Is there any configurable paramater to restrict a user for say upto 10 days and on the 11th day the user should be denied login.
Please help me in performing the above configuration and It will be great if some one can help me out in the below mentioned multiple radius server configurations.
Hopeing against hope for help :-(
Thanks, Vasudevan.S
Hi,
Can some one respond to this issue, Its very critical for my project.
Please let me know if you (list users) need any additional information on this.
Thanks, Vasudevan.S
Hi,
Please find the output in the primary server log.
I don't understand why it try's to check with the system users when it has to try with the secondry server.
rad_recv: Access-Request packet from host 192.168.112.77:58298, id=2, length=90 Calling-Station-Id = "31" User-Name = "[EMAIL PROTECTED]" User-Password = "dummy" NAS-Identifier = "vasus.india.adventnet.com" Thu Apr 8 12:34:28 2004 : Debug: modcall: entering group authorize for request 0 Thu Apr 8 12:34:28 2004 : Debug: modsingle[authorize]: calling preprocess (rlm_preprocess) for request 0 Thu Apr 8 12:34:28 2004 : Debug: modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 0 Thu Apr 8 12:34:28 2004 : Debug: modcall[authorize]: module "preprocess" returns ok for request 0 Thu Apr 8 12:34:28 2004 : Debug: modsingle[authorize]: calling chap (rlm_chap) for request 0 Thu Apr 8 12:34:28 2004 : Debug: modsingle[authorize]: returned from chap (rlm_chap) for request 0 Thu Apr 8 12:34:28 2004 : Debug: modcall[authorize]: module "chap" returns noop for request 0 Thu Apr 8 12:34:28 2004 : Debug: modsingle[authorize]: calling eap (rlm_eap) for request 0 Thu Apr 8 12:34:28 2004 : Debug: modsingle[authorize]: returned from eap (rlm_eap) for request 0 Thu Apr 8 12:34:28 2004 : Debug: modcall[authorize]: module "eap" returns noop for request 0 Thu Apr 8 12:34:28 2004 : Debug: modsingle[authorize]: calling suffix (rlm_realm) for request 0 Thu Apr 8 12:34:28 2004 : Debug: rlm_realm: Looking up realm "adventnet.com" for User-Name = "[EMAIL PROTECTED]" Thu Apr 8 12:34:28 2004 : Debug: rlm_realm: Found realm "DEFAULT" Thu Apr 8 12:34:28 2004 : Debug: rlm_realm: Adding Stripped-User-Name = "dummy" Thu Apr 8 12:34:28 2004 : Debug: rlm_realm: Proxying request from user dummy to realm DEFAULT Thu Apr 8 12:34:28 2004 : Debug: rlm_realm: Adding Realm = "DEFAULT" Thu Apr 8 12:34:28 2004 : Debug: rlm_realm: Authentication realm is LOCAL. Thu Apr 8 12:34:28 2004 : Debug: modsingle[authorize]: returned from suffix (rlm_realm) for request 0 Thu Apr 8 12:34:28 2004 : Debug: modcall[authorize]: module "suffix" returns noop for request 0 Thu Apr 8 12:34:28 2004 : Debug: modsingle[authorize]: calling files (rlm_files) for request 0 Thu Apr 8 12:34:28 2004 : Debug: users: Matched DEFAULT at 155 Thu Apr 8 12:34:28 2004 : Debug: modsingle[authorize]: returned from files (rlm_files) for request 0 Thu Apr 8 12:34:28 2004 : Debug: modcall[authorize]: module "files" returns ok for request 0 Thu Apr 8 12:34:28 2004 : Debug: modsingle[authorize]: calling mschap (rlm_mschap) for request 0 Thu Apr 8 12:34:28 2004 : Debug: modsingle[authorize]: returned from mschap (rlm_mschap) for request 0 Thu Apr 8 12:34:28 2004 : Debug: modcall[authorize]: module "mschap" returns noop for request 0 Thu Apr 8 12:34:28 2004 : Debug: modcall: group authorize returns ok for request 0 Thu Apr 8 12:34:28 2004 : Debug: rad_check_password: Found Auth-Type System Thu Apr 8 12:34:28 2004 : Debug: auth: type "System" Thu Apr 8 12:34:28 2004 : Debug: modcall: entering group authenticate for request 0 Thu Apr 8 12:34:28 2004 : Debug: modsingle[authenticate]: calling unix (rlm_unix) for request 0 Thu Apr 8 12:34:28 2004 : Debug: modsingle[authenticate]: returned from unix (rlm_unix) for request 0 Thu Apr 8 12:34:28 2004 : Debug: modcall[authenticate]: module "unix" returns notfound for request 0 Thu Apr 8 12:34:28 2004 : Debug: modcall: group authenticate returns notfound for request 0 Thu Apr 8 12:34:28 2004 : Debug: auth: Failed to validate the user. Thu Apr 8 12:34:28 2004 : Auth: Login incorrect: [dummy] (from client vasus.adventnet.com port 0 cli 31) Thu Apr 8 12:34:28 2004 : Debug: Delaying request 0 for 1 seconds
Thanks, Vasudevan.S
Hi,
Can anyone help me in configuring the proxy servers for fail over. Please find the proxy configuration I have done in the primary and secondary radius servers.
Primary Server (proxy.conf)
realm DEFAULT{
type = radius
authhost = wifi-test3.adventnet.com:1812
accthost = wifi-test3.adventnet.com:1813
secret = xydsudysdiu
ldflag = fail_over
}Secondry server (proxy.conf)
realm DEFAULT{
type = radius
authhost = vasus.adventnet.com:1812
accthost = vasus.adventnet.com:1813
secret = xydsudysdiu
ldflag = fail_over
}both are linux systems. I have added user in the secondary server and trying to authenticate the user. But the primary server never sends the request to the secondary server and try's to authenticate in the primary server itself and rejects the authentication request.
EndClient -- > Primary server --> Secondary server (user info in the secondary server)
Can any one shed some light on this. Hope most of the users in the list should have worked with multiple radius server configuration.
Thanks a lot to one and all for the support.
Regards, Vasudevan.S
Dear All,
Is there any document to configure failover using free radius installation if distributed setups (diff networks). If there is one please point to the doc.
Thanks, Vasudevan.S
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
