Using FreeRadius v1.0.0-pre3 with MySQL v4.0.16.
Given the password is stored in clear text, is there a way to authenticate
both PAP or CHAP against the same password?
In radiusd.conf, modules pap, I've tried "encryption_scheme = clear", but
didn't notice any difference.
*
to be.
**
- Original Message -
From: "Milver S. Nisay" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, April 20, 2004 12:34 PM
Subject: Re: PAP/CHAP
> > I was told that FreeRadius can answer PAP/CHAP at the same
> > time that it didn't
to the next request
Thread 1 waiting to be assigned a request
rad_recv: Access-Request packet from host 65.169.xxx.x:1645, id=110,
length=191
Sending Access-Reject of id 110 to 65.169.xxx.x:1645
- Original Message -
From: "Milver S. Nisay" <[EMAIL PROTECTED]>
To: <[EMA
So where in the radiusd.conf do I tell it to do this?
In the users file I have this and I'm sure this could be causing part of our
problem.
Might be wrong to have two default, does it need to be other?
DEFAULT Auth-Type = System
Fall-Through = 1
DEFAULT Auth-Type = Local
Fall-Through = 1
DEFAU
> I was told that FreeRadius can answer PAP/CHAP at the same
> time that it didn't care.
Yes, freeradius does not care what authentication request are coming in,
whether PAP/CHAP or system authenticated
accounts. If freeradius was configured properly, it will reply as it was
tasked to
I hope I can type this so everyone understands.
Now that I have our freeradius 0.9.3 running and working with
mySQL 4.0.18 I have a question I hope can be answered.
I was told that FreeRadius can answer PAP/CHAP at the same
time that it didn't care.
The problem I'm having is if a use
32 matches
Mail list logo
