Hi All!
I'm trying to set up a radius server to guide our users network usage.
We have wifi as well, so i want to expand it to the wifi as well
(using WPA2 Enterprise). To autenticate users connecting the network
by ethernet cable, i use the latest coovachilli.
I've set up radius and coovachilli
Tekán Dávid wrote:
Don't want to store cleartext password, so i created for every user an
NT-Password as well beyond the MD5-Password, and it appears in the sql
database as well (also checked the queries when it queries the
rad_check table, it's there in the response as well).
You need to
noop
ERROR: No authenticate method (Auth-Type) found for the request:
Rejecting the user
The details in below mails.
Regards,
Charles
Forwarded conversation
Subject: *Authentication failure issue*
From: *fieldpeak* fieldp...@gmail.com mailto:fieldp...@gmail.com
,
Charles
Forwarded conversation
Subject: *Authentication failure issue*
From: *fieldpeak* fieldp...@gmail.com mailto:fieldp...@gmail.com
Date: 2011/8/4
To: freeradius-users@lists.freeradius.org
mailto:freeradius-users@lists.freeradius.org
Dear Friends
The details in below mails.
Regards,
Charles
Forwarded conversation
Subject: *Authentication failure issue*
From: *fieldpeak* fieldp...@gmail.com
mailto:fieldp...@gmail.com mailto:fieldp...@gmail.com
the user
The details in below mails.
Regards,
Charles
Forwarded conversation
Subject: *Authentication failure issue*
From: *fieldpeak* fieldp...@gmail.com
mailto:fieldp...@gmail.com mailto:fieldp
Hi,
User-Password = ?\210\365@\263\t\306\343\243iT?\311C\t\002
incorrect shared secret...and the radius -X log will show that too - with info
saying to check the shared secret
I take it your radiusclient and freeradius are running on the same box
- which is why you are only using
: No authenticate method (Auth-Type) found for the request:
Rejecting the user
The details in below mails.
Regards,
Charles
Forwarded conversation
Subject: *Authentication failure issue*
From
] returns noop
ERROR: No authenticate method (Auth-Type) found for the request:
Rejecting the user
The details in below mails.
Regards,
Charles
Forwarded conversation
Subject: *Authentication failure issue
] returns noop
ERROR: No authenticate method (Auth-Type) found for the request: Rejecting
the user
The details in below mails.
Regards,
Charles
Forwarded conversation
Subject: Authentication failure issue
From: *fieldpeak* fieldp...@gmail.com
Date: 2011/8/4
To: freeradius-users
Jenny Liew wrote:
However, when I tried to run radlogin command, i kept getting this
output on my client side;
What is radlogin ?
when I run radexample, I did get successful authentication with the
username and password. However, when i tried to run radacct, my client
seems that stop
radlogin command, i kept getting this output on
my client side;
Radius: authentication failure
local: authentication failure
when I run radexample, I did get successful authentication with the username
and password. However, when i tried to run radacct, my client seems that
stop working until i
Hi,
I am using freeradius-server-2.1.4. I changed only the below files
Users
iss Auth-Type := Local, User-Password == iss123
Clients.conf
client 13.0.0.5 {
secret = AricentRadius
shortname = fs
nastype = other
With the above changes I am getting error marked RED . Please help
Am 21.07.2009 um 11:04 schrieb Vamsi Krishna Valiveti:
Hi,
I am using freeradius-server-2.1.4. I changed only the below files
Users
iss Auth-Type := Local, User-Password == iss123
Try to use
Cleartext-Password := iss123
Passwords must be assigned ( := ) not compared ( == ).
