Unix/Linux Go Back    


UNIX and Linux Applications Discuss UNIX and Linux software applications. This includes SQL, Databases, Middleware, MOM, SOA, EDA, CEP, BI, BPM and similar topics.

Failed to Authenticate user in FreeRadius 2.2.0

UNIX and Linux Applications


Closed    
 
Thread Tools Search this Thread Display Modes
    #1  
Old Unix and Linux 11-16-2015
Buddhike G Buddhike G is offline
Registered User
 
Join Date: May 2015
Last Activity: 17 November 2015, 7:18 AM EST
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Failed to Authenticate user in FreeRadius 2.2.0

Hi All,

I've installed FreeRadius 2.2.0 in Oracle Solaris 10 1/13, and I'm getting Access-Reject when tried using 'radtest' tool. When debugging is enabled I'm getting the following message

Debug: ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user

I've used "./radiusd -Xx" for debugging


Code:
bash-3.2# pwd 
/opt/csw/sbin
bash-3.2# ./radiusd -Xx
Mon Nov 16 23:07:33 2015 : Info: FreeRADIUS Version 2.2.0, for host sparc-sun-solaris2.10, built on Jan  1 2013 at 21:58:35
Mon Nov 16 23:07:33 2015 : Info: Copyright (C) 1999-2012 The FreeRADIUS server project and contributors. 
Mon Nov 16 23:07:33 2015 : Info: There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A 
Mon Nov 16 23:07:33 2015 : Info: PARTICULAR PURPOSE. 
Mon Nov 16 23:07:33 2015 : Info: You may redistribute copies of FreeRADIUS under the terms of the 
Mon Nov 16 23:07:33 2015 : Info: GNU General Public License v2. 
Mon Nov 16 23:07:33 2015 : Info: Starting - reading configuration files ...
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/radiusd.conf
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/proxy.conf
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/clients.conf
Mon Nov 16 23:07:33 2015 : Debug: including files in directory /etc/opt/csw/freeradius/modules/
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/acct_unique.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/always.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/attr_filter.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/attr_rewrite.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/cache.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/chap.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/checkval.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/counter.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/cui.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/detail.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/detail.example.com.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/detail.log.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/digest.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/dynamic_clients.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/echo.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/etc_group.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/exec.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/expiration.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/expr.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/files.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/inner-eap.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/ippool.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/linelog.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/logintime.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/mac2ip.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/mac2vlan.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/mschap.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/ntlm_auth.