Hallo Alan,
Thank you, it works.
But I found a new problem: length of Tunnel-Password
seems to be wrong.
If I understand the RFC 2868 then the password attr
length must be 21 (minimum: type=1 + length=1 + tag=1 + salt=2 + pw_string=16).
The Access-Accept contains a password attr
with length 20. It seems that the tag isn't included.
Regards
Wolfgang
Trace from Freeradius server:
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 153.92.29.2:1812, id=52, length=111
User-Password = "\340Wq\210\251\003\020\215\372*\367\363\232\031\331\343"
User-Name = "[EMAIL PROTECTED]"
Service-Type = Framed-User
Framed-Protocol = PPP
NAS-Port = 3
NAS-Port-Type = Virtual
NAS-Identifier = "BIAS MAC address... comming soon"
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
rlm_realm: Looking up realm l2tp.com for User-Name = "[EMAIL PROTECTED]"
rlm_realm: No such realm l2tp.com
modcall[authorize]: module "suffix" returns noop
users: Matched [EMAIL PROTECTED] at 93
modcall[authorize]: module "files" returns ok
modcall: group authorize returns ok
rad_check_password: Found Auth-Type Local
auth: type Local
auth: user supplied User-Password matches local User-Password
Sending Access-Accept of id 52 to 153.92.29.2:1812
Service-Type = Framed-User
Framed-Protocol = PPP
Framed-IP-Address = 255.255.255.254
Framed-Routing = None
Filter-Id = "std.ppp"
Framed-MTU = 1500
Framed-Compression = None
Tunnel-Type:0 = L2TP
Tunnel-Medium-Type:0 = IP
Tunnel-Password:0 = "\245\002\2556P?\3718@\341cl\035\243\262\036\232="
Tunnel-Client-Endpoint:0 = "153.92.29.2"
Tunnel-Server-Endpoint:0 = "153.92.28.17"
Tunnel-Client-Auth-Id:0 = "olli"
Tunnel-Server-Auth-Id:0 = "raclet.l2tp.com"
Tunnel-Assignment-Id:0 = "200"
Finished request 1
Details from ethereal:
User Datagram Protocol, Src Port: radius (1812), Dst Port: radius (1812)
Source port: radius (1812)
Destination port: radius (1812)
Length: 160
Checksum: 0xc035 (correct)
Radius Protocol
Code: Access Accept (2)
Packet identifier: 0x33 (51)
Length: 152
Authenticator
Attribute value pairs
t:Service Type(6) l:6, Value:Framed
t:Framed Protocol(7) l:6, Value:PPP
t:Framed IP Address(8) l:6, Value:255.255.255.254
t:Framed Routing(10) l:6, Value:None
t:Filter Id(11) l:9, Value:"std.ppp"
t:Framed MTU(12) l:6, Value:1500
t:Framed Compression(13) l:6, Value:None
t:Tunnel Type(64) l:6, Value:L2TP
t:Tunnel Medium Type(65) l:6, Value:IPv4
t:Tunnel Password(69) l:20,
Value:"\250\204\162\159\164X\028T\128)!^-\158\2538X\149" <<<< len=20
t:Tunnel Client Endpoint(66) l:13, Value:"153.92.29.2"
t:Tunnel Server Endpoint(67) l:14, Value:"153.92.28.17"
t:Tunnel Client Auth ID(90) l:6, Value:"olli"
t:Tunnel Server Auth ID(91) l:17, Value:"raclet.l2tp.com"
t:Tunnel Assignment ID(82) l:5, Value:"200"
0000 08 00 3e ff ff 85 08 00 20 f0 b1 77 08 00 45 00 ..>..... ..w..E.
0010 00 b4 dd 79 40 00 ff 11 32 01 99 5c 1c 03 99 5c [email protected]..\...\
0020 1d 02 07 14 07 14 00 a0 c0 35 02 33 00 98 a5 7b .........5.3...{
0030 70 a1 b0 75 dd db d4 95 29 b2 dd 71 25 e9 06 06 p..u....)..q%...
0040 00 00 00 02 07 06 00 00 00 01 08 06 ff ff ff fe ................
0050 0a 06 00 00 00 00 0b 09 73 74 64 2e 70 70 70 0c ........std.ppp.
0060 06 00 00 05 dc 0d 06 00 00 00 00 40 06 00 00 00 ...........@....
0070 03 41 06 00 00 00 01 45 14 fa cc a2 9f a4 58 1c .A.....E......X. <<< 45 14
fa cc .. no tag (=0)
0080 54 80 29 21 5e 2d 9e fd 38 58 95 42 0d 31 35 33 T.)!^-..8X.B.153
0090 2e 39 32 2e 32 39 2e 32 43 0e 31 35 33 2e 39 32 .92.29.2C.153.92
00a0 2e 32 38 2e 31 37 5a 06 6f 6c 6c 69 5b 11 72 61 .28.17Z.olli[.ra
00b0 63 6c 65 74 2e 6c 32 74 70 2e 63 6f 6d 52 05 32 clet.l2tp.comR.2
00c0 30 30 00
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
