Re: [PacketFence-users] Unknown Switch - Rejected User
Do you have a complete radius request ? because this one is just to test
the if the radius server is still alive.
Regards
Fabrice
Le 2018-03-07 à 11:42, ebrar via PacketFence-users a écrit :
>
> Hi Fabrice,
>
> But it doesn't. I'm trying to solve the problem for hours but could
> not find anything.
>
> I read Administrator guide and run raddebug to find any clue. Still
> trying to find. I'm sending the output to you. May be you can see
> something that i did not see.
>
> (73) Wed Mar 7 22:33:50 2018: Debug: Received Access-Request Id 133
> from 192.168.56.100:1645 to 192.168.56.101:1812 length 51
> (73) Wed Mar 7 22:33:50 2018: Debug: User-Password = "cisco"
> (73) Wed Mar 7 22:33:50 2018: Debug: User-Name = "dummy"
> (73) Wed Mar 7 22:33:50 2018: Debug: NAS-IP-Address = 192.168.56.100
> (73) Wed Mar 7 22:33:50 2018: Debug: # Executing section authorize
> from file /usr/local/pf/raddb/sites-enabled/packetfence
> (73) Wed Mar 7 22:33:50 2018: Debug: authorize {
> (73) Wed Mar 7 22:33:50 2018: Debug: update {
> (73) Wed Mar 7 22:33:50 2018: Debug: EXPAND
> %{Packet-Src-IP-Address}
> (73) Wed Mar 7 22:33:50 2018: Debug: --> 192.168.56.100
> (73) Wed Mar 7 22:33:50 2018: Debug: EXPAND %l
> (73) Wed Mar 7 22:33:50 2018: Debug: --> 1520451230
> (73) Wed Mar 7 22:33:50 2018: Debug: } # update = noop
> (73) Wed Mar 7 22:33:50 2018: Debug: policy
> rewrite_calling_station_id {
> (73) Wed Mar 7 22:33:50 2018: Debug: if ( &&
> ( =~
> /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
> {
> (73) Wed Mar 7 22:33:50 2018: Debug: if ( &&
> ( =~
> /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
>
> -> FALSE
> (73) Wed Mar 7 22:33:50 2018: Debug: else {
> (73) Wed Mar 7 22:33:50 2018: Debug: [noop] = noop
> (73) Wed Mar 7 22:33:50 2018: Debug: } # else = noop
> (73) Wed Mar 7 22:33:50 2018: Debug: } # policy
> rewrite_calling_station_id = noop
> (73) Wed Mar 7 22:33:50 2018: Debug: policy
> rewrite_called_station_id {
> (73) Wed Mar 7 22:33:50 2018: Debug: if (()
> && ( =~
> /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))
> {
> (73) Wed Mar 7 22:33:50 2018: Debug: if (()
> && ( =~
> /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))
>
> -> FALSE
> (73) Wed Mar 7 22:33:50 2018: Debug: else {
> (73) Wed Mar 7 22:33:50 2018: Debug: [noop] = noop
> (73) Wed Mar 7 22:33:50 2018: Debug: } # else = noop
> (73) Wed Mar 7 22:33:50 2018: Debug: } # policy
> rewrite_called_station_id = noop
> (73) Wed Mar 7 22:33:50 2018: Debug: policy filter_username {
> (73) Wed Mar 7 22:33:50 2018: Debug: if () {
> (73) Wed Mar 7 22:33:50 2018: Debug: if () -> TRUE
> (73) Wed Mar 7 22:33:50 2018: Debug: if () {
> (73) Wed Mar 7 22:33:50 2018: Debug: if ( =~ / /) {
> (73) Wed Mar 7 22:33:50 2018: Debug: if ( =~ / /)
> -> FALSE
> (73) Wed Mar 7 22:33:50 2018: Debug: if ( =~
> /@[^@]*@/ ) {
> (73) Wed Mar 7 22:33:50 2018: Debug: if ( =~
> /@[^@]*@/ ) -> FALSE
> (73) Wed Mar 7 22:33:50 2018: Debug: if ( =~ /\.\./ ) {
> (73) Wed Mar 7 22:33:50 2018: Debug: if ( =~ /\.\./
> ) -> FALSE
> (73) Wed Mar 7 22:33:50 2018: Debug: if (( =~ /@/)
> && ( !~ /@(.+)\.(.+)$/)) {
> (73) Wed Mar 7 22:33:50 2018: Debug: if (( =~ /@/)
> && ( !~ /@(.+)\.(.+)$/)) -> FALSE
> (73) Wed Mar 7 22:33:50 2018: Debug: if ( =~ /\.$/) {
> (73) Wed Mar 7 22:33:50 2018: Debug: if ( =~
> /\.$/) -> FALSE
> (73) Wed Mar 7 22:33:50 2018: Debug: if ( =~ /@\./) {
> (73) Wed Mar 7 22:33:50 2018: Debug: if ( =~
> /@\./) -> FALSE
> (73) Wed Mar 7 22:33:50 2018: Debug: } # if () = noop
> (73) Wed Mar 7 22:33:50 2018: Debug: } # policy filter_username =
> noop
> (73) Wed Mar 7 22:33:50 2018: Debug: policy filter_password {
> (73) Wed Mar 7 22:33:50 2018: Debug: if ( &&
> ( != "%{string:User-Password}")) {
> (73) Wed Mar 7 22:33:50 2018: Debug: EXPAND %{string:User-Password}
> (73) Wed Mar 7 22:33:50 2018: Debug: --> cisco
> (73) Wed Mar 7 22:33:50 2018: Debug: if ( &&
> ( != "%{string:User-Password}")) -> FALSE
> (73) Wed Mar 7 22:33:50 2018: Debug: } # policy filter_password =
> noop
> (73) Wed Mar 7 22:33:50 2018: Debug: [preprocess] = ok
> (73) Wed Mar 7 22:33:50 2018: Debug: suffix: Checking for suffix
> after "@"
> (73) Wed Mar 7 22:33:50 2018: Debug: suffix: No '@' in User-Name =
> "dummy", skipping NULL due to config.
> (73) Wed Mar 7 22:33:50 2018: Debug:
Re: [PacketFence-users] Unknown Switch - Rejected User
Hi Fabrice,
But it doesn't. I'm trying to solve the problem for hours but could not
find anything.
I read Administrator guide and run raddebug to find any clue. Still
trying to find. I'm sending the output to you. May be you can see
something that i did not see.
(73) Wed Mar 7 22:33:50 2018: Debug: Received Access-Request Id 133
from 192.168.56.100:1645 to 192.168.56.101:1812 length 51
(73) Wed Mar 7 22:33:50 2018: Debug: User-Password = "cisco"
(73) Wed Mar 7 22:33:50 2018: Debug: User-Name = "dummy"
(73) Wed Mar 7 22:33:50 2018: Debug: NAS-IP-Address = 192.168.56.100
(73) Wed Mar 7 22:33:50 2018: Debug: # Executing section authorize from
file /usr/local/pf/raddb/sites-enabled/packetfence
(73) Wed Mar 7 22:33:50 2018: Debug: authorize {
(73) Wed Mar 7 22:33:50 2018: Debug: update {
(73) Wed Mar 7 22:33:50 2018: Debug: EXPAND %{Packet-Src-IP-Address}
(73) Wed Mar 7 22:33:50 2018: Debug: --> 192.168.56.100
(73) Wed Mar 7 22:33:50 2018: Debug: EXPAND %l
(73) Wed Mar 7 22:33:50 2018: Debug: --> 1520451230
(73) Wed Mar 7 22:33:50 2018: Debug: } # update = noop
(73) Wed Mar 7 22:33:50 2018: Debug: policy
