Authentication Problem on freeradius

belalus

Hi,
I'm trying to authenticate the user access on Juniper router  by freeradius but I have the following logs :

Auth: Login OK: [test/<no user-password="" attribute="">] (from client 8C-PE-2 port 0)

Thanks</no>

belalus

Hello ,
also I have the following logs by radiusd -x command :

rad_recv: Access-Request packet from host 192.168.255.4:57596, id=165, length=123
        User-Name = "test"
        MS-CHAP-Challenge = 0x07a4c32a645926474d21c902c6467c0f
        MS-CHAP2-Response = 0xa500908f0b7b9dc3065066ad9c6400eb422c000000000000000012b89788c4567c83f4abbfce8e4845f2ef7751b5e02b9f8d
        NAS-Identifier = "8C-PE-2"
        NAS-IP-Address = 192.168.255.4
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
  modcall[authorize]: module "preprocess" returns ok for request 0
  modcall[authorize]: module "chap" returns noop for request 0
  rlm_mschap: Found MS-CHAP attributes.  Setting 'Auth-Type  = mschap'
  modcall[authorize]: module "mschap" returns ok for request 0
    rlm_realm: No '@' in User-Name = "test", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 0
  rlm_eap: No EAP-Message, not doing EAP
  modcall[authorize]: module "eap" returns noop for request 0
    users: Matched entry test at line 1
  modcall[authorize]: module "files" returns ok for request 0
rlm_counter: Entering module authorize code
rlm_counter: Could not find Check item value pair
  modcall[authorize]: module "daily" returns noop for request 0
rlm_counter: Entering module authorize code
rlm_counter: Could not find Check item value pair
  modcall[authorize]: module "weekly" returns noop for request 0
rlm_counter: Entering module authorize code
rlm_counter: Could not find Check item value pair
  modcall[authorize]: module "monthly" returns noop for request 0
rlm_counter: Entering module authorize code
rlm_counter: Could not find Check item value pair
  modcall[authorize]: module "forever" returns noop for request 0
modcall: leaving group authorize (returns ok) for request 0
  rad_check_password:  Found Auth-Type MS-CHAP
auth: type "MS-CHAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group MS-CHAP for request 0
  rlm_mschap: Told to do MS-CHAPv2 for test with NT-Password
rlm_mschap: adding MS-CHAPv2 MPPE keys
  modcall[authenticate]: module "mschap" returns ok for request 0
modcall: leaving group MS-CHAP (returns ok) for request 0
  Processing the session section of radiusd.conf
modcall: entering group session for request 0
radius_xlat:  '/var/log/radutmp'
  modcall[session]: module "radutmp" returns ok for request 0
modcall: leaving group session (returns ok) for request 0
Login OK: [test/<no user-password="" attribute="">] (from client 8C-PE-2 port 0)
Sending Access-Accept of id 165 to 192.168.255.4 port 57596
        MS-CHAP2-Success = 0xa5533d44393730423132443341323532414336373930454344344233334630344332414446463742394631
        MS-MPPE-Recv-Key = 0xacc516e374a04f93dcc725b5cc2bbd05
        MS-MPPE-Send-Key = 0x901dbcc325674e4ae4f7121a31bce5cf
        MS-MPPE-Encryption-Policy = 0x00000001
        MS-MPPE-Encryption-Types = 0x00000006
Finished request 0

please your help</no>

belalus

I have solved this issue by changing the authentication type from the router side to send clear text password but still the return message from the router was ( login  incorrect ) and from the radius side Login OK: [test/1234] (from client 8C-PE-2 port 0

please any idea

Thanks

belalus

the issue solved thank you for your support  :)

slth

It would be nice for fellow users having the same problem to know HOW you solved your problem..