Hi again, I need to have some solution about this, Chris can you
helpme ?, any one on the list please ?
Thank you very much.
JM> Chris,
JM> thank for your answer,
JM> I put radius on debug mode, then called nas (Total Control
JM> w/HiperArc) as a user that where connected, but I don't see any error
JM> .... and the request have not been rejected.
JM> Below is the result of debug mode.
JM> After that you have again radiusd.conf.
JM> Thank for your help !
JM> Jorge.
>>>Hi all !,
>>>
>>>I am having some trouble about simultaneous connnection.
>>>I can not see where would be the error on configuration, if any, and did
>>>not get nothing browsing docs, faqs, etc, that were applicable to my config.
>>>Can some one give some idea about this ?.
>>
>>What error messages did you receive, and what is the output from running
>>'radiusd -X' ( debug mode ) telling you?
>>
>>-Chris
JM> ----- Results from "radiusd -X"
JM> Starting - reading configuration files ...
JM> reread_config: reading radiusd.conf
JM> Config: including file: /etc/raddb/proxy.conf
JM> Config: including file: /etc/raddb/clients.conf
JM> Config: including file: /etc/raddb/snmp.conf
JM> Config: including file: /etc/raddb/sql.conf
JM> main: prefix = "/usr"
JM> main: localstatedir = "/usr/var"
JM> main: logdir = "/var/log/radius"
JM> main: libdir = "/usr/lib"
JM> main: radacctdir = "/var/log/radius/radacct"
JM> main: hostname_lookups = no
JM> read_config_files: reading dictionary
JM> read_config_files: reading clients
JM> read_config_files: reading realms
JM> read_config_files: reading naslist
JM> main: max_request_time = 30
JM> main: cleanup_delay = 5
JM> main: max_requests = 1024
JM> main: delete_blocked_requests = 0
JM> main: port = 0
JM> main: allow_core_dumps = no
JM> main: log_stripped_names = yes
JM> main: log_auth = yes
JM> main: log_auth_badpass = yes
JM> main: log_auth_goodpass = no
JM> main: pidfile = "/var/run/radius/radiusd.pid"
JM> main: user = "radius"
JM> main: group = "radius"
JM> main: usercollide = no
JM> main: lower_user = "no"
JM> main: lower_pass = "no"
JM> main: nospace_user = "no"
JM> main: nospace_pass = "no"
JM> main: proxy_requests = yes
JM> proxy: retry_delay = 5
JM> proxy: retry_count = 3
JM> proxy: synchronous = no
JM> proxy: default_fallback = yes
JM> proxy: dead_time = 120
JM> security: max_attributes = 200
JM> security: reject_delay = 1
JM> main: debug_level = 0
JM> read_config_files: entering modules setup
JM> Module: Library search path is /usr/lib
JM> Module: Loaded preprocess
JM> preprocess: huntgroups = "/etc/raddb/huntgroups"
JM> preprocess: hints = "/etc/raddb/hints"
JM> preprocess: with_ascend_hack = no
JM> preprocess: ascend_channels_per_line = 23
JM> preprocess: with_ntdomain_hack = no
JM> preprocess: with_specialix_jetstream_hack = no
JM> preprocess: with_cisco_vsa_hack = no
JM> Module: Instantiated preprocess (preprocess)
JM> Module: Loaded realm
JM> realm: format = "suffix"
JM> realm: delimiter = "@"
JM> Module: Instantiated realm (suffix)
JM> Module: Loaded SQL
JM> sql: driver = "rlm_sql_mysql"