rewrite_calling_station_id {
(73) Wed Mar 7 22:33:50 2018: Debug: if ( &&
( =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
{
(73) Wed Mar 7 22:33:50 2018: Debug: if ( &&
( =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
-> FALSE
(73) Wed Mar 7 22:33:50 2018: Debug: else {
(73) Wed Mar 7 22:33:50 2018: Debug: [noop] = noop
(73) Wed Mar 7 22:33:50 2018: Debug: } # else = noop
(73) Wed Mar 7 22:33:50 2018: Debug: } # policy
rewrite_calling_station_id = noop
(73) Wed Mar 7 22:33:50 2018: Debug: policy rewrite_called_station_id {
(73) Wed Mar 7 22:33:50 2018: Debug: if (() &&
( =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))
{
(73) Wed Mar 7 22:33:50 2018: Debug: if (() &&
( =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))
-> FALSE
(73) Wed Mar 7 22:33:50 2018: Debug: else {
(73) Wed Mar 7 22:33:50 2018: Debug: [noop] = noop
(73) Wed Mar 7 22:33:50 2018: Debug: } # else = noop
(73) Wed Mar 7 22:33:50 2018: Debug: } # policy
rewrite_called_station_id = noop
(73) Wed Mar 7 22:33:50 2018: Debug: policy filter_username {
(73) Wed Mar 7 22:33:50 2018: Debug: if () {
(73) Wed Mar 7 22:33:50 2018: Debug: if () -> TRUE
(73) Wed Mar 7 22:33:50 2018: Debug: if () {
(73) Wed Mar 7 22:33:50 2018: Debug: if ( =~ / /) {
(73) Wed Mar 7 22:33:50 2018: Debug: if ( =~ / /) ->
FALSE
(73) Wed Mar 7 22:33:50 2018: Debug: if ( =~
/@[^@]*@/ ) {
(73) Wed Mar 7 22:33:50 2018: Debug: if ( =~
/@[^@]*@/ ) -> FALSE
(73) Wed Mar 7 22:33:50 2018: Debug: if ( =~ /\.\./ ) {
(73) Wed Mar 7 22:33:50 2018: Debug: if ( =~ /\.\./
) -> FALSE
(73) Wed Mar 7 22:33:50 2018: Debug: if (( =~ /@/) &&
( !~ /@(.+)\.(.+)$/)) {
(73) Wed Mar 7 22:33:50 2018: Debug: if (( =~ /@/) &&
( !~ /@(.+)\.(.+)$/)) -> FALSE
(73) Wed Mar 7 22:33:50 2018: Debug: if ( =~ /\.$/) {
(73) Wed Mar 7 22:33:50 2018: Debug: if ( =~ /\.$/)
-> FALSE
(73) Wed Mar 7 22:33:50 2018: Debug: if ( =~ /@\./) {
(73) Wed Mar 7 22:33:50 2018: Debug: if ( =~ /@\./)
-> FALSE
(73) Wed Mar 7 22:33:50 2018: Debug: } # if () = noop
(73) Wed Mar 7 22:33:50 2018: Debug: } # policy filter_username = noop
(73) Wed Mar 7 22:33:50 2018: Debug: policy filter_password {
(73) Wed Mar 7 22:33:50 2018: Debug: if ( &&
( != "%{string:User-Password}")) {
(73) Wed Mar 7 22:33:50 2018: Debug: EXPAND %{string:User-Password}
(73) Wed Mar 7 22:33:50 2018: Debug: --> cisco
(73) Wed Mar 7 22:33:50 2018: Debug: if ( &&
( != "%{string:User-Password}")) -> FALSE
(73) Wed Mar 7 22:33:50 2018: Debug: } # policy filter_password = noop
(73) Wed Mar 7 22:33:50 2018: Debug: [preprocess] = ok
(73) Wed Mar 7 22:33:50 2018: Debug: suffix: Checking for suffix after "@"
(73) Wed Mar 7 22:33:50 2018: Debug: suffix: No '@' in User-Name =
"dummy", skipping NULL due to config.
