Daniele Albrizio wrote:
> Ways I use to implement this results in ambiguous "Invalid user" or
> "Login incorrect" misleading messages in radius.log .
Well, rejecting users means that something is invalid or incorrect.
> Users are in effect valid and correct, but their equipment is not.
>
> Doe
I recently set up a banned mac address database to reject authentication
from proved compromised clients.
I'd like to have a significant record in freeradius logfile for
connection debugging reasons.
Ways I use to implement this results in ambiguous "Invalid user" or
"Login incorrect" misleading
I have specified Calling-Station-Id
in the radcheck table along with the Username/Password entry.
Fra:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] På vegne av Garber, Neal
Sendt: 13. november 2006 15:36
Til: FreeRadius users mailing list
Emne: RE: Reject reason
>I
>I am authenticating users based on
Calling-Station-Id in addition to password.
>All accepts and rejects are logged
to the postauth table in my database.
Using what type of
authentication? Are you really checking Calling-Station-Id during authenticate
or are you checking it during a
=?iso-8859-1?Q?J=F8rn_Kost=F8l_Gundersen?= <[EMAIL PROTECTED]> wrote:
> But I cannot see why the user got rejected, if it was wrong
> Calling-Station-Id or wrong password.
There are any number of reasons why a user may be rejected. Logging
all of them is problematic, especially when the user is
I am authenticating users based on Calling-Station-Id
in addition to password. All accepts and rejects are logged to the postauth table
in my database.
But I cannot see why the user got rejected, if it was
wrong Calling-Station-Id or wrong password.
Any ideas?
Cheers,
Jørn
6 matches
Mail list logo