JM> sql: server = "localhost"
JM> sql: port = ""
JM> sql: login = "digitalcoop"
JM> sql: password = "digitalcoop"
JM> sql: radius_db = "digitalcoop"
JM> sql: acct_table = "radacct"
JM> sql: acct_table2 = "radacct"
JM> sql: authcheck_table = "radcheck"
JM> sql: authreply_table = "radreply"
JM> sql: groupcheck_table = "radgroupcheck"
JM> sql: groupreply_table = "radgroupreply"
JM> sql: usergroup_table = "usergroup"
JM> sql: nas_table = "nas"
JM> sql: dict_table = "dictionary"
JM> sql: sqltrace = no
JM> sql: sqltracefile = "/var/log/radius/sqltrace.sql"
JM> sql: deletestalesessions = yes
JM> sql: num_sql_socks = 5
JM> sql: sql_user_name = "%{User-Name}"
JM> sql: authorize_check_query = "SELECT id,UserName,Attribute,Value,op FROM radcheck
WHERE Username =
JM> '%{SQL-User-Name}' ORDER BY id"
JM> sql: authorize_reply_query = "SELECT id,UserName,Attribute,Value,op FROM radreply
WHERE Username =
JM> '%{SQL-User-Name}' ORDER BY id"
JM> sql: authorize_group_check_query = "SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.A
JM> ttribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE
usergroup.Username
JM> = '%{SQL-User-Name}' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY
radgroupcheck.id"
JM> sql: authorize_group_reply_query = "SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.A
JM> ttribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE
usergroup.Username
JM> = '%{SQL-User-Name}' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY
radgroupreply.id"
JM> sql: authenticate_query = "SELECT Value,Attribute FROM radcheck WHERE UserName =
'%{User-Name}' AND
JM> ( Attribute = 'User-Password' OR Attribute = 'Password' OR Attribute =
'Crypt-Password' ) ORDER BY
JM> Attribute DESC"
JM> sql: accounting_onoff_query = "UPDATE radacct SET AcctStopTime='%S',
AcctSessionTime=unix_timestamp
JM> ('%S') - unix_timestamp(AcctStartTime),
AcctTerminateCause='%{Acct-Terminate-Cause}', AcctStopDelay
JM> = %{Acct-Delay-Time} WHERE AcctSessionTime=0 AND AcctStopTime=0 AND NASIPAddress=
'%{NAS-IP-Address}
JM> ' AND AcctStartTime <= '%S'"
JM> sql: accounting_update_query = "UPDATE radacct SET FramedIPAddress =
'%{Framed-IP-Address}' WHERE A
JM> cctSessionId = '%{Acct-Session-Id}' AND UserName = '%{SQL-User-Name}' AND
NASIPAddress= '%{NAS-IP-Ad
JM> dress}' AND AcctStopTime = 0"
JM> sql: accounting_start_query = "INSERT into radacct (RadAcctId, AcctSessionId,
AcctUniqueId, UserNam
JM> e, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime, AcctStopTime,
AcctSessionTime, AcctAu
JM> thentic, ConnectInfo_start, ConnectInfo_stop, AcctInputOctets, AcctOutputOctets,
CalledStationId, Ca
JM> llingStationId, AcctTerminateCause, ServiceType, FramedProtocol, FramedIPAddress,
AcctStartDelay, Ac
JM> ctStopDelay) values('', '%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',
'%{SQL-User-Name}', '%{Re
JM> alm}', '%{NAS-IP-Address}', '%{NAS-Port-Id}', '%{NAS-Port-Type}', '%S', '0', '0',
'%{Acct-Authentic}
JM> ', '%{Connect-Info}', '', '0', '0', '%{Called-Station-Id}',
