Powered by Jitbit .Net Forum free trial version. dismiss

HomeGeneral

General issues

Reject and Accept for same apparent Request Messages in this topic - RSS

plong
plong
Posts: 5


30.05.2018
plong
plong
Posts: 5
TekRADIUS is rejecting a request for a Linux login attempt. I used radclient to provide the same parameters, and TekRADIUS accepts its request. Why the difference when the requests on the wire are essentially the same? Please see the attached log file and packet capture.

0 link
Admin
Admin
Administrator
Posts: 4880


30.05.2018
Admin
Admin
Administrator
Posts: 4880
Please make sure that you are using correct shared secret for both authentication attempts.
0 link
plong
plong
Posts: 5


30.05.2018
plong
plong
Posts: 5
I checked /etc/pam_radius.conf on the linux box, my radclient "secret" parameter, and the entry on the Clients tab of TekRADIUS, and they're all the same.
0 link
Admin
Admin
Administrator
Posts: 4880


30.05.2018
Admin
Admin
Administrator
Posts: 4880
Can you get the same log with Logging = Developer in Settings / Service Parameters in TekRADIUS?
0 link
plong
plong
Posts: 5


30.05.2018
plong
plong
Posts: 5
Here are the same pair of files but with Logging = Developer. It says, "PAP Authentication failed for user 'plong', User-Password does not match (INCORRECT)," but I swear I am providing the same password. I even tried differed SSH clients.

0 link
Admin
Admin
Administrator
Posts: 4880


31.05.2018
Admin
Admin
Administrator
Posts: 4880
Is "INCORRECT" decoded password by TekRADIUS? What type of RADIUS client do you use? I think there is a encoding issue.
0 link
plong
plong
Posts: 5


31.05.2018
plong
plong
Posts: 5
I'm using FreeRADIUS client 2.1.1 with pam_radius 1.3.17. There is no user account on the Linux box for this user. I assume the client is using the username and password from the logon prompts. Maybe the client is failing to include the password I provide due to the lack of an associated account?
0 link
plong
plong
Posts: 5


31.05.2018
plong
plong
Posts: 5
I just tried the FreeRADIUS.net server and get the same behavior, so it's apparently a problem with my client. Sorry about wasting your time. Thanks!
0 link
Admin
Admin
Administrator
Posts: 4880


31.05.2018
Admin
Admin
Administrator
Posts: 4880
You welcome
0 link






Powered by Jitbit Forum 8.3.8.0 © 2006-2013 Jitbit Software