freeradius 问题?如有高人请指点? 用telnet 进入cisco进不了
raius:#
test Auth-Type := Local, User-Password == "test"
Auth-Type := Local
Login-Service = Login
cisco-avpair ="shell:priv-lvl=15"
test1 Auth-Type := Local, User-Password == "test1"
Service-Type = Callback-Login-User,
Login-IP-Host = 0.0.0.0,
Login-Service = Login,
Login-TCP-Port = Telnet
ljy User-Password := "ljy"
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 218.201.84.62,
Framed-IP-Netmask = 255.255.255.0,
调试:
rad_recv: Access-Request packet from host 218.201.84.62:1645, id=151, length=78
User-Name = "test"
User-Password = "test"
NAS-Port = 66
NAS-Port-Type = Virtual
Calling-Station-Id = "218.201.82.105"
NAS-IP-Address = 218.201.84.62
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 2
modcall: module "preprocess" returns ok for request 2
radius_xlat:'../var/log/radius/radacct/218.201.84.62/auth-detail-20080906.log'
rlm_detail: ../var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d.lo
g expands to ../var/log/radius/radacct/218.201.84.62/auth-detail-20080906.log
modcall: module "auth_log" returns ok for request 2
modcall: module "chap" returns noop for request 2
modcall: module "mschap" returns noop for request 2
rlm_realm: No '@' in User-Name = "test", looking up realm NULL
rlm_realm: Found realm "NULL"
rlm_realm: Adding Stripped-User-Name = "test"
rlm_realm: Proxying request from user test to realm NULL
rlm_realm: Adding Realm = "NULL"
rlm_realm: Authentication realm is LOCAL.
modcall: module "suffix" returns noop for request 2
rlm_eap: No EAP-Message, not doing EAP
modcall: module "eap" returns noop for request 2
modcall: module "files" returns notfound for request 2
rlm_pap: WARNING! No "known good" password found for the user.Authentication m
ay fail because of this.
modcall: module "pap" returns noop for request 2
modcall: leaving group authorize (returns ok) for request 2
auth: No authenticate method (Auth-Type) configuration found for the request: Re
jecting the user
auth: Failed to validate the user.
Login incorrect: (from client cisco port 66 cli 218.201.82.105)
Delaying request 2 for 1 seconds
Finished request 2
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 151 to 218.201.84.62 port 1645
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 2 ID 151 with timestamp 48c1fa13
Nothing to do.Sleeping until we see a request.
用telnet 进入cisco进不了
页:
[1]