'%{Calling-Station-Id}', '', '%{Service-
JM> Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '%{Acct-Delay-Time}', '0')"
JM> sql: accounting_start_query_alt = "UPDATE radacct SET AcctStartTime = '%S',
AcctStartDelay = '%{Acc
JM> t-Delay-Time}', ConnectInfo_start = '%{Connect-Info}' WHERE AcctSessionId =
'%{Acct-Session-Id}' AND
JM> UserName = '%{SQL-User-Name}' AND NASIPAddress = '%{NAS-IP-Address}' AND
AcctStopTime = 0"
JM> sql: accounting_stop_query = "UPDATE radacct SET AcctStopTime = '%S',
AcctSessionTime = '%{Acct-Ses
JM> sion-Time}', AcctInputOctets = '%{Acct-Input-Octets}', AcctOutputOctets =
'%{Acct-Output-Octets}', A
JM> cctTerminateCause = '%{Acct-Terminate-Cause}', AcctStopDelay =
'%{Acct-Delay-Time}', ConnectInfo_sto
JM> p = '%{Connect-Info}' WHERE AcctSessionId = '%{Acct-Session-Id}' AND UserName =
'%{SQL-User-Name}' A
JM> ND NASIPAddress = '%{NAS-IP-Address}' AND AcctStopTime = 0"
JM> sql: accounting_stop_query_alt = "INSERT into radacct (RadAcctId, AcctSessionId,
AcctUniqueId, User
JM> Name, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime, AcctStopTime,
AcctSessionTime, Acc
JM> tAuthentic, ConnectInfo_start, ConnectInfo_stop, AcctInputOctets,
AcctOutputOctets, CalledStationId,
JM> CallingStationId, AcctTerminateCause, ServiceType, FramedProtocol,
FramedIPAddress, AcctStartDelay,
JM> AcctStopDelay) values('', '%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',
'%{SQL-User-Name}', '%
JM> {Realm}', '%{NAS-IP-Address}', '%{NAS-Port-Id}', '%{NAS-Port-Type}', '0', '%S',
'%{Acct-Session-Time
JM> }', '%{Acct-Authentic}', '', '%{Connect-Info}', '%{Acct-Input-Octets}',
'%{Acct-Output-Octets}', '%{
JM> Called-Station-Id}', '%{Calling-Station-Id}', '%{Acct-Terminate-Cause}',
'%{Service-Type}', '%{Frame
JM> d-Protocol}', '%{Framed-IP-Address}', '0', '%{Acct-Delay-Time}')"
JM> sql: connect_failure_retry_delay = 60
JM> sql: simul_count_query = ""
JM> sql: simul_verify_query = "SELECT RadAcctId, AcctSessionId, UserName,
NASIPAddress, NASPortId, Fram
JM> edIPAddress, CalledStationId FROM radacct WHERE UserName='%{SQL-User-Name}' AND
AcctStopTime = 0"
JM> sql: simul_zap_query = "DELETE FROM radacct WHERE RadAcctId = '%s'"
JM> rlm_sql: Driver rlm_sql_mysql loaded and linked
JM> rlm_sql: Attempting to connect to digitalcoop@localhost:/digitalcoop
JM> rlm_sql: Connected new DB handle, #0
JM> rlm_sql: Connected new DB handle, #1
JM> rlm_sql: Connected new DB handle, #2
JM> rlm_sql: Connected new DB handle, #3
JM> rlm_sql: Connected new DB handle, #4
JM> Module: Instantiated sql (sql)
JM> Module: Loaded files
JM> files: usersfile = "/etc/raddb/users"
JM> files: acctusersfile = "/etc/raddb/acct_users"
JM> files: compat = "no"
JM> Module: Instantiated files (files)
JM> Module: Loaded radutmp
JM> radutmp: filename = "/var/log/radius/radutmp"
JM> radutmp: username = "%{User-Name}"
JM> radutmp: perm = 384
JM> radutmp: callerid = yes
JM> Module: Instantiated radutmp (radutmp)
JM> Listening on IP address *, ports 1812/udp and 1813/udp, with proxy on 1814/udp.
JM> Ready to process requests.
