I can access the webui, register tokens, linked to active directory etc, all tested ok
I am having issues with the radius plugin, when I attempt to make any connection to the radius, either using the test functions described in the link above, or from an external connection, I am seeing the errors below:
User-Name = 'user'
User-Password = 'password'
(0) Received Access-Request packet from host 127.0.0.1 port 35488, id=111, length=44
(0) User-Name = 'user'
(0) User-Password = 'password'
(0) # Executing section authorize from file /etc/raddb/sites-enabled/privacyidea
(0) authorize {
(0) [preprocess] = ok
(0) [digest] = noop
(0) suffix : Checking for suffix after "@"
(0) suffix : No '@' in User-Name = "user", looking up realm NULL
(0) suffix : No such realm "NULL"
(0) [suffix] = noop
(0) ntdomain : Checking for prefix before "\"
(0) ntdomain : No '\' in User-Name = "user", looking up realm NULL
(0) ntdomain : No such realm "NULL"
(0) [ntdomain] = noop
(0) [files] = noop
(0) [expiration] = noop
(0) [logintime] = noop
(0) WARNING: pap : No "known good" password found for the user. Not setting Auth-Type
(0) WARNING: pap : Authentication will fail unless a "known good" password is available
(0) [pap] = noop
(0) update control {
(0) Auth-Type := Perl
(0) } # update control = noop
(0) } # authorize = ok
(0) Found Auth-Type = Perl
(0) # Executing group from file /etc/raddb/sites-enabled/privacyidea
(0) Auth-Type Perl {
(0) perl : $RAD_REQUEST{'User-Name'} = &request:User-Name -> 'user'
(0) perl : $RAD_REQUEST{'User-Password'} = &request:User-Password -> 'password'
(0) perl : $RAD_REQUEST{'NAS-IP-Address'} = &request:NAS-IP-Address -> '127.0.0.1'
(0) perl : $RAD_REQUEST{'Event-Timestamp'} = &request:Event-Timestamp -> 'Oct 21 2015 11:50:57 AEDT'
(0) perl : $RAD_CHECK{'Auth-Type'} = &control:Auth-Type -> 'Perl'
(0) perl : $RAD_CONFIG{'Auth-Type'} = &control:Auth-Type -> 'Perl'
rlm_perl: Config File /etc/freeradius/rlm_perl.ini found!
rlm_perl: Looking for config for auth-type Perl
rlm_perl: Auth-Type: Perl
rlm_perl: user sent to privacyidea: user
rlm_perl: realm sent to privacyidea:
rlm_perl: resolver sent to privacyidea:
rlm_perl: client sent to privacyidea: 127.0.0.1
rlm_perl: state sent to privacyidea:
rlm_perl: urlparam client
rlm_perl: urlparam pass
rlm_perl: urlparam user
rlm_perl: Not verifying SSL certificate!
rlm_perl: privacyIDEA request failed: 500 INTERNAL SERVER ERROR
rlm_perl: return RLM_MODULE_FAIL
(0) perl : &request:User-Name = $RAD_REQUEST{'User-Name'} -> 'user'
(0) perl : &request:Event-Timestamp = $RAD_REQUEST{'Event-Timestamp'} -> 'Oct 21 2015 11:50:57 AEDT'
(0) perl : &request:User-Password = $RAD_REQUEST{'User-Password'} -> 'password'
(0) perl : &request:NAS-IP-Address = $RAD_REQUEST{'NAS-IP-Address'} -> '127.0.0.1'
(0) perl : &reply:Reply-Message = $RAD_REPLY{'Reply-Message'} -> 'privacyIDEA request failed: 500 INTERNAL SERVER ERROR'
(0) perl : &control:Auth-Type = $RAD_CHECK{'Auth-Type'} -> 'Perl'
(0) [perl] = fail
(0) } # Auth-Type Perl = fail
(0) Failed to authenticate the user
(0) Using Post-Auth-Type Reject
(0) Delaying response for 1 seconds
Waking up in 0.9 seconds.
(0) Sending delayed response
(0) Sending Access-Reject packet to host 127.0.0.1 port 35488, id=111, length=0
(0) Reply-Message = 'privacyIDEA request failed: 500 INTERNAL SERVER ERROR'
Reply-Message = 'privacyIDEA request failed: 500 INTERNAL SERVER ERROR'
Waking up in 3.9 seconds.
(0) Cleaning up request packet ID 111 with timestamp +7
I don't think this is just an issue with the user / password, but if anyone can point me in the right direction in what I may have done wrong with either the radius or privacy idea install?