Поставил Радиус 1.0.5 + FreeNIBS 3.0.0 b1. Когда использую radtest то авторизация проходит нормально, а когда кто то пытается подконектится ко мне с другой машины то авторизация не проходит, говорит что неправильный пароль (он почему то так и остается в зашифрованом виде). вот часть лога radiusd -X :Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = "test"
CHAP-Password = 0xba180166b4502bdda1527d937ac121a133
Calling-Station-Id = "10.0.7.17"
NAS-IP-Address = 10.0.6.10
NAS-Port = 0modcall[authorize]: module "nibs" returns ok for request 1
rlm_chap: WARNING: Auth-Type already set. Not setting to CHAP
modcall[authorize]: module "chap" returns noop for request 1
modcall[authorize]: module "mschap" returns noop for request 1
modcall: group authorize returns ok for request 1
rad_check_password: Found Auth-Type Nibs
auth: type "NIBS"Login incorrect: [test/<CHAP-Password>] (from client localhost port 0 cli 10.0.7.17)
вот полный лог авторизации на всякий случай:
rad_recv: Access-Request packet from host 127.0.0.1:32780, id=100, length=80
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = "test"
CHAP-Password = 0x86f30949bd64ac826c94892ad556636269
Calling-Station-Id = "10.0.7.17"
NAS-IP-Address = 10.0.6.10
NAS-Port = 0
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
radius_xlat: 'test'
rlm_nibs (sql_set_user): sql_set_user escaped user --> 'test'
rlm_nibs (nibs_fill_user): begin for user `test' ------------
radius_xlat: 'SELECT user, password, auth_type, uid, gid, deposit, credit, unix_timestamp(add_date), blocked, activated, unix_timestamp(expired), total_time, total_traffic, total_money, unix_timestamp(last_connection), framed_ip, framed_mask, callback_number, tos, do_with_tos, direction, fixed, fixed_cost, activation_time, total_time_limit, month_time_limit, week_time_limit, day_time_limit, total_traffic_limit, month_traffic_limit, week_traffic_limit, day_traffic_limit, total_money_limit, month_money_limit, week_money_limit, day_money_limit, login_time, huntgroup_name, simultaneous_use, port_limit, session_timeout, idle_timeout, shape, no_pass, no_acct, allow_callback, other_params, allowed_servers, auth_info FROM users WHERE user = 'test''
sal_get_socket: Reserving sql socket id: 60
sal_mysql: query: SELECT user, password, auth_type, uid, gid, deposit, credit, unix_timestamp(add_date), blocked, activated, unix_timestamp(expired), total_time, total_traffic, total_money, unix_timestamp(last_connection), framed_ip, framed_mask, callback_number, tos, do_with_tos, direction, fixed, fixed_cost, activation_time, total_time_limit, month_time_limit, week_time_limit, day_time_limit, total_traffic_limit, month_traffic_limit, week_traffic_limit, day_traffic_limit, total_money_limit, month_money_limit, week_money_limit, day_money_limit, login_time, huntgroup_name, simultaneous_use, port_limit, session_timeout, idle_timeout, shape, no_pass, no_acct, allow_callback, other_params, allowed_servers, auth_info FROM users WHERE user = 'test'
sal_release_socket: Released sql socket id: 60
rlm_nibs (nibs_fill_user): end for user `test' ------------
rlm_nibs (nibs_add_attrs): begin for user `test' ------------
rlm_nibs (nibs_add_attrs): add PW_PASSWORD
rlm_nibs (nibs_add_attrs): add PW_FRAMED_IP_ADDRESS
rlm_nibs (nibs_add_attrs): add PW_FRAMED_IP_NETMASK
rlm_nibs (nibs_add_attrs): add PW_IDLE_TIMEOUT
rlm_nibs (nibs_add_attrs): add PW_SIMULTANEOUS_USE
rlm_nibs (nibs_add_attrs): add PW_SESSION_TIMEOUT
rlm_nibs (nibs_add_attrs): add PW_PORT_LIMIT
rlm_nibs (nibs_add_attrs): add all other params
rlm_nibs (nibs_add_attrs): end for user `test' ------------
modcall[authorize]: module "nibs" returns ok for request 0
rlm_chap: WARNING: Auth-Type already set. Not setting to CHAP
modcall[authorize]: module "chap" returns noop for request 0
modcall[authorize]: module "mschap" returns noop for request 0
modcall: group authorize returns ok for request 0
rad_check_password: Found Auth-Type Nibs
auth: type "NIBS"
Processing the authenticate section of radiusd.conf
modcall: entering group Auth-Type for request 0
radius_xlat: 'test'
rlm_nibs (sql_set_user): sql_set_user escaped user --> 'test'
radius_xlat: 'SELECT gid, auth_type, password, auth_info FROM users WHERE user = 'test''
sal_get_socket: Reserving sql socket id: 59
sal_mysql: query: SELECT gid, auth_type, password, auth_info FROM users WHERE user = 'test'
radius_xlat: 'INSERT INTO invalid_attempts (timest, login, reason, call_from) VALUES ('2006-06-20 01:31:38', 'test', '%s', '%s')'
sal_get_socket: Reserving sql socket id: 58
sal_mysql: query: INSERT INTO invalid_attempts (timest, login, reason, call_from) VALUES ('2006-06-20 01:31:38', 'test', '(rlm_nibs_authorize): Wrong password from user', '10.0.7.17')
sal_mysql: MYSQL check_error: 1146 received
nibs_log_invalid_attempts: database query error - Table 'freenibs.invalid_attempts' doesn't exist
sal_release_socket: Released sql socket id: 58
radius_xlat: 'rlm_nibs (rlm_nibs_authenticate): Wrong password for user `test' [10.0.6.10:0]'
rlm_nibs (rlm_nibs_authenticate): Wrong password for user `test' [10.0.6.10:0]. Called from <10.0.7.17>
sal_release_socket: Released sql socket id: 59
modcall[authenticate]: module "nibs" returns reject for request 0
modcall: group Auth-Type returns reject for request 0
auth: Failed to validate the user.
Login incorrect: [test/<CHAP-Password>] (from client localhost port 0 cli 10.0.7.17)
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 100 to 127.0.0.1:32780
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 100 with timestamp 449725ca
Nothing to do. Sleeping until we see a request.
UP. Аналогичная проблема.
>UP. Аналогичная проблема.Решил. В моём случаи была проблема с secret, они не совпадали.