Error: Unexpected trailing comma in User file
Hi All,I am getting some error like:Module: Loaded filesfiles: usersfile = /var/etc/raddb/users files: acctusersfile = /var/etc/raddb/acct_usersfiles: preproxy_usersfile = /var/etc/raddb/preproxy_users files: compat = no/var/etc/raddb/users[4]: Parse error (check) for entry DEFAULT: Expected end of line or commaErrors reading /var/etc/raddb/usersradiusd.conf[201]: files: Module instantiation failed. radiusd.conf[311] Unknown module files.radiusd.conf[299] Failed to parse authorize section.The users file looks like this..# WLAN Allow policy for the groups # WLAN Deny policy for the groups DEFAULT Group-Name == group1, Symbol-Wlan-Index =~ \`\-\=\\[\]\;\'\,\.\/[EMAIL PROTECTED]\\*\(\)\_\+\\{\}\|\:\\\|dksljf\\{\}\\[\]\\{\\{\\{\\{\\{\\{\\{\\{\\{\\{\\{|103|sdhghd|dsfdfd|106|107|108|109|110|111|112|113|114|115|116|117|118|119|120|121|122|123|124|125|126|127|128|129|130|131|132,Auth-Type:=Reject anonymousAnonymousDEFAULT Realm != NULLDEFAULT Auth-Type := RejectThe dictionary file is defined as : ## dictionary.mine.#VENDOR me 388 ## Vendor Specific Attributes.## Attribute for Wlan Index of the authenticating mobile unit.ATTRIBUTE Symbol-Wlan-Index 2 String mePlease help me in resolving this issue. ThanksSumi If u look at what u dont have in life, u dont have anything But if u look at what u have in life, u have everything.!! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
nas table
Hi people, I use freeradius 1.0.5 and am getting my nas information from nas table since several months ago. How ever, I realize I have to put DNS in this table because I have DDNS entries. Where must I put the DDNS in this table?? In ipddr I can not because is inet type and a primary key. What can I do?? _ ¿Estás pensando en cambiar de coche? Todas los modelos de serie y extras en MSN Motor. http://motor.msn.es/researchcentre/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: How to specify multiple values for Called-Station-Id (checkval)
On Wed, 24 May 2006, Mike Jakubik wrote: Hello, I am trying to setup group checks for Called-Station-Id in freeradius 1.1.1 and mysql. I have enabled the checkval module in radiusd.conf and set notfound-reject = yes. In my radgroupcheck table when i specify restricted Called-Station-Id := number, it works fine. However i need to specify more than one number. I have tried the following format; number, number, number and number, number, number and number, number but none of those seem to work. Could someone please tell me how this can be accomplished? You just need to add more attribute/value pairs, one for each number you wantto allow. You can also use a regular expression if you use the =~ operator. Thanks. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: PEAP + AD
If you read the FAQ is says that you can't do CHAP with LDAP. [speculation] But I have also read about some guy successfully using OpenLDAP with PEAP because he stored the LM and NT password hashes in the ldap schema along with the clear text password. With AD I suppose you could extend the schema to store these as well, but you'd have to manually update them when a password changes. [/end speculation] In my attempts to use ldap with active directory for PEAP it wouldn't work, so I went samba. It works fine. Radiusd -X and the mailing list are your best friends. :) -- Chris Liles -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kartthik Raghunathan Sent: Thursday, May 25, 2006 12:17 AM To: freeradius-users@lists.freeradius.org Subject: PEAP + AD Am trying to authenticate my windows supplicant (ie. XP with sp2) with peap against the windows 2000 AD. But in the error log i could see Accept-Reject error message. So i need a clarification here, is't necessary to get samba on with active directory to do PEAP + AD authentication. sorry for silly q? here ! -- ___ Search for businesses by name, location, or phone number. -Lycos Yellow Pages http://r.lycos.com/r/yp_emailfooter/http://yellowpages.lycos.com/default.asp?SRC=lycos10 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: mysql issue
On another note still related to MySQL, is there a way to enforce mysql and freeradius to make persistant connections to the database store? On Wed, May 24, 2006 at 11:10:16AM +0100, andy wrote: Hi list, Fairly new to freeradius, just about to deploy a solution involving RedBack with data storage on the backend using MySQL. I am using NDBD MySQL clustering on the backend and I see the following error from FreeRadius: rlm_sql_mysql: MYSQL check_error: 2006, returning SQL_DOWN This seems to relate to a timeout issue but googling doesnt provide any answers for that specific error code. (too like the date 2006 I expect). I have fairly tweaked the mysql backend to be fairly resilant in a heavy load situation, and none of the other applications running against this cluster seem to have issues. I was wondering if anyone could enlighten me as to how to fix this error, or what threshholds would be recomended for running in this environment? It seems that when this error occurs, for the next few auth attempts, certain attributes are not passed back to the redback. This specifically being IP-Interface. any clues on this issue would be greatly appreciated. thanks -- andy[EMAIL PROTECTED] --- Never argue with an idiot. They drag you down to their level, then beat you with experience. --- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- andy[EMAIL PROTECTED] --- Never argue with an idiot. They drag you down to their level, then beat you with experience. --- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: WEP+802.1x is that possible?
Nelson Murilo schrieb: On Tue, May 23, 2006 at 03:05:44PM +0200, Konne wrote: hi i have a question about the encryption mode of cisco aironets. i would like to do the authentication and encryption like: WPA+TKIP with 802.1x PEAP/mschapv2 this is running, but ive clients they cant do WPA, so is it possible to do dynamic WEP with 802.1x PEAP/mschapv2 ?? In some APs yes. What do you have? cisco aironet 1242ag thx - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: mysql issue
andy wrote: On another note still related to MySQL, is there a way to enforce mysql and freeradius to make persistant connections to the database store? It does. The radius server will make all of its connections to the MySQL server at startup (or remake them on a HUP) and they stay there. If you do show processlist or run mytop, you will see a bunch of idle processes until radiusd starts doing something. As to your first issue, are you sure it isn't network or firewall related? -- Dennis Skinner Systems Administrator BlueFrog Internet http://www.bluefrog.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: mysql issue
Freeradius keeps a configurable number of open connections, called sockets in the config, which it uses to query the DB at all times. I believe it keeps these open persistently. In sql.conf... # number of sql connections to make to server num_sql_socks = 5 Chris Carver Network Engineer andy wrote: On another note still related to MySQL, is there a way to enforce mysql and freeradius to make persistant connections to the database store? On Wed, May 24, 2006 at 11:10:16AM +0100, andy wrote: Hi list, Fairly new to freeradius, just about to deploy a solution involving RedBack with data storage on the backend using MySQL. I am using NDBD MySQL clustering on the backend and I see the following error from FreeRadius: rlm_sql_mysql: MYSQL check_error: 2006, returning SQL_DOWN This seems to relate to a timeout issue but googling doesnt provide any answers for that specific error code. (too like the date 2006 I expect). I have fairly tweaked the mysql backend to be fairly resilant in a heavy load situation, and none of the other applications running against this cluster seem to have issues. I was wondering if anyone could enlighten me as to how to fix this error, or what threshholds would be recomended for running in this environment? It seems that when this error occurs, for the next few auth attempts, certain attributes are not passed back to the redback. This specifically being IP-Interface. any clues on this issue would be greatly appreciated. thanks -- andy[EMAIL PROTECTED] --- Never argue with an idiot. They drag you down to their level, then beat you with experience. --- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: rlm_sqlippool - try sql if not try sql1
RobertB wrote: At present it is not possible to do something like: try sql, if not available try sql1. Did you try to put the module in a redundant or a group stanza? http://freeradius.org/radiusd/doc/configurable_failover -- Nicolas Baradakis - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: mysql issue
Ok, I have found the issue. Thanks for the answers on persisnt connects also. The issue: mysql NDB cluster backend Freeradius 1.1.1 from FreeBSD ports MySQL clusters require an auto-incrementing field to be the primary key. Within the default table definitions for freeradius, which I have used, in the table radius.radius_radacct there is an auto-incrementing field that is not defined as a primary key. In order to port this table into an NDB cluster engine type of table, I changed the field RadAcctId from KEY to PRIMARY KEY. This appears to generate the following errors: rlm_sql_mysql: MYSQL check_error: 2006, returning SQL_DOWN rlm_sql_mysql: MYSQL check_error: 2006, returning SQL_DOWN rlm_sql_mysql: MYSQL check_error: 2006, returning SQL_DOWN rlm_sql_mysql: MYSQL check_error: 2006, returning SQL_DOWN Note that these errors have debug output in between the errors. running the following I can see a bit more clearly that all these errors relate to RADACCT table: grep SQL_DOWN radiusdebug.log -B2 | more rlm_sql (primary): Reserving sql socket id: 93 rlm_sql_mysql: query: UPDATE RADIUS_RADACCT SET AcctStopTime = '2006-05-25 14:56:11', AcctSessionTime = '28', AcctInputOctet s = '538', AcctOutputOctets = '764', AcctTerminateCause = 'User-Request', AcctStopDelay = '1', ConnectInfo_stop = '' WHERE Ac ctSessionId = '030078001DED-4475B75E' AND UserName = '00:0a:e4:56:e2:7c' AND NASIPAddress = '62.231.32.50' AND AcctStopTi me = 0 rlm_sql_mysql: MYSQL check_error: 2006, returning SQL_DOWN -- Then, after that I call a simple perl script to set an attribute for my redbacks interfaces and the subscriber interface that has been assigned to the user: rlm_sql (primary): Reserving sql socket id: 92 rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM RADIUS_RADCHECK WHERE Username = '0xfffc3e23' ORDER BY id rlm_sql_mysql: MYSQL check_error: 2006, returning SQL_DOWN This perl script bails as the mysql server has been marked down. Then the socket is closed and radius moves onto the next socket for its next request. The next request starts up accounting again like so: rlm_sql (primary): Reserving sql socket id: 91 rlm_sql_mysql: query: INSERT into RADIUS_RADACCT (RadAcctId, AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddress, NAS PortId, NASPortType, AcctStartTime, AcctStopTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start, ConnectInfo_stop, AcctIn putOctets, AcctOutputOctets, CalledStationId, CallingStationId, AcctTerminateCause, ServiceType, FramedProtocol, FramedIPAddr ess, AcctStartDelay, AcctStopDelay) values('', '030078001DEE-4475B785', '699d8ef3462ee740', '00:0a:e4:56:e2:7c', '', '62. 231.32.50', '67174400', 'Virtual', '2006-05-25 14:56:21', '0', '0', 'RADIUS', '', '', '0', '0', '', '', '', 'Dialout-Framed-U ser', '', '', '', '0') rlm_sql_mysql: MYSQL check_error: 2006, returning SQL_DOWN -- and yet again, mysql is marked as down. The clue to solving this led to me seeing exactly double the amount of inserts from my little perl script from preauth to the number of selects ran from the same script. So, the inserts were working before accounting started, but afterwards, the select to select the attribute and pass it back to the redback device was bailing. in between was the accounting start and stop queries. After reading the documented limitations of MySQL Clustering available here: bug report: http://bugs.mysql.com/bug.php?id=17190 documented limits: http://dev.mysql.com/doc/refman/5.0/en/mysql-cluster-limitations.html I rememebered about the radacct table field change. I then disabled radius accounting and the errors is completely gone. So, Im now wondering if this has been spotted before or if the freeradius developers have enough info from this mail to look into the issue. It seems only related to NDB mySQL clustering, which Im sure more and more folk will use as it becomes more stable. thoughts/ideas/workarounds?? Would be happy to hear a suggestion for the table modification that bypasses this mysql cluster limitation or an updated accounting query that will work in this environment. Thanks for your responses. cheers On Thu, May 25, 2006 at 10:58:42AM -0400, Dennis Skinner wrote: andy wrote: On another note still related to MySQL, is there a way to enforce mysql and freeradius to make persistant connections to the database store? It does. The radius server will make all of its connections to the MySQL server at startup (or remake them on a HUP) and they stay there. If you do show processlist or run mytop, you will see a bunch of idle processes until radiusd starts doing something. As to your first issue, are you sure it isn't network or firewall related? -- Dennis Skinner Systems Administrator BlueFrog Internet http://www.bluefrog.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- andy[EMAIL PROTECTED]
Re: PEAP + AD
Kartthik Raghunathan [EMAIL PROTECTED] wrote: Am trying to authenticate my windows supplicant (ie. XP with sp2) with peap against the windows 2000 AD. But in the error log i could see Accept-Reject error message. So i need a clarification here, is't necessary to get samba on with active directory to do PEAP + AD authentication. No. Read radiusd.conf for how to integrate FreeRADIUS with AD. Look for domain controller. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: nas table
=?iso-8859-1?B?U2FudGlhZ28gQmFsYWd1ZXIgR2FyY+1h?= [EMAIL PROTECTED] wrote: I use freeradius 1.0.5 and am getting my nas information from nas table since several months ago. How ever, I realize I have to put DNS in this table because I have DDNS entries. Where must I put the DDNS in this table?? In ipddr I can not because is inet type and a primary key. What can I do?? Use the IP address. RADIUS is keyed off of the source IP address. The client *must* have a stable IP address. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: PEAP + AD
Chris Liles [EMAIL PROTECTED] wrote: But I have also read about some guy successfully using OpenLDAP with PEAP because he stored the LM and NT password hashes in the ldap schema along with the clear text password. With AD I suppose you could extend the schema to store these as well, but you'd have to manually update them when a password changes. Yes. There are hooks in AD to do just that, but the software implementing the hooks has to be installed on every domain controller. In my attempts to use ldap with active directory for PEAP it wouldn't work, so I went samba. It works fine. Radiusd -X and the mailing list are your best friends. :) AD doesn't supply passwords through LDAP. That's why the server ships with support for ntlm_auth. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Yet Another AD Question
OK. So I think I'm going to go the Samba route. I've got Samba running on the same host as freeradius. I've tested Samba/AD integration by creating a couple shared folders on the Samba server and using Windows AD accounts to mount/map them from windows machines - it works. Now, I need to get freeradius to send auth requests to samba. I guess there are a few ways to do this, one of which would be LDAP again (now I'm trying to avoid LDAP). I'm not concerned with security (clear text passwords, etc.) between samba and freeradius since they are on the same box. Any good pointers to some documentation on freeradius/samba integration without ldap? What method should I be using other than ldap? __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: PEAP + AD
AD doesn't supply passwords through LDAP. That's why the server ships with support for ntlm_auth. That is right, I forgot that even if you are on a ssl/tls ldap connection as an administrator, you can't pull the password back from AD. What hooks are you talking about? The extensions for unix services? -- Chris Liles -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Thursday, May 25, 2006 11:36 AM To: FreeRadius users mailing list Subject: Re: PEAP + AD Chris Liles [EMAIL PROTECTED] wrote: But I have also read about some guy successfully using OpenLDAP with PEAP because he stored the LM and NT password hashes in the ldap schema along with the clear text password. With AD I suppose you could extend the schema to store these as well, but you'd have to manually update them when a password changes. Yes. There are hooks in AD to do just that, but the software implementing the hooks has to be installed on every domain controller. In my attempts to use ldap with active directory for PEAP it wouldn't work, so I went samba. It works fine. Radiusd -X and the mailing list are your best friends. :) AD doesn't supply passwords through LDAP. That's why the server ships with support for ntlm_auth. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Yet Another AD Question
Look at the mschap section of the FR config file, everything is there, you just need to uncomment it. -- Chris Liles -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Josh Sent: Thursday, May 25, 2006 11:45 AM To: FreeRadius users mailing list Subject: Re: Yet Another AD Question OK. So I think I'm going to go the Samba route. I've got Samba running on the same host as freeradius. I've tested Samba/AD integration by creating a couple shared folders on the Samba server and using Windows AD accounts to mount/map them from windows machines - it works. Now, I need to get freeradius to send auth requests to samba. I guess there are a few ways to do this, one of which would be LDAP again (now I'm trying to avoid LDAP). I'm not concerned with security (clear text passwords, etc.) between samba and freeradius since they are on the same box. Any good pointers to some documentation on freeradius/samba integration without ldap? What method should I be using other than ldap? __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: PEAP + AD
Chris Liles [EMAIL PROTECTED] wrote: What hooks are you talking about? The extensions for unix services? No. There are API's in Windows to catch password changes, and pass them through your own code. That code can then *also* write the password to a different part of the AD schema. For this to work, it requires: - someone to understand write the code - the code to run on *every* member of an AD forest - the AD schema to be updated to include the new ntpassword attribute - AD ACL's put in place to limit access to that attribute to FreeRADIUS - FreeRADIUS to be configured to look for that attribute. It shouldn't be hard, but convincing admins to change their AD schema, and run third-party code on their DC's is often hard. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
FreeRadius daily build fails on FreeBSD?