(73) Wed Mar 7 22:33:50 2018: Debug: [suffix] = noop
(73) Wed Mar 7 22:33:50 2018: Debug: ntdomain: Checking for prefix
before "\"
(73) Wed Mar 7 22:33:50 2018: Debug: ntdomain: No '\' in User-Name =
"dummy", looking up realm NULL
(73) Wed Mar 7 22:33:50 2018: Debug: ntdomain: Found realm "null"
(73) Wed Mar 7 22:33:50 2018: Debug: ntdomain: Adding
Stripped-User-Name =
Re: [PacketFence-users] Unknown Switch - Rejected User
Hello Ebrar,
This should work:
[192.168.56.100]
description=IOUvL2
type=Cisco::Catalyst_2960
radiusSecret=useStrongerSecret
deauthMethod=RADIUS
Regards
Fabrice
Le 2018-03-06 à 08:49, ebrar via PacketFence-users a écrit :
Hi All,
I have set up PF on a virtual machine whose OS is Centos and i have
set up a switch on GNS3 by using the image below :
i86bi-linux-l2-adventerprisek9-15.1a
This SW lets me do all the configurations mentioned on PacketFence
Out-of-Band Deployment Quick Guide. You can see the related
configurations on the SW below :
username ebrar privilege 0 password 0 eleb
aaa new-model
!
!
aaa group server radius packetfence
server name pfnac
!
aaa authentication login default local
aaa authentication dot1x default group packetfence
aaa authorization network default group packetfence
!
!
!
!
aaa server radius dynamic-author
client 192.168.56.101 server-key useStrongerSecret
port 3799
!
aaa session-id common
no ip icmp rate-limit unreachable
!
ip cef
!
!
no ip domain-lookup
no ipv6 cef
ipv6 multicast rpf use-bgp
!
!
dot1x system-auth-control
interface Ethernet0/0
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 2,3,10
switchport mode trunk
duplex auto
!
interface Ethernet0/1
switchport access vlan 10
switchport mode access
duplex auto
authentication order mab dot1x
authentication priority mab dot1x
authentication port-control auto
authentication periodic
authentication timer restart 10800
authentication timer reauthenticate 10800
authentication violation replace
mab
no snmp trap link-status
dot1x pae authenticator
dot1x timeout quiet-period 2
dot1x timeout tx-period 3
!
interface Ethernet0/2
switchport access vlan 20
switchport mode access
duplex auto
snmp-server community public RO
snmp-server community private RW
snmp-server host 192.168.56.101 version 2c public
!
radius-server vsa send authentication
!
radius server pfnac
address ipv4 192.168.56.101 auth-port 1812 acct-port 1813
automate-tester username ebrar ignore-acct-port idle-time 3
key useStrongerSecret
When I connect a client to Ethernet 0/1 and try to connect to internet
(www.google.com) It responds "Page Not Found" and nothing is being
changed on the SW.
You can see the errors in the log files below :
packetfence.log :
[root@localhost logs]# tail -f packetfence.log
Mar 6 19:26:03 localhost packetfence_httpd.aaa: httpd.aaa(2123)
ERROR: [mac:[undef]] WARNING ! Unknown switch(es) 192.168.56.100
(pf::SwitchFactory::instantiate)
Mar 6 19:26:03 localhost packetfence_httpd.aaa: httpd.aaa(2123) WARN:
[mac:[undef]] Unknown switch (192.168.56.100). This request will be
failed. (pf::radius::switch_access)
Mar 6 19:29:02 localhost packetfence_httpd.aaa: httpd.aaa(2123)
ERROR: [mac:[undef]] WARNING ! Unknown switch(es) 192.168.56.100
(pf::SwitchFactory::instantiate)
Mar 6 19:29:02 localhost packetfence_httpd.aaa: httpd.aaa(2123) WARN:
[mac:[undef]] Unknown switch (192.168.56.100). This request will be
failed. (pf::radius::switch_access)
Mar 6 19:31:51 localhost packetfence_httpd.aaa: httpd.aaa(2123)
ERROR: [mac:[undef]] WARNING ! Unknown switch(es) 192.168.56.100
(pf::SwitchFactory::instantiate)
Mar 6 19:31:51 localhost packetfence_httpd.aaa: httpd.aaa(2123) WARN:
[mac:[undef]] Unknown switch (192.168.56.100). This request will be