JM> rad_recv: Access-Request packet from host 200.43.61.6:1645, id=203, length=193
JM> User-Name = "susanagabriela"
JM> User-Password = "n\004v\262Q\373A\330\237(HdC\317$\263"
JM> NAS-IP-Address = 200.43.61.6
JM> NAS-Port = 769
JM> Acct-Session-Id = "45050"
JM> USR-Interface-Index = 2025
JM> USR-Supports-Tags = 0
JM> Service-Type = Framed-User
JM> Framed-Protocol = PPP
JM> USR-Chassis-Call-Slot = 4
JM> USR-Chassis-Call-Span = 1
JM> USR-Chassis-Call-Channel = 1
JM> USR-Connect-Speed = NONE
JM> Calling-Station-Id = "3548491674"
JM> Called-Station-Id = "7000"
JM> NAS-Port-Type = Async
JM> modcall: entering group authorize
JM> modcall[authorize]: module "preprocess" returns ok
JM> rlm_realm: Looking up realm NULL for User-Name = "susanagabriela"
JM> rlm_realm: No such realm NULL
JM> modcall[authorize]: module "suffix" returns noop
JM> radius_xlat: 'susanagabriela'
JM> sql_set_user: escaped user --> 'susanagabriela'
JM> radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username
= 'susanagabriela'
JM> ORDER BY id'
JM> rlm_sql: Reserving sql socket id: 4
JM> radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck
JM> .Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username =
'susanagabriela' AN
JM> D usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
JM> radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username
= 'susanagabriela'
JM> ORDER BY id'
JM> radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply
JM> .Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username =
'susanagabriela' AN
JM> D usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
JM> radius_xlat: 'SELECT Value,Attribute FROM radcheck WHERE UserName =
'susanagabriela' AND ( Attribut
JM> e = 'User-Password' OR Attribute = 'Password' OR Attribute = 'Crypt-Password' )
ORDER BY Attribute D
JM> ESC'
JM> rlm_sql: Released sql socket id: 4
JM> modcall[authorize]: module "sql" returns ok
JM> modcall: group authorize returns ok
JM> auth: type Local
JM> auth: user supplied User-Password matches local User-Password
JM> Login OK: [susanagabriela] (from client digitalcop-nas port 769 cli 3548491674)
JM> Sending Access-Accept of id 203 to 200.43.61.6:1645
JM> Framed-Protocol = PPP
JM> Framed-Compression = Van-Jacobson-TCP-IP
JM> Framed-IP-Address = 255.255.255.254
JM> Service-Type = Framed-User
JM> Finished request 0
JM> Going to the next request
JM> --- Walking the entire request list ---
JM> Waking up in 6 seconds...
JM> rad_recv: Accounting-Request packet from host 200.43.61.6:1646, id=185, length=295
JM> User-Name = "susanagabriela"
JM> NAS-IP-Address = 200.43.61.6
JM> Acct-Status-Type = Start
JM> Acct-Session-Id = "45050"
JM> Acct-Delay-Time = 0
JM> Acct-Authentic = RADIUS
JM> Service-Type = Framed-User
JM> NAS-Port-Type = Async
JM> NAS-Port = 769
JM> USR-Modem-Training-Time = 19
JM> USR-Interface-Index = 2025
JM> USR-Chassis-Call-Slot = 4
JM> USR-Chassis-Call-Span = 1
JM> USR-Chassis-Call-Channel = 1
JM> USR-Unauthenticated-Time = 4
JM> Calling-Station-Id = "3548491674"
JM> Called-Station-Id = "7000"
JM> USR-Modulation-Type = v90Digital
JM> USR-Simplified-MNP-Levels = ccittV42
JM> USR-Simplified-V42bis-Usage = ccittV42bis
JM> USR-Connect-Speed = 50666-BPS
JM> Framed-Protocol = PPP
JM> Framed-IP-Address = 200.43.61.65
JM> USR-VTS-Session-Key = "\302\002\377\002\377U\360\347a\314{\277G\034G\261"
JM> USR-Call-Arrival-Time = 214525749
JM> modcall: entering group preacct
JM> modcall[preacct]: module "preprocess" returns noop
JM> rlm_realm: Looking up realm NULL for User-Name = "susanagabriela"
JM> rlm_realm: No such realm NULL
JM> modcall[preacct]: module "suffix" returns noop
JM> modcall[preacct]: module "files" returns noop
JM> modcall: group preacct returns noop
JM> modcall: entering group accounting
JM> radius_xlat: 'susanagabriela'
JM> sql_set_user: escaped user --> 'susanagabriela'
JM> radius_xlat: 'INSERT into radacct (RadAcctId, AcctSessionId, AcctUniqueId,
UserName, Realm, NASIPAd
JM> dress, NASPortId, NASPortType, AcctStartTime, AcctStopTime, AcctSessionTime,
AcctAuthentic, ConnectI
JM> nfo_start, ConnectInfo_stop, AcctInputOctets, AcctOutputOctets, CalledStationId,
CallingStationId, A
JM> cctTerminateCause, ServiceType, FramedProtocol, FramedIPAddress, AcctStartDelay,
AcctStopDelay) valu
JM> es('', '45050', '', 'susanagabriela', '', '200.43.61.6', '', 'Async', '2002-10-18
22:20:50', '0', '0
JM> ', 'RADIUS', '', '', '0', '0', '7000', '3548491674', '', 'Framed-User', 'PPP',
'200.43.61.65', '0',
JM> '0')'
JM> rlm_sql: Reserving sql socket id: 3
JM> rlm_sql: Released sql socket id: 3
JM> modcall[accounting]: module "sql" returns ok
JM> radius_xlat: 'susanagabriela'
JM> modcall[accounting]: module "radutmp" returns ok
JM> modcall: group accounting returns ok
JM> Sending Accounting-Response of id 185 to 200.43.61.6:1646
JM> Finished request 1
JM> Going to the next request
JM> --- Walking the entire request list ---
JM> Cleaning up request 1 ID 185 with timestamp 3db0c182
JM> Waking up in 4 seconds...
