l walk-through of
the code.
> If we assign the callback function as NULL then we are able to set the
> User-Password in Proxy EAP-PEAP_GTC.
> But the access challenge thrown by Radius server is never sent back to
> client.
>
> The modified rlm_eap_gtc.c is attached for your
also added the following functions in rlm_eap_gtc file
static int gtc_postproxy(EAP_HANDLER *handler, void *tunnel_data)
3. If we try to add callback for post proxy in gtc_authenticate() function its
start crashing.
If we assign the callback function as NULL then we are able to set the
U
Sankalp Dubey wrote:
> Can you please provide some pointers on where to carry out code change to
> achieve this.
Well... looking at the EAP-GTC code would be a good start.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
@lists.freeradius.org]
On Behalf Of Alan DeKok
Sent: Tuesday, May 07, 2013 7:07 PM
To: FreeRadius users mailing list
Subject: Re: Free radius as Proxy EAP-PEAP-GTC User-Password is never set
Sankalp Dubey wrote:
> Can you please help out how to achieve it
Code changes.
> or else you can
Sankalp Dubey wrote:
> Can you please help out how to achieve it
Code changes.
> or else you can point out what's wrong in our configuration.
If it was possible via a configuration change, I would have told you.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/
iling list
Subject: Re: Free radius as Proxy EAP-PEAP-GTC User-Password is never set
Sankalp Dubey wrote:
> Is EAP-PEAP-GTC User-Password is set while using Free Radius as a proxy?
No. The GTC password isn't copied to User-Password when proxying.
It probably wouldn't be
Sankalp Dubey wrote:
> Is EAP-PEAP-GTC User-Password is set while using Free Radius as a proxy?
No. The GTC password isn't copied to User-Password when proxying.
It probably wouldn't be hard to do, though.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freera
Le 24/01/2013 16:17, a.l.m.bu...@lboro.ac.uk a écrit :
Hi,
A little question, when i run freeradius in debug mode ( freeradius -XX),
ii can't see the User-Password!
what method are you using? looks like EAP - in which case , depending on the
phase2 method used, you might not
Framed-User
EAP-Message = 0x0201001a01756e69762d6c696c6c65332e6672406372752e6672
User-Name = "univ-lille3...@cru.fr"
NAS-Port = 61847
This attibute must be displayed?
No: there is no User-Password. This is an EAP request. Credentials are
sent inside the EAP-Message a
Service-Type = Framed-User
> EAP-Message = 0x0201001a01756e69762d6c696c6c65332e6672406372752e6672
> User-Name = "univ-lille3...@cru.fr"
> NAS-Port = 61847
>
>
> This attibute must be displayed?
No: there is no User-Password. This is an EAP request. Credentials are
sent inside the EAP-Message attrib
Hi,
>A little question, when i run freeradius in debug mode ( freeradius -XX),
>ii can't see the User-Password!
what method are you using? looks like EAP - in which case , depending on the
phase2 method used, you might not see a user-password - for example PEAP (well,
PEAP
Hello,
A little question, when i run freeradius in debug mode ( freeradius
-XX), ii can't see the User-Password!
Sending Access-Request of id 167 to 195.220.94.130 port 1812
NAS-Port-Id = "AP41/1"
Calling-Station-Id = "74-2F-68-ED-12-1C"
Called-Statio
On 06/18/2012 01:25 PM, Matthew Newton wrote:
Hi,
On Mon, Jun 18, 2012 at 12:53:52PM +0200, Veselin Mijuskovic wrote:
and without salt) and for that reason I need a password supplied
from the Radius client in cleartext.
You're using EAP-TTLS/MD5. Why do you think there is going to be a
clear
Veselin Mijuskovic wrote:
> However, when everything is set up, somehow '%{User-Password}' or
> '%{Cleartext-Password}' (I've tried them both) does not expand to
> anything when executing ntlm_auth authentication and my script always
> rejects the user.
Hi,
On Mon, Jun 18, 2012 at 12:53:52PM +0200, Veselin Mijuskovic wrote:
> and without salt) and for that reason I need a password supplied
> from the Radius client in cleartext.
You're using EAP-TTLS/MD5. Why do you think there is going to be a
cleartext password anywhere in that request?