Also
Hi,
I am using freeradius-server-2.1.4. I changed only the below files
Users
iss Auth-Type := Local, User-Password == iss123
dont set Auth-Type and change the Password entry. should be
iss Cleartext-Password := iss123
alan
-
List info/subscribe/unsubscribe? See
Problem solved! It was a routing problem... the APs are on a different
subnet as the RADIUS server. Their default gateways were set to the correct
host, that's why they could talk to the RADIUS server. The problem is, that
recently we added a ppp connection to the server, which overwrote the
It's getting even more interesting: using the same configuration, but with
another access point (same model and firmware version): works flawlessly.
There are only two differences between the setups:
- In the test environment, the AP is located near to the test machine (it
was placed about 5-6
2009/6/11 Matthieu Lazaro matthieu.laz...@eservglobal.com
!
eap profile Profile Name
method mschapv2
!
I don't have the lines above in my config. Does this have any influence on
the way the AP proxies radius packets? I think, this is only relevant if the
AP authenticates using its own
2009/6/10 Diego Martín Capello di...@ccc.uba.ar
Hi alan,
Hi,
self-signed are perfectly fine - but you need to ensure that the CA
used is installed onto the client!
you should *never* run an EAP client without certificate validation
I agree with you, but this is only for testing
kissg a écrit :
It really is an AP issue. Using another AP (SMC WEBT-G) with the same
Radius config works... Both Windows XP and Ubuntu connects
successfully, no matter if I set certificate validation on or off...
Anyway, there are two EAP setting which is supported by the Cisco AP:
Open
Hi,
It really is an AP issue. Using another AP (SMC WEBT-G) with the same Radius
config works... Both Windows XP and Ubuntu connects successfully, no matter
if I set certificate validation on or off... Anyway, there are two EAP
setting which is supported by the Cisco AP: Open mode with EAP,
I'm not able to do that now. I only saw two interesting things in the
output: a warning message about the LDAP directory, but that's okay, because
there are no clear text passwords, only NT-hashed ones. The output tells me,
that the user is authorized for access.
Then, the EAP conversation starts,
kissg wrote:
I'm not able to do that now. I only saw two interesting things in the
output: a warning message about the LDAP directory, but that's okay,
because there are no clear text passwords, only NT-hashed ones. The
output tells me, that the user is authorized for access.
Then, the EAP
The strange thing is, that the same happens, if I try to connect from the
Ubuntu client. I've set the AP to WPA-PSK now, but it would be nice if we
could use PEAP, as it is more secure (security plays an important role on
this network, as there is a hotspot system configured on these APs). The
kissg wrote:
The strange thing is, that the same happens, if I try to connect from
the Ubuntu client. I've set the AP to WPA-PSK now, but it would be nice
if we could use PEAP, as it is more secure (security plays an important
role on this network, as there is a hotspot system configured on
Follow the instructions on my web site: http://deployingradius.com
It has a step by step guide to get EAP working. Follow the guide. It
*will* work.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
Thanks, I'm going to try it. Anyway, I
@lists.freeradius.org]
On Behalf Of kissg
Sent: Wednesday, June 10, 2009 10:12 AM
To: FreeRadius users mailing list
Subject: Re: Authentication failure - PEAP - MS-CHAPv2
Follow the instructions on my web site: http://deployingradius.com
It has a step by step guide to get EAP working. Follow
Follow the instructions on my web site: http://deployingradius.com
It has a step by step guide to get EAP working. Follow the guide. It
*will* work.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
Thanks, I'm going to try it. Anyway, I
Hi,
I think you are using sef-signed ssl certificates in the freeradius server
and the windows XP client is trying to validate them; if that is right
try to configure windows xp client to not to validate them. Best regards
and sorry for my english!
self-signed are perfectly fine - but you
Hi alan,
Hi,
self-signed are perfectly fine - but you need to ensure that the CA
used is installed onto the client!