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/opendirectory.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/otp.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/pam.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/pap.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/passwd.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/policy.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/preprocess.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/radrelay.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/radutmp.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/realm.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/redis.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/rediswho.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/replicate.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/smbpasswd.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/smsotp.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/soh.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/sql_log.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/sqlcounter_expire_on_login.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/sradutmp.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/unix.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/modules/wimax.CSW
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/eap.conf
Mon Nov 16 23:07:33 2015 : Debug: including configuration file /etc/opt/csw/freeradius/policy.conf
Mon Nov 16 23:07:33 2015 : Debug: including files in directory /etc/opt/csw/freeradius/sites-enabled/
Mon Nov 16 23:07:33 2015 : Debug: main {
Mon Nov 16 23:07:33 2015 : Debug:       allow_core_dumps = no
Mon Nov 16 23:07:33 2015 : Debug: }
Mon Nov 16 23:07:33 2015 : Debug: including dictionary file /etc/opt/csw/freeradius/dictionary
Mon Nov 16 23:07:33 2015 : Debug: main {
Mon Nov 16 23:07:33 2015 : Debug:       name = "radiusd"
Mon Nov 16 23:07:33 2015 : Debug:       prefix = "/opt/csw"
Mon Nov 16 23:07:33 2015 : Debug:       localstatedir = "/var/opt/csw"
Mon Nov 16 23:07:33 2015 : Debug:       sbindir = "/opt/csw/sbin"
Mon Nov 16 23:07:33 2015 : Debug:       logdir = "/var/opt/csw/log/radius"
Mon Nov 16 23:07:33 2015 : Debug:       run_dir = "/var/opt/csw/run/radiusd"
Mon Nov 16 23:07:33 2015 : Debug:       libdir = "/opt/csw/lib/freeradius"
Mon Nov 16 23:07:33 2015 : Debug:       radacctdir = "/var/opt/csw/log/radius/radacct"
Mon Nov 16 23:07:33 2015 : Debug:       hostname_lookups = no
Mon Nov 16 23:07:33 2015 : Debug:       max_request_time = 30
Mon Nov 16 23:07:33 2015 : Debug:       cleanup_delay = 5
Mon Nov 16 23:07:33 2015 : Debug:       max_requests = 1024
Mon Nov 16 23:07:33 2015 : Debug:       pidfile = "/var/opt/csw/run/radiusd/radiusd.pid"
Mon Nov 16 23:07:33 2015 : Debug:       checkrad = "/opt/csw/sbin/checkrad"
Mon Nov 16 23:07:33 2015 : Debug:       debug_level = 0
Mon Nov 16 23:07:33 2015 : Debug:       proxy_requests = yes
Mon Nov 16 23:07:33 2015 : Debug:  log {
Mon Nov 16 23:07:33 2015 : Debug:       stripped_names = no
Mon Nov 16 23:07:33 2015 : Debug:       auth = no
Mon Nov 16 23:07:33 2015 : Debug:       auth_badpass = no
Mon Nov 16 23:07:33 2015 : Debug:       auth_goodpass = no
Mon Nov 16 23:07:33 2015 : Debug:  }
Mon Nov 16 23:07:33 2015 : Debug:  security {
Mon Nov 16 23:07:33 2015 : Debug:       max_attributes = 200
Mon Nov 16 23:07:33 2015 : Debug:       reject_delay = 1
Mon Nov 16 23:07:33 2015 : Debug:       status_server = no
Mon Nov 16 23:07:33 2015 : Debug:  }
Mon Nov 16 23:07:33 2015 : Debug: }
Mon Nov 16 23:07:33 2015 : Debug: radiusd: #### Loading Realms and Home Servers ####
