Ok here is the result of radiusd -X
As you can see the first user toto is well authenticated (all is ok)
The second user toto is well authenticated but he is disconected from my
HyperARC
/usr/local/etc/raddb/users :
toto Auth-Type := Local, Password == "toto"
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 255.255.255.254,
Framed-MTU = 1500,
Framed-Compression = Van-Jacobsen-TCP-IP
Can you help ?
[root@radius-test sbin]# ./radiusd -X
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /usr/local/etc/raddb/proxy.conf
Config: including file: /usr/local/etc/raddb/clients.conf
Config: including file: /usr/local/etc/raddb/snmp.conf
Config: including file: /usr/local/etc/raddb/sql.conf
main: prefix = "/usr/local"
main: localstatedir = "/usr/local/var"
main: logdir = "/usr/local/var/log/radius"
main: libdir = "/usr/local/lib"
main: radacctdir = "/usr/local/var/log/radius/radacct"
main: hostname_lookups = no
read_config_files: reading dictionary
read_config_files: reading clients
read_config_files: reading realms
read_config_files: reading naslist
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_auth = no
main: log_auth_badpass = no
main: log_auth_goodpass = no
main: pidfile = "/usr/local/var/run/radiusd.pid"
main: user = "root"
main: group = "root"
main: usercollide = no
main: lower_user = "no"
main: lower_pass = "no"
main: nospace_user = "no"
main: nospace_pass = "no"
main: proxy_requests = no
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: dead_time = 120
main: debug_level = 0
read_config_files: entering modules setup
Module: Library search path is /usr/local/lib
Module: Loaded System
unix: cache = no
unix: passwd = "/etc/passwd"
unix: shadow = "(null)"
unix: group = "/etc/group"
unix: radwtmp = "/usr/local/var/log/radius/radwtmp"
unix: usegroup = no
Module: Instantiated unix (unix)
Module: Loaded preprocess
preprocess: huntgroups = "/usr/local/etc/raddb/huntgroups"
preprocess: hints = "/usr/local/etc/raddb/hints"
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
realm: format = "suffix"
realm: delimiter = "@"
Module: Instantiated realm (suffix)
Module: Loaded files
files: usersfile = "/usr/local/etc/raddb/users"
files: acctusersfile = "/usr/local/etc/raddb/acct_users"
files: compat = "no"
Module: Instantiated files (files)
Module: Loaded detail
detail: detailfile =
"/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail"
detail: detailperm = 384
detail: dirperm = 493
Module: Instantiated detail (detail)
Module: Loaded radutmp
radutmp: filename = "/usr/local/var/log/radius/radutmp"
radutmp: perm = 384
radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Listening on IP address *, ports 1812/udp and 1813/udp.
Ready to process requests.
rad_recv: Access-Request packet from host 192.168.10.10:1645, id=17,
length=207
User-Name = "toto"
Password = "-\375\212j\001\256\2379\323\314\246K\3751$N"
NAS-IP-Address = 192.168.10.10
NAS-Port = 1027
Acct-Session-Id = "127"
USR-Interface-Index = 2283
USR-Supports-Tags = 0
Service-Type = Framed-User
Framed-Protocol = PPP
USR-MP-EDO-HIPER = "Y\002\0009\024cA8\230k\302\367F\210K\000\000\000"
USR-Chassis-Call-Slot = 5
USR-Chassis-Call-Span = 1
USR-Chassis-Call-Channel = 3
USR-Connect-Speed = NONE
Calling-Station-Id = "803711"
Called-Station-Id = "******"
NAS-Port-Type = Async
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
modcall[authorize]: module "suffix" returns ok
users: Matched toto at 1
modcall[authorize]: module "files" returns ok
modcall: group authorize returns ok
rad_check_password: Found Auth-Type Local
auth: type Local
auth: user supplied Password matches local Password
Sending Access-Accept of id 17 to 192.168.10.10:1645
Service-Type = Framed-User
Framed-Protocol = PPP
Framed-IP-Address = 255.255.255.254
Framed-MTU = 1500
Framed-Compression = Van-Jacobson-TCP-IP
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Accounting-Request packet from host 192.168.10.10:1646, id=22,
length=333
User-Name = "toto"
NAS-IP-Address = 192.168.10.10
Acct-Status-Type = Start
Acct-Session-Id = "127"
Acct-Delay-Time = 0
Acct-Authentic = RADIUS
Service-Type = Framed-User
NAS-Port-Type = Async
NAS-Port = 1027
USR-Modem-Training-Time = 16
USR-Interface-Index = 2283
USR-Chassis-Call-Slot = 5
USR-Chassis-Call-Span = 1
USR-Chassis-Call-Channel = 3
USR-Unauthenticated-Time = 4
Calling-Station-Id = "803711"
Called-Station-Id = "****"
USR-Modulation-Type = v90Digital
USR-Simplified-MNP-Levels = v42SRej
USR-Simplified-V42bis-Usage = ccittV42bis
USR-Connect-Speed = 45333-BPS
Framed-Protocol = PPP
Framed-IP-Address = 192.168.10.69
USR-MP-MRRU = 1614
USR-MP-EDO-HIPER = "Y\002\0009\024cA8\230k\302\367F\210K\000\000\000"
Acct-Link-Count = 1
Acct-Multi-Session-Id = "10"
USR-VTS-Session-Key = "\017Bp\275gN*xb\377\220\334\370\263)\357"
USR-Call-Arrival-Time = 187257760
modcall: entering group preacct
modcall[preacct]: module "suffix" returns ok
modcall[preacct]: module "files" returns noop
modcall[preacct]: module "preprocess" returns noop
modcall: group preacct returns ok
modcall: entering group accounting
radius_xlat: '/usr/local/var/log/radius/radacct/192.168.10.10/detail'
rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail
expands to /usr/local/var/log/radius/radacct/192.168.10.10/detail
modcall[accounting]: module "detail" returns ok
modcall[accounting]: module "unix" returns ok
modcall[accounting]: module "radutmp" returns ok
modcall: group accounting returns ok
Sending Accounting-Response of id 22 to 192.168.10.10:1646
Finished request 1
Going to the next request
--- Walking the entire request list ---
Cleaning up request 1 ID 22 with timestamp 3c1103d2
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 17 with timestamp 3c1103d0
Nothing to do. Sleeping until we see a request.
