(RADIATOR) Strange behaving authentication ?
Patrik Forsberg
patrik.forsberg at dataphone.net
Thu Jun 14 02:55:48 CDT 2001
Hi..
I've got a .. minor problem.
I have three different ways a user could get authenticated.
1st is a "users" file for special cases, like static ip-addresses and so
on.
2nd is a deny user file where I put users that ain't supposed to get in.
3rd is UNIX based authentication.
I've ripped out non-intressting parts of the config-file.
## Configuration file ##
# If accept contiue.. we could get rejected later..
AuthByPolicy ContinueWhileAccept
<AuthBy DBFILE>
Filename %D/db/test <-- Changed to make sure there were
nothing wrong with my "real" users file.
AcceptIfMissing
</AuthBy>
<AuthBy DBFILE>
Filename %D/db/denied_users
AcceptIfMissing
</AuthBy>
<AuthBy UNIX>
Identifier System
Filename /etc/master.passwd
</AuthBy>
## END ##
## Trace Level 5 from the logfile ##
*** Received from 212.37.0.171 port 2178 ....
Packet length = 90
01 85 00 5a 31 32 33 34 35 36 37 38 39 30 31 32
33 34 35 36 01 06 64 65 6d 6f 06 06 00 00 00 02
04 06 cb 3f 9a 01 05 06 00 00 04 d2 1e 0b 31 32
33 34 35 36 37 38 39 1f 0b 39 38 37 36 35 34 33
32 31 3d 06 00 00 00 00 02 12 47 3c 34 b3 8d fd
05 6a f2 12 1a 3a 98 dd 11 5f
Code: Access-Request
Identifier: 133
Authentic: 1234567890123456
Attributes:
User-Name = "demo"
Service-Type = Framed-User
NAS-IP-Address = 203.63.154.1
NAS-Port = 1234
Called-Station-Id = "123456789"
Calling-Station-Id = "987654321"
NAS-Port-Type = Async
User-Password =
"G<4<179><141><253><5>j<242><18><26>:<152><221><17>_"
Thu Jun 14 09:50:13 2001: DEBUG: Rewrote user name to demo
Thu Jun 14 09:50:13 2001: DEBUG: Handling request with Handler
'Realm=dataphone.se'
Thu Jun 14 09:50:13 2001: DEBUG: Rewrote user name to demo
Thu Jun 14 09:50:13 2001: DEBUG: Rewrote user name to demo
Thu Jun 14 09:50:13 2001: DEBUG: Deleting session for demo,
203.63.154.1, 1234
Thu Jun 14 09:50:13 2001: DEBUG: Handling with Radius::AuthDBFILE
Thu Jun 14 09:50:13 2001: DEBUG: Radius::AuthDBFILE looks for match with
demo
Thu Jun 14 09:50:13 2001: DEBUG: Radius::AuthDBFILE REJECT: Check item
Framed-Protocol expression 'PPP' does not match '' in request
Thu Jun 14 09:50:13 2001: DEBUG: Radius::AuthDBFILE looks for match with
DEFAULT
Thu Jun 14 09:50:13 2001: DEBUG: Handling with Radius::AuthUNIX
Thu Jun 14 09:50:13 2001: DEBUG: Radius::AuthUNIX looks for match with
demo
Thu Jun 14 09:50:13 2001: DEBUG: Radius::AuthDBFILE REJECT: No such user
Thu Jun 14 09:50:13 2001: INFO: Access rejected for demo: No such user
Thu Jun 14 09:50:13 2001: DEBUG: Packet dump:
*** Sending to 212.37.0.171 port 2178 ....
Packet length = 34
03 85 00 22 f9 75 ee 1f f3 4c 5e 32 b9 c5 c3 6b
00 bb 85 00 12 0e 4e 6f 20 73 75 63 68 20 75 73
65 72
Code: Access-Reject
Identifier: 133
Authentic: 1234567890123456
Attributes:
Reply-Message = "No such user"
## END ##
## Users file ##
demo User-Password = "test1",
Service-Type = Framed-User,
Framed-Protocol = PPP
DEFAULT Auth-Type = System,
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-Compression = None,
Framed-IP-Address = 255.255.255.254,
Framed-IP-Netmask = 255.255.255.255
## END
What I can't understand is what the
" Check item Framed-Protocol expression 'PPP' does not match '' in
request "
error message is about ?
The test has been done with radpwtst and the user/password have been
checked and are correct.
Please help! I'm stuck :/
Regards,
Patrik
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list