radius_snmp.c:195: warning: (near initialization for `radiusauth_variables[23]') radius_snmp.c:195: warning: excess elements in struct initializer radius_snmp.c:195: warning: (near initialization for `radiusauth_variables[23]') radius_snmp.c:195: warning: excess elements in struct initializer radius_snmp.c:195: warning: (near initialization for `radiusauth_variables[23]') radius_snmp.c:195: error: extra brace group at end of initializer radius_snmp.c:195: error: (near initialization for `radiusauth_variables[23]') radius_snmp.c:195: warning: excess elements in struct initializer radius_snmp.c:195: warning: (near initialization for `radiusauth_variables[23]') radius_snmp.c:196: warning: initialization makes pointer from integer without a cast radius_snmp.c:196: warning: excess elements in struct initializer radius_snmp.c:196: warning: (near initialization for `radiusauth_variables[24]') radius_snmp.c:196: warning: excess elements in struct initializer radius_snmp.c:196: warning: (near initialization for `radiusauth_variables[24]') radius_snmp.c:196: warning: excess elements in struct initializer radius_snmp.c:196: warning: (near initialization for `radiusauth_variables[24]') radius_snmp.c:196: error: extra brace group at end of initializer radius_snmp.c:196: error: (near initialization for `radiusauth_variables[24]') radius_snmp.c:196: warning: excess elements in struct initializer radius_snmp.c:196: warning: (near initialization for `radiusauth_variables[24]') radius_snmp.c:200: error: syntax error before oid radius_snmp.c:201: warning: function declaration isn't a prototype radius_snmp.c: In function `get_client': radius_snmp.c:205: error: `objid_len' undeclared (first use in this function) radius_snmp.c:205: error: (Each undeclared identifier is reported only once radius_snmp.c:205: error: for each function it appears in.) radius_snmp.c:205: error: `v' undeclared (first use in this function) radius_snmp.c:210: error: `exact' undeclared (first use in this function) radius_snmp.c:214: error: `objid' undeclared (first use in this function) radius_snmp.c:225: warning: return from incompatible pointer type radius_snmp.c: At top level: radius_snmp.c:238: error: syntax error before '*' token radius_snmp.c:243: error: syntax error before switch /usr/local/include/ucd-snmp/snmp_impl.h:118: warning: array 'sid' assumed to have one element radius_snmp.c:123: warning: 'radAccServ' declared `static' but never defined radius_snmp.c:129: warning: 'radAccEntry' declared `static' but never defined radius_snmp.c:135: warning: 'radAuthServ' declared `static' but never defined radius_snmp.c:141: warning: 'radAuthEntry' declared `static' but never defined radius_snmp.c:201: warning: 'get_client' defined but not used radius_snmp.c:29:1: unterminated #ifdef gmake[3]: *** [radius_snmp.lo] Error 1 gmake[3]: Leaving directory `/tmp/freeradius-snapshot-20060525/src/main' gmake[2]: *** [common] Error 2 gmake[2]: Leaving directory `/tmp/freeradius-snapshot-20060525/src' gmake[1]: *** [all] Error 2 gmake[1]: Leaving directory `/tmp/freeradius-snapshot-20060525/src' gmake: *** [common] Error 2 *** Error code 2 Stop in /tmp/freeradius-snapshot-20060525. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: could not determine local IP address
Hi Alan and many thanks for the fast reply.. this is the report of radiusd -x command... _ rad_recv: Access-Request packet from host 10.10.0.30:1144, id=37, length=130 Service-Type = Framed-User Framed-Protocol = PPP NAS-Port = 1116 NAS-Port-Type = Ethernet User-Name = "test" Calling-Station-Id = "00:15:D6:02:03:54" Called-Station-Id = "PPPoE" NAS-Port-Id = "wlan2" User-Password = "pqyqalxb" NAS-Identifier = "nas1" NAS-IP-Address = 10.10.0.30rlm_sql (sql): Reserving sql socket id: 4rlm_sql (sql): Released sql socket id: 4rlm_sql (sql): Processing sql_postauthrlm_sql (sql): Reserving sql socket id: 3rlm_sql (sql): Released sql socket id: 3Sending Access-Accept of