help-gnu-radius
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Help-gnu-radius] Setup/config problem - CLID unknown

From: Catherine Button
Subject: [Help-gnu-radius] Setup/config problem - CLID unknown
Date: Fri, 08 Nov 2002 11:50:37 -0500
User-agent: Mozilla/5.0 (X11; U; SunOS sun4u; en-US; rv:1.0.1) Gecko/20020920 Netscape/7.0
I am trying to use a radius server for a very simple lookup. To authenticate MAC addresses from Enterasys switches. The "username" will be the MAC address and if its there, it passes. 

Compiled okay and seems to run fine, but can't test successfully.
Server environment: Solaris 8, gnu-radius-0.96.4

Here's what isn't working:

pav22# /usr/local/sbin/radauth -v -spav22:pavcal:1812 test01 guessme
server 150.169.164.22:1812
send code 1 (RT_AUTHENTICATION_REQUEST)
      send: User-Name = test01
      send: Password = guessme
      send: NAS-Port-Id = 0
recv code 3 (RT_AUTHENTICATION_REJECT)
      recv: Reply-Message = \015\012Access denied\015\012
expect 2
got    3
FAIL
pav22# m /var/log/radius/radius.log
Nov 08 11:23:55: Main.info: ready
Nov 08 11:23:55: Main.info: /usr/local/etc/raddb/users reloaded.
Nov 08 11:23:55: Main.info: Ready to process requests.
Nov 08 11:24:04: Auth.notice: Login rejected: [test01]: Authenticate only user: CLID unknown (from nas pav22)
Its a cinch that the documentation is not making any sense to me. Since there is no example of how to setup for what my use is, I have to guess. I have to run it on ports 1812/1813 since I have a secureid server on the other ports on another machine.
Here are some of the files that should be significant (and/or I may have gotten wrong): 

/usr/local/etc/raddb/clients:
#Client Name            Key
#----------------       -------------------
localhost               pavcal
pav22                   pavcal
...


/usr/local/etc/raddb/client.conf:
server local 150.169.164.22 pavcal 1812 1813
source_ip 150.169.164.22
timeout 3
retry 3

/usr/local/etc/raddb/naslist:
# NAS Name              Short Name      Type            Checkrad flags
#----------------       ----------      ----            ---------------
pav22                   pav22           true
localhost               local           true


/usr/local/etc/raddb/config (selected pieces of it):
option {
        source-ip 150.169.164.22;
...
auth {
        port 1812;
...


/usr/local/etc/raddb/users (beginning of it):
#
#  For testing
test01                  Auth-Type = Local,
                        Password = guessme
                        Service-Type = Authenticate-Only
#
"00:00:1d:24:c1:12"     Auth-Type = Accept
                        Service-Type = Authenticate-Only
"00:00:1d:34:04:18"     Auth-Type = Accept
                        Service-Type = Authenticate-Only
If anyone can help me with this it would be appreciated. Yes, I have read and reread the documentation. I have tried a few dozen different approaches (like using 127.0.0.1 localhost everywhere as it comes by default and others) with no success. 

thanks,
Cathy

--
#-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-#
My words are mine, and don't reflect the views of my employer.
Catherine Button    Network Administrator    address@hidden
          Phone: 609-518-3700 x4444          Fax: 609-518-3720

 "When I drop in my tracks, I want the body to skid for a week."
  address@hidden           http://www.gixxergirl.org/
#-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-#
reply via email to
[Prev in Thread] Current Thread [Next in Thread]