rad_recv: Access-Request packet from host 192.168.10.10:1645, id=18,
length=207
User-Name = "toto"
Password = "\376rQR/\r\004/\036\316:\341?/\343\265"
NAS-IP-Address = 192.168.10.10
NAS-Port = 1028
Acct-Session-Id = "128"
USR-Interface-Index = 2284
USR-Supports-Tags = 0
Service-Type = Framed-User
Framed-Protocol = PPP
USR-MP-EDO-HIPER =
"\013\361?\232\217\003O\200\213\200L\367\204\341#\362\000\000\000"
USR-Chassis-Call-Slot = 5
USR-Chassis-Call-Span = 1
USR-Chassis-Call-Channel = 4
USR-Connect-Speed = NONE
Calling-Station-Id = "508850"
Called-Station-Id = "****"
NAS-Port-Type = Async
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
modcall[authorize]: module "suffix" returns ok
users: Matched toto at 1
modcall[authorize]: module "files" returns ok
modcall: group authorize returns ok
rad_check_password: Found Auth-Type Local
auth: type Local
auth: user supplied Password matches local Password
Sending Access-Accept of id 18 to 192.168.10.10:1645
Service-Type = Framed-User
Framed-Protocol = PPP
Framed-IP-Address = 255.255.255.254
Framed-MTU = 1500
Framed-Compression = Van-Jacobson-TCP-IP
Finished request 2
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Accounting-Request packet from host 192.168.10.10:1646, id=23,
length=322
User-Name = "unauthenticated"
NAS-IP-Address = 192.168.10.10
Acct-Status-Type = Stop
Acct-Session-Id = "128"
Acct-Delay-Time = 0
Service-Type = Framed-User
NAS-Port-Type = Async
NAS-Port = 1028
USR-Interface-Index = 2284
USR-Chassis-Call-Slot = 5
USR-Chassis-Call-Span = 1
USR-Chassis-Call-Channel = 4
USR-Unauthenticated-Time = 3
USR-Modem-Training-Time = 16
Calling-Station-Id = "508850"
Called-Station-Id = "****"
USR-Modulation-Type = v90Digital
USR-Simplified-MNP-Levels = v42SRej
USR-Simplified-V42bis-Usage = ccittV42bis
USR-Connect-Speed = 45333-BPS
Framed-Protocol = PPP
Framed-IP-Address = 0.0.0.0
Acct-Session-Time = 19
Acct-Terminate-Cause = User-Request
USR-HARC-Disconnect-Code = User-Req-Drop
Acct-Input-Octets = 250
Acct-Output-Octets = 108
Acct-Input-Packets = 7
Acct-Output-Packets = 4
USR-Call-Arrival-Time = 187257860
USR-Call-End-Time = 187257879
modcall: entering group preacct
modcall[preacct]: module "suffix" returns ok
modcall[preacct]: module "files" returns noop
modcall[preacct]: module "preprocess" returns noop
modcall: group preacct returns ok
modcall: entering group accounting
radius_xlat: '/usr/local/var/log/radius/radacct/192.168.10.10/detail'
rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail
expands to /usr/local/var/log/radius/radacct/192.168.10.10/detail
modcall[accounting]: module "detail" returns ok
modcall[accounting]: module "unix" returns ok
Accounting: logout: login entry for NAS tc2 port 1028 not found
modcall[accounting]: module "radutmp" returns ok
modcall: group accounting returns ok
Sending Accounting-Response of id 23 to 192.168.10.10:1646
Finished request 3
Going to the next request
--- Walking the entire request list ---
Cleaning up request 3 ID 23 with timestamp 3c110435
Waking up in 5 seconds...
--- Walking the entire request list ---
Cleaning up request 2 ID 18 with timestamp 3c110434
Nothing to do. Sleeping until we see a request.
> Examining the accounting logs, and posting them to the list is
> pointless, when the problem is with authentication.
>
> Look at the results of authentication, The answer to the problem
> will be there.
>
> Alan DeKok.
--
Gilles HAUTZ
MANA S.A., APNIC MemberIAP/ISP of Tahiti and her Islands
Box 14 174 Arue - 98701 TAHITI - FRENCH POLYNESIA
Phone : (689) 50 88 88 - Fax : (689) 50 88 89
E-mail : [EMAIL PROTECTED]
http://www.mana.pf
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