id 37 to 10.10.0.30 port 1144 Framed-Routing = Broadcast-Listen Framed-Pool = "pppoe-pool1" Framed-IP-Netmask = 255.255.255.0rad_recv: Accounting-Request packet from host 10.10.0.30:1144, id=38, length=146 Service-Type = Framed-User Framed-Protocol = PPP NAS-Port = 1116 NAS-Port-Type = Ethernet User-Name = "test" Calling-Station-Id = "00:15:D6:02:03:54" Called-Station-Id = "PPPoE" NAS-Port-Id = "wlan2" Acct-Session-Id = "81100016" Framed-IP-Address = 10.0.0.220 Acct-Authentic = RADIUS Acct-Status-Type = Start NAS-Identifier = "nas1" NAS-IP-Address = 10.10.0.30 Acct-Delay-Time = 0rlm_sql (sql): Reserving sql socket id: 2rlm_sql (sql): Released sql socket id: 2Sending Accounting-Response of id 38 to 10.10.0.30 port 1144rad_recv: Accounting-Request packet from host 10.10.0.30:1144, id=39, length=194 Service-Type = Framed-User Framed-Protocol = PPP NAS-Port = 1116 NAS-Port-Type = Ethernet User-Name = "testt" Calling-Station-Id = "00:15:D6:02:03:54" Called-Station-Id = "PPPoE" NAS-Port-Id = "wlan2" Acct-Session-Id = "81100016" Framed-IP-Address = 10.0.0.220 Acct-Authentic = RADIUS Acct-Session-Time = 0 Acct-Input-Octets = 72 Acct-Input-Gigawords = 0 Acct-Input-Packets = 6 Acct-Output-Octets = 54 Acct-Output-Gigawords = 0 Acct-Output-Packets = 6 Acct-Status-Type = Stop Acct-Terminate-Cause = NAS-Error NAS-Identifier = "nas1" NAS-IP-Address = 10.10.0.30 Acct-Delay-Time = 0rlm_sql (sql): Reserving sql socket id: 1rlm_sql (sql): Released sql socket id: 1Sending Accounting-Response of id 39 to 10.10.0.30 port 1144 ___ at this point, in the Mikrotik log I see --terminating... - could not determine local IP address Thanks in advance... - Original Message - From: Alan DeKok To: FreeRadius users mailing list Sent: Wednesday, May 24, 2006 6:31 PM Subject: Re: could not determine local IP address "Italo Morellato" [EMAIL PROTECTED] wrote: my freeradius work fine with HotSpot but when I check ppp I've one error. Freeradius 1.1.1 Log is paste below... No, it's a PPP log. It looks like your PPP is broken. Ask on a PPP list how to fix it. Alan DeKok.- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: FreeRadius daily build fails on FreeBSD?
Remy de Ruysscher [EMAIL PROTECTED] wrote: On FreeBSD I get these errors after ./configure and make: radius_snmp.c:176: warning: (near initialization for `radiusauth_variables[4]') radius_snmp.c:177: warning: initialization makes pointer from integer without a cast radius_snmp.c:177: warning: excess elements in struct initializer The only way that happens is if UCD-SNMP or NET-SNMP have updated their data structures to be incompatible with earlier versions. So... what SNMP are you using, and what version? What is the definition of the variables structure in the SNMP you're using? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: rlm_sqlippool - try sql if not try sql1
RobertB wrote: At present it is not possible to do something like: try sql, if not available try sql1.Did you try to put the module in a "redundant" or a "group" stanza? http://freeradius.org/radiusd/doc/configurable_failover Actually I'm using it with accounting packets, but it doesn't work with rlm_sqlippool, as radiusd.conf is expecting ip pool name. The sql-instance-name is set in sqlippool.sqls. Having two sql-instances would mean two sqlippools.conf filesand a different pool in each which wouldn't really work, unless I'm missing something. Cheers, RobertB - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: mysql issue
andy [EMAIL PROTECTED] wrote: MySQL clusters require an auto-incrementing field to be the primary key. Within the default table definitions for freeradius, which I have used, in the table radius.radius_radacct there is an auto-incrementing field that is not defined as a primary key. In 1.1.1 the RadAcctID field is auto-increment, and PRIMARY KEY. See doc/examples/mysql.sql. Which version are you looking at? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html