Hi all I'm newbie in freeradius, i've already installed freeradius-1.1.6, Mysql and MikroTik NAS.
I'm configuring my radius 1 session for every 1 user : +----+---------------+---------------------------+-----+-------------+ | id | UserName | Attribute | op | Value | +----+---------------+---------------------------+-----+--------------+ | 57 | [EMAIL PROTECTED] | Simultaneous-Use | := | 0 | | 42 | [EMAIL PROTECTED] | Password | == | denpasar | +----+---------------+---------------------------+----+---------------+ The problem is sometimes user cannot login even no session [EMAIL PROTECTED] user in Mikrotik NAS connected, I check with radwho, its shown below : [EMAIL PROTECTED] ~]# radwho Login Name What TTY When From Location [EMAIL PROTECTED] [EMAIL PROTECTED] PPP S232 Mon 17:43 129.47.26 172.16.30.79 [EMAIL PROTECTED] [EMAIL PROTECTED] PPP S245 Mon 19:53 129.47.26 172.16.30.246 [EMAIL PROTECTED] [EMAIL PROTECTED] PPP S189 Mon 13:12 129.47.26 172.16.30.255 [EMAIL PROTECTED] [EMAIL PROTECTED] PPP S218 Mon 13:20 129.47.26 172.16.30.252 no session [EMAIL PROTECTED] in that list… is'nt it ? but [EMAIL PROTECTED] still couldnot login, this is the log from radiusd –X : Ready to process requests. Nothing to do. Sleeping until we see a request. rad_recv: Access-Request packet from host 129.47.26.123:1088, id=8, length=179 Service-Type = Framed-User Framed-Protocol = PPP NAS-Port = 252 NAS-Port-Type = Ethernet User-Name = "[EMAIL PROTECTED]" Calling-Station-Id = "00:18:DE:69:F1:F3" Called-Station-Id = "VLAN TEST" NAS-Port-Id = "vlan_TEST" MS-CHAP-Domain = "idola" CHAP-Challenge = 0x0270131ced4933d4f26646e2946b2192 CHAP-Password = 0x016806e0edb33d434bc59078e233381b6c NAS-Identifier = "ROUTER INDUK" NAS-IP-Address = 129.47.26.123 Mikrotik-Realm = "idola" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 1 modcall[authorize]: module "preprocess" returns ok for request 1 rlm_chap: Setting 'Auth-Type := CHAP' modcall[authorize]: module "chap" returns ok for request 1 modcall[authorize]: module "mschap" returns noop for request 1 rlm_realm: Looking up realm "idola" for User-Name = "[EMAIL PROTECTED]" rlm_realm: No such realm "idola" modcall[authorize]: module "suffix" returns noop for request 1 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 1 users: Matched entry DEFAULT at line 163 users: Matched entry DEFAULT at line 183 users: Matched entry DEFAULT at line 195 modcall[authorize]: module "files" returns ok for request 1 radius_xlat: '[EMAIL PROTECTED]' rlm_sql (sql): sql_set_user escaped user --> '[EMAIL PROTECTED]' radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radcheck WHERE Username = '[EMAIL PROTECTED]' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 2 radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName, radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = '[EMAIL PROTECTED]' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radreply WHERE Username = '[EMAIL PROTECTED]' ORDER BY id' radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName, radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = '[EMAIL PROTECTED]' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql (sql): Released sql socket id: 2 modcall[authorize]: module "sql" returns ok for request 1 rlm_pap: Found existing Auth-Type, not changing it. modcall[authorize]: module "pap" returns noop for request 1 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "noresetcounter" returns noop for request 1 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "dailycounter" returns noop for request 1 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "monthlycounter" returns noop for request 1 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "mbcounter" returns noop for request 1 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "dailymbcounter" returns noop for request 1 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "monthlymbcounter" returns noop for request 1 modcall: leaving group authorize (returns ok) for request 1 rad_check_password: Found Auth-Type Local auth: type Local auth: user supplied CHAP-Password matches local User-Password Processing the session section of radiusd.conf modcall: entering group session for request 1 radius_xlat: '/usr/local/var/log/radius/radutmp' radius_xlat: '[EMAIL PROTECTED]' modcall[session]: module "radutmp" returns ok for request 1 modcall: leaving group session (returns ok) for request 1 Found Post-Auth-Type Processing the post-auth section of radiusd.conf modcall: entering group REJECT for request 1 rlm_sql (sql): Processing sql_postauth radius_xlat: '[EMAIL PROTECTED]' rlm_sql (sql): sql_set_user escaped user --> '[EMAIL PROTECTED]' radius_xlat: 'INSERT into radpostauth (id, user, pass, reply, date) values ('','[EMAIL PROTECTED]', 'Chap-Password', 'Access-Reject', NOW())' rlm_sql (sql) in sql_postauth: query is INSERT into radpostauth (id, user, pass,reply, date) values ('', '[EMAIL PROTECTED]', 'Chap-Password', 'Access-Reject', NOW()) rlm_sql (sql): Reserving sql socket id: 1 rlm_sql (sql): Released sql socket id: 1 modcall[post-auth]: module "sql" returns ok for request 1 modcall: leaving group REJECT (returns ok) for request 1 Delaying request 1 for 1 seconds Finished request 1 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... rad_recv: Access-Request packet from host 129.47.26.123:1088, id=8, length=179 Sending Access-Reject of id 8 to 129.47.26.123 port 1088 Reply-Message := "\r\nYou are already logged in - access denied\r\n\n" Waking up in 1 seconds... I have already checked my NAS and there is no session for [EMAIL PROTECTED], I try with radzap and still not working… Any help please… thanks trio
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html