Hi
The connection is still failed after changing the
order in radiusd.conf and debug output as:
Module: Loaded files
files: usersfile = "/usr/local/etc/raddb/users"
files: acctusersfile =
"/usr/local/etc/raddb/acct_users"
files: compat = "no"
Module: Instantiated files (files)
Module: Loaded IPPOOL
ippool: session-db = "/usr/local/etc/raddb/db.ippool"
ippool: ip-index = "/usr/local/etc/raddb/db.ipindex"
ippool: range-start = 192.168.59.193 IP address
[192.168.59.193]
ippool: range-stop = 192.168.59.195 IP address
[192.168.59.195]
ippool: netmask = 255.255.255.0 IP address
[255.255.255.0]
ippool: cache-size = 3
Module: Instantiated ippool (RAS)
Module: Loaded detail
detail: detailfile =
"/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail"
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (detail)
Module: Loaded radutmp
radutmp: filename =
"/usr/local/var/log/radius/radutmp"
radutmp: username = "%{User-Name}"
radutmp: perm = 384
radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Listening on IP address *, ports 1812/udp and
1813/udp, with proxy on 1814/udp.
Ready to process requests.
rad_recv: Access-Request packet from host
192.168.59.244:1093, id=58, length=73
User-Name = "noki"
User-Password =
"\3713\363tW\257\223^g%\0261A\254\211"
NAS-Port = 0
Framed-Protocol = PPP
NAS-Identifier = "AUD_AGENT"
NAS-Port-Type = Async
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
rlm_realm: Looking up realm NULL for User-Name =
"noki"
rlm_realm: No such realm NULL
modcall[authorize]: module "suffix" returns noop
users: Matched DEFAULT at 185
users: Matched DEFAULT at 211
users: Matched DEFAULT at 223
modcall[authorize]: module "files" returns ok
modcall[authorize]: module "RAS" returns noop
modcall: group authorize returns ok
rad_check_password: Found Auth-Type System
auth: type "System"
modcall: entering group authenticate
modcall[authenticate]: module "unix" returns
notfound
modcall: group authenticate returns notfound
auth: Failed to validate the user.
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 58 to 192.168.59.244:1093
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 58 with timestamp 3d645b5f
Nothing to do. Sleeping until we see a request.
Here is the context of radiusd.conf:
module {
pam {...
}
unix {...
}
eap {...
}
...
(different modules in here)
....
ippool RAS {
range-start = 192.168.59.193
range-stop = 192.168.59.195
netmask = 255.255.255.0
cache-size = 3
session-db = ${raddbdir}/db.ippool
ip-index = ${raddbdir}/db.ipindex
}
}
authorize {
preprocess
eap
suffix
files
RAS
}
authenticate {
unix
}
accounting {
detail
# counter
unix
RAS
radutmp
}
and context of "users":
DEFAULT NAS-IP-Address == 192.168.59.244, Auth-Type :=
Accept, Pool-Name = "RAS"
Service-Type = Framed-User,
Framed-MTU = 1500,
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-Compression = Van-Jacobson-TCP-IP
but there is no problem of the connection for change
the config to:
DEFAULT Auth-Type := Accept
Service-Type = Framed-User,
Framed-IP-Address = 192.168.59.192+,
Framed-MTU = 1500,
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-Compression = Van-Jacobson-TCP-IP
Another question that may it work for this entry in
"users" config:
DEFAULT NAS-IP-Address == 192.168.59.244, Auth-Type :=
System, Pool-Name = "RAS_1"
Service-Type = Framed-User,
Framed-MTU = 1500,
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-Compression = Van-Jacobson-TCP-IP
DEFAULT NAS-IP-Address == 192.168.59.245, Auth-Type :=
System, Pool-Name = "RAS_2"
Service-Type = Framed-User,
Framed-MTU = 1500,
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-Compression = Van-Jacobson-TCP-IP
when I have two RAS which ip 192.168.59.244 and
192.168.59.255 are. They would assign separate ip
range to two group of dialup users
k
--- Kostas Kalevras <[EMAIL PROTECTED]> wrote: > On
Wed, 21 Aug 2002, [iso-8859-1] ho k wrote:
>
> > Dear All
> >
> > Can you point out the mistake about ip assignment
> from
> > radius side. Parts of radiusd.conf are as follows:
> >
> > ....
> > authorize {
> > preprocess
> > suffix
> > files
> > RAS
> > ippool RAS {
> > range-start = 192.168.59.193
> > range-stop = 192.168.59.195
> > netmask = 255.255.255.0
> > cache-size = 3
> > session-db = ${raddbdir}/db.ippool
> > ip-index = ${raddbdir}/db.ipindex
> > }
> > }
> >
> > and failure connection output as:
> > rad_recv: Access-Request packet from host
> > 192.168.59.244:1083, id=49, lengt
> > h=71
> > User-Name = "bb"
> > User-Password =
> >
> "\323\317\322\267\272\330\014t\365\223\337\004i\022
> > \273"
> > NAS-Port = 0
> > Framed-Protocol = PPP
> > NAS-Identifier = "AUD_AGENT"
> > NAS-Port-Type = Async
> > modcall: entering group authorize
> > modcall[authorize]: module "preprocess" returns
> ok
> > modcall[authorize]: module "RAS" returns noop
> > rlm_realm: Looking up realm NULL for User-Name
> =
> > "bb"
> > rlm_realm: No such realm NULL
> > modcall[authorize]: module "suffix" returns noop
> > users: Matched DEFAULT at 171
> > users: Matched DEFAULT at 197
> > users: Matched DEFAULT at 209
> > modcall[authorize]: module "files" returns ok
> > modcall: group authorize returns ok
>
> From the modcall[authorize] messages it seems that
> your authorize section is
>
> authorize{
> preprocess
> RAS
> suffix
> files
> }
>
> whilst it should be
>
> authorize{
> preprocess
> suffix
> files
> RAS
> }
>
> >
> > and the "usess" file as:
> >
> > DEFAULT NAS-IP-Address == 192.168.59.244,
> Auth-Type :=
> > Accept, Pool-Name = "RAS"
>
> --
> Kostas Kalevras Network Operations Center
> [EMAIL PROTECTED] National Technical University of
> Athens, Greece
> Work Phone: +30 10 7721861
> 'Go back to the shadow' Gandalf
>
>
> -
> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
_______________________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com.hk address at http://mail.english.yahoo.com.hk
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