Mon Nov 16 23:07:33 2015 : Debug:  proxy server {
Mon Nov 16 23:07:33 2015 : Debug:       retry_delay = 5
Mon Nov 16 23:07:33 2015 : Debug:       retry_count = 3
Mon Nov 16 23:07:33 2015 : Debug:       default_fallback = no
Mon Nov 16 23:07:33 2015 : Debug:       dead_time = 120
Mon Nov 16 23:07:33 2015 : Debug:       wake_all_if_all_dead = no
Mon Nov 16 23:07:33 2015 : Debug:  }
Mon Nov 16 23:07:33 2015 : Debug:  home_server localhost {
Mon Nov 16 23:07:33 2015 : Debug:       ipaddr = 127.0.0.1
Mon Nov 16 23:07:33 2015 : Debug:       port = 1812
Mon Nov 16 23:07:33 2015 : Debug:       type = "auth"
Mon Nov 16 23:07:33 2015 : Debug:       secret = "testing123"
Mon Nov 16 23:07:33 2015 : Debug:       response_window = 20
Mon Nov 16 23:07:33 2015 : Debug:       max_outstanding = 65536
Mon Nov 16 23:07:33 2015 : Debug:       require_message_authenticator = yes
Mon Nov 16 23:07:33 2015 : Debug:       zombie_period = 40
Mon Nov 16 23:07:33 2015 : Debug:       status_check = "status-server"
Mon Nov 16 23:07:33 2015 : Debug:       ping_interval = 30
Mon Nov 16 23:07:33 2015 : Debug:       check_interval = 30
Mon Nov 16 23:07:33 2015 : Debug:       num_answers_to_alive = 3
Mon Nov 16 23:07:33 2015 : Debug:       num_pings_to_alive = 3
Mon Nov 16 23:07:33 2015 : Debug:       revive_interval = 120
Mon Nov 16 23:07:33 2015 : Debug:       status_check_timeout = 4
Mon Nov 16 23:07:33 2015 : Debug:   coa {
Mon Nov 16 23:07:33 2015 : Debug:       irt = 2
Mon Nov 16 23:07:33 2015 : Debug:       mrt = 16
Mon Nov 16 23:07:33 2015 : Debug:       mrc = 5
Mon Nov 16 23:07:33 2015 : Debug:       mrd = 30
Mon Nov 16 23:07:33 2015 : Debug:   }
Mon Nov 16 23:07:33 2015 : Debug:  }
Mon Nov 16 23:07:33 2015 : Debug:  home_server_pool my_auth_failover {
Mon Nov 16 23:07:33 2015 : Debug:       type = fail-over
Mon Nov 16 23:07:33 2015 : Debug:       home_server = localhost
Mon Nov 16 23:07:33 2015 : Debug:  }
Mon Nov 16 23:07:33 2015 : Debug:  realm example.com {
Mon Nov 16 23:07:33 2015 : Debug:       auth_pool = my_auth_failover
Mon Nov 16 23:07:33 2015 : Debug:  }
Mon Nov 16 23:07:33 2015 : Debug:  realm LOCAL {
Mon Nov 16 23:07:33 2015 : Debug:  }
Mon Nov 16 23:07:33 2015 : Debug: radiusd: #### Loading Clients ####
Mon Nov 16 23:07:33 2015 : Debug:  client localhost {
Mon Nov 16 23:07:33 2015 : Debug:       ipaddr = 127.0.0.1
Mon Nov 16 23:07:33 2015 : Debug:       require_message_authenticator = no
Mon Nov 16 23:07:33 2015 : Debug:       secret = "testing123"
Mon Nov 16 23:07:33 2015 : Debug:       nastype = "other"
Mon Nov 16 23:07:33 2015 : Debug:  }
Mon Nov 16 23:07:33 2015 : Debug: radiusd: #### Instantiating modules ####
Mon Nov 16 23:07:33 2015 : Debug:  instantiate {
Mon Nov 16 23:07:33 2015 : Debug:     (Loaded rlm_exec, checking if it's valid)
Mon Nov 16 23:07:33 2015 : Debug:  Module: Linked to module rlm_exec
Mon Nov 16 23:07:33 2015 : Debug:  Module: Instantiating module "exec" from file /etc/opt/csw/freeradius/modules/exec.CSW
Mon Nov 16 23:07:33 2015 : Debug:   exec {
Mon Nov 16 23:07:33 2015 : Debug:       wait = no
Mon Nov 16 23:07:33 2015 : Debug:       input_pairs = "request"
Mon Nov 16 23:07:33 2015 : Debug:       shell_escape = yes
Mon Nov 16 23:07:33 2015 : Debug:   }
Mon Nov 16 23:07:33 2015 : Debug:     (Loaded rlm_expr, checking if it's valid)
Mon Nov 16 23:07:33 2015 : Debug:  Module: Linked to module rlm_expr
Mon Nov 16 23:07:33 2015 : Debug:  Module: Instantiating module "expr" from file /etc/opt/csw/freeradius/modules/expr.CSW
Mon Nov 16 23:07:33 2015 : Debug:     (Loaded rlm_expiration, checking if it's valid)
