Hello all!,
I would like to config my freeradius server to store all the auth. info (also the
acct. info) in a mysql database. I've deployed the database definition included with
the freeradius source code, but it seems there is a problem with the rlm_ippool
interaction:
....
....
Module: Loaded IPPOOL
Module: Instantiated ippool (pool1)
....
Module: Instantiated ippool (pool2)
....
Module: Instantiated ippool (pool3)
....
Module: Instantiated ippool (pool4)
....
....
modcall: group authorize returns ok for request 1
rad_check_password: Found Auth-Type Local
auth: type Local
auth: user supplied CHAP-Password matches local User-Password
Login OK: [EMAIL PROTECTED] (from client prinet1 port 250 cli 914400345)
modcall: entering group post-auth for request 1
rlm_ippool: Could not find Pool-Name attribute.
modcall[post-auth]: module "pool1" returns noop for request 1
rlm_ippool: Could not find Pool-Name attribute.
modcall[post-auth]: module "pool2" returns noop for request 1
rlm_ippool: Could not find Pool-Name attribute.
modcall[post-auth]: module "pool3" returns noop for request 1
rlm_ippool: Could not find Pool-Name attribute.
modcall[post-auth]: module "pool4" returns noop for request 1
modcall: group post-auth returns noop for request 1
Sending Access-Accept of id 172 to 10.65.11.1:1645
Framed-Compression := Van-Jacobson-TCP-IP
Service-Type := Framed-User
Framed-Protocol := PPP
Idle-Timeout := 120
Framed-MTU := 1500
Finished request 1
The server cannot "tell" to rlm_ippool module what Pool-Name has to use, but if you
look at my database, you can see that Pool-Name attr. is defined:
mysql> select * from radreply where Username="[EMAIL PROTECTED]";
+----+-----------------+--------------------+----+---------------------+
| id | UserName | Attribute | op | Value |
+----+-----------------+--------------------+----+---------------------+
| 4 | [EMAIL PROTECTED] | Framed-Compression | := | Van-Jacobsen-TCP-IP |
| 5 | [EMAIL PROTECTED] | Pool-Name | := | pool4 |
+----+-----------------+--------------------+----+---------------------+
mysql> select * from usergroup where UserName="[EMAIL PROTECTED]";
+----+-----------------+---------------+
| id | UserName | GroupName |
+----+-----------------+---------------+
| 4 | [EMAIL PROTECTED] | prinet-dialup |
+----+-----------------+---------------+
1 row in set (0.00 sec)
mysql> select * from radgroupreply where GroupName="prinet-dialup";
+----+---------------+-----------------+----+-------------+------+
| id | GroupName | Attribute | op | Value | prio |
+----+---------------+-----------------+----+-------------+------+
| 4 | prinet-dialup | Service-Type | := | Framed-User | 0 |
| 5 | prinet-dialup | Framed-Protocol | := | PPP | 0 |
| 7 | prinet-dialup | Idle-Timeout | := | 120 | 0 |
| 13 | prinet-dialup | Framed-MTU | := | 1500 | 0 |
+----+---------------+-----------------+----+-------------+------+
5 rows in set (0.01 sec)
This is my radiusd.conf:
authorize {
preprocess
chap
mschap
sql
}
authenticate {
authtype PAP {
pap
}
authtype CHAP {
chap
}
authtype MS-CHAP {
mschap
}
unix
}
preacct {
preprocess
files
}
accounting {
acct_unique
detail
unix # wtmp file
radutmp
pool1
pool2
pool3
pool4
sql
}
session {
radutmp
sql
}
post-auth {
pool1
pool2
pool3
pool4
}
If you need the complete radiusd.conf, just tell me.
Thx in advance!!
Javier.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
