[ previous ] [ next ] [ threads ]
 
 From:  David Orman <david dot orman at orblivion dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  troubles with radius/captive portal - please advise
 Date:  Wed, 20 Oct 2004 00:00:10 -1000 
Hi all. :)

	I've gotten my soekris in, and am trying to get captive portal working 
w/ radius (freeradius + mysql specifically).

I made an entry for a "test" user with "test" password in the db, this 
is what it looks like...

mysql> select * from usergroup;
+----------+-----------+----------+
| UserName | GroupName | priority |
+----------+-----------+----------+
| test     | test      |        0 |
+----------+-----------+----------+
1 row in set (0.00 sec)

mysql> select * from radcheck;
+----+----------+-----------+----+-------+
| id | UserName | Attribute | op | Value |
+----+----------+-----------+----+-------+
|  1 | test     | Password  | == | test  |
+----+----------+-----------+----+-------+
1 row in set (0.00 sec)

mysql>


Now, in testing...

pulsar# radtest test test localhost 1812 secret
Sending Access-Request of id 69 to 127.0.0.1:1812
         User-Name = "test"
         User-Password = "test"
         NAS-IP-Address = pulsar.orblivion.com
         NAS-Port = 1812
rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=69, 
length=20
pulsar#

So it seems freeradius/mysql is working fine. The problem arises when I 
try to use the captive portal/m0n0wall. :)

My captive portal code is just the default code:

<html>
<body>
<form method="post" action="">
     <input name="accept" type="submit" value="Continue">
     <input name="auth_user" type="text">
     <input name="auth_pass" type="password">
</form>
</body>
</html>

This is what I see in the error logs when attempting test/test as 
username/password:

Tue Oct 19 23:52:52 2004 : Info: rlm_sql (sql): No matching entry in 
the database for request from user [test]
Tue Oct 19 23:52:52 2004 : Auth: Login incorrect: 
[test/\272}S\0045\244\351i\317h\332\366s\2231\346] (from client ap1 
port 0)

More detail:

Tue Oct 19 23:52:52 2004
         Service-Type = Login-User
         User-Name = "test"
         User-Password = "\272}S\0045\244\351i\317h\332\366s\2231\346"
         NAS-Identifier = "ap1.orblivion.com"
         NAS-Port = 0
         NAS-Port-Type = Ethernet
         NAS-IP-Address = 67.52.79.22
         Client-IP-Address = 67.52.79.22

It seems the user-password is being garbled into something strange/odd. 
I've attempted shuffling the pap password encryption scheme to all the 
available options in freeradius as I read in the mailing list m0n0wall 
uses PAP, but it's made no difference. Any ideas on what the problem 
is? I'm sure it's user error, i've never touched radius before. :)

Cheeers,
David Orman