我按照
this instruction强制freeradius使用MysqL数据库.
并在debug mod中运行freeradius.
但它拒绝所有身份验证.
MysqL> select * from radcheck; +----+----------+-----------+----+---------+ | id | username | attribute | op | value | +----+----------+-----------+----+---------+ | 1 | test | Password | == | test123 | | 2 | test | Auth-Type | == | Local | +----+----------+-----------+----+---------+ 2 rows in set (0.02 sec)
radtest命令:
# radtest test test123 localhost 0 testing123
Sending Access-Request of id 235 to 127.0.0.1 port 1812
User-Name = "test"
User-Password = "test123"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Message-Authenticator = 0x00000000000000000000000000000000
rad_recv: Access-Reject packet from host 127.0.0.1 port 1812,id=235,length=20
radiusd调试模式日志:
rad_recv: Access-Request packet from host 127.0.0.1 port 51034,length=74
User-Name = "test"
User-Password = "test123"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Message-Authenticator = 0xbf111cbbae24fb0f0a558bfa26f53476
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "test",looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message,not doing EAP
++[eap] returns noop
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "kNown good" password found for the user. Authentication may fail because of this.
++[pap] returns noop
ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user
Failed to authenticate the user.
Using Post-Auth-Type Reject
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group REJECT {...}
[attr_filter.access_reject] expand: %{User-Name} -> test
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 20 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 20
Sending Access-Reject of id 235 to 127.0.0.1 port 51034
Waking up in 4.9 seconds.
Cleaning up request 20 ID 235 with timestamp +4325
Ready to process requests.
问题在哪里,我该如何解决?
原文地址:https://www.jb51.cc/centos/373428.html
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