Mon Nov 16 23:07:33 2015 : Debug:  Module: Linked to module rlm_expiration
Mon Nov 16 23:07:33 2015 : Debug:  Module: Instantiating module "expiration" from file /etc/opt/csw/freeradius/modules/expiration.CSW
Mon Nov 16 23:07:33 2015 : Debug:   expiration {
Mon Nov 16 23:07:33 2015 : Debug:       reply-message = "Password Has Expired  "
Mon Nov 16 23:07:33 2015 : Debug:   }
Mon Nov 16 23:07:33 2015 : Debug:     (Loaded rlm_logintime, checking if it's valid)
Mon Nov 16 23:07:33 2015 : Debug:  Module: Linked to module rlm_logintime
Mon Nov 16 23:07:33 2015 : Debug:  Module: Instantiating module "logintime" from file /etc/opt/csw/freeradius/modules/logintime.CSW
Mon Nov 16 23:07:33 2015 : Debug:   logintime {
Mon Nov 16 23:07:33 2015 : Debug:       reply-message = "You are calling outside your allowed timespan  "
Mon Nov 16 23:07:33 2015 : Debug:       minimum-timeout = 60
Mon Nov 16 23:07:33 2015 : Debug:   }
Mon Nov 16 23:07:33 2015 : Debug:  }
Mon Nov 16 23:07:33 2015 : Debug: radiusd: #### Loading Virtual Servers ####
Mon Nov 16 23:07:33 2015 : Debug: server { # from file /etc/opt/csw/freeradius/radiusd.conf
Mon Nov 16 23:07:33 2015 : Debug:  modules {
Mon Nov 16 23:07:33 2015 : Debug:  Module: Checking authorize {...} for more modules to load
Mon Nov 16 23:07:33 2015 : Debug:     (Loaded rlm_pap, checking if it's valid)
Mon Nov 16 23:07:33 2015 : Debug:  Module: Linked to module rlm_pap
Mon Nov 16 23:07:33 2015 : Debug:  Module: Instantiating module "pap" from file /etc/opt/csw/freeradius/modules/pap.CSW
Mon Nov 16 23:07:33 2015 : Debug:   pap {
Mon Nov 16 23:07:33 2015 : Debug:       encryption_scheme = "auto"
Mon Nov 16 23:07:33 2015 : Debug:       auto_header = no
Mon Nov 16 23:07:33 2015 : Debug:   }
Mon Nov 16 23:07:33 2015 : Debug:     (Loaded rlm_chap, checking if it's valid)
Mon Nov 16 23:07:33 2015 : Debug:  Module: Linked to module rlm_chap
Mon Nov 16 23:07:33 2015 : Debug:  Module: Instantiating module "chap" from file /etc/opt/csw/freeradius/modules/chap.CSW
Mon Nov 16 23:07:33 2015 : Debug:     (Loaded rlm_mschap, checking if it's valid)
Mon Nov 16 23:07:33 2015 : Debug:  Module: Linked to module rlm_mschap
Mon Nov 16 23:07:33 2015 : Debug:  Module: Instantiating module "mschap" from file /etc/opt/csw/freeradius/modules/mschap.CSW
Mon Nov 16 23:07:33 2015 : Debug:   mschap {
Mon Nov 16 23:07:33 2015 : Debug:       use_mppe = yes
Mon Nov 16 23:07:33 2015 : Debug:       require_encryption = no
Mon Nov 16 23:07:33 2015 : Debug:       require_strong = no
Mon Nov 16 23:07:33 2015 : Debug:       with_ntdomain_hack = no
Mon Nov 16 23:07:33 2015 : Debug:       allow_retry = yes
Mon Nov 16 23:07:33 2015 : Debug:   }
Mon Nov 16 23:07:33 2015 : Debug:     (Loaded rlm_digest, checking if it's valid)
Mon Nov 16 23:07:33 2015 : Debug:  Module: Linked to module rlm_digest
Mon Nov 16 23:07:33 2015 : Debug:  Module: Instantiating module "digest" from file /etc/opt/csw/freeradius/modules/digest.CSW
Mon Nov 16 23:07:33 2015 : Debug:  } # modules
Mon Nov 16 23:07:33 2015 : Debug: } # server
Mon Nov 16 23:07:33 2015 : Debug: radiusd: #### Opening IP addresses and Ports ####
Mon Nov 16 23:07:33 2015 : Debug: listen {
Mon Nov 16 23:07:33 2015 : Debug:       type = "auth"
Mon Nov 16 23:07:33 2015 : Debug:       ipaddr = *
Mon Nov 16 23:07:33 2015 : Debug:       port = 0
Mon Nov 16 23:07:33 2015 : Debug: }
Mon Nov 16 23:07:33 2015 : Debug:  ... adding new socket proxy address * port 62647
Mon Nov 16 23:07:33 2015 : Debug: Listening on authentication address * port 1812
Mon Nov 16 23:07:33 2015 : Debug: Listening on proxy address * port 1814
Mon Nov 16 23:07:33 2015 : Info: Ready to process requests.