Change
MS-CHAP doesn't send a password; it's a challenge/response
authentication type, that requires the server to have access to the
plaintext password, NT hash, or an oracle. See here:
http://deployingradius.com/documents/protocols/compatibility.html
http://deployingradius.com/documents/protocols/or
Antonio Modesto wrote:
> I am migrating my freeradius to freeradius 2.x, so time ago Alan told me
> to change the User-Password to Cleartext-Password. Is there anything
> more that I need to change in my schema to migrate to 2.x version?
You need to migrate your configuration gradu
Hi,
I am migrating my freeradius to freeradius 2.x, so time ago Alan told me
to change the User-Password to Cleartext-Password. Is there anything
more that I need to change in my schema to migrate to 2.x version?
Thanks.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list
IMHO this question should be on freeradius-users, so moving it there.
On Sun, Apr 1, 2012 at 8:30 AM, Oliver wrote:
> Hi everybody,
>
> I use FreeRADIUS Version 2.1.10 on Debian with OpenVPN and
> xl2tp/openswan and the rlm_sql module. I want to use the user password
> in
On Thu, Feb 23, 2012 at 12:47 PM, Listas Angelo
wrote:
> Hello,
>
> I have a environment with this situation, follow my confs:
I don't think that just having the columns in the sql table is enough.
You probably have a custom setup of some sort ! :) Using == as
operator seems to have solved my iss
eeradius.org]
Em nome de S Adrian
Enviada em: quarta-feira, 22 de fevereiro de 2012 18:57
Para: freeradius-users@lists.freeradius.org
Assunto: again .. mac based auth + user/password for pppoe
Hey again,
I've searched the list for my old conversation here but couldn't find
it .. still.
> No. See "man unlang" for the meaning of the operators. You did NOT
> configure a check against a specific MAC. You used ":=" instead of "=="
Damn, thanks again, noted on my wiki so I won't forget the next time.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
S Adrian wrote:
> You'll notice that even though I added in radcheck Calling-Station-Id
> to be 11:22:33:44:55:66,
> trying with radclient got me accepted ( even though I specified
> 11:22:33:44:55:77 )
No. See "man unlang" for the meaning of the operators. You did NOT
configure a check agains
PPPoE ~ # cat dexter | radclient -x 127.0.0.1 auth r4d1usP4ssw0rd
Sending Access-Request of id 61 to 127.0.0.1 port 1812
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = "dexter"
User-Password = "250896"
Calling-Station-Id = &
Yannick Barbeaux wrote:
> I have read in the messages archive that I should
> "replace in your configuration (either user file or database) all
> occurrences of "User-Password" with "Cleartext-Password"."
*AND* change == to :=
> Yet in my DB,
7; sections of /etc/freeradius/sites-available/default )
When I test with the following command:
root@my-machine:~# radtest sqltest testpwd localhost 1812 testing123
Sending Access-Request of id 116 to 127.0.0.1 port 1812
User-Name = "sqltest"
User-Password = "testpwd"
this message in context:
http://freeradius.1045715.n5.nabble.com/How-to-subsiture-an-user-password-tp5129699p5130067.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
> I have WiFi NAS tat sends me the mac address in both username and password,
> but my ldap has all mac addresses as uid with the same fixed password, where
> and how could I subsitute the password ?
just use the uid as the User-Password. so you are almost there, however
>
ste...@martolvan.is wrote:
> I have WiFi NAS tat sends me the mac address in both username and password,
> but my ldap has all mac addresses as uid with the same fixed password, where
> and how could I subsitute the password ?
Don't. Change the LDAP module so that it doesn't set Auth-Type.
Inst
nse {
attrsfile = "/etc/raddb/attrs.accounting_response"
key = "%{User-Name}"
}
Module: Checking session {...} for more modules to load
Module: Checking post-proxy {...} for more modules to load
Module: Checking post-auth {...} for more modules to load
}
ra
Wednesday, April 13, 2011 1:09 AM
To: Carl Anderson
Subject: Re: EAP-PEAP-GTC User-Password never set
Carl Anderson wrote:
> So far the PEAP tunnel is created without a problem, but when it enters
the
> EAP/gtc phase 2 it seems to only populate the User-Name attribute. The
> User-Pa
Carl Anderson wrote:
> So far the PEAP tunnel is created without a problem, but when it enters the
> EAP/gtc phase 2 it seems to only populate the User-Name attribute. The
> User-Password, Secret, PIN, and Offset values all expand as empty. As a
> result, phase 2 GTC authentication f
ed without a problem, but when it enters the
EAP/gtc phase 2 it seems to only populate the User-Name attribute. The
User-Password, Secret, PIN, and Offset values all expand as empty. As a
result, phase 2 GTC authentication fails because the gtc module says it
needs a Cleartext-Password. I feel as
4. März 2011 11:12
> An: freeradius-users@lists.freeradius.org
> Betreff: Re: Riverbed console authentication, encrypted User-Password
>
> Hi,
>
> > I have been asked if our Riverbed console users can also be
> authenticated through freeRadius. Riverbed has RiOS running
hat easy (is it ever?).
>
> rad_recv: Access-Request packet from host 10.1.1.27 port 9538, id=37,
> length=71
> User-Name = "username"
> User-Password = "/\227\334\377\374\302\343\204\345\001'O\227"
> NAS-Identifier = "webasd&
(is it ever?).
rad_recv: Access-Request packet from host 10.1.1.27 port 9538, id=37, length=71
User-Name = "username"
User-Password = "/\227\334\377\374\302\343\204\345\001'O\227"
NAS-Identifier = "webasd"
NAS-Port = 8
Hello,
I just solved it with sql trigger.
When a new user is created on other table, same user/password is inserted in
radcheck table with auth-Type and other static variables.
If password change occurs in other table, it updates radcheck table password
field too.
Thank you all for help.
On
> > But for radcheck, i need to add attribute and value fields as i see.
> > How can i check just username and password from one table, and check other
> > attributes (AuthType etc) from another??
>
> Write an SQL function.
Or use the group functionality. That is, use
authorize_check_query
Oguzhan Kayhan wrote:
> As i noticed (i might be wrong), there is only one setting for
> authcheck_table.
> My username and passwords are in a table that i shouldnt change its structure.
Yes, that was clear from your previous message.
> But for radcheck, i need to add attribute and value field
On Thursday, December 02, 2010 08:39:18 am Alan DeKok wrote:
> Oguzhan Kayhan wrote:
> > Hello,
> > I want to use freeradius for wireless authentication.
> > I got an already installed mysql server, and some tables including
> > usernames and passwords.
> > I want to use this user/passwords with fr
Oguzhan Kayhan wrote:
> Hello,
> I want to use freeradius for wireless authentication.
> I got an already installed mysql server, and some tables including usernames
> and passwords.
> I want to use this user/passwords with freeradius.
> How can it be possible?
Yes. Edit the queries in raddb/s
Hello,
I want to use freeradius for wireless authentication.
I got an already installed mysql server, and some tables including usernames
and passwords.
I want to use this user/passwords with freeradius.
How can it be possible?
I will create a radius table to keep logs etc, but just to use user/pa
returns noop
> ++[logintime] returns noop
> ++[pap] returns updated
> rad_check_password: Found Auth-Type
> !!!
>
> !!!Replacing User-Passw
: Found Auth-Type
!!!
!!!Replacing User-Password in config items with
Cleartext-Password. !!!
!!!
!!! Please update your configuration so that
David Peterson wrote:
> Is there a limit to the length of the user password?
128 characters.
> I have a client
> trying to connect via EAP-TTLS with the password quikynikinyoky (yeah
> strange default password eh) but I get a “Wrong MSCHAPv2 response”. If
> I change it to a sh
Is there a limit to the length of the user password? I have a client trying
to connect via EAP-TTLS with the password quikynikinyoky (yeah strange
default password eh) but I get a "Wrong MSCHAPv2 response". If I change it
to a short one, unl0ck, it works.The username is macaddr...
Aaron Jansen wrote:
>> For a user FreeRADIUS should check the user name, password, and the MAC
>> address. The MAC address can be one of many in a list stored in a
>> database. So, this is not about a single user logging in on only one
>> device.
Edit the SQL queries. They're text in a config
On Thu, 2010-07-08 at 16:21 +0200, Aaron Jansen wrote:
> Dear all,
>
> I would like to do the following:
>
> For a user FreeRADIUS should check the user name, password, and the MAC
> address. The MAC address can be one of many in a list stored in a
> database. So, this is not about a single user
John McDonnell wrote:
> Just a quick question, I'm planning on adding a machine_name field to the
> MAC address table in addition to the MAC addresses to make maintaining the
> list (adding and removing MAC addresses with new machines coming in and
> old ones going out) easier. Is there anything el
> -Original Message-
> From: Alan DeKok
> Sent: Thursday, July 08, 2010 10:26 AM
> Aaron Jansen wrote:
> > For a user FreeRADIUS should check the user name, password, and the
> > MAC address. The MAC address can be one of many in a list stored in
> > a database. So, this is not about a sing
Aaron Jansen wrote:
> For a user FreeRADIUS should check the user name, password, and the MAC
> address. The MAC address can be one of many in a list stored in a
> database. So, this is not about a single user logging in on only one
> device.
