I used freeradius-snapshot-20020922.tar.gz for testing
and I get the error if I do not uncomment the "RAS"
ip-pool name entry in "authorize" section of
radiusd.conf
Module: Loaded IPPOOL
ippool: session-db = "/usr/local/etc/raddb/db.ippool"
ippool: ip-index = "/usr/local/etc/raddb/db.ipindex"
ippool: range-start = 192.168.59.193 IP address
[192.168.59.193]
ippool: range-stop = 192.168.59.195 IP address
[192.168.59.195]
ippool: netmask = 255.255.255.0 IP address
[255.255.255.0]
ippool: cache-size = 3
Module: Instantiated ippool (RAS)
radiusd.conf: "IPPOOL" modules aren't allowed in
'authorize' sections -- they have no such
method.
Here is the contexts of radiusd.conf:
modules {
ippool RAS1 {
range-start = 192.168.31.193
range-stop = 192.168.31.195
netmask = 255.255.255.0
cache-size = 3
session-db = ${raddbdir}/db1.ippool
ip-index = ${raddbdir}/db1.ipindex
}
}
Authorize {
preprocess
suffix
files
# RAS1 <-should be uncomment for starting radius
}
Authenticate {
unix
}
preacct {
preprocess
suffix
files
}
accounting {
detail
unix
RAS1
radutmp
}
session {
radutmp
}
# Post-Auth. Run the ippool module.
post-auth {
# main_pool
}
and users file:
b NAS-IP-Address == 192.168.31.10, Auth-Type :=
Local, Password == "b", Pool-Name := "
RAS1"
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-Routing = Broadcast-Listen,
Framed-MTU = 1500,
Framed-Compression = Van-Jacobson-TCP-IP
the debug output:
rad_recv: Access-Request packet from host
192.168.31.10:1645, id=129, length=92
NAS-IP-Address = 192.168.31.10
NAS-Port = 1
NAS-Port-Type = Async
User-Name = "b"
Called-Station-Id = "190962"
Calling-Station-Id = "85290200959"
User-Password = "b"
Service-Type = Framed-User
Framed-Protocol = PPP
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
rlm_realm: No '@' in User-Name = "b", looking up
realm NULL
rlm_realm: No such realm NULL
modcall[authorize]: module "suffix" returns noop
users: Matched b at 152
modcall[authorize]: module "files" returns ok
modcall: group authorize returns ok
rad_check_password: Found Auth-Type Local
auth: type Local
auth: user supplied User-Password matches local
User-Password
Sending Access-Accept of id 129 to 192.168.31.10:1645
Service-Type = Framed-User
Framed-Protocol = PPP
Framed-Routing = Broadcast-Listen
Framed-MTU = 1500
Framed-Compression = Van-Jacobson-TCP-IP
Finished request 0
It seems most likely the ip-pool module have not be
running.
Thanks
K
--- Kostas Kalevras <[EMAIL PROTECTED]> wrote: > On
Mon, 23 Sep 2002, [iso-8859-1] ho k wrote:
>
> > Hi
> > Have any solution to solve this issue? I have used
> > freeradius-0.7.1 and solaris 2.7
>
> You could try using the latest module from the cvs
> tree. Other than that if your
> nas does not send an accounting stop for the
> corresponding port or at least
> there is a new access request for the same port, the
> module will be unable to
> deallocate the corresponding ip from the pool and
> consequently you will run out
> of ip's. So make sure that accounting works ok.
>
> > I also have question why the ip assignment is not
> from
> > the beginning of ip pool. The first ip address in
> > ip-pool is 192.168.59.123 and end in
> 192.168.59.125.
>
> The module will use the gdbm functions to walk
> through the ip database and find
> a free ip. There is no guarantee for the order of
> the ip's in the file. As a
> result the allocated ip's will be more or less
> random.
>
> --
> Kostas Kalevras Network Operations Center
> [EMAIL PROTECTED] National Technical University of
> Athens, Greece
> Work Phone: +30 10 7721861
> 'Go back to the shadow' Gandalf
>
>
> -
> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
_______________________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com.hk address at http://mail.english.yahoo.com.hk
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