I've used the following command to run the 'radtest'


Code:
bash-3.2# pwd
/opt/csw/bin
bash-3.2# ./radtest radtest abc123 127.0.0.1 0 testing123
Sending Access-Request of id 128 to 127.0.0.1 port 1812
        User-Name = "radtest"
        User-Password = "abc123"
        NAS-IP-Address = 10.100.9.14
        NAS-Port = 0
        Message-Authenticator = 0x00000000000000000000000000000000
rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=128, length=20
bash-3.2#


when run the above command the following output is seen in the debugging window


Code:
rad_recv: Access-Request packet from host 127.0.0.1 port 62653, id=128, length=77
        User-Name = "radtest"
        User-Password = "abc123"
        NAS-IP-Address = 10.100.9.14
        NAS-Port = 0
        Message-Authenticator = 0x5f41bc1a41222ae7d66615eedc5caf85
Mon Nov 16 23:11:07 2015 : Debug: # Executing section authorize from file /etc/opt/csw/freeradius/radiusd.conf
Mon Nov 16 23:11:07 2015 : Debug: +- entering group authorize {...}
Mon Nov 16 23:11:07 2015 : Debug:   modsingle[authorize]: calling pap (rlm_pap) for request 1
Mon Nov 16 23:11:07 2015 : Debug: WARNING! No "known good" password found for the user.  Authentication may fail because of this.
Mon Nov 16 23:11:07 2015 : Debug:   modsingle[authorize]: returned from pap (rlm_pap) for request 1
Mon Nov 16 23:11:07 2015 : Debug: ++[pap] returns noop
Mon Nov 16 23:11:07 2015 : Debug:   modsingle[authorize]: calling chap (rlm_chap) for request 1
Mon Nov 16 23:11:07 2015 : Debug:   modsingle[authorize]: returned from chap (rlm_chap) for request 1
Mon Nov 16 23:11:07 2015 : Debug: ++[chap] returns noop
Mon Nov 16 23:11:07 2015 : Debug:   modsingle[authorize]: calling mschap (rlm_mschap) for request 1
Mon Nov 16 23:11:07 2015 : Debug:   modsingle[authorize]: returned from mschap (rlm_mschap) for request 1
Mon Nov 16 23:11:07 2015 : Debug: ++[mschap] returns noop
Mon Nov 16 23:11:07 2015 : Debug:   modsingle[authorize]: calling digest (rlm_digest) for request 1
Mon Nov 16 23:11:07 2015 : Debug:   modsingle[authorize]: returned from digest (rlm_digest) for request 1
Mon Nov 16 23:11:07 2015 : Debug: ++[digest] returns noop
Mon Nov 16 23:11:07 2015 : Debug: ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user
Mon Nov 16 23:11:07 2015 : Debug: Failed to authenticate the user.
Mon Nov 16 23:11:07 2015 : Debug: Delaying reject of request 1 for 1 seconds
Mon Nov 16 23:11:07 2015 : Debug: Going to the next request
Mon Nov 16 23:11:07 2015 : Debug: Waking up in 0.9 seconds.
Mon Nov 16 23:11:08 2015 : Debug: Sending delayed reject for request 1
Sending Access-Reject of id 128 to 127.0.0.1 port 62653
Mon Nov 16 23:11:08 2015 : Debug: Waking up in 4.9 seconds.
Mon Nov 16 23:11:13 2015 : Debug: Cleaning up request 1 ID 128 with timestamp +214
Mon Nov 16 23:11:13 2015 : Info: Ready to process requests.


