LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 10-14-2013, 11:17 AM   #1
ciscosteps
LQ Newbie
 
Registered: Oct 2013
Posts: 5

Rep: Reputation: Disabled
Unhappy radius authentication


I have a user that I created in freeradius , when the user is trying to connect to the cisco device. He gets Authentication failed. other users are configured the same way.

=====================================
UserP Service-Type == Framed-User
Bay-User-Level = 2,
Cisco-AVPair = "shellriv-lvl=15",
Fall-Through = No
======================================

[userP@TERMINAL ~]$ telnet 192.168.1.1
Trying 192.168.1.1
Connected to 192.168.1.1. ( this is a cisco router )
Escape character is '^]'.

User Access Verification

Username: userP
Password:

% Authentication failed.

Username: userP
Password:

% Authentication failed.
 
Old 10-14-2013, 12:47 PM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,406

Rep: Reputation: 1965Reputation: 1965Reputation: 1965Reputation: 1965Reputation: 1965Reputation: 1965Reputation: 1965Reputation: 1965Reputation: 1965Reputation: 1965Reputation: 1965
so what do the logs say? Merely showing a failed login really doesn't help us. if the logs themselves aren't enough, try running freeradius in foreground debug mode and step through the query on the server side.
 
Old 10-14-2013, 03:08 PM   #3
ciscosteps
LQ Newbie
 
Registered: Oct 2013
Posts: 5

Original Poster
Rep: Reputation: Disabled
is there anyway you can show me how .

The logs on the router shows nothing . can you show me the radius part.

Thanks
 
Old 10-15-2013, 01:14 AM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,406

Rep: Reputation: 1965Reputation: 1965Reputation: 1965Reputation: 1965Reputation: 1965Reputation: 1965Reputation: 1965Reputation: 1965Reputation: 1965Reputation: 1965Reputation: 1965
http://wiki.freeradius.org/guide/Troubleshooting
 
Old 10-20-2013, 09:13 AM   #5
ciscosteps
LQ Newbie
 
Registered: Oct 2013
Posts: 5

Original Poster
Rep: Reputation: Disabled
I Thank you very much , but I have no idea what you are talking about. I created
Code:
userX
, I copied the same lines as
Code:
userZ
.
Code:
userZ
is able to connect but
Code:
userX
is not ....do you know how to start the
Code:
radiusd
Code:
userX Service-Type == Framed-User
Bay-User-Level = 2,
Cisco-AVPair = "shell:priv-lvl=15",
Fall-Through = No
 
 
userZ Service-Type == Framed-User
Bay-User-Level = 2,
Cisco-AVPair = "shell:priv-lvl=15",
Fall-Through = No


cisco device

Code:
[terminal] ~$ telnet x.x.x.x (cisco device)
Trying x.x.x.x...
Connected to ciscodevice (x.x.x.x).
Escape character is '^]'.

User Access Verification
Username: userx
Password:
% Authentication failed.
 
Old 10-23-2013, 06:23 AM   #6
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,406

Rep: Reputation: 1965Reputation: 1965Reputation: 1965Reputation: 1965Reputation: 1965Reputation: 1965Reputation: 1965Reputation: 1965Reputation: 1965Reputation: 1965Reputation: 1965
if you can't understand that, maybe you shouldn't be doing this work in the first place.

Read the troubleshooting guide. Troubleshoot it.
 
Old 10-23-2013, 01:29 PM   #7
ciscosteps
LQ Newbie
 
Registered: Oct 2013
Posts: 5

Original Poster
Rep: Reputation: Disabled
Thumbs down

Quote:
Originally Posted by acid_kewpie View Post
if you can't understand that, maybe you shouldn't be doing this work in the first place.

Read the troubleshooting guide. Troubleshoot it.

I wonder if you were born doing this .. lol . Thanks for the support .
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
radius mac authentication sholah Linux - Server 9 12-05-2011 02:04 AM
pam radius authentication danieldinu Linux - Security 2 07-17-2009 01:56 PM
WPA-Radius Authentication help! saman Linux - Wireless Networking 1 04-01-2008 11:00 AM
Ldap Radius Authentication tmolise Linux - Software 0 11-01-2006 10:49 AM
User authentication through radius tiger3090 Linux - Networking 1 09-08-2005 04:16 AM


All times are GMT -5. The time now is 01:21 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration