Sending Access-Request of id 160 to 172.16.114.139 port 1812
User-Name = "teddy"
Password = "1234095237"
rad_recv: Access-Accept packet from host 172.16.114.139 port 1812, id=160, length=48
Reply-Message = "privacyIDEA access granted"
Total approved auths: 1
Total denied auths: 0
Total lost auths: 0
Thu Sep 17 18:21:10 2015 RADIUS-PLUGIN: FOREGROUND: OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY is called.
Thu Sep 17 18:21:10 2015 RADIUS-PLUGIN: FOREGROUND: Key: 172.16.114.1:52042.
Thu Sep 17 18:21:10 2015 RADIUS-PLUGIN: FOREGROUND THREAD: New user from OpenVPN!
Thu Sep 17 18:21:10 2015 RADIUS-PLUGIN: FOREGROUND THREAD: New user.
Thu Sep 17 18:21:10 2015 RADIUS-PLUGIN: FOREGROUND THREAD: New user: username: teddy, password: *****, newuser ip: 172.16.114.1, newuser port: 52042 .
Thu Sep 17 18:21:10 2015 RADIUS-PLUGIN: BACKGROUND AUTH: New user auth: username: teddy, password: *****, calling station: 172.16.114.1, commonname: client_vpnuin.
Thu Sep 17 18:21:10 2015 RADIUS-PLUGIN: radius_server().
Thu Sep 17 18:21:10 2015 RADIUS-PLUGIN: Build password packet: password: *****, sharedSecret: *****.
Thu Sep 17 18:21:10 2015 RADIUS-PLUGIN: Send packet to 127.0.0.1.
Thu Sep 17 18:21:11 2015 RADIUS-PLUGIN: Got no response from radius server.
Thu Sep 17 18:21:11 2015 Thu Sep 17 18:21:11 2015 RADIUS-PLUGIN: FOREGROUND THREAD: Error receiving auth confirmation from background process.
Thu Sep 17 18:21:11 2015 RADIUS-PLUGIN: FOREGROUND THREAD: Waiting for new user.
Error: RADIUS-PLUGIN: BACKGROUND AUTH: Auth failed!.
Thu Sep 17 18:21:11 2015 us=503093 172.16.114.1:52042 PLUGIN_CALL: POST /usr/lib/openvpn/radiusplugin.so/PLUGIN_AUTH_USER_PASS_VERIFY status=1
Thu Sep 17 18:21:11 2015 us=503119 172.16.114.1:52042 PLUGIN_CALL: plugin function PLUGIN_AUTH_USER_PASS_VERIFY failed with status 1: /usr/lib/openvpn/radiusplugin.so
Thu Sep 17 18:21:11 2015 us=503166 172.16.114.1:52042 TLS Auth Error: Auth Username/Password verification failed for peer
freeradius -X debug :
rad_recv: Access-Request packet from host 172.16.114.139 port 60198, id=182, length=126
User-Name = "teddy"
User-Password = "1234089024"
NAS-IP-Address = 127.0.0.1
NAS-Port = 1
Service-Type = Outbound-User
Calling-Station-Id = "172.16.114.1"
NAS-Identifier = "OpenVpn"
Acct-Session-Id = "8EA9045C3B62D32402673699DC5B79B5"
NAS-Port-Type = Sync
# Executing section authorize from file /etc/freeradius/sites-enabled/privacyidea
+- entering group authorize {...}
++[preprocess] returns ok
++[digest] returns noop
[suffix] No '@' in User-Name = "teddy", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[ntdomain] No '\' in User-Name = "teddy", looking up realm NULL
[ntdomain] No such realm "NULL"
++[ntdomain] returns noop
[files] users: Matched entry DEFAULT at line 1
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.
++[pap] returns noop
Found Auth-Type = Perl
# Executing group from file /etc/freeradius/sites-enabled/privacyidea
+- entering group Perl {...}
rlm_perl: Config File /etc/privacyIDEA/rlm_perl.ini not found!
rlm_perl: Default URL https://127.0.0.1/validate/check
rlm_perl: Looking for config for auth-type Perl
rlm_perl: Warning:
rlm_perl: Auth-Type: Perl
rlm_perl: url: https://127.0.0.1/validate/check
rlm_perl: user sent to privacyidea: teddy
rlm_perl: realm sent to privacyidea:
rlm_perl: resolver sent to privacyidea:
rlm_perl: client sent to privacyidea: 127.0.0.1
rlm_perl: state sent to privacyidea:
rlm_perl: urlparam user
rlm_perl: urlparam client
rlm_perl: urlparam pass
rlm_perl: Not verifying SSL certificate!
rlm_perl: privacyIDEA access granted
rlm_perl: return RLM_MODULE_OK
rlm_perl: Added pair Acct-Session-Id = 8EA9045C3B62D32402673699DC5B79B5
rlm_perl: Added pair NAS-Identifier = OpenVpn
rlm_perl: Added pair User-Name = teddy
rlm_perl: Added pair NAS-IP-Address = 127.0.0.1
rlm_perl: Added pair Calling-Station-Id = 172.16.114.1
rlm_perl: Added pair NAS-Port = 1
rlm_perl: Added pair NAS-Port-Type = Sync
rlm_perl: Added pair Service-Type = Outbound-User
rlm_perl: Added pair User-Password = 1234089024
rlm_perl: Added pair Reply-Message = privacyIDEA access granted
rlm_perl: Added pair Auth-Type = Perl
++[perl] returns ok
WARNING: Empty post-auth section. Using default return values.
Sending Access-Accept of id 182 to 172.16.114.139 port 60198
Reply-Message = "privacyIDEA access granted"
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Accounting-Request packet from host 172.16.114.139 port 43129, id=36, length=126
User-Name = "teddy"
NAS-IP-Address = 127.0.0.1
NAS-Port = 1
Service-Type = Outbound-User
Framed-Protocol = PPP
Framed-IP-Address = 10.29.9.6
Calling-Station-Id = "172.16.114.1"
NAS-Identifier = "OpenVpn"
Acct-Status-Type = Start
Acct-Session-Id = "8EA9045C3B62D32402673699DC5B79B5"
NAS-Port-Type = Sync
# Executing section preacct from file /etc/freeradius/sites-enabled/privacyidea
+- entering group preacct {...}
[suffix] No '@' in User-Name = "teddy", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
++[files] returns noop
WARNING: Empty accounting section. Using default return values.
Finished request 1.
Cleaning up request 1 ID 36 with timestamp +21
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Accounting-Request packet from host 172.16.114.139 port 43233, id=36, length=126
User-Name = "teddy"
NAS-IP-Address = 127.0.0.1
NAS-Port = 1
Service-Type = Outbound-User
Framed-Protocol = PPP
Framed-IP-Address = 10.29.9.6
Calling-Station-Id = "172.16.114.1"
NAS-Identifier = "OpenVpn"
Acct-Status-Type = Start
# Executing section preacct from file /etc/freeradius/sites-enabled/privacyidea
+- entering group preacct {...}
[suffix] No '@' in User-Name = "teddy", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
++[files] returns noop
WARNING: Empty accounting section. Using default return values.
Hi Jochen,