my user file inside "/etc/opt/csw/freeradius" is as follows


Code:
bash-3.2# pwd
/etc/opt/csw/freeradius
bash-3.2# cat users 
radtest Cleartext-Password := "abc123"
#radtest Auth-Type := local,  User-Password == "abc123",Expiration = "Jan 10 2017"
#         Service-Type = Login-User,
#         Acme-User-Class = admin,
#         Acme-User-Privilege = sftpForAll

#
#       Please read the documentation file ../doc/processing_users_file,
#       or 'man 5 users' (after installing the server) for more information.
#
#       This file contains authentication security and configuration
#       information for each user.  Accounting requests are NOT processed
#       through this file.  Instead, see 'acct_users', in this directory.
#
#       The first field is the user's name and can be up to
#       253 characters in length.  This is followed (on the same line) with
#       the list of authentication requirements for that user.  This can
#       include password, comm server name, comm server port number, protocol
#       type (perhaps set by the "hints" file), and huntgroup name (set by
#       the "huntgroups" file).
#
#       If you are not sure why a particular reply is being sent by the
#       server, then run the server in debugging mode (radiusd -X), and
#       you will see which entries in this file are matched.
#
#       When an authentication request is received from the comm server,
#       these values are tested. Only the first match is used unless the
#       "Fall-Through" variable is set to "Yes".
#
#       A special user named "DEFAULT" matches on all usernames.
#       You can have several DEFAULT entries. All entries are processed
#       in the order they appear in this file. The first entry that
#       matches the login-request will stop processing unless you use
#       the Fall-Through variable.
#
#       If you use the database support to turn this file into a .db or .dbm
#       file, the DEFAULT entries _have_ to be at the end of this file and
#       you can't have multiple entries for one username.
#
#       Indented (with the tab character) lines following the first
#       line indicate the configuration values to be passed back to
#       the comm server to allow the initiation of a user session.
#       This can include things like the PPP configuration values
#       or the host to log the user onto.
#
#       You can include another `users' file with `$INCLUDE users.other'
#

#
#       For a list of RADIUS attributes, and links to their definitions,
#       see:
#
#       
#

#
# Deny access for a specific user.  Note that this entry MUST
# be before any other 'Auth-Type' attribute which results in the user
# being authenticated.
#
# Note that there is NO 'Fall-Through' attribute, so the user will not
# be given any additional resources.
#
#lameuser       Auth-Type := Reject
#               Reply-Message = "Your account has been disabled."

#
# Deny access for a group of users.
#
# Note that there is NO 'Fall-Through' attribute, so the user will not
# be given any additional resources.
#
#DEFAULT        Group == "disabled", Auth-Type := Reject
DEFAULT  Auth-Type = System
#               Reply-Message = "Your account has been disabled."
#

#
# This is a complete entry for "steve". Note that there is no Fall-Through
# entry so that no DEFAULT entry will be used, and the user will NOT
# get any attributes in addition to the ones listed here.
#
#steve  Cleartext-Password := "testing"
#       Service-Type = Framed-User,
#       Framed-Protocol = PPP,
#       Framed-IP-Address = 172.16.3.33,
#       Framed-IP-Netmask = 255.255.255.0,
#       Framed-Routing = Broadcast-Listen,
#       Framed-Filter-Id = "std.ppp",
#       Framed-MTU = 1500,
#       Framed-Compression = Van-Jacobsen-TCP-IP

#
# This is an entry for a user with a space in their name.
# Note the double quotes surrounding the name.
#
#"John Doe"     Cleartext-Password := "hello"
#               Reply-Message = "Hello, %{User-Name}"

#
# Dial user back and telnet to the default host for that port
#
#Deg    Cleartext-Password := "ge55ged"
#       Service-Type = Callback-Login-User,
#       Login-IP-Host = 0.0.0.0,
#       Callback-Number = "9,5551212",
#       Login-Service = Telnet,
#       Login-TCP-Port = Telnet