failed. (pf::radius::switch_access)
Mar 6 19:34:49 localhost packetfence_httpd.aaa: httpd.aaa(2123)
ERROR: [mac:[undef]] WARNING ! Unknown switch(es) 192.168.56.100
(pf::SwitchFactory::instantiate)
Mar 6 19:34:49 localhost packetfence_httpd.aaa: httpd.aaa(2123) WARN:
[mac:[undef]] Unknown switch (192.168.56.100). This request will be
failed. (pf::radius::switch_access)
Mar 6 19:37:37 localhost packetfence_httpd.aaa: httpd.aaa(2123)
ERROR: [mac:[undef]] WARNING ! Unknown switch(es) 192.168.56.100
(pf::SwitchFactory::instantiate)
Mar 6 19:37:37 localhost packetfence_httpd.aaa: httpd.aaa(2123) WARN:
[mac:[undef]] Unknown switch (192.168.56.100). This request will be
failed. (pf::radius::switch_access)
radius.log :
Mar 6 19:37:37 localhost auth[2284]: (552) rest: ERROR:
{"control:PacketFence-Authorization-Status":"allow","Reply-Message":"Switch
is not managed by PacketFence"}
Mar 6 19:37:37 localhost auth[2284]: Need 2 more connections to reach
min connections (3)
Mar 6 19:37:37 localhost auth[2284]: rlm_rest (rest): Opening
additional connection (1099), 1 of 63 pending slots used
Mar 6 19:37:37 localhost auth[2284]: rlm_sql (sql): Closing
connection (1097): Hit idle_timeout, was idle for 168 seconds
Mar 6 19:37:37 localhost auth[2284]: rlm_sql (sql): Closing
connection (1098): Hit idle_timeout, was idle for 168 seconds
Mar 6 19:37:37 localhost auth[2284]: rlm_sql (sql): Opening
additional connection (1099), 1 of 64 pending slots used
Mar 6 19:37:37 localhost auth[2284]: Need 2 more connections to reach
min connections (3)
Mar 6 19:37:37 localhost auth[2284]: rlm_sql (sql): Opening
additional
[PacketFence-users] Unknown Switch - Rejected User
Hi All,
I have set up PF on a virtual machine whose OS is Centos and i have set
up a switch on GNS3 by using the image below :
i86bi-linux-l2-adventerprisek9-15.1a
This SW lets me do all the configurations mentioned on PacketFence
Out-of-Band Deployment Quick Guide. You can see the related
configurations on the SW below :
username ebrar privilege 0 password 0 eleb
aaa new-model
!
!
aaa group server radius packetfence
server name pfnac
!
aaa authentication login default local
aaa authentication dot1x default group packetfence
aaa authorization network default group packetfence
!
!
!
!
aaa server radius dynamic-author
client 192.168.56.101 server-key useStrongerSecret
port 3799
!
aaa session-id common
no ip icmp rate-limit unreachable
!
ip cef
!
!
no ip domain-lookup
no ipv6 cef
ipv6 multicast rpf use-bgp
!
!
dot1x system-auth-control
interface Ethernet0/0
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 2,3,10
switchport mode trunk
duplex auto
!
interface Ethernet0/1
switchport access vlan 10
switchport mode access
duplex auto
authentication order mab dot1x
authentication priority mab dot1x
authentication port-control auto
authentication periodic
authentication timer restart 10800
authentication timer reauthenticate 10800
authentication violation replace
mab
no snmp trap link-status
dot1x pae authenticator
dot1x timeout quiet-period 2
dot1x timeout tx-period 3
!
interface Ethernet0/2
switchport access vlan 20
switchport mode access
duplex auto
snmp-server community public RO
snmp-server community private RW
snmp-server host 192.168.56.101 version 2c public
!
radius-server vsa send authentication
!
radius server pfnac
address ipv4 192.168.56.101 auth-port 1812 acct-port 1813
automate-tester username ebrar ignore-acct-port idle-time 3
key useStrongerSecret
When I connect a client to Ethernet 0/1 and try to connect to internet
(www.google.com) It responds "Page Not Found" and nothing is being
changed on the SW.
