hello,
running radius in debug mode doesn't give any log file ,i meen it doesn't
give logs in radiusd.log ; if you give me your result when you have rubn
radiusd -X -A perhaps i can help
regards
[EMAIL PROTECTED] a écrit :
Hi 1 I am using eap-tls authentication.My setup is working well with
certificates. I am unable to get logs of user login ok or denied in the
radius.log file [EMAIL PROTECTED] sbin]# radiusd -X -A Starting - reading
configuration files ... reread_config: reading radiusd.conf Config:
including file: /etc/raddb/proxy.conf Config: including file:
/etc/raddb/clients.conf Config: including file: /etc/raddb/snmp.conf
Config: including file: /etc/raddb/eap.conf Config: including file:
/etc/raddb/sql.conf main: prefix = \"/usr/local\" main: localstatedir =
\"/usr/local/var\" main: logdir = \"/usr/local/var/log/radius\" main:
libdir = \"/usr/local/lib\" main: radacctdir =
\"/usr/local/var/log/radius/radacct\" main: hostname_lookups = no main:
snmp = no main: max_request_time = 30 main: cleanup_delay = 5 main:
max_requests = 1024 main: delete_blocked_requests = 0 main: port = 0
main: allow_core_dumps = no main: log_stripped_names
= yes main: log_file = \"/usr/local/var/log/radius/radius.log\" main:
log_auth = yes main: log_auth_badpass = yes main: log_auth_goodpass = yes
main: pidfile = \"/usr/local/var/run/radiusd/radiusd.pid\" main: user =
\"(null)\" main: group = \"(null)\" main: usercollide = no main:
lower_user = \"no\" main: lower_pass = \"no\" main: nospace_user = \"no\"
main: nospace_pass = \"no\" main: checkrad = \"/usr/local/sbin/checkrad\"
main: proxy_requests = yes proxy: retry_delay = 5 proxy: retry_count = 3
proxy: synchronous = no proxy: default_fallback = yes proxy: dead_time =
120 proxy: post_proxy_authorize = no proxy: wake_all_if_all_dead = no
security: max_attributes = 200 security: reject_delay = 1 security:
status_server = no main: debug_level = 0 read_config_files: reading
dictionary read_config_files: reading naslist Using deprecated naslist file.
Support for this will go away soon. read_config_files: reading clients
read_config_files: reading realms radiusd: entering modules setup Module:
Library search path is /usr/local/lib Module: Loaded exec exec: wait = yes
exec: program = \"(null)\" exec: input_pairs = \"request\" exec:
output_pairs = \"(null)\" exec: packet_type = \"(null)\" rlm_exec: Wait=yes
but no output defined. Did you mean output=none? Module: Instantiated exec
(exec) Module: Loaded expr Module: Instantiated expr (expr) Module: Loaded
System unix: cache = no unix: passwd = \"(null)\" unix: shadow =
\"(null)\" unix: group = \"(null)\" unix: radwtmp =
\"/usr/local/var/log/radius/radwtmp\" unix: usegroup = no unix:
cache_reload = 600 Module: Instantiated unix (unix) Module: Loaded eap eap:
default_eap_type = \"tls\" eap: timer_expire = 60 eap:
ignore_unknown_eap_types = no eap: cisco_accounting_username_bug = no
rlm_eap: Loaded and initialized type md5 rlm_eap: Loaded and initialized type
leap gtc: challenge = \"Password: \"
gtc: auth_type = \"PAP\" rlm_eap: Loaded and initialized type gtc tls:
rsa_key_exchange = no tls: dh_key_exchange = yes tls: rsa_key_length = 512
tls: dh_key_length = 512 tls: verify_depth = 0 tls: CA_path = \"(null)\"
tls: pem_file_type = yes tls: private_key_file = \"/etc/1x/07xwifi.pem\"
tls: certificate_file = \"/etc/1x/07xwifi.pem\" tls: CA_file =
\"/etc/1x/root.pem\" tls: private_key_password = \"password\" tls: dh_file
= \"/etc/1x/DH\" tls: random_file = \"/etc/1x/random\" tls: fragment_size =
1024 tls: include_length = yes tls: check_crl = no tls: check_cert_cn =
\"(null)\" tls: cipher_list = \"(null)\" tls: check_cert_issuer =
\"(null)\" rlm_eap_tls: Loading the certificate file as a chain WARNING:
rlm_eap_tls: Unable to set DH parameters. DH cipher suites may not work!
WARNING: Fix this by running the OpenSSL command listed in eap.conf rlm_eap:
Loaded and initialized type tls mschapv2: with_ntdomain_hack = no
rlm_eap: Loaded and initialized type mschapv2 Module: Instantiated eap (eap)
Module: Loaded preprocess preprocess: huntgroups = \"/etc/raddb/huntgroups\"
preprocess: hints = \"/etc/raddb/hints\" preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23 preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no preprocess:
with_cisco_vsa_hack = no preprocess: with_alvarion_vsa_hack = no Module:
Instantiated preprocess (preprocess) Module: Loaded realm realm: format =
\"suffix\" realm: delimiter = \"@\" realm: ignore_default = no realm:
ignore_null = no Module: Instantiated realm (suffix) Module: Loaded files
files: usersfile = \"/etc/raddb/users\" files: acctusersfile =
\"/etc/raddb/acct_users\" files: preproxy_usersfile =
\"/etc/raddb/preproxy_users\" files: compat = \"no\" Module: Instantiated
files (files) Module: Loaded Acct-Unique-Session-Id acct_unique: key =
\"User-Name,
Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port\" Module:
Instantiated acct_unique (acct_unique) Module: Loaded detail detail:
detailfile =
\"/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d\"
detail: detailperm = 384 detail: dirperm = 493 detail: locking = no
Module: Instantiated detail (detail) Module: Loaded radutmp radutmp:
filename = \"/usr/local/var/log/radius/radutmp\" radutmp: username =
\"%{User-Name}\" radutmp: case_sensitive = yes radutmp: check_with_nas =
yes radutmp: perm = 384 radutmp: callerid = yes Module: Instantiated
radutmp (radutmp) Listening on authentication *:1812 Listening on accounting
*:1813 Ready to process requests. 2 I am using certificate based
authentication so do i need to edit anything in the users file/ Thanks and
regards Anoop
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
---------------------------------
Ne gardez plus qu'une seule adresse mail ! Copiez vos mails vers Yahoo! Mail -
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
