-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
peppeska ha scritto:
ma script to start pppoe-server is
debian:~# cat start-pppoe2.sh
#!/bin/bash
MAX=250
BASE=10.67.7.1
NAT=10.67.7.0/24
MYIP=193.205.94.13
iptables -A INPUT -i eth0 -s $NAT -j DROP
iptables -t nat -A POSTROUTING -s
peppeska wrote:
...
rad_recv: Access-Request packet from host 127.0.0.1:1027, id=118, length=54
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = peppeska
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
rad_check_password: Found Auth-Type
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alan DeKok ha scritto:
peppeska wrote:
...
rad_recv: Access-Request packet from host 127.0.0.1:1027, id=118, length=54
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = peppeska
NAS-IP-Address =
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alan DeKok ha scritto:
peppeska wrote:
...
rad_recv: Access-Request packet from host 127.0.0.1:1027, id=118, length=54
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = peppeska
NAS-IP-Address =
peppeska wrote:
Now my configuration in user file is:
DEFAULT Auth-Type = LDAP
Fall-Through = 1
Can you explain why you're setting Auth-Type? All of the docs say to
NOT DO THAT.
But the output now is:
rad_recv: Access-Request packet from host 127.0.0.1:1030, id=65, length=54
But the output now is:
rad_recv: Access-Request packet from host 127.0.0.1:1030,
id=65, length=54
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = peppeska
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alan DeKok ha scritto:
peppeska wrote:
Now my configuration in user file is:
DEFAULT Auth-Type = LDAP
Fall-Through = 1
Can you explain why you're setting Auth-Type? All of the docs say to
NOT DO THAT.
ook
I comment that
but
peppeska wrote:
rad_recv: Access-Request packet from host 127.0.0.1:1030, id=65, length=54
^^
-Where is User-Password attribute?
Ask the NAS.
what?
In this case I have a suspicion the NAS could be radclient...
How are you sending
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael Mitchell ha scritto:
peppeska wrote:
rad_recv: Access-Request packet from host 127.0.0.1:1030, id=65, length=54
^^
-Where is User-Password attribute?
Ask the NAS.
what?
In this
-Message d'origine-
De :
[EMAIL PROTECTED]
radius.org
[mailto:[EMAIL PROTECTED]
sts.freeradius.org] De la part de peppeska
Envoyé : mercredi 21 mars 2007 13:44
À : FreeRadius users mailing list
Objet : Re: freeradius, ldap error - HELP ME!
-BEGIN PGP SIGNED MESSAGE
: Re: freeradius, ldap error - HELP ME!
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael Mitchell ha scritto:
peppeska wrote:
rad_recv: Access-Request packet from host 127.0.0.1:1030, id=65,
length=54
^^
-Where is User-Password
Hi,
Very strange I didn't get this email ?
See my comments below:
Thibault Le Meur ha scritto:
But the output now is:
rad_recv: Access-Request packet from host
127.0.0.1:1030, id=65,
length=54
Service-Type = Framed-User
Framed-Protocol = PPP
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Thibault Le Meur ha scritto:
Have you setup ppp to use mschap (require-mschap-v2 option) ? Are
you using the radiusclient library ?
refuse-pap
refuse-chap
require-mschap
require-mschap-v2
require-mppe
Ok so that your NAS don't
and in the dictonary file:
$INCLUDE /etc/radiusclient/dictionary.microsoft
$INCLUDE /etc/radiusclient/dictionary.ascend
$INCLUDE /etc/radiusclient/dictionary.compat
$INCLUDE /etc/radiusclient/dictionary.merit
$INCLUDE /usr/share/freeradius/dictionary
Don't write $INCLUDE but
MMM damn! why freeradius don't want work with me?
It's not a Freeradius issue, but a ppp/radiusclient issue ;-)
P.S.
without the Deafult Auth-Type in the users file...it's the
same... If I put $INCLUDE instead INCLUDE... work like before...
Very strange I've got several
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ok!!!
Now I have this configuration
INCLUDE /etc/radiusclient/dictionary.microsoft
INCLUDE /etc/radiusclient/dictionary.ascend
INCLUDE /etc/radiusclient/dictionary.compat
INCLUDE /etc/radiusclient/dictionary.merit
$INCLUDE
peppeska wrote:
Ok!!!
Now I have this configuration
INCLUDE /etc/radiusclient/dictionary.microsoft
INCLUDE /etc/radiusclient/dictionary.ascend
INCLUDE /etc/radiusclient/dictionary.compat
INCLUDE /etc/radiusclient/dictionary.merit
$INCLUDE /usr/share/freeradius/dictionary
No.
-Message d'origine-
De :
[EMAIL PROTECTED]
radius.org
[mailto:[EMAIL PROTECTED]
sts.freeradius.org] De la part de peppeska
Envoyé : mercredi 21 mars 2007 18:36
À : FreeRadius users mailing list
Objet : Re: RE : RE : RE : freeradius, ldap error - HELP ME!
-BEGIN PGP
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alan DeKok ha scritto:
peppeska wrote:
Ok!!!
Now I have this configuration
INCLUDE /etc/radiusclient/dictionary.microsoft
INCLUDE /etc/radiusclient/dictionary.ascend
INCLUDE /etc/radiusclient/dictionary.compat
INCLUDE
peppeska wrote:
...
Sending Access-Accept of id 50 to 127.0.0.1 port 1028
...
Mar 21 19:21:41 applejack pppd[18529]: MS-CHAP authentication failed:
PPPD is broken.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
-
but plog:
[EMAIL PROTECTED]:/home/peppeska# plog
Mar 21 19:21:18 applejack pppd[18527]: Plugin rp-pppoe.so loaded.
Mar 21 19:21:18 applejack pppd[18529]: pppd 2.4.4 started by root, uid 0
Mar 21 19:21:19 applejack pppd[18529]: PPP session is 6
Mar 21 19:21:19 applejack pppd[18529]: Using
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alan DeKok ha scritto:
peppeska wrote:
...
Sending Access-Accept of id 50 to 127.0.0.1 port 1028
...
Mar 21 19:21:41 applejack pppd[18529]: MS-CHAP authentication failed:
PPPD is broken.
And wath I most do now?
@Thibault Le Meur
I use
-Message d'origine-
De :
[EMAIL PROTECTED]
radius.org
[mailto:[EMAIL PROTECTED]
sts.freeradius.org] De la part de peppeska
Envoyé : mardi 20 mars 2007 10:34
À : FreeRadius users mailing list
Objet : freeradius, ldap error - HELP ME!
-BEGIN PGP SIGNED MESSAGE-
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to localhost:389, authentication 0
rlm_ldap: bind as cn=admin,dc=example/root to localhost:389
rlm_ldap: waiting for bind result ...
rlm_ldap:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Thibault Le Meur ha scritto:
Comment this line in your ldap section of radiusd.conf:
# access_attr = dialupAccess
And comment this one too, like this :
# access_attr_used_for_allow = yes
I do it! and now there is the following error:
25 matches
Mail list logo