>
> I have taken a look at the rad(group)check table,
Dear all,
I would like to do the following:
For a user FreeRADIUS should check the user name, password, and the MAC
address. The MAC address can be one of many in a list stored in a
database. So, this is not about a single user logging in on only one
device.
I have taken a look at the rad(group
Craig Campbell wrote:
> I have a requirement for 'authentication' via LDAP. Only a
> User-Name is passed to freeradius.
> The requirement is to perform an LDAP lookup, and if the user exists,
> return a couple of other values in the LDAP database for that user.
> If the user does not exist, r
Sorry, just saw a mistake in the test command I posted - correction below..
Hi,
I have a requirement for 'authentication' via LDAP. Only a User-Name is
passed to freeradius.
The requirement is to perform an LDAP lookup, and if the user exists, return a
couple of other values in the LDAP d
Hi,
I have a requirement for 'authentication' via LDAP. Only a User-Name is
passed to freeradius.
The requirement is to perform an LDAP lookup, and if the user exists, return a
couple of other values in the LDAP database for that user.
If the user does not exist, reject.
I have the LDAP
VU VAN HUNG wrote:
> How do I make NAS send User-Password or CHAP-Password attribute ?
Read the NAS documentation.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
szymon roczniak wrote:
In order to have PAP or CHAP working you need your NAS to send either
User-Password or CHAP-Password attribute. If you look at your log file again
you'll see that both the pap and the chap module return noop, this is because
these attributes are not present in the
columns' name in radius database, so users could connect
> to wireless network successfully. But I still dont know how to configure
> Radius Server using PAP and CHAP instead of EAP, because I explore my
In order to have PAP or CHAP working you need your NAS to send either
User-Passwor
szymon roczniak wrote:
On Thu, Apr 22, 2010 at 05:38:04PM +0700, VU VAN HUNG wrote:
szymon roczniak wrote:
On Thu, Apr 22, 2010 at 04:50:50PM +0700, VU VAN HUNG wrote:
I know, but in the output, I see the following lines:
*sql] expand: %{User-Password} ->
[sql] exp
On Thu, Apr 22, 2010 at 05:38:04PM +0700, VU VAN HUNG wrote:
> szymon roczniak wrote:
> > On Thu, Apr 22, 2010 at 04:50:50PM +0700, VU VAN HUNG wrote:
> I know, but in the output, I see the following lines:
>
> *sql] expand: %{User-Password} ->
> [sql] expand: %{
( '%{User-Name}',
'%{%{User-Password}:-%{Chap-Password}}',
'%{reply:Packet-Type}', '%S') -> INSERT INTO
radpostauth (username, pass, reply,
VALUES
> ( '%{User-Name}',
> '%{%{User-Password}:-%{Chap-Password}}',
> '%{reply:Packet-Type}', '%S') -> INSERT INTO
> radpostauth (usernam
Hi all,
This is my first post. I'm trying to make a AAA server based on
freeRadius and MySQL. After I configure radius server and run server in
debug mode, I get some problem with rlm_sql about User-Password and
Chap-Password. It seems that the server can't expand User-Password
Hi,
> oh great i compiled the latest => and tryed new configuration great , it
> works with my client wired
>
> Thank u so much
congratulations - and thanks.
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
oh great i compiled the latest => and tryed new configuration great , it
works with my client wired
Thank u so much
2010/3/3 omega bk
> yeah i really messed things up.
>
> i got my radius from apt-get
>
> i downloaded from source the latest version.
> i removed the odl one with apt-get remo
yeah i really messed things up.
i got my radius from apt-get
i downloaded from source the latest version.
i removed the odl one with apt-get remove freeradius
i did a dpkg-bildpackage -b -uc but messd in:
/home/omega/freeradius-server-2.1.8/src/main/modules.c:1358: undefined
reference to `lt_prel
Hi,
> i use ubuntu as radius server
> all configuration file is under /etc/freeradius/*
>
> as client i use winxp wired without certificate. just EAP-MSCHAP v2 as
> authentication method.
>
> in my users file i put one user like this:
> ##
> linatestAuth-Type
omega bk wrote:
> hi alan, thanks for your help.
