Note: certain parts of this email have been munged for confidentiality
reasons. (i.e. IP addresses, login names, and passwords have been
scrambled.)
I recently upgraded my primary RADIUS server from freeradius 0.3 to 0.5.
Now, however, I'm getting strange entries in my radius.log file:
Tue Mar 19 10:57:29 2002 : Auth: Login OK: [someguy] (from nas UNKNOWN-NAS
port 2 cli 144.74.x.y)
I have at least four different NASes that are defined with shortnames in
clients.conf that now generate similar log lines in radius.log. Devices
are from multiple manufacturers (primarily Cisco and Marconi). None of the
configurations for any of these NASes have changed; only freeradius has
been upgraded from 0.3 to 0.5 . (clients.conf was also not changed going
from 0.3 to 0.5.)
So I'm pretty stumped as to why freeradius is all of a sudden calling these
unknown nases, but still allowing them to authenticate. I threw the server
into debug mode, and obtained the following (as an example)... Maybe it
can help. Anyone have any ideas here?
--- Walking the entire request list ---
Cleaning up request 0 ID 105 with timestamp 3c98a291
Nothing to do. Sleeping until we see a request.
rad_recv: Access-Request packet from host 144.74.m.N:1645, id=106,
length=79
NAS-IP-Address = 144.74.m.N <--- 144.74.m.N matches the IP
in above line, and also what's in clients.conf
NAS-Port = 2
NAS-Port-Type = Virtual
User-Name = "someguy"
Calling-Station-Id = "144.74.x.y"
Password = "(deleted)"
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
modcall[authorize]: module "suffix" returns ok
users: Matched DEFAULT at 71
modcall[authorize]: module "files" returns ok
modcall: group authorize returns ok
rad_check_password: Found Auth-Type System
auth: type "System"
modcall: entering group authenticate
modcall[authenticate]: module "unix" returns ok
modcall: group authenticate returns ok
radius_xlat: '[primary_radius_server] Hello, someguy'
Login OK: [someguy] (from nas UNKNOWN-NAS port 2 cli 144.74.x.y)
Sending Access-Accept of id 106 to 144.74.m.N:1645
Reply-Message = "[primary_radius_server] Hello, someguy"
Cisco-AVPair = "shell:priv-lvl=x"
Service-Type = Login-User
Finished request 1
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 1 ID 106 with timestamp 3c98a2ae
Nothing to do. Sleeping until we see a request.
If there's anything else that would be handy in debuging, let me know and
I'll grab it! :)
Vincent Giovannone
Network Infrastructure Group
Information Services Division
Rush - Presbyterian St. Luke's Medical Center
(312) 942-4242
"Monday" is the term used to signify the eighth day of my work week.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