#
# Another complete entry. After the user "dialbk" has logged in, the
# connection will be broken and the user will be dialed back after which
# he will get a connection to the host "timeshare1".
#
#dialbk Cleartext-Password := "callme"
#       Service-Type = Callback-Login-User,
#       Login-IP-Host = timeshare1,
#       Login-Service = PortMaster,
#       Callback-Number = "9,1-800-555-1212"

#
# user "swilson" will only get a static IP number if he logs in with
# a framed protocol on a terminal server in Alphen (see the huntgroups file).
#
# Note that by setting "Fall-Through", other attributes will be added from
# the following DEFAULT entries
#
#swilson        Service-Type == Framed-User, Huntgroup-Name == "alphen"
#               Framed-IP-Address = 192.168.1.65,
#               Fall-Through = Yes

#
# If the user logs in as 'username.shell', then authenticate them
# using the default method, give them shell access, and stop processing
# the rest of the file.
#
#DEFAULT        Suffix == ".shell"
#               Service-Type = Login-User,
#               Login-Service = Telnet,
#               Login-IP-Host = your.shell.machine


#
# The rest of this file contains the several DEFAULT entries.
# DEFAULT entries match with all login names.
# Note that DEFAULT entries can also Fall-Through (see first entry).
# A name-value pair from a DEFAULT entry will _NEVER_ override
# an already existing name-value pair.
#

#
# Set up different IP address pools for the terminal servers.
# Note that the "+" behind the IP address means that this is the "base"
# IP address. The Port-Id (S0, S1 etc) will be added to it.
#
#DEFAULT        Service-Type == Framed-User, Huntgroup-Name == "alphen"
#               Framed-IP-Address = 192.168.1.32+,
#               Fall-Through = Yes

#DEFAULT        Service-Type == Framed-User, Huntgroup-Name == "delft"
#               Framed-IP-Address = 192.168.2.32+,
#               Fall-Through = Yes

#
# Sample defaults for all framed connections.
#
#DEFAULT        Service-Type == Framed-User
#       Framed-IP-Address = 255.255.255.254,
#       Framed-MTU = 576,
#       Service-Type = Framed-User,
#       Fall-Through = Yes

#
# Default for PPP: dynamic IP address, PPP mode, VJ-compression.
# NOTE: we do not use Hint = "PPP", since PPP might also be auto-detected
#       by the terminal server in which case there may not be a "P" suffix.
#       The terminal server sends "Framed-Protocol = PPP" for auto PPP.
#
DEFAULT Framed-Protocol == PPP
        Framed-Protocol = PPP,
        Framed-Compression = Van-Jacobson-TCP-IP

#
# Default for CSLIP: dynamic IP address, SLIP mode, VJ-compression.
#
DEFAULT Hint == "CSLIP"
        Framed-Protocol = SLIP,
        Framed-Compression = Van-Jacobson-TCP-IP

#
# Default for SLIP: dynamic IP address, SLIP mode.
#
DEFAULT Hint == "SLIP"
        Framed-Protocol = SLIP

#
# Last default: rlogin to our main server.
#
#DEFAULT
#       Service-Type = Login-User,
#       Login-Service = Rlogin,
#       Login-IP-Host = shellbox.ispdomain.com

# #
# # Last default: shell on the local terminal server.
# #
# DEFAULT
#       Service-Type = Administrative-User

# On no match, the user is denied access.
bash-3.2#

Kindly let me know if any of you can find about what went wrong here.

Thanks in advanced
Buddhike G

Last edited by vbe; 11-16-2015 at 10:25 AM.. Reason: code tags not icode...
Sponsored Links
Closed

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Linux More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
Failed to su to user atanubanerji Red Hat 1 06-16-2015 12:48 AM
Failed password for invalid user jegaraman Red Hat 4 03-25-2015 04:10 AM
FreeRADIUS VMPS Configuration mushfiqul UNIX for Advanced & Expert Users 0 08-27-2009 06:36 PM



All times are GMT -4. The time now is 06:13 PM.