>
> i use ubuntu as radius server
> all configuration file is under /etc/freeradius/*
>
> as client i use winxp wired without certificate. just EAP-MSCHAP v2 as
> authentication method.
>
> in my users file i put one user like this:
>
hi alan, thanks for your help.
i use ubuntu as radius server
all configuration file is under /etc/freeradius/*
as client i use winxp wired without certificate. just EAP-MSCHAP v2 as
authentication method.
in my users file i put one user like this:
##
linatestA
reeRADIUS doesnt lie
> i don't have 'Auth-Type = Local' but it still remaining me this
> And :
> No User-Password or CHAP-Password attribute in the request.
> Cannot perform authentication.
> Failed to authenticate the user.
oh but you do - or did you just not restar
NAS-Port-Type = Ethernet
> NAS-IP-Address = 192.168.20.253
> +- entering group authorize {...}
> ++[preprocess] returns ok
> ++[chap] returns noop
> [files] users: Matched entry linatest at line 11
> ++[files] returns ok
> WARNING: Please update your configuration, and remov
Hi,
> I've done abit of searching and still been unable to find a really good man
> page or other description on the users file. Not even the MAN on the users
> file is very descriptive. I just want to expire passwords. Thats it, I've
> seen the expiry attribute but nowhere can I find a detaile
a detailed description of
its variables. From what I have seen, you can just expire by setting a date
using the expiry attribute to a specific date, is there any other way to do
this?
--
View this message in context:
http://old.nabble.com/Freeradius-User-Password-Expiration-tp26831843p26831843
rosect...@yahoo.com wrote:
> In user account setup, you can use either Cleartext-Password or
> User-Password. What is the difference? Thanks.
Cleartext-Password is what *you* say is the "known good" password.
User-Password is whatever nonsense the user typed into a password
In user account setup, you can use either Cleartext-Password or User-Password.
What is the difference? Thanks.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Fri, 2009-08-28 at 11:51 +0100, Ivan Kalik wrote:
> > On Fri, 2009-08-28 at 11:26 +0100, Ivan Kalik wrote:
> 1. You are using 1.x queries in a 2.x server. Fix that.
> 2. That user was found as system user as well and unix module is enabled.
> You likely have different password in /etc/passwd.
On Fri, 2009-08-28 at 11:26 +0100, Ivan Kalik wrote:
>
> Remove forcing of Auth-Type Local. Let the server set the auth type.
That resulted in a different error message:
++[sql] returns ok
++[pap] returns updated
rad_check_password: Found Auth-Type
auth: type "PAP"
+- entering group PA
> I've been using FreeRadius for quite some time now, but after a recent
> update (to 2.0.4, debian lenny variant) all users in a certain group
> have stopped authenticating properly, with the above error -- even
> though as far as I can tell the password transmitted (and logged) is
> identical to
op |
++---+---+---+--+
| 25 | news | Auth-Type | Local | := |
| 27 | news | Giganews-mbpm | 512 | := |
++---+---+---+--+
rlm_sql (sql): Released sql socket id: 4
++[sql] returns ok
rlm_pap: Found existing Auth-Type, not changing it.
++[pap] returns noop
r
Basant Agarwal wrote:
> Hello,
> I am trying to authenticate wifi users for wireless network ... for
> this i am using freeradius with ldap...
> When we run radtest on localhost, it is able to get authorised and
> authenticated .. it works fine but when i try from laptop(windows ) then
> it rejec
;known good" password found for the user.
> Authentication may fail because of this.
> modcall[authorize]: module "pap" returns noop for request 0
> modcall: leaving group authorize (returns updated) for request 0
> rad_check_password: Found Auth-Type ldap
> auth: ty
orize (returns updated) for request 0
rad_check_password: Found Auth-Type ldap
auth: type "LDAP"
Processing the authenticate section of radiusd.conf
modcall: entering group LDAP for request 0
rlm_ldap: - authenticate
rlm_ldap: Attribute "User-Password" is required for authen
>Verified the shared secret and it is given correctly in the request.Is there
>any configuration need to be done?Appreciate your help.Thanks,Sri
>
Shared secret *is* wrong - probability 99.99%
Crypto libraries are corrupted - probability 0.01%
Retype the shared secret on the remote test client.
