0

我已经用mysql成功配置了freeradius。我可以使用命令进行 radtest:

sudo radtest alice password 192.168.2.3 1812 testing123
Sending Access-Request of id 187 to 192.168.2.3 port 1812
    User-Name = "alice"
    User-Password = "password"
    NAS-IP-Address = 127.0.1.1
    NAS-Port = 1812
    Message-Authenticator = 0x00000000000000000000000000000000

rad_recv: Access-Accept packet from host 192.168.2.3 port 1812, id=187, length=20

现在我尝试使用半径身份验证的鱿鱼。

我一步一步地从:

http://safesrv.net/setup-squid-and-freeradius-on-centos-5/#comment-1043

但我在 cache.log 上收到错误消息日志

Warning: Received invalid reply digest from server
Warning: Received invalid reply digest from server
Warning: Received invalid reply digest from server
squid_rad_auth: No response from RADIUS server

在 radius -X 调试中出现如下错误消息:

Sending duplicate reply to client localprivate port 42003 – ID: 2
Sending Access-Reject of id 2 to 192.168.2.3 port 42003
Waking up in 2.9 seconds.
rad_recv: Access-Request packet from host 192.168.2.3 port 42003, id=2, length=63
Sending duplicate reply to client localprivate port 42003 – ID: 2
Sending Access-Reject of id 2 to 192.168.2.3 port 42003
Waking up in 0.9 seconds.
Found Auth-Type = PAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group PAP {…}
[pap] login attempt with password “b9?I? +�(�Ч�Y�?”
[pap] Using clear text password “password”
[pap] Passwords don’t match
++[pap] returns reject
Failed to authenticate the user.
WARNING: Unprintable characters in the password. Double-check the shared secret on the server and the NAS!
Using Post-Auth-Type REJECT

那是什么错误?我怎么能解决这个问题

谢谢

4

1 回答 1

0

窥探您生成的 Accessreq 并尝试使用您与 wireshark 的共享密钥来解码加密的密码。看起来您的测试客户端没有正确编码密码。确保在服务器端正确配置了 testing123。

于 2013-09-12T12:47:30.637 回答