Freeradius authentication failed for unknown reason

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by Moein7tl on Server Fault See other posts from Server Fault or by Moein7tl
Published on 2012-06-22T00:30:17Z Indexed on 2012/06/22 3:18 UTC
Read the original article Hit count: 553

Filed under:
|
|
|
|

I followed this instruction to force freeradius to use mysql database.

and run freeradius in debug mod. but it rejects all authentication.

mysql database :

mysql> select * from radcheck;
+----+----------+-----------+----+---------+
| id | username | attribute | op | value   |
+----+----------+-----------+----+---------+
|  1 | test     | Password  | == | test123 | 
|  2 | test     | Auth-Type | == | Local   | 
+----+----------+-----------+----+---------+
2 rows in set (0.02 sec)

radtest command :

# radtest test test123 localhost 0 testing123
Sending Access-Request of id 235 to 127.0.0.1 port 1812
    User-Name = "test"
    User-Password = "test123"
    NAS-IP-Address = 127.0.0.1
    NAS-Port = 0
    Message-Authenticator = 0x00000000000000000000000000000000
rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=235, length=20

radiusd debug mod log:

rad_recv: Access-Request packet from host 127.0.0.1 port 51034, id=235, length=74
    User-Name = "test"
    User-Password = "test123"
    NAS-IP-Address = 127.0.0.1
    NAS-Port = 0
    Message-Authenticator = 0xbf111cbbae24fb0f0a558bfa26f53476
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "test", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user.  Authentication may fail because of this.
++[pap] returns noop
ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user
Failed to authenticate the user.
Using Post-Auth-Type Reject
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group REJECT {...}
[attr_filter.access_reject]     expand: %{User-Name} -> test
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 20 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 20
Sending Access-Reject of id 235 to 127.0.0.1 port 51034
Waking up in 4.9 seconds.
Cleaning up request 20 ID 235 with timestamp +4325
Ready to process requests.

where is the problem and how should I solve it?

© Server Fault or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about centos

Related posts about authentication

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle