Beginner need help

classic Classic list List threaded Threaded
38 messages Options
12
| Threaded
Open this post in threaded view
|

Beginner need help

Frank Wei

Hi,

I’m brand new to FreeRadius and just installed server 2.2.5.

 

I have followed the wiki instruction (basic Configuration section) to do the simple test.  The only thing I added is to add

Testing Cleartext-Password := “password”

in the /raddb/users

 

Here is the debug information I had when I run

Radtesting testing password localhost 0 testing123 

 

rad_recv: Access-Request packet from host 127.0.0.1 port 32775, id=195, length=77

        User-Name = "testing"

        User-Password = "password"

        NAS-IP-Address = 127.0.0.1

        NAS-Port = 10

        Message-Authenticator = 0x024f3a845461e5597651150741f365fd

# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default

+group authorize {

++[preprocess] = ok

++[chap] = noop

++[mschap] = noop

++[digest] = noop

[suffix] No '@' in User-Name = "testing", looking up realm NULL

[suffix] No such realm "NULL"

++[suffix] = noop

[eap] No EAP-Message, not doing EAP

++[eap] = noop

++[files] = noop

++[expiration] = noop

++[logintime] = noop

[pap] WARNING! No "known good" password found for the user.  Authentication may fail because of this.

++[pap] = noop

+} # group authorize = ok

ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user

Failed to authenticate the user.

Using Post-Auth-Type REJECT

# Executing group from file /usr/local/etc/raddb/sites-enabled/default

+group REJECT {

[attr_filter.access_reject]     expand: %{User-Name} -> testing

attr_filter: Matched entry DEFAULT at line 11

++[attr_filter.access_reject] = updated

+} # group REJECT = updated

Delaying reject of request 2 for 1 seconds

Going to the next request

Waking up in 0.9 seconds.

Sending delayed reject for request 2

Sending Access-Reject of id 195 to 127.0.0.1 port 32775

Waking up in 4.9 seconds.

Cleaning up request 2 ID 195 with timestamp +530

 

 

 

Could anybody help to me to explain why it was rejected? (it looks like a no “known good” password issue but I don’t know why)

 

Great thanks,

 

 

4RF Limited

 

The information in this email communication (inclusive of attachments) is confidential to 4RF Limited and the intended recipient(s). If you are not the intended recipient(s), please note that any use, disclosure, distribution or copying of this information or any part thereof is strictly prohibited and that the author accepts no liability for the consequences of any action taken on the basis of the information provided. If you have received this email in error, please notify the sender immediately by return email and then delete all instances of this email from your system. 4RF Limited will not accept responsibility for any consequences associated with the use of this email (including, but not limited to, damages sustained as a result of any viruses and/or any action or lack of action taken in reliance on it).
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: Beginner need help

Stefan Winter-4
Hi,

> I have followed the wiki instruction (basic Configuration section) to do
> the simple test.  The only thing I added is to add
>
> Testing Cleartext-Password := “password”

T

>         User-Name = "testing"

t

and so:

> ++[files] = noop

Stefan

--
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
de la Recherche
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg

Tel: +352 424409 1
Fax: +352 422473

PGP key updated to 4096 Bit RSA - I will encrypt all mails if the
recipient's key is known to me

http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

0x8A39DC66.asc (3K) Download Attachment
signature.asc (853 bytes) Download Attachment
| Threaded
Open this post in threaded view
|

RE: Beginner need help

Frank Wei
Hi Stefan,

Actually I was using small "t" on both users file and client command but I still see

++[files] = noop

What is the really problem?

Cheers,

-----Original Message-----
From: freeradius-users-bounces+frank.wei=[hidden email] [mailto:freeradius-users-bounces+frank.wei=[hidden email]] On Behalf Of Stefan Winter
Sent: Monday, 8 September 2014 6:22 p.m.
To: [hidden email]
Subject: Re: Beginner need help

Hi,

> I have followed the wiki instruction (basic Configuration section) to
> do the simple test.  The only thing I added is to add
>
> Testing Cleartext-Password := "password"

T

>         User-Name = "testing"

t

and so:

> ++[files] = noop

Stefan

--
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche 6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg

Tel: +352 424409 1
Fax: +352 422473

PGP key updated to 4096 Bit RSA - I will encrypt all mails if the recipient's key is known to me

http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66
The information in this email communication (inclusive of attachments) is confidential to 4RF Limited and the intended recipient(s). If you are not the intended recipient(s), please note that any use, disclosure, distribution or copying of this information or any part thereof is strictly prohibited and that the author accepts no liability for the consequences of any action taken on the basis of the information provided. If you have received this email in error, please notify the sender immediately by return email and then delete all instances of this email from your system. 4RF Limited will not accept responsibility for any consequences associated with the use of this email (including, but not limited to, damages sustained as a result of any viruses and/or any action or lack of action taken in reliance on it).
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: Beginner need help

Alan DeKok-2
Frank Wei wrote:
> Hi Stefan,
>
> Actually I was using small "t" on both users file and client command but I still see
>
> ++[files] = noop
>
> What is the really problem?

  The user isn't being found in the "users" file.

  You're not editing the "users" file which the server is reading.  Or,
the username sent by radclient isn't the same as the username in the
"users" file.

  Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

RE: Beginner need help

Frank Wei
Hi Alan,

The users file I edited is in etc/raddb. testing Cleartext-Password := "password"

The client command I was using is

        "radtest testing password 127.0.0.1 0 testing123"

Anything wrong with them?

Cheers,


-----Original Message-----
From: freeradius-users-bounces+frank.wei=[hidden email] [mailto:freeradius-users-bounces+frank.wei=[hidden email]] On Behalf Of Alan DeKok
Sent: Tuesday, 9 September 2014 10:10 a.m.
To: FreeRadius users mailing list
Subject: Re: Beginner need help

Frank Wei wrote:
> Hi Stefan,
>
> Actually I was using small "t" on both users file and client command but I still see
>
> ++[files] = noop
>
> What is the really problem?

  The user isn't being found in the "users" file.

  You're not editing the "users" file which the server is reading.  Or,
the username sent by radclient isn't the same as the username in the
"users" file.

  Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
The information in this email communication (inclusive of attachments) is confidential to 4RF Limited and the intended recipient(s). If you are not the intended recipient(s), please note that any use, disclosure, distribution or copying of this information or any part thereof is strictly prohibited and that the author accepts no liability for the consequences of any action taken on the basis of the information provided. If you have received this email in error, please notify the sender immediately by return email and then delete all instances of this email from your system. 4RF Limited will not accept responsibility for any consequences associated with the use of this email (including, but not limited to, damages sustained as a result of any viruses and/or any action or lack of action taken in reliance on it).
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: Beginner need help

Alan DeKok-2
Frank Wei wrote:
> Hi Alan,
>
> The users file I edited is in etc/raddb. testing Cleartext-Password := "password"
>
> The client command I was using is
>
>         "radtest testing password 127.0.0.1 0 testing123"
>
> Anything wrong with them?

  Yes.  Because it isn't working.

  What's wrong?  I don't know.

  All I know is that I add a user to the TOP of the "users" file, and it
works.

  Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: Beginner need help

A.L.M.Buxey
In reply to this post by Frank Wei
Hi,

> The users file I edited is in etc/raddb. testing Cleartext-Password := "password"

which etc/raddb ? the one in the source tree or the one that got installed? do you have multiple copies
of freeradius installed?  

read the radiusd -X  debug putput to see which users file it is editing, then edit that file

also, after editing the file you need to restart the server or your changes wont be picked up

alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

RE: Beginner need help

Frank Wei
Oh, Thanks!

-----Original Message-----
From: freeradius-users-bounces+frank.wei=[hidden email] [mailto:freeradius-users-bounces+frank.wei=[hidden email]] On Behalf Of [hidden email]
Sent: Tuesday, 9 September 2014 11:07 a.m.
To: FreeRadius users mailing list
Subject: Re: Beginner need help

Hi,

> The users file I edited is in etc/raddb. testing Cleartext-Password := "password"

which etc/raddb ? the one in the source tree or the one that got installed? do you have multiple copies
of freeradius installed?

read the radiusd -X  debug putput to see which users file it is editing, then edit that file

also, after editing the file you need to restart the server or your changes wont be picked up

alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
The information in this email communication (inclusive of attachments) is confidential to 4RF Limited and the intended recipient(s). If you are not the intended recipient(s), please note that any use, disclosure, distribution or copying of this information or any part thereof is strictly prohibited and that the author accepts no liability for the consequences of any action taken on the basis of the information provided. If you have received this email in error, please notify the sender immediately by return email and then delete all instances of this email from your system. 4RF Limited will not accept responsibility for any consequences associated with the use of this email (including, but not limited to, damages sustained as a result of any viruses and/or any action or lack of action taken in reliance on it).
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

RE: Beginner need help

Frank Wei
Hi,

I've downloaded "freeradius-client-1.1.6.tar.bz2" and untarted. Then I tried to installed as following:

./configure
Make install

Now I want to test this client (I have already installed freeradius server on the same LINUX PC and this server proved to be working).

The only useful information on the freeradius client is

radiusclient [-f config_file] [-p nas_port] [-s | [-a] a1=v1 [a2=v2[...[aN=vN]...]]]

Not how to use above to test the client. How can I create the "config_file" ?

Best Regards,
Frank


-----Original Message-----
From: freeradius-users-bounces+frank.wei=[hidden email] [mailto:freeradius-users-bounces+frank.wei=[hidden email]] On Behalf Of Frank Wei
Sent: Tuesday, 9 September 2014 12:03 p.m.
To: 'FreeRadius users mailing list'
Subject: RE: Beginner need help

Oh, Thanks!

-----Original Message-----
From: freeradius-users-bounces+frank.wei=[hidden email] [mailto:freeradius-users-bounces+frank.wei=[hidden email]] On Behalf Of [hidden email]
Sent: Tuesday, 9 September 2014 11:07 a.m.
To: FreeRadius users mailing list
Subject: Re: Beginner need help

Hi,

> The users file I edited is in etc/raddb. testing Cleartext-Password := "password"

which etc/raddb ? the one in the source tree or the one that got installed? do you have multiple copies
of freeradius installed?

read the radiusd -X  debug putput to see which users file it is editing, then edit that file

also, after editing the file you need to restart the server or your changes wont be picked up

alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
The information in this email communication (inclusive of attachments) is confidential to 4RF Limited and the intended recipient(s). If you are not the intended recipient(s), please note that any use, disclosure, distribution or copying of this information or any part thereof is strictly prohibited and that the author accepts no liability for the consequences of any action taken on the basis of the information provided. If you have received this email in error, please notify the sender immediately by return email and then delete all instances of this email from your system. 4RF Limited will not accept responsibility for any consequences associated with the use of this email (including, but not limited to, damages sustained as a result of any viruses and/or any action or lack of action taken in reliance on it).
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
The information in this email communication (inclusive of attachments) is confidential to 4RF Limited and the intended recipient(s). If you are not the intended recipient(s), please note that any use, disclosure, distribution or copying of this information or any part thereof is strictly prohibited and that the author accepts no liability for the consequences of any action taken on the basis of the information provided. If you have received this email in error, please notify the sender immediately by return email and then delete all instances of this email from your system. 4RF Limited will not accept responsibility for any consequences associated with the use of this email (including, but not limited to, damages sustained as a result of any viruses and/or any action or lack of action taken in reliance on it).
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: Beginner need help

Alan DeKok-2
Frank Wei wrote:
> The only useful information on the freeradius client is
>
> radiusclient [-f config_file] [-p nas_port] [-s | [-a] a1=v1 [a2=v2[...[aN=vN]...]]]
>
> Not how to use above to test the client. How can I create the "config_file" ?

  See etc/radiusclient.conf in the "tar" file.

  Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

RE: Beginner need help

Frank Wei
Hi,

I wanted to authenticate username "testing" with password "password". First I used the "radtest" utility and I've got

radtest testing password 127.0.0.1 0 testing123
Sending Access-Request of id 132 to 127.0.0.1 port 1812
        User-Name = "testing"
        User-Password = "password"
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 0
        Message-Authenticator = 0x00000000000000000000000000000000
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=132, length=20


Then try to use "radlogin" utility to do the authentication (I uncommented the line in file /usr/local/etc/radiusclient/servers to make the shared secret to be testing 123), I got

radlogin
($Id: radlogin.c,v 1.9 2008/01/09 07:04:18 sobomax Exp $)
-----------------------------------------------------
Linux 2.6.9-1.667smp (softdev2.local.4rf.com) (port 2)
-----------------------------------------------------

login: testing
Password:
RADIUS: /dev/pts/2local: Authentication failure


Note during the above testing, the freeradius server did not receive any request. It looks like I missed some configure in the client side as "radtest" worked.

Could somebody help me what I have missed.

Cheers,

-----Original Message-----
From: freeradius-users-bounces+frank.wei=[hidden email] [mailto:freeradius-users-bounces+frank.wei=[hidden email]] On Behalf Of Alan DeKok
Sent: Monday, 22 September 2014 2:15 p.m.
To: FreeRadius users mailing list
Subject: Re: Beginner need help

Frank Wei wrote:
> The only useful information on the freeradius client is
>
> radiusclient [-f config_file] [-p nas_port] [-s | [-a] a1=v1 [a2=v2[...[aN=vN]...]]]
>
> Not how to use above to test the client. How can I create the "config_file" ?

  See etc/radiusclient.conf in the "tar" file.

  Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
The information in this email communication (inclusive of attachments) is confidential to 4RF Limited and the intended recipient(s). If you are not the intended recipient(s), please note that any use, disclosure, distribution or copying of this information or any part thereof is strictly prohibited and that the author accepts no liability for the consequences of any action taken on the basis of the information provided. If you have received this email in error, please notify the sender immediately by return email and then delete all instances of this email from your system. 4RF Limited will not accept responsibility for any consequences associated with the use of this email (including, but not limited to, damages sustained as a result of any viruses and/or any action or lack of action taken in reliance on it).
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: Beginner need help

Himanshu  Pandey
In reply to this post by Frank Wei
Hi,

I am very new to freeradius. On running radiusd -X I get "radiusd: Cannot get ID for group radiusd: No such file or directory"

Can you please suggest how to resolve this.

Regards,
Sonu

From: Frank Wei <[hidden email]>
Sent: Mon, 22 Sep 2014 05:35:26
To: "'FreeRadius users mailing list'" <[hidden email]>
Subject: Re: Beginner need help
Hi,

I've downloaded "freeradius-client-1.1.6.tar.bz2" and untarted. Then I tried to installed as following:

./configure
Make install

Now I want to test this client (I have already installed freeradius server on the same LINUX PC and this server proved to be working).

The only useful information on the freeradius client is

radiusclient [-f config_file] [-p nas_port] [-s | [-a] a1=v1 [a2=v2[...[aN=vN]...]]]

Not how to use above to test the client. How can I create the "config_file" ?

Best Regards,
Frank


-----Original Message-----
From: freeradius-users-bounces+frank.wei=[hidden email] [mailto:freeradius-users-bounces+frank.wei=[hidden email]] On Behalf Of Frank Wei
Sent: Tuesday, 9 September 2014 12:03 p.m.
To: 'FreeRadius users mailing list'
Subject: RE: Beginner need help

Oh, Thanks!

-----Original Message-----
From: freeradius-users-bounces+frank.wei=[hidden email] [mailto:freeradius-users-bounces+frank.wei=[hidden email]] On Behalf Of [hidden email]
Sent: Tuesday, 9 September 2014 11:07 a.m.
To: FreeRadius users mailing list
Subject: Re: Beginner need help

Hi,

> The users file I edited is in etc/raddb. testing Cleartext-Password := "password"

which etc/raddb ? the one in the source tree or the one that got installed? do you have multiple copies
of freeradius installed?