JM> --- Walking the entire request list ---
JM> Cleaning up request 0 ID 203 with timestamp 3db0c180
JM> Nothing to do. Sleeping until we see a request.
JM> ------------- End of radiud -X
JM> ---- radiusd.conf:
JM> prefix = /usr/local/freeradius
JM> exec_prefix = ${prefix}
JM> sysconfdir = ${prefix}/etc
JM> localstatedir = ${prefix}/var
JM> sbindir = ${exec_prefix}/sbin
JM> logdir = ${localstatedir}/log/radius
JM> raddbdir = ${sysconfdir}/raddb
JM> radacctdir = ${logdir}/radacct
JM> confdir = ${raddbdir}
JM> run_dir = ${localstatedir}/run/radiusd
JM> libdir = ${exec_prefix}/lib
JM> pidfile = ${run_dir}/radiusd.pid
JM> user = radius
JM> group = radius
JM> max_request_time = 30
JM> delete_blocked_requests = no
JM> cleanup_delay = 5
JM> max_requests = 1024
JM> bind_address = *
JM> port = 0
JM> hostname_lookups = no
JM> allow_core_dumps = no
JM> regular_expressions = yes
JM> extended_expressions = yes
JM> log_stripped_names = no
JM> log_auth = no
JM> log_auth_badpass = no
JM> log_auth_goodpass = no
JM> usercollide = no
JM> lower_user = no
JM> lower_pass = no
JM> nospace_user = no
JM> nospace_pass = no
JM> checkrad = ${sbindir}/checkrad
JM> security {
JM> max_attributes = 200
JM> reject_delay = 1
JM> }
JM> proxy_requests = yes
JM> $INCLUDE ${confdir}/proxy.conf
JM> $INCLUDE ${confdir}/clients.conf
JM> $INCLUDE ${confdir}/snmp.conf
JM> thread pool {
JM> start_servers = 5
JM> max_servers = 32
JM> min_spare_servers = 3
JM> max_spare_servers = 10
JM> max_requests_per_server = 0
JM> }
JM> modules {
JM> realm suffix {
JM> format = suffix
JM> delimiter = "@"
JM> }
JM> preprocess {
JM> huntgroups = ${confdir}/huntgroups
JM> hints = ${confdir}/hints
JM> with_ascend_hack = no
JM> ascend_channels_per_line = 23
JM> with_ntdomain_hack = no
JM> with_specialix_jetstream_hack = no
JM> with_cisco_vsa_hack = no
JM> }
JM> acct_unique {
JM> key = "User-Name, Acct-Session-Id, NAS-IP-Address,
Client-IP-Address, NAS-Port-Id"
JM> }
JM> $INCLUDE ${confdir}/sql.conf
JM> always fail {
JM> rcode = fail
JM> }
JM> always reject {
JM> rcode = reject
JM> }
JM> always ok {
JM> rcode = ok
JM> simulcount = 0
JM> mpp = no
JM> }
JM> }
JM> authorize {
JM> preprocess
JM> suffix
JM> sql
JM> }
JM> authenticate {
JM> sql
JM> }
JM> preacct {
JM> preprocess
JM> suffix
JM> }
JM> accounting {
JM> sql
JM> }
JM> session {
JM> sql
JM> }
JM> -
JM> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
----
Saludos,
Jorge
mailto:jorge@;minassian.net
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