Hi,I configured my FR server with PAM.When tried with radclient from localhost
(where is FR is installed), user password is displaying in clear text; but when
trying to authenticate the same user over network (using ntradping), user
password is showing in "unprintable chars". Follow
Zhifeng Yang wrote:
> FreeRadius: 1.1.3 (this is the newest stable version I can apt-get for Debian)
Then install 2.1.1 from the source "tar" file.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
CHAP-Password does NOT match local User-Password
I am SURE I input correct password. I wonder if anybody can kindly give me any
hints to resolve this issue. Here are details about:
OS: Debian version 4.0 r5
FreeRadius: 1.1.3 (this is the newest stable version I can apt-get for Debian)
MySQL server and c
On Tue, Sep 16, 2008 at 11:20 PM, Alan DeKok <[EMAIL PROTECTED]> wrote:
> Tanya Muluw wrote:
>> Since most users of our organization have mail account in our postfix
>> mail server, I tried to use postfix user password that stored in mysql
>> for authentication. Theref
Tanya Muluw wrote:
> Since most users of our organization have mail account in our postfix
> mail server, I tried to use postfix user password that stored in mysql
> for authentication. Therefore there will be two types of user, i.e
> users with postfix user password (encryp
Dear all.
I am trying to use Chillispot for captive portal with freeradius v
1.188.2.4.2.16 as the radius server. I am new to both Chillispot and
freeradius.
Since most users of our organization have mail account in our postfix
mail server, I tried to use postfix user password that stored in
_get_conn: Got Id: 0
>> >rlm_ldap: attempting LDAP reconnection
>> >rlm_ldap: (re)connect to 127.0.0.1:389, authentication 0
>> >rlm_ldap: bind as cn=Administrator,dc=thales,dc=com/thales to
>> 127.0.0.1:389
>> >rlm_ldap: waiting for bind result ...
>&
; >rlm_ldap: bind as cn=Administrator,dc=thales,dc=com/thales to
> 127.0.0.1:389
> >rlm_ldap: waiting for bind result ...
> >rlm_ldap: Bind was successful
> >rlm_ldap: performing search in dc=thales,dc=com, with filter (uid=hasan)
> >rlm_ldap: checking if remote acces
dc=thales,dc=com/thales to 127.0.0.1:389
>rlm_ldap: waiting for bind result ...
>rlm_ldap: Bind was successful
>rlm_ldap: performing search in dc=thales,dc=com, with filter (uid=hasan)
>rlm_ldap: checking if remote access for thales is allowed by uid
>rlm_ldap: Added User-Password =
*yes Ivan.
Debug o:p radiusd -X*
Listening on authentication address * port 1812
Listening on accounting address * port 1813
Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1 port 1031, id=171,
length=57
User-Name = "hasan"
User-Password
resolution
>for locahost. This Problem is due to this.
>I will fix the name resolution.
>
>SYED
> # radtest hasan thales localhost 1 testing123
>Sending Access-Request of id 241 to 127.0.0.1 port 1812
>User-Name = "hasan"
>User-Password = "t
quot;hasan"
User-Password = "thales"
NAS-IP-Address = 192.168.1.131
NAS-Port = 1
rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=241,
length=20
2008/8/28 Ivan Kalik <[EMAIL PROTECTED]>
> Well, ldap found the user but didn't find the pass
Alan DeKok <[EMAIL PROTECTED]>wrote:
>
>> Syed Anwarul Hasan wrote:
>> > ... Also in the Sites-enabled dir under default file, I have
>> > added in the Authorize section I added,
>> > *update control {
>> > Auth-Type :=ldap
>>
>
nd configuration files say DO NOT DO
> SET AUTH-TYPE.
>
> ...
> > rlm_ldap: Attribute "User-Password" is required for authentication.
> > Cannot use " (null)".
>
> You are sending the server a request that doesn't contain a
> User-Password attribute.
>
&
Attribute "User-Password" is required for authentication.
> Cannot use " (null)".
You are sending the server a request that doesn't contain a
User-Password attribute.
Don't set Auth-Type.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi Alan and all,
Thanks Alan for you earlier reply.
I have a problem for Authenticating Radius server with Openldap backend. In
the ldap.attrmap I added the line
*checkitem User-Password userPassword *and also under modules in ldap
module I have set_auth_type=yes for binding LDAP for
>hi ! to firts alan my server is 10.30.1.104 no 10.0.6.29
Fine.
>
>ok, and when i write : radtest test testing123 10.0.6.29 1812 testing123
So why are you sending the request to the wrong radius server? Read
instructions how to use radtest again.
Ivan Kalik
Kalik Informatika ISP
-
List info
1 - 100 of 412 matches
Mail list logo