you should *never* run an EAP client without certificate validation
I agree with you, but this is only for testing purposes. Each client is
responsible for the configuration
Dear List,
I'm having a strange issue with FreeRADIUS 2.1.4, using a configuration with
the following items:
- Cisco Aironet 1130AG access point
- Ubuntu-based server with FreeRADIUS and OpenLDAP
- Client machines (Windows XP SP2, Ubuntu 9.04)
The issue I have is, that I don't get a response
I'm having a strange issue with FreeRADIUS 2.1.4, using a configuration
with
the following items:
- Cisco Aironet 1130AG access point
- Ubuntu-based server with FreeRADIUS and OpenLDAP
- Client machines (Windows XP SP2, Ubuntu 9.04)
The issue I have is, that I don't get a response from
Hi,
Iam trying to understand CHALLENGE RESPONSE behaviour. I have tried to
use CHAP protocol and issued the following.
echo 'User-Name=userX'; echo 'CHAP-Password=stealme' |
/usr/local/bin/radclient -x 192.168.11.94:1812 auth testing12
It gives me the following error:
User-Name=userX
Sending
Sudarshan Soma wrote:
Hi,
Iam trying to understand CHALLENGE RESPONSE behaviour. I have tried to
use CHAP protocol and issued the following.
echo 'User-Name=userX'; echo 'CHAP-Password=stealme' |
/usr/local/bin/radclient -x 192.168.11.94:1812 auth testing12
It gives me the following
Thanks a lot Alan. It worked.
(echo 'User-Name=userX'; echo 'CHAP-Password=secretpass') |
/usr/local/bin/radclient -x 192.168.11.94:1812 auth testing123
Sending Access-Request of id 85 to 192.168.11.94 port 1812
User-Name = userX
CHAP-Password =
Hi,
I'm using Freeradius 1.1.6 inside a Solaris 10 zone and compiled
it from vanilla sources. I configured rlm_ldap since the
usernames and cleartext-passwords are stored in an LDAP
directory and it works just fine for applications like Cisco-VPN
or 802.1X EAP-TTLS. Now I wanted to set up the
1. Secret is different (probability 99%)
2. MD5 libraries on the client or the server are broken
I would delete the secret on the server and the client and type in
another one. If that doesn't work then you will need to fix the MD5
calculations. If it's the server you will get this problem with
Thanks Alan . I did EAP and telnet works fine!I have set up the freeradius and using lotus notes LDAP I am able to get authenticated for a TELNET session with CISCO 2950.However in the same setup when I try to get the port authenticated for the WinXP client
using EAP-MD5 it is being rejected Help
Abey Thomas [EMAIL PROTECTED] wrote:
However in the same setup when I try to get the port authenticated for the
WinXP client
using EAP-MD5 it is being rejected
You've listed ldap before eap in the authorize section. Don't
do that. The default config has them in the other order for a
Hi all,I am facing problems with Ldap and freeradius on RedHat
linux AS 4. I can sucessfully authenticate with windows xp machines
with freeradius local users file and md5 using cisco 2950. Radtest
is successful for the ldapusers, but the radius -X shows rlm_ldap:
Attribute User-Password is
Abey Thomas [EMAIL PROTECTED] wrote:
I am facing problems with Ldap and freeradius on RedHat linux AS 4. I can
sucessfully authenticate with windows xp machines with freeradius local
users file and md5 using cisco 2950. Radtest is successful for the
ldapusers, but the radius -X shows
hi everybody, i'm using debian sarge kernel 2.6.13, openssl 0.9.8a, hostapd
0.5.1, freeradius 1.0.5, madwifi-ng-r1406, i want to use eap-tls in my wlan
and over my own ap over linux. so i can install and configure all programs
(except hostapd, so instead compile myself i installed it from .deb
here is [most] of the -X -A output
rlm_eap: EAP packet type response id 4 length 192
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module eap returns updated for request 4
modcall: group authorize returns updated for request 4
rad_check_password:
Jon [EMAIL PROTECTED] wrote:
rlm_eap: EAP/mschapv2
rlm_eap: processing type mschapv2
ERROR: Unknown value specified for Auth-Type. Cannot perform
requested action.
You deleted the mschap entry from the authenticate section.
