Vincent, [EMAIL PROTECTED] wrote: > Note: certain parts of this email have been munged for confidentiality > reasons. (i.e. IP addresses, login names, and passwords have been > scrambled.) > > I recently upgraded my primary RADIUS server from freeradius 0.3 to 0.5. > Now, however, I'm getting strange entries in my radius.log file: > > Tue Mar 19 10:57:29 2002 : Auth: Login OK: [someguy] (from nas UNKNOWN-NAS > port 2 cli 144.74.x.y) >
What does raddb/naslist have in it? Cheers, Mike > I have at least four different NASes that are defined with shortnames in > clients.conf that now generate similar log lines in radius.log. Devices > are from multiple manufacturers (primarily Cisco and Marconi). None of the > configurations for any of these NASes have changed; only freeradius has > been upgraded from 0.3 to 0.5 . (clients.conf was also not changed going > from 0.3 to 0.5.) > > So I'm pretty stumped as to why freeradius is all of a sudden calling these > unknown nases, but still allowing them to authenticate. I threw the server > into debug mode, and obtained the following (as an example)... Maybe it > can help. Anyone have any ideas here? > > --- Walking the entire request list --- > Cleaning up request 0 ID 105 with timestamp 3c98a291 > Nothing to do. Sleeping until we see a request. > rad_recv: Access-Request packet from host 144.74.m.N:1645, id=106, > length=79 > NAS-IP-Address = 144.74.m.N <--- 144.74.m.N matches the IP > in above line, and also what's in clients.conf > NAS-Port = 2 > NAS-Port-Type = Virtual > User-Name = "someguy" > Calling-Station-Id = "144.74.x.y" > Password = "(deleted)" > modcall: entering group authorize > modcall[authorize]: module "preprocess" returns ok > modcall[authorize]: module "suffix" returns ok > users: Matched DEFAULT at 71 > modcall[authorize]: module "files" returns ok > modcall: group authorize returns ok > rad_check_password: Found Auth-Type System > auth: type "System" > modcall: entering group authenticate > modcall[authenticate]: module "unix" returns ok > modcall: group authenticate returns ok > radius_xlat: '[primary_radius_server] Hello, someguy' > Login OK: [someguy] (from nas UNKNOWN-NAS port 2 cli 144.74.x.y) > Sending Access-Accept of id 106 to 144.74.m.N:1645 > Reply-Message = "[primary_radius_server] Hello, someguy" > Cisco-AVPair = "shell:priv-lvl=x" > Service-Type = Login-User > Finished request 1 > Going to the next request > --- Walking the entire request list --- > Waking up in 6 seconds... > --- Walking the entire request list --- > Cleaning up request 1 ID 106 with timestamp 3c98a2ae > Nothing to do. Sleeping until we see a request. > > If there's anything else that would be handy in debuging, let me know and > I'll grab it! :) > > Vincent Giovannone > Network Infrastructure Group > Information Services Division > Rush - Presbyterian St. Luke's Medical Center > (312) 942-4242 > > "Monday" is the term used to signify the eighth day of my work week. > > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > > -- Mike Cathey - http://www.mikecathey.com/ Network Administrator RTC Internet - http://www.catt.com/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
