teratail header banner
teratail header banner
質問するログイン新規登録

質問編集履歴

1

デバッグモードでの実行結果を追記

2015/12/17 02:02

投稿

naoyuki9
naoyuki9

スコア7

title CHANGED
File without changes
body CHANGED
@@ -42,4 +42,112 @@
42
42
  Fri Dec 4 16:29:32 2015 : Auth: Login incorrect: [78e7d19d2846] (from client 192.168.1.0/24 port 16805898 cli 78-E7-D1-9D-28-46)
43
43
  ```
44
44
  tcpdumpでキャプチャした時の内容は以下の通りです。
45
- ![イメージ説明](e8a58ed0a97005b80211277814240f6d.png)
45
+ ![イメージ説明](e8a58ed0a97005b80211277814240f6d.png)
46
+
47
+
48
+
49
+
50
+ ###2015/12/17 デバッグモードでの実行結果を追記
51
+
52
+ 実環境での結果
53
+ ```
54
+ rad_recv: Access-Request packet from host 192.168.1.2 port 5001, id=38, length=112
55
+ User-Name = "78e7d19d2846"
56
+ User-Password = "78e7d19d2846"
57
+ NAS-IP-Address = 192.168.1.2
58
+ NAS-Identifier = "000fe24540f5"
59
+ NAS-Port = 16805898
60
+ NAS-Port-Type = Ethernet
61
+ Service-Type = Call-Check
62
+ Framed-Protocol = PPP
63
+ Calling-Station-Id = "78e7-d19d-2846"
64
+ # Executing section authorize from file /etc/freeradius/sites-enabled/default
65
+ +- entering group authorize {...}
66
+ ++[preprocess] returns ok
67
+ [auth_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/freeradius/radacct/192.168.1.2/auth-detail-20151217
68
+ [auth_log] /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/freeradius/radacct/192.168.1.2/auth-detail-20151217
69
+ [auth_log] expand: %t -> Thu Dec 17 10:20:24 2015
70
+ ++[auth_log] returns ok
71
+ ++[chap] returns noop
72
+ ++[mschap] returns noop
73
+ ++[digest] returns noop
74
+ [suffix] No '@' in User-Name = "78e7d19d2846", looking up realm NULL
75
+ [suffix] No such realm "NULL"
76
+ ++[suffix] returns noop
77
+ [eap] No EAP-Message, not doing EAP
78
+ ++[eap] returns noop
79
+ [files] users: Matched entry DEFAULT at line 172
80
+ ++[files] returns ok
81
+ rlm_checkval: Item Name: Calling-Station-Id, Value: 78e7-d19d-2846
82
+ rlm_checkval: Could not find attribute named Calling-Station-Id in check pairs
83
+ ++[checkval] returns notfound
84
+ ++[expiration] returns noop
85
+ ++[logintime] returns noop
86
+ [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.
87
+ ++[pap] returns noop
88
+ ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user
89
+ Failed to authenticate the user.
90
+ Login incorrect: [78e7d19d2846/78e7d19d2846] (from client client port 16805898 cli 78e7-d19d-2846)
91
+ Using Post-Auth-Type Reject
92
+ # Executing group from file /etc/freeradius/sites-enabled/default
93
+ +- entering group REJECT {...}
94
+ [attr_filter.access_reject] expand: %{User-Name} -> 78e7d19d2846
95
+ attr_filter: Matched entry DEFAULT at line 11
96
+ ++[attr_filter.access_reject] returns updated
97
+ Delaying reject of request 3 for 1 seconds
98
+ Going to the next request
99
+ Waking up in 0.9 seconds.
100
+ Sending delayed reject for request 3
101
+ Sending Access-Reject of id 38 to 192.168.1.2 port 5001
102
+ Waking up in 0.8 seconds.
103
+ Cleaning up request 2 ID 37 with timestamp +249
104
+ Waking up in 4.1 seconds.
105
+ ```
106
+ radtestでの結果(radtest 78e7d19d2846 78e7d19d2846 localhost 1812 test)
107
+ ```
108
+ rad_recv: Access-Request packet from host 127.0.0.1 port 59230, id=109, length=82
109
+ User-Name = "78e7d19d2846"
110
+ User-Password = "78e7d19d2846"
111
+ NAS-IP-Address = 127.0.1.1
112
+ NAS-Port = 1812
113
+ Message-Authenticator = 0xc09c4655d8445950ceb2b86441e9d76c
114
+ # Executing section authorize from file /etc/freeradius/sites-enabled/default
115
+ +- entering group authorize {...}
116
+ ++[preprocess] returns ok
117
+ [auth_log] expand: /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/freeradius/radacct/127.0.0.1/auth-detail-20151217
118
+ [auth_log] /var/log/freeradius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/freeradius/radacct/127.0.0.1/auth-detail-20151217
119
+ [auth_log] expand: %t -> Thu Dec 17 10:47:24 2015
120
+ ++[auth_log] returns ok
121
+ ++[chap] returns noop
122
+ ++[mschap] returns noop
123
+ ++[digest] returns noop
124
+ [suffix] No '@' in User-Name = "78e7d19d2846", looking up realm NULL
125
+ [suffix] No such realm "NULL"
126
+ ++[suffix] returns noop
127
+ [eap] No EAP-Message, not doing EAP
128
+ ++[eap] returns noop
129
+ [files] users: Matched entry 78e7d19d2846 at line 235
130
+ ++[files] returns ok
131
+ ++[expiration] returns noop
132
+ ++[logintime] returns noop
133
+ [pap] WARNING: Auth-Type already set. Not setting to PAP
134
+ ++[pap] returns noop
135
+ Found Auth-Type = PAP
136
+ # Executing group from file /etc/freeradius/sites-enabled/default
137
+ +- entering group PAP {...}
138
+ [pap] login attempt with password "78e7d19d2846"
139
+ [pap] Using clear text password "78e7d19d2846"
140
+ [pap] User authenticated successfully
141
+ ++[pap] returns ok
142
+ Login OK: [78e7d19d2846/78e7d19d2846] (from client localhost port 1812)
143
+ # Executing section post-auth from file /etc/freeradius/sites-enabled/default
144
+ +- entering group post-auth {...}
145
+ ++[exec] returns noop
146
+ Sending Access-Accept of id 109 to 127.0.0.1 port 59230
147
+ Finished request 2.
148
+ Going to the next request
149
+ Waking up in 4.9 seconds.
150
+ Cleaning up request 2 ID 109 with timestamp +192
151
+ Ready to process requests.
152
+
153
+ ```