Don't do that. The default configuration works.
Hi ,
I am trying to do PEAP MSCHAPv2 authentication. I am using
FreeRADIUS version 1.1.0 on Suse 9.0 and WinXP as the Suplicant. When I
select Automatically use my Windows Logon name and password
(and domain if any) in the network properties, WinXP tries to login as
domain-name\\user-name. I
Sayantan Bhowmick wrote:
Hi ,
I am trying to do PEAP MSCHAPv2 authentication. I am using
FreeRADIUS version 1.1.0 on Suse 9.0 and WinXP as the Suplicant. When I
select Automatically use my Windows Logon name and password
(and domain if any) in the network properties, WinXP tries to login as
Thanks. That helps. It is working now.
Regards,
-Sayantan.
On Mon, Jan 23, 2006 at 5:45 pm, in message
[EMAIL PROTECTED],
[EMAIL PROTECTED] wrote:
Sayantan Bhowmick wrote:
Hi ,
I am trying to do PEAP MSCHAPv2 authentication. I am using
FreeRADIUS version 1.1.0 on Suse 9.0 and WinXP as
On Wed, 2005-10-19 at 19:28 -0400, Alan DeKok wrote:
+-+-+---+--++
| id | UserName| Attribute | Value| op |
+-+-+---+--++
| 376 | [EMAIL PROTECTED] | User-Password | password | == |
On Thu, 2005-10-20 at 09:17 +0200, Luca Corti wrote:
On Wed, 2005-10-19 at 19:28 -0400, Alan DeKok wrote:
+-+-+---+--++
| id | UserName| Attribute | Value| op |
+-+-+---+--++
| 376
On Tuesday 18 October 2005 18:10, Luca Corti wrote:
Hello,
I've setup a simple freeradius server to authenticate two local realms,
one stripped (no @realm suffix, let's call it myrealm) and the other
with @suffix (let's call it otherrealm.com). I use the rlm_sql module to
auth against a
On Wed, 2005-10-19 at 00:10 +0200, Luca Corti wrote:
I've done further debugging on this with 'radiusd -X', here's what I
get:
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
modcall[authorize]: module chap returns noop for request 1
On Wed, 2005-10-19 at 17:34 -0400, Kevin Bonner wrote:
Run in debug mode. Look at the queries that are being run and try to run
them
by hand to see what is returned by MySQL. Without more debug output, it is
difficult to know what is happening.
Please see the debug output I've just
Luca Corti [EMAIL PROTECTED] wrote:
mysql SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE
Username = '[EMAIL PROTECTED]' ORDER BY id;
+-+-+---+--++
| id | UserName| Attribute | Value| op |
Hello,
I've setup a simple freeradius server to authenticate two local realms,
one stripped (no @realm suffix, let's call it myrealm) and the other
with @suffix (let's call it otherrealm.com). I use the rlm_sql module to
auth against a MySQL backend.
I'm using radtest to do inital server testing
Alan DeKok wrote:
dilip simha [EMAIL PROTECTED] wrote:
i have problems using chap with my radius server(FreeRADIUS Version
1.0.4). please help me out..
my users file on radius server:
simha Auth-Type := CHAP , CHAP-Password == hello
This is wrong. Use User-Password := ..., not
hi,
i have problems using chap with my radius server(FreeRADIUS Version
1.0.4). please help me out..
my users file on radius server:
simha Auth-Type := CHAP , CHAP-Password == hello
on the packet from radclient:
User-Name = simha , CHAP-Password =
40c567281480e959747ddd9ea7589015 ,
dilip simha [EMAIL PROTECTED] wrote:
i have problems using chap with my radius server(FreeRADIUS Version
1.0.4). please help me out..
my users file on radius server:
simha Auth-Type := CHAP , CHAP-Password == hello
This is wrong. Use User-Password := ..., not CHAP-Password == ...
57 matches
Mail list logo