read the radiusd -X  debug putput to see which users file it is editing, then edit that file

also, after editing the file you need to restart the server or your changes wont be picked up

alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
The information in this email communication (inclusive of attachments) is confidential to 4RF Limited and the intended recipient(s). If you are not the intended recipient(s), please note that any use, disclosure, distribution or copying of this information or any part thereof is strictly prohibited and that the author accepts no liability for the consequences of any action taken on the basis of the information provided. If you have received this email in error, please notify the sender immediately by return email and then delete all instances of this email from your system. 4RF Limited will not accept responsibility for any consequences associated with the use of this email (including, but not limited to, damages sustained as a result of any viruses and/or any action or lack of action taken in reliance on it).
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
The information in this email communication (inclusive of attachments) is confidential to 4RF Limited and the intended recipient(s). If you are not the intended recipient(s), please note that any use, disclosure, distribution or copying of this information or any part thereof is strictly prohibited and that the author accepts no liability for the consequences of any action taken on the basis of the information provided. If you have received this email in error, please notify the sender immediately by return email and then delete all instances of this email from your system. 4RF Limited will not accept responsibility for any consequences associated with the use of this email (including, but not limited to, damages sustained as a result of any viruses and/or any action or lack of action taken in reliance on it).
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Get your own FREE website, FREE domain & FREE mobile app with Company email.  
Know More >

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: Beginner need help

A.L.M.Buxey
In reply to this post by Frank Wei
Hi,

>    I am very new to freeradius. On running radiusd -X I get "radiusd: Cannot
>    get ID for group radiusd: No such file or directory"
>    Can you please suggest how to resolve this.

not a freeradius question - this is unix 101 - your config says to run the
server as user radiusd and group radiusd - but your OS hasnt got that group defined.
check eg /etc/group  file and make the required change

alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: Beginner need help

A.L.M.Buxey
In reply to this post by Frank Wei
Hi,

> Now I want to test this client (I have already installed freeradius server on the same LINUX PC and this server proved to be working).

there are various client testing tools with the main freeradius server package - also eapol_test from the
wpa_supplicant package is very useful!

> The only useful information on the freeradius client is
>
> radiusclient [-f config_file] [-p nas_port] [-s | [-a] a1=v1 [a2=v2[...[aN=vN]...]]]

-f the config file - theres one supplied...should be in your /etc directory now. then you feed it a list of VSA/TLV values.

not as friendly as eg eapol_test or radclient

alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: Beginner need help

Himanshu  Pandey
In reply to this post by Frank Wei
Hi,

My freeradius server is up and running and then I tried to execute the test with a following command:

radtest testing password localhost 0 testing123

But I am getting error:
radclient:: Unknown attribute "User-Name" requires a hex string, not "testing"
radclient: Nothing to send.

Please help to resolve the same.

Regards,
Sonu

From: [hidden email]
Sent: Mon, 22 Sep 2014 14:17:00
To: FreeRadius users mailing list <[hidden email]>
Subject: Re: Beginner need help
Hi,

> Now I want to test this client (I have already installed freeradius server on the same LINUX PC and this server proved to be working).

there are various client testing tools with the main freeradius server package - also eapol_test from the
wpa_supplicant package is very useful!

> The only useful information on the freeradius client is
>
> radiusclient [-f config_file] [-p nas_port] [-s | [-a] a1=v1 [a2=v2[...[aN=vN]...]]]

-f the config file - theres one supplied...should be in your /etc directory now. then you feed it a list of VSA/TLV values.

not as friendly as eg eapol_test or radclient

alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Get your own FREE website, FREE domain & FREE mobile app with Company email.  
Know More >

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: Beginner need help

Vijay
In reply to this post by Frank Wei
Hi Himanshu,
I believe radtest and radclient totally different utility for different purpose.

Plus use should post debug output and config you using.

Regards
Amit B.
HTH

Sent from my iPhone

On 22-Sep-2014, at 14:42, "Himanshu  Pandey" <[hidden email]> wrote:

Hi,

My freeradius server is up and running and then I tried to execute the test with a following command:

radtest testing password localhost 0 testing123

But I am getting error:
radclient:: Unknown attribute "User-Name" requires a hex string, not "testing"
radclient: Nothing to send.

Please help to resolve the same.

Regards,
Sonu

From: [hidden email]
Sent: Mon, 22 Sep 2014 14:17:00
To: FreeRadius users mailing list <[hidden email]>
Subject: Re: Beginner need help
Hi,

> Now I want to test this client (I have already installed freeradius server on the same LINUX PC and this server proved to be working).

there are various client testing tools with the main freeradius server package - also eapol_test from the
wpa_supplicant package is very useful!

> The only useful information on the freeradius client is
>
> radiusclient [-f config_file] [-p nas_port] [-s | [-a] a1=v1 [a2=v2[...[aN=vN]...]]]

-f the config file - theres one supplied...should be in your /etc directory now. then you feed it a list of VSA/TLV values.

not as friendly as eg eapol_test or radclient

alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Get your own FREE website, FREE domain & FREE mobile app with Company email.  
Know More >
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: Beginner need help

Himanshu  Pandey
In reply to this post by Frank Wei
Hi,

I am getting the following error:

WARNING: Empty authorize section.  Using default return values.
ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user
Failed to authenticate the user.

Here is the debug log:

FreeRADIUS Version 2.2.0, for host x86_64-redhat-linux-gnu, built on Dec 15 2012 at 00:26:26
Copyright (C) 1999-2012 The FreeRADIUS server project and contributors. 
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A 
PARTICULAR PURPOSE. 
You may redistribute copies of FreeRADIUS under the terms of the 
GNU General Public License v2. 
Starting - reading configuration files ...
including configuration file /etc/raddb/radiusd.conf
including configuration file /etc/raddb/proxy.conf
including configuration file /etc/raddb/clients.conf
including files in directory /etc/raddb/modules/
including configuration file /etc/raddb/modules/ldap
including configuration file /etc/raddb/modules/inner-eap
including configuration file /etc/raddb/modules/digest
including configuration file /etc/raddb/modules/checkval
including configuration file /etc/raddb/modules/dynamic_clients
including configuration file /etc/raddb/modules/echo
including configuration file /etc/raddb/modules/expiration
including configuration file /etc/raddb/modules/etc_group
including configuration file /etc/raddb/modules/pam
including configuration file /etc/raddb/modules/opendirectory
including configuration file /etc/raddb/modules/sradutmp
including configuration file /etc/raddb/modules/attr_filter
including configuration file /etc/raddb/modules/mschap
including configuration file /etc/raddb/modules/chap
including configuration file /etc/raddb/modules/expr
including configuration file /etc/raddb/modules/counter
including configuration file /etc/raddb/modules/ippool
including configuration file /etc/raddb/modules/cui
including configuration file /etc/raddb/modules/attr_rewrite
including configuration file /etc/raddb/modules/detail
including configuration file /etc/raddb/modules/radrelay
including configuration file /etc/raddb/modules/rediswho
including configuration file /etc/raddb/modules/preprocess
including configuration file /etc/raddb/modules/ntlm_auth
including configuration file /etc/raddb/modules/krb5
including configuration file /etc/raddb/modules/smbpasswd
including configuration file /etc/raddb/modules/files
including configuration file /etc/raddb/modules/realm
including configuration file /etc/raddb/modules/sqlcounter_expire_on_login
including configuration file /etc/raddb/modules/soh
including configuration file /etc/raddb/modules/wimax
including configuration file /etc/raddb/modules/linelog
including configuration file /etc/raddb/modules/always
including configuration file /etc/raddb/modules/pap
including configuration file /etc/raddb/modules/smsotp
including configuration file /etc/raddb/modules/logintime
including configuration file /etc/raddb/modules/dhcp_sqlippool
including configuration file /etc/raddb/sql/mysql/ippool-dhcp.conf
including configuration file /etc/raddb/modules/mac2vlan
including configuration file /etc/raddb/modules/otp
including configuration file /etc/raddb/modules/redis
including configuration file /etc/raddb/modules/radutmp
including configuration file /etc/raddb/modules/detail.example.com
including configuration file /etc/raddb/modules/replicate
including configuration file /etc/raddb/modules/exec
including configuration file /etc/raddb/modules/passwd
including configuration file /etc/raddb/modules/acct_unique
including configuration file /etc/raddb/modules/mac2ip
including configuration file /etc/raddb/modules/cache
including configuration file /etc/raddb/modules/sql_log
including configuration file /etc/raddb/modules/perl
including configuration file /etc/raddb/modules/detail.log
including configuration file /etc/raddb/modules/unix
including configuration file /etc/raddb/modules/policy
including configuration file /etc/raddb/eap.conf
including configuration file /etc/raddb/policy.conf
main {
allow_core_dumps = no
}
including dictionary file /etc/raddb/dictionary
main {
name = "radiusd"
prefix = "/usr/local"
localstatedir = "/usr/local/var"
sbindir = "/usr/local/sbin"
logdir = "/usr/local/var/log/radius"
run_dir = "/usr/local/var/run/radiusd"
libdir = "/usr/local/lib"
radacctdir = "/usr/local/var/log/radius/radacct"
hostname_lookups = no
max_request_time = 30
cleanup_delay = 5
max_requests = 1024
pidfile = "/usr/local/var/run/radiusd/radiusd.pid"
checkrad = "/usr/local/sbin/checkrad"
debug_level = 0
proxy_requests = yes
 log {
stripped_names = no
auth = no
auth_badpass = no
auth_goodpass = no
 }
 security {
max_attributes = 200
reject_delay = 1
status_server = yes
 }
}
radiusd: #### Loading Realms and Home Servers ####
 proxy server {
retry_delay = 5
retry_count = 3
default_fallback = no
dead_time = 120
wake_all_if_all_dead = no
 }
 home_server localhost {
ipaddr = 127.0.0.1
port = 1812
type = "auth"
secret = "testing123"
response_window = 20
max_outstanding = 65536
require_message_authenticator = yes
zombie_period = 40
status_check = "status-server"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
  coa {
irt = 2
mrt = 16
mrc = 5
mrd = 30
  }
 }
 home_server_pool my_auth_failover {
type = fail-over
home_server = localhost
 }
 realm example.com {
auth_pool = my_auth_failover
 }
 realm LOCAL {
 }
radiusd: #### Loading Clients ####
 client 127.0.0.1 {
ipaddr = 127.0.0.1
require_message_authenticator = no
secret = "testing123"
nastype = "other"
 }
radiusd: #### Instantiating modules ####
 instantiate {
 }
radiusd: #### Loading Virtual Servers ####
server { # from file /etc/raddb/radiusd.conf
 modules {
 } # modules
} # server
radiusd: #### Opening IP addresses and Ports ####
listen {
type = "auth"
ipaddr = *
port = 0
}
listen {
type = "acct"
ipaddr = *
port = 0
}
 ... adding new socket proxy address * port 58346
Listening on authentication address * port 1812
Listening on accounting address * port 1813
Listening on proxy address * port 1814
Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1 port 45789, id=134, length=77
Attr-1 = 0x74657374696e67
Attr-2 = 0xc0f304d7505a307640e393d9f8f2778a
Attr-4 = 0x7f000001
Attr-5 = 0x00000714
Attr-80 = 0x6ae5985f22e2b42ff6127ba33df73a62
  WARNING: Empty authorize section.  Using default return values.
ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user
Failed to authenticate the user.
  WARNING: Unprintable characters in the password.  Double-check the shared secret on the server and the NAS!
Delaying reject of request 0 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 0
Sending Access-Reject of id 134 to 127.0.0.1 port 45789
Waking up in 4.9 seconds.
Cleaning up request 0 ID 134 with timestamp +248
Ready to process requests.

Please help.

Regards,
Himanshu

From: Amit Linux <[hidden email]>
Sent: Mon, 22 Sep 2014 16:01:44
To: FreeRadius users mailing list <[hidden email]>
Subject: Re: Beginner need help
Hi Himanshu,
I believe radtest and radclient totally different utility for different purpose.

Plus use should post debug output and config you using.

Regards
Amit B.
HTH

Sent from my iPhone

On 22-Sep-2014, at 14:42, "Himanshu  Pandey" <[hidden email]> wrote:

Hi,

My freeradius server is up and running and then I tried to execute the test with a following command:

radtest testing password localhost 0 testing123

But I am getting error:
radclient:: Unknown attribute "User-Name" requires a hex string, not "testing"
radclient: Nothing to send.

Please help to resolve the same.

Regards,
Sonu

From: [hidden email]
Sent: Mon, 22 Sep 2014 14:17:00
To: FreeRadius users mailing list <[hidden email]>
Subject: Re: Beginner need help
Hi,

> Now I want to test this client (I have already installed freeradius server on the same LINUX PC and this server proved to be working).

there are various client testing tools with the main freeradius server package - also eapol_test from the
wpa_supplicant package is very useful!

> The only useful information on the freeradius client is
>
> radiusclient [-f config_file] [-p nas_port] [-s | [-a] a1=v1 [a2=v2[...[aN=vN]...]]]

-f the config file - theres one supplied...should be in your /etc directory now. then you feed it a list of VSA/TLV values.

not as friendly as eg eapol_test or radclient

alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Get your own FREE website, FREE domain & FREE mobile app with Company email.  
Know More >
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Get your own FREE website, FREE domain & FREE mobile app with Company email.  
Know More >

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: Beginner need help

Alan DeKok-2
Himanshu Pandey wrote:
> WARNING: Empty authorize section.  Using default return values.
> ERROR: No authenticate method (Auth-Type) found for the request:
> Rejecting the user
> Failed to authenticate the user.

  You edited the configuration files and broke the server.  Don't do that.

  Use the default configuration.  IT WORKS.


> rad_recv: Access-Request packet from host 127.0.0.1 port 45789, id=134,
> length=77
> Attr-1 = 0x74657374696e67
> Attr-2 = 0xc0f304d7505a307640e393d9f8f2778a
> Attr-4 = 0x7f000001
> Attr-5 = 0x00000714
> Attr-80 = 0x6ae5985f22e2b42ff6127ba33df73a62

  That's entirely wrong.

  You've put a lot of work into destroying the server configuration.  I
don't understand why people do this.

  Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: Beginner need help

A.L.M.Buxey
In reply to this post by Frank Wei
Hi,

>    WARNING: Empty authorize section.  Using default return values.

you've edited config files from the default install?  there are only 2 files
you need to edit from an install to get the basic stuff working

users  file
clients.conf file


butchering other files will only lead you to failure until you understand
more about the server and how parts of it operate

alan

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: Beginner need help

Himanshu  Pandey
In reply to this post by Frank Wei
Hi,

I modified users configuration file and radiusd.conf. I have attached radiusd.conf file. Please tell me what shall I not modify in radiusd.conf file. Actually I did some modifications in radiusd.conf file since I was getting some error in starting the radius server.

Please help.

Regards,
Sonu

From: Alan DeKok <[hidden email]>
Sent: Mon, 22 Sep 2014 17:28:24
To: FreeRadius users mailing list <[hidden email]>
Subject: Re: Beginner need help
Himanshu Pandey wrote:
> WARNING: Empty authorize section.  Using default return values.
> ERROR: No authenticate method (Auth-Type) found for the request:
> Rejecting the user
> Failed to authenticate the user.

 You edited the configuration files and broke the server.  Don't do that.

 Use the default configuration.  IT WORKS.


> rad_recv: Access-Request packet from host 127.0.0.1 port 45789, id=134,
> length=77
> Attr-1 = 0x74657374696e67
> Attr-2 = 0xc0f304d7505a307640e393d9f8f2778a
> Attr-4 = 0x7f000001
> Attr-5 = 0x00000714
> Attr-80 = 0x6ae5985f22e2b42ff6127ba33df73a62

 That's entirely wrong.

 You've put a lot of work into destroying the server configuration.  I
don't understand why people do this.

 Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Get your own FREE website, FREE domain & FREE mobile app with Company email.  
Know More >

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

radiusd.conf (37K) Download Attachment
12