(RADIATOR) Radiator -> Freeradius

Hugh Irvine hugh at open.com.au
Fri Nov 23 18:04:30 CST 2001 

Hello Mark -

On Friday 23 November 2001 11:23, Mark Constable wrote:
> On Thu, 22 Nov 2001 19:42, Scott Stavretis wrote:
> > I have proxied from Radiator to Free Radius and havnt had any problem you
> > are experiencing.  Make sure you are using the latest version of free
> > radius.
>
> Thanks Scott, I grabbed the latest CVS and tried again and
> this is what I get now. I'm not sure if this is a developers
> or users-only list so apologies to the list if this kind of

We are always keen to assist with any problems involving Radiator.

> stuff is not encouraged. The first is a dialup via Radiator
> thru to my freeradius server, the 2nd is thru a Cistron
> server then to my freeradius but with the secret deliberately
> wrong... this output _really_ suggests that the shared secret
> between the upstream Radiator and my freeradius is simply
> wrong. The operators of the upstream Radiator are adamant
> the secret is right though. Between the below and the fact
> this freeradius server has no problem with Optus wholesale
> ports makes me wonder if Radiator (and not freeradius) is
> the problem child.
>
> Any straws to grasp at, anyone ?
>

The first authentication shown below appears to fail because the username 
that is being searched for is the string DEFAULT, and the module "sql" does 
not find it. Are you really expecting a username of DEFAULT?

>
> 1. Comindico(5400) -> Radiator -> freeradius
>
> rlm_sql: Released sql socket id: 4
> rlm_sql: Pairs do not match [DEFAULT]
>   modcall[authorize]: module "sql" returns notfound
> modcall: group authorize returns notfound
> auth: No Auth-Type configuration for the request, rejecting the user
> auth: Failed to validate the user.
>   WARNING: Unprintable characters in the password. ?
>   Double-check the shared secret on the server and the NAS!
> Sending Access-Reject of id 7 to 203.220.22.5:32770
>

The second attempt shown below shows a username of "markc at renta.net" which is 
much more likely, but I still see the module "sql" returning "notfound".

>
> 2. Optus wholesale -> 5300 -> Radius Cistron -> freeradius
>
> rlm_sql: Released sql socket id: 4
> rlm_sql: Pairs do not match [markc at renta.net]
>   modcall[authorize]: module "sql" returns notfound
> modcall: group authorize returns notfound
> auth: No Auth-Type configuration for the request, rejecting the user
> auth: Failed to validate the user.
>   WARNING: Unprintable characters in the password. ?
>   Double-check the shared secret on the server and the NAS!
> Sending Access-Reject of id 226 to 203.202.98.2:1812
>

regards

Hugh


-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list