Dear All
Can you point out the mistake about ip assignment from
radius side. Parts of radiusd.conf are as follows:
....
authorize {
preprocess
suffix
files
RAS
ippool RAS {
range-start = 192.168.59.193
range-stop = 192.168.59.195
netmask = 255.255.255.0
cache-size = 3
session-db = ${raddbdir}/db.ippool
ip-index = ${raddbdir}/db.ipindex
}
}
....
accounting {
# acct_unique
detail
# counter
unix
RAS
ippool RAS {
range-start = 192.168.59.193
range-stop = 192.168.59.195
netmask = 255.255.255.0
cache-size = 3
session-db = ${raddbdir}/db.ippool
ip-index = ${raddbdir}/db.ipindex
}
radutmp
# sradutmp
and the debug output as:
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file:
/usr/local/etc/raddb/proxy.conf
Config: including file:
/usr/local/etc/raddb/clients.conf
Config: including file:
/usr/local/etc/raddb/snmp.conf
Config: including file:
/usr/local/etc/raddb/sql.conf
main: prefix = "/usr/local"
main: localstatedir = "/usr/local/var"
main: logdir = "/usr/local/var/log/radius"
main: libdir = "/usr/local/lib"
main: radacctdir =
"/usr/local/var/log/radius/radacct"
main: hostname_lookups = no
read_config_files: reading dictionary
read_config_files: reading clients
read_config_files: reading realms
read_config_files: reading naslist
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_auth = no
main: log_auth_badpass = no
main: log_auth_goodpass = no
main: pidfile =
"/usr/local/var/run/radiusd/radiusd.pid"
main: user = "(null)"
main: group = "(null)"
main: usercollide = no
main: lower_user = "no"
main: lower_pass = "no"
main: nospace_user = "no"
main: nospace_pass = "no"
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
security: max_attributes = 200
security: reject_delay = 1
main: debug_level = 0
read_config_files: entering modules setup
Module: Library search path is /usr/local/lib
Module: Loaded System
unix: cache = yes
unix: passwd = "/etc/passwd"
unix: shadow = "/etc/shadow"
unix: group = "/etc/group"
unix: radwtmp = "/usr/local/var/log/radius/radwtmp"
unix: usegroup = no
unix: cache_reload = 600
HASH: Reinitializing hash structures and lists for
caching...
HASH: user root found in hashtable bucket 11726
HASH: user daemon found in hashtable bucket 11668
HASH: user bin found in hashtable bucket 86651
HASH: user sys found in hashtable bucket 64201
HASH: user adm found in hashtable bucket 26466
HASH: user lp found in hashtable bucket 54068
HASH: user uucp found in hashtable bucket 38541
HASH: user nuucp found in hashtable bucket 74587
HASH: user listen found in hashtable bucket 49327
HASH: user nobody found in hashtable bucket 99723
HASH: user noaccess found in hashtable bucket 80609
HASH: user nobody4 found in hashtable bucket 84789
HASH: user bbuser found in hashtable bucket 55147
HASH: user log found in hashtable bucket 40576
HASH: user mysql found in hashtable bucket 46314
HASH: user nokia found in hashtable bucket 87202
HASH: Stored 16 entries from /etc/passwd
HASH: Stored 19 entries from /etc/group
Module: Instantiated unix (unix)
Module: Loaded preprocess
preprocess: huntgroups =
"/usr/local/etc/raddb/huntgroups"
preprocess: hints = "/usr/local/etc/raddb/hints"
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
realm: format = "suffix"
realm: delimiter = "@"
Module: Instantiated realm (suffix)
Module: Loaded files
files: usersfile = "/usr/local/etc/raddb/users"
files: acctusersfile =
"/usr/local/etc/raddb/acct_users"
files: compat = "no"
Module: Instantiated files (files)
ERROR: Cannot find a configuration entry for module
"RAS".