You can see the errors in the log files below :
packetfence.log :
[root@localhost logs]# tail -f packetfence.log
Mar 6 19:26:03 localhost packetfence_httpd.aaa: httpd.aaa(2123) ERROR:
[mac:[undef]] WARNING ! Unknown switch(es) 192.168.56.100
(pf::SwitchFactory::instantiate)
Mar 6 19:26:03 localhost packetfence_httpd.aaa: httpd.aaa(2123) WARN:
[mac:[undef]] Unknown switch (192.168.56.100). This request will be
failed. (pf::radius::switch_access)
Mar 6 19:29:02 localhost packetfence_httpd.aaa: httpd.aaa(2123) ERROR:
[mac:[undef]] WARNING ! Unknown switch(es) 192.168.56.100
(pf::SwitchFactory::instantiate)
Mar 6 19:29:02 localhost packetfence_httpd.aaa: httpd.aaa(2123) WARN:
[mac:[undef]] Unknown switch (192.168.56.100). This request will be
failed. (pf::radius::switch_access)
Mar 6 19:31:51 localhost packetfence_httpd.aaa: httpd.aaa(2123) ERROR:
[mac:[undef]] WARNING ! Unknown switch(es) 192.168.56.100
(pf::SwitchFactory::instantiate)
Mar 6 19:31:51 localhost packetfence_httpd.aaa: httpd.aaa(2123) WARN:
[mac:[undef]] Unknown switch (192.168.56.100). This request will be
failed. (pf::radius::switch_access)
Mar 6 19:34:49 localhost packetfence_httpd.aaa: httpd.aaa(2123) ERROR:
[mac:[undef]] WARNING ! Unknown switch(es) 192.168.56.100
(pf::SwitchFactory::instantiate)
Mar 6 19:34:49 localhost packetfence_httpd.aaa: httpd.aaa(2123) WARN:
[mac:[undef]] Unknown switch (192.168.56.100). This request will be
failed. (pf::radius::switch_access)
Mar 6 19:37:37 localhost packetfence_httpd.aaa: httpd.aaa(2123) ERROR:
[mac:[undef]] WARNING ! Unknown switch(es) 192.168.56.100
(pf::SwitchFactory::instantiate)
Mar 6 19:37:37 localhost packetfence_httpd.aaa: httpd.aaa(2123) WARN:
[mac:[undef]] Unknown switch (192.168.56.100). This request will be
failed. (pf::radius::switch_access)
radius.log :
Mar 6 19:37:37 localhost auth[2284]: (552) rest: ERROR:
{"control:PacketFence-Authorization-Status":"allow","Reply-Message":"Switch
is not managed by PacketFence"}
Mar 6 19:37:37 localhost auth[2284]: Need 2 more connections to reach
min connections (3)
Mar 6 19:37:37 localhost auth[2284]: rlm_rest (rest): Opening
additional connection (1099), 1 of 63 pending slots used
Mar 6 19:37:37 localhost auth[2284]: rlm_sql (sql): Closing connection
(1097): Hit idle_timeout, was idle for 168 seconds
Mar 6 19:37:37 localhost auth[2284]: rlm_sql (sql): Closing connection
(1098): Hit idle_timeout, was idle for 168 seconds
Mar 6 19:37:37 localhost auth[2284]: rlm_sql (sql): Opening additional
connection (1099), 1 of 64 pending slots used
Mar 6 19:37:37 localhost auth[2284]: Need 2 more connections to reach
min connections (3)
Mar 6 19:37:37 localhost auth[2284]: rlm_sql (sql): Opening additional
connection (1100), 1 of 63 pending slots used
Mar 6 19:37:37 localhost auth[2284]: [mac:] Rejected user: ebrar
Mar 6 19:37:37 localhost auth[2284]: (552) Rejected in post-auth:
[ebrar] (from client 192.168.56.100/32 port 0)
And
