Задача состоится в том чтобы пользователи которые смогли управлят циско, брались из базы radiusa?..Но почему-то он пароль не понимает: no service password-encryption - не помогло
radiusd -X
---------
NAS-IP-Address = 192.168.1.10
NAS-Port = 226
NAS-Port-Type = Virtual
User-Name = "crn"
Calling-Station-Id = "192.168.1.4"
User-Password = "y\007\331\364\250W..\274\332O(\301?$X"
+- entering group authorize
++[preprocess] returns ok
rlm_realm: No '@' in User-Name = "usr", looking up realm NULL
rlm_realm: No such realm "NULL"
++[suffix] returns noop
rlm_checkval: Could not find item named Called-Station-Id in request
rlm_checkval: Could not find attribute named Called-Station-Id in check pairs
++[checkval] returns notfound
users: Matched entry usr at line 26
++[files] returns ok
++[unix] returns updated
auth: type Crypt
auth: Failed to validate the user.
Login incorrect: [usr/y\007\331\364\250W..\274\332O(\301?$X] (from client ppoxy port 226 cli 192.168.1.4)
WARNING: Unprintable characters in the password. Double-check the shared secret on the server and the NAS!
Found Post-Auth-Type Reject
+- entering group REJECT
expand: %{User-Name} -> usr
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 13 for 2 seconds
(users)
------
usr Cleartext-Password := "pwd"
Service-Type = NAS-Prompt-User
(clients)
---------
client 192.168.1.10 {
secret = rub
shortname = nc
nastype = cisco
}
(aaa)
aaa new-model
aaa authentication login default group radius local
aaa authentication login localauth local
aaa authentication enable default group radius enable
aaa authentication ppp default if-needed group radius local
aaa authorization exec default group radius local
aaa authorization network default group radius local
aaa accounting delay-start
aaa accounting exec default start-stop group radius
aaa accounting network default start-stop group radius
aaa processes 6