#
however, when I put the "ippool RAS" section in
"module" section of radiusd.conf. the debug out as
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file:
/usr/local/etc/raddb/proxy.conf
Config: including file:
/usr/local/etc/raddb/clients.conf
Config: including file:
/usr/local/etc/raddb/snmp.conf
Config: including file:
/usr/local/etc/raddb/sql.conf
main: prefix = "/usr/local"
main: localstatedir = "/usr/local/var"
main: logdir = "/usr/local/var/log/radius"
main: libdir = "/usr/local/lib"
main: radacctdir =
"/usr/local/var/log/radius/radacct"
main: hostname_lookups = no
read_config_files: reading dictionary
read_config_files: reading clients
read_config_files: reading realms
read_config_files: reading naslist
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_auth = no
main: log_auth_badpass = no
main: log_auth_goodpass = no
main: pidfile =
"/usr/local/var/run/radiusd/radiusd.pid"
main: user = "(null)"
main: group = "(null)"
main: usercollide = no
main: lower_user = "no"
main: lower_pass = "no"
main: nospace_user = "no"
main: nospace_pass = "no"
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
security: max_attributes = 200
security: reject_delay = 1
main: debug_level = 0
read_config_files: entering modules setup
Module: Library search path is /usr/local/lib
Module: Loaded System
unix: cache = yes
unix: passwd = "/etc/passwd"
unix: shadow = "/etc/shadow"
unix: group = "/etc/group"
unix: radwtmp = "/usr/local/var/log/radius/radwtmp"
unix: usegroup = no
unix: cache_reload = 600
HASH: Reinitializing hash structures and lists for
caching...
HASH: user root found in hashtable bucket 11726
HASH: user daemon found in hashtable bucket 11668
HASH: user bin found in hashtable bucket 86651
HASH: user sys found in hashtable bucket 64201
HASH: user adm found in hashtable bucket 26466
HASH: user lp found in hashtable bucket 54068
HASH: user uucp found in hashtable bucket 38541
HASH: user nuucp found in hashtable bucket 74587
HASH: user listen found in hashtable bucket 49327
HASH: user nobody found in hashtable bucket 99723
HASH: user noaccess found in hashtable bucket 80609
HASH: user nobody4 found in hashtable bucket 84789
HASH: user bbuser found in hashtable bucket 55147
HASH: user log found in hashtable bucket 40576
HASH: user mysql found in hashtable bucket 46314
HASH: user nokia found in hashtable bucket 87202
HASH: Stored 16 entries from /etc/passwd
HASH: Stored 19 entries from /etc/group
Module: Instantiated unix (unix)
Module: Loaded preprocess
preprocess: huntgroups =
"/usr/local/etc/raddb/huntgroups"
preprocess: hints = "/usr/local/etc/raddb/hints"
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded IPPOOL
ippool: session-db = "/usr/local/etc/raddb/db.ippool"
ippool: ip-index = "/usr/local/etc/raddb/db.ipindex"
ippool: range-start = 192.168.59.193 IP address
[192.168.59.193]
ippool: range-stop = 192.168.59.195 IP address
[192.168.59.195]
ippool: netmask = 255.255.255.0 IP address
[255.255.255.0]
ippool: cache-size = 3
Module: Instantiated ippool (RAS)
Module: Loaded realm
realm: format = "suffix"
realm: delimiter = "@"
Module: Instantiated realm (suffix)
Module: Loaded files
files: usersfile = "/usr/local/etc/raddb/users"
files: acctusersfile =
"/usr/local/etc/raddb/acct_users"
files: compat = "no"
Module: Instantiated files (files)
Module: Loaded detail
detail: detailfile =
"/usr/local/var/log/radius/radacct/%{Client-IP-Addres
s}/detail"
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (detail)
Module: Loaded radutmp
radutmp: filename =
"/usr/local/var/log/radius/radutmp"
radutmp: username = "%{User-Name}"
radutmp: perm = 384
radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Listening on IP address *, ports 1812/udp and
1813/udp, with proxy on 1814/
udp.
Ready to process requests.
and failure connection output as:
rad_recv: Access-Request packet from host
192.168.59.244:1083, id=49, lengt
h=71
User-Name = "bb"
User-Password =
"\323\317\322\267\272\330\014t\365\223\337\004i\022
\273"
NAS-Port = 0
Framed-Protocol = PPP
NAS-Identifier = "AUD_AGENT"
NAS-Port-Type = Async
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
modcall[authorize]: module "RAS" returns noop
rlm_realm: Looking up realm NULL for User-Name =
"bb"
rlm_realm: No such realm NULL
modcall[authorize]: module "suffix" returns noop
users: Matched DEFAULT at 171
users: Matched DEFAULT at 197
users: Matched DEFAULT at 209
modcall[authorize]: module "files" returns ok
modcall: group authorize returns ok
rad_check_password: Found Auth-Type System
auth: type "System"
modcall: entering group authenticate
modcall[authenticate]: module "unix" returns
notfound
modcall: group authenticate returns notfound
auth: Failed to validate the user.
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 49 to 192.168.59.244:1083
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 49 with timestamp 3d63924f
Nothing to do. Sleeping until we see a request.
and the "usess" file as:
DEFAULT NAS-IP-Address == 192.168.59.244, Auth-Type :=
Accept, Pool-Name = "RAS"
K
_______________________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com.hk address at http://mail.english.yahoo.com.hk
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
