classic.ISPforum.cz

Fórum československých telekomunikací
https://classic.ispforum.cz/

Problem s freeradiusom

https://classic.ispforum.cz/viewtopic.php?f=4&t=14239

Stránka 1 z 1

Problem s freeradiusom

Napsal: 10 Mar 2014 22:43
od zvukarmiso
Ahojte, zacal som rozmyslať ze by som na sieti spustil PPPOE.
Docital som sa ze by bolo dobre spravit radius server.

tak som troska surfoval a nasiel som toto http://freeradius.org/

Všetko sa mi podarilo nahodit len nejak to neviem nakonfigurovať. Neustale mi dáva chybu:

Kód: Vybrat vše

 Module: Checking accounting {...} for more modules to load
 Module: Checking session {...} for more modules to load
 Module: Checking post-auth {...} for more modules to load
 } # modules
} # server
radiusd: #### Opening IP addresses and Ports ####
        bind_address = *
WARNING: The directive 'bind_address' is deprecated, and will be removed in future versions of FreeRADIUS. Please edit the configuration files to use the directive 'listen'.
listen {
        type = "acct"
        ipaddr = 127.0.0.1
        port = 0
Failed binding to accounting address 127.0.0.1 port 1813: Address already in use
/etc/freeradius/radiusd.conf[62]: Error binding to port for 127.0.0.1 port 1813


takto nejak vyzera moja konfiguracia:
vid priloha:

Debug mi vyhodi nasledovnu chybu.

Kód: Vybrat vše

root@radius:~# freeradius -XXX | tee testlog.txt
Mon Mar 10 22:41:19 2014 : Info: FreeRADIUS Version 2.1.12, for host i486-pc-linux-gnu, built on Dec 16 2012 at 22:03:33
Mon Mar 10 22:41:19 2014 : Info: Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.
Mon Mar 10 22:41:19 2014 : Info: There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
Mon Mar 10 22:41:19 2014 : Info: PARTICULAR PURPOSE.
Mon Mar 10 22:41:19 2014 : Info: You may redistribute copies of FreeRADIUS under the terms of the
Mon Mar 10 22:41:19 2014 : Info: GNU General Public License v2.
Mon Mar 10 22:41:19 2014 : Info: Starting - reading configuration files ...
Mon Mar 10 22:41:19 2014 : Debug: including configuration file /etc/freeradius/radiusd.conf
Mon Mar 10 22:41:19 2014 : Debug: including configuration file /etc/freeradius/clients.conf
Mon Mar 10 22:41:19 2014 : Debug: including configuration file /etc/freeradius/sql.conf
Mon Mar 10 22:41:19 2014 : Debug: including configuration file /etc/freeradius/sql/mysql/dialup.conf
Mon Mar 10 22:41:19 2014 : Debug: main {
Mon Mar 10 22:41:19 2014 : Debug:       user = "freerad"
Mon Mar 10 22:41:19 2014 : Debug:       group = "freerad"
Mon Mar 10 22:41:19 2014 : Debug:       allow_core_dumps = no
Mon Mar 10 22:41:19 2014 : Debug: }
Mon Mar 10 22:41:19 2014 : Debug: including dictionary file /etc/freeradius/dictionary
Mon Mar 10 22:41:19 2014 : Debug: main {
Mon Mar 10 22:41:19 2014 : Debug:       name = "radiusd"
Mon Mar 10 22:41:19 2014 : Debug:       prefix = "/usr"
Mon Mar 10 22:41:19 2014 : Debug:       localstatedir = "/var"
Mon Mar 10 22:41:19 2014 : Debug:       sbindir = "/usr/sbin"
Mon Mar 10 22:41:19 2014 : Debug:       logdir = "/var/log/freeradius"
Mon Mar 10 22:41:19 2014 : Debug:       run_dir = "/var/run/freeradius"
Mon Mar 10 22:41:19 2014 : Debug:       libdir = "/usr/lib/freeradius"
Mon Mar 10 22:41:19 2014 : Debug:       radacctdir = "/var/log/freeradius/radacct"
Mon Mar 10 22:41:19 2014 : Debug:       hostname_lookups = no
Mon Mar 10 22:41:19 2014 : Debug:       max_request_time = 30
Mon Mar 10 22:41:19 2014 : Debug:       cleanup_delay = 5
Mon Mar 10 22:41:19 2014 : Debug:       max_requests = 1024
Mon Mar 10 22:41:19 2014 : Debug:       pidfile = "/var/run/freeradius/freeradius.pid"
Mon Mar 10 22:41:19 2014 : Debug:       checkrad = "/usr/sbin/checkrad"
Mon Mar 10 22:41:19 2014 : Debug:       debug_level = 0
Mon Mar 10 22:41:19 2014 : Debug:       proxy_requests = no
Mon Mar 10 22:41:19 2014 : Debug:       log_auth = no
Mon Mar 10 22:41:19 2014 : Debug:       log_auth_badpass = no
Mon Mar 10 22:41:19 2014 : Debug:       log_auth_goodpass = no
Mon Mar 10 22:41:19 2014 : Debug:       log_stripped_names = no
Mon Mar 10 22:41:19 2014 : Debug:  security {
Mon Mar 10 22:41:19 2014 : Debug:       max_attributes = 200
Mon Mar 10 22:41:19 2014 : Debug:       reject_delay = 1
Mon Mar 10 22:41:19 2014 : Debug:       status_server = no
Mon Mar 10 22:41:19 2014 : Debug:  }
Mon Mar 10 22:41:19 2014 : Debug: }
Mon Mar 10 22:41:19 2014 : Debug: radiusd: #### Loading Realms and Home Servers ####
Mon Mar 10 22:41:19 2014 : Debug: radiusd: #### Loading Clients ####
Mon Mar 10 22:41:19 2014 : Debug:  client 127.0.0.1 {
Mon Mar 10 22:41:19 2014 : Debug:       require_message_authenticator = no
Mon Mar 10 22:41:19 2014 : Debug:       secret = "somepassword"
Mon Mar 10 22:41:19 2014 : Debug:       shortname = "localhost"
Mon Mar 10 22:41:19 2014 : Debug:       nastype = "other"
Mon Mar 10 22:41:19 2014 : Debug:  }
Mon Mar 10 22:41:19 2014 : Debug: radiusd: #### Instantiating modules ####
Mon Mar 10 22:41:19 2014 : Debug:  instantiate {
Mon Mar 10 22:41:19 2014 : Debug:  }
Mon Mar 10 22:41:19 2014 : Debug: radiusd: #### Loading Virtual Servers ####
Mon Mar 10 22:41:19 2014 : Debug: server { # from file /etc/freeradius/radiusd.conf
Mon Mar 10 22:41:19 2014 : Debug:  modules {
Mon Mar 10 22:41:19 2014 : Debug:  Module: Checking authenticate {...} for more modules to load
Mon Mar 10 22:41:19 2014 : Debug:     (Loaded rlm_pap, checking if it's valid)
Mon Mar 10 22:41:19 2014 : Debug:  Module: Linked to module rlm_pap
Mon Mar 10 22:41:19 2014 : Debug:  Module: Instantiating module "pap" from file /etc/freeradius/radiusd.conf
Mon Mar 10 22:41:19 2014 : Debug:   pap {
Mon Mar 10 22:41:19 2014 : Debug:       encryption_scheme = "crypt"
Mon Mar 10 22:41:19 2014 : Debug:       auto_header = no
Mon Mar 10 22:41:19 2014 : Debug:   }
Mon Mar 10 22:41:19 2014 : Debug:     (Loaded rlm_chap, checking if it's valid)
Mon Mar 10 22:41:19 2014 : Debug:  Module: Linked to module rlm_chap
Mon Mar 10 22:41:19 2014 : Debug:  Module: Instantiating module "chap" from file /etc/freeradius/radiusd.conf
Mon Mar 10 22:41:19 2014 : Debug:     (Loaded rlm_mschap, checking if it's valid)
Mon Mar 10 22:41:19 2014 : Debug:  Module: Linked to module rlm_mschap
Mon Mar 10 22:41:19 2014 : Debug:  Module: Instantiating module "mschap" from file /etc/freeradius/radiusd.conf
Mon Mar 10 22:41:19 2014 : Debug:   mschap {
Mon Mar 10 22:41:19 2014 : Debug:       use_mppe = no
Mon Mar 10 22:41:19 2014 : Debug:       require_encryption = no
Mon Mar 10 22:41:19 2014 : Debug:       require_strong = no
Mon Mar 10 22:41:19 2014 : Debug:       with_ntdomain_hack = no
Mon Mar 10 22:41:19 2014 : Debug:       allow_retry = yes
Mon Mar 10 22:41:19 2014 : Debug:   }
Mon Mar 10 22:41:19 2014 : Debug:  Module: Checking authorize {...} for more modules to load
Mon Mar 10 22:41:19 2014 : Debug:     (Loaded rlm_sql, checking if it's valid)
Mon Mar 10 22:41:19 2014 : Debug:  Module: Linked to module rlm_sql
Mon Mar 10 22:41:19 2014 : Debug:  Module: Instantiating module "sql" from file /etc/freeradius/sql.conf
Mon Mar 10 22:41:19 2014 : Debug:   sql {
Mon Mar 10 22:41:19 2014 : Debug:       driver = "rlm_sql_mysql"
Mon Mar 10 22:41:19 2014 : Debug:       server = "localhost"
Mon Mar 10 22:41:19 2014 : Debug:       port = "3306"
Mon Mar 10 22:41:19 2014 : Debug:       login = "radius"
Mon Mar 10 22:41:19 2014 : Debug:       password = "radius@xxx"
Mon Mar 10 22:41:19 2014 : Debug:       radius_db = "radius"
Mon Mar 10 22:41:19 2014 : Debug:       read_groups = yes
Mon Mar 10 22:41:19 2014 : Debug:       sqltrace = no
Mon Mar 10 22:41:19 2014 : Debug:       sqltracefile = "/var/log/freeradius/sqltrace.sql"
Mon Mar 10 22:41:19 2014 : Debug:       readclients = no
Mon Mar 10 22:41:19 2014 : Debug:       deletestalesessions = yes
Mon Mar 10 22:41:19 2014 : Debug:       num_sql_socks = 5
Mon Mar 10 22:41:19 2014 : Debug:       lifetime = 0
Mon Mar 10 22:41:19 2014 : Debug:       max_queries = 0
Mon Mar 10 22:41:19 2014 : Debug:       sql_user_name = "%{User-Name}"
Mon Mar 10 22:41:19 2014 : Debug:       default_user_profile = ""
Mon Mar 10 22:41:19 2014 : Debug:       nas_query = "SELECT id, nasname, shortname, type, secret, server FROM nas"
Mon Mar 10 22:41:19 2014 : Debug:       authorize_check_query = "SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id"
Mon Mar 10 22:41:19 2014 : Debug:       authorize_reply_query = "SELECT id, username, attribute, value, op           FROM radreply           WHERE username = '%{SQL-User-Name}'           ORDER BY id"
Mon Mar 10 22:41:19 2014 : Debug:       authorize_group_check_query = "SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id"
Mon Mar 10 22:41:19 2014 : Debug:       authorize_group_reply_query = "SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id"
Mon Mar 10 22:41:19 2014 : Debug:       accounting_onoff_query = "          UPDATE radacct           SET              acctstoptime       =  '%S',              acctsessiontime    =  unix_timestamp('%S') -                                    unix_timestamp(acctstarttime),              acctterminatecause =  '%{Acct-Terminate-Cause}',              acctstopdelay      =  %{%{Acct-Delay-Time}:-0}           WHERE acctstoptime IS NULL           AND nasipaddress      =  '%{NAS-IP-Address}'           AND acctstarttime     <= '%S'"
Mon Mar 10 22:41:19 2014 : Debug:       accounting_update_query = "           UPDATE radacct           SET              framedipaddress = '%{Framed-IP-Address}',              acctsessiontime     = '%{Acct-Session-Time}',              acctinputoctets     = '%{%{Acct-Input-Gigawords}:-0}'  << 32 |                                    '%{%{Acct-Input-Octets}:-0}',              acctoutputoctets    = '%{%{Acct-Output-Gigawords}:-0}' << 32 |                                    '%{%{Acct-Output-Octets}:-0}'           WHERE acctsessionid = '%{Acct-Session-Id}'           AND username        = '%{SQL-User-Name}'           AND nasipaddress    = '%{NAS-IP-Address}'"
Mon Mar 10 22:41:19 2014 : Debug:       accounting_update_query_alt = "           INSERT INTO radacct             (acctsessionid,    acctuniqueid,      username,              realm,            nasipaddress,      nasportid,              nasporttype,      acctstarttime,     acctsessiontime,              acctauthentic,    connectinfo_start, acctinputoctets,              acctoutputoctets, calledstationid,   callingstationid,              servicetype,      framedprotocol,    framedipaddress,              acctstartdelay,   xascendsessionsvrkey)           VALUES             ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',              '%{SQL-User-Name}',              '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}',              '%{NAS-Port-Type}',              DATE_SUB('%S',                       INTERVAL (%{%{Acct-Session-Time}:-0} +                                 %{%{Acct-Delay-Time}:-0}) SECOND),                       '%{Acct-Session-Time}',              '%{Acct-Authentic}', '',              '%{%{Acct-Input-Gigawords}:-0}' << 32 |              '%{%{Acct-Input-Octets}:-0}',              '%{%{Acct-Output-Gigawords}:-0}' << 32 |              '%{%{Acct-Output-Octets}:-0}',              '%{Called-Station-Id}', '%{Calling-Station-Id}',              '%{Service-Type}', '%{Framed-Protocol}',              '%{Framed-IP-Address}',              '0', '%{X-Ascend-Session-Svr-Key}')"
Mon Mar 10 22:41:19 2014 : Debug:       accounting_start_query = "           INSERT INTO radacct             (acctsessionid,    acctuniqueid,     username,              realm,            nasipaddress,     nasportid,              nasporttype,      acctstarttime,    acctstoptime,              acctsessiontime,  acctauthentic,    connectinfo_start,              connectinfo_stop, acctinputoctets,  acctoutputoctets,              calledstationid,  callingstationid, acctterminatecause,              servicetype,      framedprotocol,   framedipaddress,              acctstartdelay,   acctstopdelay,    xascendsessionsvrkey)           VALUES             ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',              '%{SQL-User-Name}',              '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}',              '%{NAS-Port-Type}', '%S', NULL,              '0', '%{Acct-Authentic}', '%{Connect-Info}',              '', '0', '0',              '%{Called-Station-Id}', '%{Calling-Station-Id}', '',              '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}',              '%{%{Acct-Delay-Time}:-0}', '0', '%{X-Ascend-Session-Svr-Key}')"
Mon Mar 10 22:41:19 2014 : Debug:       accounting_start_query_alt = "           UPDATE radacct SET              acctstarttime     = '%S',              acctstartdelay    = '%{%{Acct-Delay-Time}:-0}',              connectinfo_start = '%{Connect-Info}'           WHERE acctsessionid  = '%{Acct-Session-Id}'           AND username         = '%{SQL-User-Name}'           AND nasipaddress     = '%{NAS-IP-Address}'"
Mon Mar 10 22:41:19 2014 : Debug:       accounting_stop_query = "           UPDATE radacct SET              acctstoptime       = '%S',              acctsessiontime    = '%{Acct-Session-Time}',              acctinputoctets    = '%{%{Acct-Input-Gigawords}:-0}' << 32 |                                   '%{%{Acct-Input-Octets}:-0}',              acctoutputoctets   = '%{%{Acct-Output-Gigawords}:-0}' << 32 |                                   '%{%{Acct-Output-Octets}:-0}',              acctterminatecause = '%{Acct-Terminate-Cause}',              acctstopdelay      = '%{%{Acct-Delay-Time}:-0}',              connectinfo_stop   = '%{Connect-Info}'           WHERE acctsessionid   = '%{Acct-Session-Id}'           AND username          = '%{SQL-User-Name}'           AND nasipaddress      = '%{NAS-IP-Address}'"
Mon Mar 10 22:41:19 2014 : Debug:       accounting_stop_query_alt = "           INSERT INTO radacct             (acctsessionid, acctuniqueid, username,              realm, nasipaddress, nasportid,              nasporttype, acctstarttime, acctstoptime,              acctsessiontime, acctauthentic, connectinfo_start,              connectinfo_stop, acctinputoctets, acctoutputoctets,              calledstationid, callingstationid, acctterminatecause,              servicetype, framedprotocol, framedipaddress,              acctstartdelay, acctstopdelay)           VALUES             ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',              '%{SQL-User-Name}',              '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}',              '%{NAS-Port-Type}',              DATE_SUB('%S',                  INTERVAL (%{%{Acct-Session-Time}:-0} +                  %{%{Acct-Delay-Time}:-0}) SECOND),              '%S', '%{Acct-Session-Time}', '%{Acct-Authentic}', '',              '%{Connect-Info}',              '%{%{Acct-Input-Gigawords}:-0}' << 32 |              '%{%{Acct-Input-Octets}:-0}',              '%{%{Acct-Output-Gigawords}:-0}' << 32 |              '%{%{Acct-Output-Octets}:-0}',              '%{Called-Station-Id}', '%{Calling-Station-Id}',              '%{Acct-Terminate-Cause}',              '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}',              '0', '%{%{Acct-Delay-Time}:-0}')"
Mon Mar 10 22:41:19 2014 : Debug:       group_membership_query = "SELECT groupname           FROM usergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority"
Mon Mar 10 22:41:19 2014 : Debug:       connect_failure_retry_delay = 60
Mon Mar 10 22:41:19 2014 : Debug:       simul_count_query = ""
Mon Mar 10 22:41:19 2014 : Debug:       simul_verify_query = "SELECT radacctid, acctsessionid, username,                                nasipaddress, nasportid, framedipaddress,                                callingstationid, framedprotocol                                FROM radacct                                WHERE username = '%{SQL-User-Name}'                                AND acctstoptime IS NULL"
Mon Mar 10 22:41:19 2014 : Debug:       postauth_query = "INSERT INTO radpostauth                           (username, pass, reply, authdate)                           VALUES (                           '%{User-Name}',                           '%{%{User-Password}:-%{Chap-Password}}',                           '%{reply:Packet-Type}', '%S')"
Mon Mar 10 22:41:19 2014 : Debug:       safe-characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
Mon Mar 10 22:41:19 2014 : Debug:   }
Mon Mar 10 22:41:19 2014 : Info: rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
Mon Mar 10 22:41:19 2014 : Info: rlm_sql (sql): Attempting to connect to radius@localhost:3306/radius
Mon Mar 10 22:41:19 2014 : Debug: rlm_sql (sql): starting 0
Mon Mar 10 22:41:19 2014 : Info: rlm_sql (sql): Attempting to connect rlm_sql_mysql #0
Mon Mar 10 22:41:19 2014 : Info: rlm_sql_mysql: Starting connect to MySQL server for #0
Mon Mar 10 22:41:19 2014 : Info: rlm_sql (sql): Connected new DB handle, #0
Mon Mar 10 22:41:19 2014 : Debug: rlm_sql (sql): starting 1
Mon Mar 10 22:41:19 2014 : Info: rlm_sql (sql): Attempting to connect rlm_sql_mysql #1
Mon Mar 10 22:41:19 2014 : Info: rlm_sql_mysql: Starting connect to MySQL server for #1
Mon Mar 10 22:41:19 2014 : Info: rlm_sql (sql): Connected new DB handle, #1
Mon Mar 10 22:41:19 2014 : Debug: rlm_sql (sql): starting 2
Mon Mar 10 22:41:19 2014 : Info: rlm_sql (sql): Attempting to connect rlm_sql_mysql #2
Mon Mar 10 22:41:19 2014 : Info: rlm_sql_mysql: Starting connect to MySQL server for #2
Mon Mar 10 22:41:19 2014 : Info: rlm_sql (sql): Connected new DB handle, #2
Mon Mar 10 22:41:19 2014 : Debug: rlm_sql (sql): starting 3
Mon Mar 10 22:41:19 2014 : Info: rlm_sql (sql): Attempting to connect rlm_sql_mysql #3
Mon Mar 10 22:41:19 2014 : Info: rlm_sql_mysql: Starting connect to MySQL server for #3
Mon Mar 10 22:41:19 2014 : Info: rlm_sql (sql): Connected new DB handle, #3
Mon Mar 10 22:41:19 2014 : Debug: rlm_sql (sql): starting 4
Mon Mar 10 22:41:19 2014 : Info: rlm_sql (sql): Attempting to connect rlm_sql_mysql #4
Mon Mar 10 22:41:19 2014 : Info: rlm_sql_mysql: Starting connect to MySQL server for #4
Mon Mar 10 22:41:19 2014 : Info: rlm_sql (sql): Connected new DB handle, #4
Mon Mar 10 22:41:19 2014 : Debug:  Module: Checking preacct {...} for more modules to load
Mon Mar 10 22:41:19 2014 : Debug:     (Loaded rlm_acct_unique, checking if it's valid)
Mon Mar 10 22:41:19 2014 : Debug:  Module: Linked to module rlm_acct_unique
Mon Mar 10 22:41:19 2014 : Debug:  Module: Instantiating module "acct_unique" from file /etc/freeradius/radiusd.conf
Mon Mar 10 22:41:19 2014 : Debug:   acct_unique {
Mon Mar 10 22:41:19 2014 : Debug:       key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
Mon Mar 10 22:41:19 2014 : Debug:   }
Mon Mar 10 22:41:19 2014 : Debug:  Module: Checking accounting {...} for more modules to load
Mon Mar 10 22:41:19 2014 : Debug:  Module: Checking session {...} for more modules to load
Mon Mar 10 22:41:19 2014 : Debug:  Module: Checking post-auth {...} for more modules to load
Mon Mar 10 22:41:19 2014 : Debug:  } # modules
Mon Mar 10 22:41:19 2014 : Debug: } # server
Mon Mar 10 22:41:19 2014 : Debug: radiusd: #### Opening IP addresses and Ports ####
Mon Mar 10 22:41:19 2014 : Debug:       bind_address = *
Mon Mar 10 22:41:19 2014 : Info: WARNING: The directive 'bind_address' is deprecated, and will be removed in future versions of FreeRADIUS. Please edit the configuration files to use the directive 'listen'.
Mon Mar 10 22:41:19 2014 : Debug: listen {
Mon Mar 10 22:41:19 2014 : Debug:       type = "acct"
Mon Mar 10 22:41:19 2014 : Debug:       ipaddr = 127.0.0.1
Mon Mar 10 22:41:19 2014 : Debug:       port = 0
Mon Mar 10 22:41:19 2014 : Error: Failed binding to accounting address 127.0.0.1 port 1813: Address already in use
Mon Mar 10 22:41:19 2014 : Error: /etc/freeradius/radiusd.conf[62]: Error binding to port for 127.0.0.1 port 1813


s tymto som to porovnaval http://wiki.mikrotik.com/wiki/RouterOs_MySql_Freeradius ale faktt neviem kde robim chybu

Ak mate nejake ine rady rad si ich vypocujem
dakujem za kazdu odpoveď a radu

Re: Problem s freeradiusom

Napsal: 11 Mar 2014 08:30
od loopie
Hezký den,
ono je to z toho logu docela čitelné. Hází ti varování, že používáš zastaralou direktivu bind_address (což by nemělo vadit). Chyba na kterou ti to končí je zpravidla způsobená tím, že se pokoušíš na stroji spustit druhého démona freeradiusu. Nebo ti na portu 1813 poslouchá už něco jiného.

Jarda

Re: Problem s freeradiusom

Napsal: 11 Mar 2014 21:16
od zvukarmiso
No nech robim co robim, rovnake porty nevidim ze by tam boli spustene. Vies ma nejak nakopnut ? kde asi robim chybu ?

Uz som to aj cele preinstaloval a stale to iste

Re: Problem s freeradiusom

Napsal: 11 Mar 2014 22:55
od Majklik
Obsadíš to asi sám sobě. V tom cfg máš na začátku:
bind_address = *
port = 0

To ti obsadí všechny IP a asi i porty pro auth i acct současně jedním příkazem, takže následující volba:
listen {
type = acct
ipaddr = 127.0.0.1
port = 0
}
už jen marně selže.
To bind_address a port vyhoď a dej místo toho:
listen {
type = auth
ipaddr = *
port = 0
}
U toho acct tak0 uprav tu IP z looopbacku na *.

Re: Problem s freeradiusom

Napsal: 11 Mar 2014 23:43
od zvukarmiso
No neviem asi neviem kde robim chybu ale zase toto

Kód: Vybrat vše

Tue Mar 11 23:39:33 2014 : Debug: radiusd: #### Opening IP addresses and Ports ####
Tue Mar 11 23:39:33 2014 : Debug: listen {
Tue Mar 11 23:39:33 2014 : Debug:       type = "auth"
Tue Mar 11 23:39:33 2014 : Debug:       ipaddr = *
Tue Mar 11 23:39:33 2014 : Debug:       port = 0
Tue Mar 11 23:39:33 2014 : Error: Failed binding to authentication address * port 1812: Address already in use
Tue Mar 11 23:39:33 2014 : Error: /etc/freeradius/radiusd.conf[34]: Error binding to port for 0.0.0.0 port 1812


namiesto
bind_address = *
port = 0

som dal
listen {
type = auth
ipaddr = *
port = 0
}

a to druhe neviem co myslis tak to spravil takto
listen {
type = acct
ipaddr = 127.0.0.1
port = 0
}

Re: Problem s freeradiusom

Napsal: 12 Mar 2014 23:01
od zvukarmiso
No nejak sa mi to podarilo vyriesit. Postupoval som dalej podla toho navodu.

ale klientskemu zariadenu neprideli IP ani usera proste ako keby to neexistovalo.
Viem to nejak odsledovat co sa tam deje ?

Re: Problem s freeradiusom

Napsal: 13 Mar 2014 21:46
od zvukarmiso
Prisiel som na dovod preco mi to asi nejde

ak spravim
radtest sqltest testpwd localhost 0 testing123
tak proste spravi mi len toto

Kód: Vybrat vše

Sending Access-Request of id 115 to 127.0.0.1 port 1812
        User-Name = "sqltest"
        User-Password = "testpwd"
        NAS-IP-Address = 192.168.101.52
        NAS-Port = 0
        Message-Authenticator = 0x00000000000000000000000000000000
Sending Access-Request of id 115 to 127.0.0.1 port 1812
        User-Name = "sqltest"
        User-Password = "testpwd"
        NAS-IP-Address = 192.168.101.52
        NAS-Port = 0
        Message-Authenticator = 0x00000000000000000000000000000000
Sending Access-Request of id 115 to 127.0.0.1 port 1812
        User-Name = "sqltest"
        User-Password = "testpwd"
        NAS-IP-Address = 192.168.101.52
        NAS-Port = 0
        Message-Authenticator = 0x00000000000000000000000000000000
radclient: no response from server for ID 115 socket 3



spravil som aj freeradius -XXX, ale ziadny error tam nevidim

Kód: Vybrat vše

root@radius2:~# freeradius -XXX
Thu Mar 13 21:08:02 2014 : Info: FreeRADIUS Version 2.1.12, for host i486-pc-linux-gnu, built on Dec 16 2012 at 22:03:33
Thu Mar 13 21:08:02 2014 : Info: Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.
Thu Mar 13 21:08:02 2014 : Info: There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
Thu Mar 13 21:08:02 2014 : Info: PARTICULAR PURPOSE.
Thu Mar 13 21:08:02 2014 : Info: You may redistribute copies of FreeRADIUS under the terms of the
Thu Mar 13 21:08:02 2014 : Info: GNU General Public License v2.
Thu Mar 13 21:08:02 2014 : Info: Starting - reading configuration files ...
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/radiusd.conf
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/proxy.conf
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/clients.conf
Thu Mar 13 21:08:02 2014 : Debug: including files in directory /etc/freeradius/modules/
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/passwd
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/policy
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/expr
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/digest
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/ntlm_auth
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/pap
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/smbpasswd
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/logintime
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/attr_filter
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/detail.log
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/mac2vlan
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/preprocess
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/unix
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/wimax
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/redis
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/mschap
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/smsotp
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/replicate
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/cui
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/detail.example.com
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/linelog
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/files
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/opendirectory
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/krb5
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/mac2ip
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/exec
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/always
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/etc_group
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/detail
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/counter
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/expiration
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/sradutmp
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/inner-eap
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/ldap
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/checkval
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/dynamic_clients
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/acct_unique
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/attr_rewrite
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/otp
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/sql_log
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/chap
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/radutmp
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/ippool
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/sqlcounter_expire_on_login
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/echo
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/rediswho
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/soh
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/pam
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/perl
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/modules/realm
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/eap.conf
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/sql.conf
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/sql/mysql/dialup.conf
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/policy.conf
Thu Mar 13 21:08:02 2014 : Debug: including files in directory /etc/freeradius/sites-enabled/
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/sites-enabled/inner-tunnel
Thu Mar 13 21:08:02 2014 : Debug: including configuration file /etc/freeradius/sites-enabled/default
Thu Mar 13 21:08:02 2014 : Debug: main {
Thu Mar 13 21:08:02 2014 : Debug:       user = "freerad"
Thu Mar 13 21:08:02 2014 : Debug:       group = "freerad"
Thu Mar 13 21:08:02 2014 : Debug:       allow_core_dumps = no
Thu Mar 13 21:08:02 2014 : Debug: }
Thu Mar 13 21:08:02 2014 : Debug: including dictionary file /etc/freeradius/dictionary
Thu Mar 13 21:08:02 2014 : Debug: main {
Thu Mar 13 21:08:02 2014 : Debug:       name = "freeradius"
Thu Mar 13 21:08:02 2014 : Debug:       prefix = "/usr"
Thu Mar 13 21:08:02 2014 : Debug:       localstatedir = "/var"
Thu Mar 13 21:08:02 2014 : Debug:       sbindir = "/usr/sbin"
Thu Mar 13 21:08:02 2014 : Debug:       logdir = "/var/log/freeradius"
Thu Mar 13 21:08:02 2014 : Debug:       run_dir = "/var/run/freeradius"
Thu Mar 13 21:08:02 2014 : Debug:       libdir = "/usr/lib/freeradius"
Thu Mar 13 21:08:02 2014 : Debug:       radacctdir = "/var/log/freeradius/radacct"
Thu Mar 13 21:08:02 2014 : Debug:       hostname_lookups = no
Thu Mar 13 21:08:02 2014 : Debug:       max_request_time = 30
Thu Mar 13 21:08:02 2014 : Debug:       cleanup_delay = 5
Thu Mar 13 21:08:02 2014 : Debug:       max_requests = 1024
Thu Mar 13 21:08:02 2014 : Debug:       pidfile = "/var/run/freeradius/freeradius.pid"
Thu Mar 13 21:08:02 2014 : Debug:       checkrad = "/usr/sbin/checkrad"
Thu Mar 13 21:08:02 2014 : Debug:       debug_level = 0
Thu Mar 13 21:08:02 2014 : Debug:       proxy_requests = yes
Thu Mar 13 21:08:02 2014 : Debug:  log {
Thu Mar 13 21:08:02 2014 : Debug:       stripped_names = no
Thu Mar 13 21:08:02 2014 : Debug:       auth = no
Thu Mar 13 21:08:02 2014 : Debug:       auth_badpass = no
Thu Mar 13 21:08:02 2014 : Debug:       auth_goodpass = no
Thu Mar 13 21:08:02 2014 : Debug:  }
Thu Mar 13 21:08:02 2014 : Debug:  security {
Thu Mar 13 21:08:02 2014 : Debug:       max_attributes = 200
Thu Mar 13 21:08:02 2014 : Debug:       reject_delay = 1
Thu Mar 13 21:08:02 2014 : Debug:       status_server = yes
Thu Mar 13 21:08:02 2014 : Debug:  }
Thu Mar 13 21:08:02 2014 : Debug: }
Thu Mar 13 21:08:02 2014 : Debug: radiusd: #### Loading Realms and Home Servers ####
Thu Mar 13 21:08:02 2014 : Debug:  proxy server {
Thu Mar 13 21:08:02 2014 : Debug:       retry_delay = 5
Thu Mar 13 21:08:02 2014 : Debug:       retry_count = 3
Thu Mar 13 21:08:02 2014 : Debug:       default_fallback = no
Thu Mar 13 21:08:02 2014 : Debug:       dead_time = 120
Thu Mar 13 21:08:02 2014 : Debug:       wake_all_if_all_dead = no
Thu Mar 13 21:08:02 2014 : Debug:  }
Thu Mar 13 21:08:02 2014 : Debug:  home_server localhost {
Thu Mar 13 21:08:02 2014 : Debug:       ipaddr = 127.0.0.1
Thu Mar 13 21:08:02 2014 : Debug:       port = 1812
Thu Mar 13 21:08:02 2014 : Debug:       type = "auth"
Thu Mar 13 21:08:02 2014 : Debug:       secret = "testing123"
Thu Mar 13 21:08:02 2014 : Debug:       response_window = 20
Thu Mar 13 21:08:02 2014 : Debug:       max_outstanding = 65536
Thu Mar 13 21:08:02 2014 : Debug:       require_message_authenticator = yes
Thu Mar 13 21:08:02 2014 : Debug:       zombie_period = 40
Thu Mar 13 21:08:02 2014 : Debug:       status_check = "status-server"
Thu Mar 13 21:08:02 2014 : Debug:       ping_interval = 30
Thu Mar 13 21:08:02 2014 : Debug:       check_interval = 30
Thu Mar 13 21:08:02 2014 : Debug:       num_answers_to_alive = 3
Thu Mar 13 21:08:02 2014 : Debug:       num_pings_to_alive = 3
Thu Mar 13 21:08:02 2014 : Debug:       revive_interval = 120
Thu Mar 13 21:08:02 2014 : Debug:       status_check_timeout = 4
Thu Mar 13 21:08:02 2014 : Debug:   coa {
Thu Mar 13 21:08:02 2014 : Debug:       irt = 2
Thu Mar 13 21:08:02 2014 : Debug:       mrt = 16
Thu Mar 13 21:08:02 2014 : Debug:       mrc = 5
Thu Mar 13 21:08:02 2014 : Debug:       mrd = 30
Thu Mar 13 21:08:02 2014 : Debug:   }
Thu Mar 13 21:08:02 2014 : Debug:  }
Thu Mar 13 21:08:02 2014 : Debug:  home_server_pool my_auth_failover {
Thu Mar 13 21:08:02 2014 : Debug:       type = fail-over
Thu Mar 13 21:08:02 2014 : Debug:       home_server = localhost
Thu Mar 13 21:08:02 2014 : Debug:  }
Thu Mar 13 21:08:02 2014 : Debug:  realm example.com {
Thu Mar 13 21:08:02 2014 : Debug:       auth_pool = my_auth_failover
Thu Mar 13 21:08:02 2014 : Debug:  }
Thu Mar 13 21:08:02 2014 : Debug:  realm LOCAL {
Thu Mar 13 21:08:02 2014 : Debug:  }
Thu Mar 13 21:08:02 2014 : Debug: radiusd: #### Loading Clients ####
Thu Mar 13 21:08:02 2014 : Debug:  client localhost {
Thu Mar 13 21:08:02 2014 : Debug:       ipaddr = 127.0.0.1
Thu Mar 13 21:08:02 2014 : Debug:       require_message_authenticator = no
Thu Mar 13 21:08:02 2014 : Debug:       secret = "testing123"
Thu Mar 13 21:08:02 2014 : Debug:       nastype = "other"
Thu Mar 13 21:08:02 2014 : Debug:  }
Thu Mar 13 21:08:02 2014 : Debug:  client 192.168.101.236 {
Thu Mar 13 21:08:02 2014 : Debug:       require_message_authenticator = no
Thu Mar 13 21:08:02 2014 : Debug:       secret = "91982650d89"
Thu Mar 13 21:08:02 2014 : Debug:       nastype = "other"
Thu Mar 13 21:08:02 2014 : Debug:  }
Thu Mar 13 21:08:02 2014 : Debug: radiusd: #### Instantiating modules ####
Thu Mar 13 21:08:02 2014 : Debug:  instantiate {
Thu Mar 13 21:08:02 2014 : Debug:     (Loaded rlm_exec, checking if it's valid)
Thu Mar 13 21:08:02 2014 : Debug:  Module: Linked to module rlm_exec
Thu Mar 13 21:08:02 2014 : Debug:  Module: Instantiating module "exec" from file /etc/freeradius/modules/exec
Thu Mar 13 21:08:02 2014 : Debug:   exec {
Thu Mar 13 21:08:02 2014 : Debug:       wait = no
Thu Mar 13 21:08:02 2014 : Debug:       input_pairs = "request"
Thu Mar 13 21:08:02 2014 : Debug:       shell_escape = yes
Thu Mar 13 21:08:02 2014 : Debug:   }
Thu Mar 13 21:08:02 2014 : Debug:     (Loaded rlm_expr, checking if it's valid)
Thu Mar 13 21:08:02 2014 : Debug:  Module: Linked to module rlm_expr
Thu Mar 13 21:08:02 2014 : Debug:  Module: Instantiating module "expr" from file /etc/freeradius/modules/expr
Thu Mar 13 21:08:02 2014 : Debug:     (Loaded rlm_expiration, checking if it's valid)
Thu Mar 13 21:08:02 2014 : Debug:  Module: Linked to module rlm_expiration
Thu Mar 13 21:08:02 2014 : Debug:  Module: Instantiating module "expiration" from file /etc/freeradius/modules/expiration
Thu Mar 13 21:08:02 2014 : Debug:   expiration {
Thu Mar 13 21:08:02 2014 : Debug:       reply-message = "Password Has Expired  "
Thu Mar 13 21:08:02 2014 : Debug:   }
Thu Mar 13 21:08:02 2014 : Debug:     (Loaded rlm_logintime, checking if it's valid)
Thu Mar 13 21:08:02 2014 : Debug:  Module: Linked to module rlm_logintime
Thu Mar 13 21:08:02 2014 : Debug:  Module: Instantiating module "logintime" from file /etc/freeradius/modules/logintime
Thu Mar 13 21:08:02 2014 : Debug:   logintime {
Thu Mar 13 21:08:02 2014 : Debug:       reply-message = "You are calling outside your allowed timespan  "
Thu Mar 13 21:08:02 2014 : Debug:       minimum-timeout = 60
Thu Mar 13 21:08:02 2014 : Debug:   }
Thu Mar 13 21:08:02 2014 : Debug:  }
Thu Mar 13 21:08:02 2014 : Debug: radiusd: #### Loading Virtual Servers ####
Thu Mar 13 21:08:02 2014 : Debug: server { # from file /etc/freeradius/radiusd.conf
Thu Mar 13 21:08:02 2014 : Debug:  modules {
Thu Mar 13 21:08:02 2014 : Debug:   Module: Creating Auth-Type = digest
Thu Mar 13 21:08:02 2014 : Debug:   Module: Creating Post-Auth-Type = REJECT
Thu Mar 13 21:08:02 2014 : Debug:  Module: Checking authenticate {...} for more modules to load
Thu Mar 13 21:08:02 2014 : Debug:     (Loaded rlm_pap, checking if it's valid)
Thu Mar 13 21:08:02 2014 : Debug:  Module: Linked to module rlm_pap
Thu Mar 13 21:08:02 2014 : Debug:  Module: Instantiating module "pap" from file /etc/freeradius/modules/pap
Thu Mar 13 21:08:02 2014 : Debug:   pap {
Thu Mar 13 21:08:02 2014 : Debug:       encryption_scheme = "auto"
Thu Mar 13 21:08:02 2014 : Debug:       auto_header = no
Thu Mar 13 21:08:02 2014 : Debug:   }
Thu Mar 13 21:08:02 2014 : Debug:     (Loaded rlm_chap, checking if it's valid)
Thu Mar 13 21:08:02 2014 : Debug:  Module: Linked to module rlm_chap
Thu Mar 13 21:08:02 2014 : Debug:  Module: Instantiating module "chap" from file /etc/freeradius/modules/chap
Thu Mar 13 21:08:02 2014 : Debug:     (Loaded rlm_mschap, checking if it's valid)
Thu Mar 13 21:08:02 2014 : Debug:  Module: Linked to module rlm_mschap
Thu Mar 13 21:08:02 2014 : Debug:  Module: Instantiating module "mschap" from file /etc/freeradius/modules/mschap
Thu Mar 13 21:08:02 2014 : Debug:   mschap {
Thu Mar 13 21:08:02 2014 : Debug:       use_mppe = yes
Thu Mar 13 21:08:02 2014 : Debug:       require_encryption = no
Thu Mar 13 21:08:02 2014 : Debug:       require_strong = no
Thu Mar 13 21:08:02 2014 : Debug:       with_ntdomain_hack = no
Thu Mar 13 21:08:02 2014 : Debug:       allow_retry = yes
Thu Mar 13 21:08:02 2014 : Debug:   }
Thu Mar 13 21:08:02 2014 : Debug:     (Loaded rlm_digest, checking if it's valid)
Thu Mar 13 21:08:02 2014 : Debug:  Module: Linked to module rlm_digest
Thu Mar 13 21:08:02 2014 : Debug:  Module: Instantiating module "digest" from file /etc/freeradius/modules/digest
Thu Mar 13 21:08:02 2014 : Debug:     (Loaded rlm_unix, checking if it's valid)
Thu Mar 13 21:08:02 2014 : Debug:  Module: Linked to module rlm_unix
Thu Mar 13 21:08:02 2014 : Debug:  Module: Instantiating module "unix" from file /etc/freeradius/modules/unix
Thu Mar 13 21:08:02 2014 : Debug:   unix {
Thu Mar 13 21:08:02 2014 : Debug:       radwtmp = "/var/log/freeradius/radwtmp"
Thu Mar 13 21:08:02 2014 : Debug:   }
Thu Mar 13 21:08:02 2014 : Debug:     (Loaded rlm_eap, checking if it's valid)
Thu Mar 13 21:08:02 2014 : Debug:  Module: Linked to module rlm_eap
Thu Mar 13 21:08:02 2014 : Debug:  Module: Instantiating module "eap" from file /etc/freeradius/eap.conf
Thu Mar 13 21:08:02 2014 : Debug:   eap {
Thu Mar 13 21:08:02 2014 : Debug:       default_eap_type = "md5"
Thu Mar 13 21:08:02 2014 : Debug:       timer_expire = 60
Thu Mar 13 21:08:02 2014 : Debug:       ignore_unknown_eap_types = no
Thu Mar 13 21:08:02 2014 : Debug:       cisco_accounting_username_bug = no
Thu Mar 13 21:08:02 2014 : Debug:       max_sessions = 4096
Thu Mar 13 21:08:02 2014 : Debug:   }
Thu Mar 13 21:08:02 2014 : Debug:  Module: Linked to sub-module rlm_eap_md5
Thu Mar 13 21:08:02 2014 : Debug:  Module: Instantiating eap-md5
Thu Mar 13 21:08:02 2014 : Debug:  Module: Linked to sub-module rlm_eap_leap
Thu Mar 13 21:08:02 2014 : Debug:  Module: Instantiating eap-leap
Thu Mar 13 21:08:02 2014 : Debug:  Module: Linked to sub-module rlm_eap_gtc
Thu Mar 13 21:08:02 2014 : Debug:  Module: Instantiating eap-gtc
Thu Mar 13 21:08:02 2014 : Debug:    gtc {
Thu Mar 13 21:08:02 2014 : Debug:       challenge = "Password: "
Thu Mar 13 21:08:02 2014 : Debug:       auth_type = "PAP"
Thu Mar 13 21:08:02 2014 : Debug:    }
Thu Mar 13 21:08:02 2014 : Debug:  Module: Linked to sub-module rlm_eap_tls
Thu Mar 13 21:08:02 2014 : Debug:  Module: Instantiating eap-tls
Thu Mar 13 21:08:02 2014 : Debug:    tls {
Thu Mar 13 21:08:02 2014 : Debug:       rsa_key_exchange = no
Thu Mar 13 21:08:02 2014 : Debug:       dh_key_exchange = yes
Thu Mar 13 21:08:02 2014 : Debug:       rsa_key_length = 512
Thu Mar 13 21:08:02 2014 : Debug:       dh_key_length = 512
Thu Mar 13 21:08:02 2014 : Debug:       verify_depth = 0
Thu Mar 13 21:08:02 2014 : Debug:       CA_path = "/etc/freeradius/certs"
Thu Mar 13 21:08:02 2014 : Debug:       pem_file_type = yes
Thu Mar 13 21:08:02 2014 : Debug:       private_key_file = "/etc/freeradius/certs/server.key"
Thu Mar 13 21:08:02 2014 : Debug:       certificate_file = "/etc/freeradius/certs/server.pem"
Thu Mar 13 21:08:02 2014 : Debug:       CA_file = "/etc/freeradius/certs/ca.pem"
Thu Mar 13 21:08:02 2014 : Debug:       private_key_password = "whatever"
Thu Mar 13 21:08:02 2014 : Debug:       dh_file = "/etc/freeradius/certs/dh"
Thu Mar 13 21:08:02 2014 : Debug:       random_file = "/dev/urandom"
Thu Mar 13 21:08:02 2014 : Debug:       fragment_size = 1024
Thu Mar 13 21:08:02 2014 : Debug:       include_length = yes
Thu Mar 13 21:08:02 2014 : Debug:       check_crl = no
Thu Mar 13 21:08:02 2014 : Debug:       cipher_list = "DEFAULT"
Thu Mar 13 21:08:02 2014 : Debug:       make_cert_command = "/etc/freeradius/certs/bootstrap"
Thu Mar 13 21:08:02 2014 : Debug:       ecdh_curve = "prime256v1"
Thu Mar 13 21:08:02 2014 : Debug:     cache {
Thu Mar 13 21:08:02 2014 : Debug:       enable = no
Thu Mar 13 21:08:02 2014 : Debug:       lifetime = 24
Thu Mar 13 21:08:02 2014 : Debug:       max_entries = 255
Thu Mar 13 21:08:02 2014 : Debug:     }
Thu Mar 13 21:08:02 2014 : Debug:     verify {
Thu Mar 13 21:08:02 2014 : Debug:     }
Thu Mar 13 21:08:02 2014 : Debug:     ocsp {
Thu Mar 13 21:08:02 2014 : Debug:       enable = no
Thu Mar 13 21:08:02 2014 : Debug:       override_cert_url = yes
Thu Mar 13 21:08:02 2014 : Debug:       url = "http://127.0.0.1/ocsp/"
Thu Mar 13 21:08:02 2014 : Debug:     }
Thu Mar 13 21:08:02 2014 : Debug:    }
Thu Mar 13 21:08:03 2014 : Debug:  Module: Linked to sub-module rlm_eap_ttls
Thu Mar 13 21:08:03 2014 : Debug:  Module: Instantiating eap-ttls
Thu Mar 13 21:08:03 2014 : Debug:    ttls {
Thu Mar 13 21:08:03 2014 : Debug:       default_eap_type = "md5"
Thu Mar 13 21:08:03 2014 : Debug:       copy_request_to_tunnel = no
Thu Mar 13 21:08:03 2014 : Debug:       use_tunneled_reply = no
Thu Mar 13 21:08:03 2014 : Debug:       virtual_server = "inner-tunnel"
Thu Mar 13 21:08:03 2014 : Debug:       include_length = yes
Thu Mar 13 21:08:03 2014 : Debug:    }
Thu Mar 13 21:08:03 2014 : Debug:  Module: Linked to sub-module rlm_eap_peap
Thu Mar 13 21:08:03 2014 : Debug:  Module: Instantiating eap-peap
Thu Mar 13 21:08:03 2014 : Debug:    peap {
Thu Mar 13 21:08:03 2014 : Debug:       default_eap_type = "mschapv2"
Thu Mar 13 21:08:03 2014 : Debug:       copy_request_to_tunnel = no
Thu Mar 13 21:08:03 2014 : Debug:       use_tunneled_reply = no
Thu Mar 13 21:08:03 2014 : Debug:       proxy_tunneled_request_as_eap = yes
Thu Mar 13 21:08:03 2014 : Debug:       virtual_server = "inner-tunnel"
Thu Mar 13 21:08:03 2014 : Debug:       soh = no
Thu Mar 13 21:08:03 2014 : Debug:    }
Thu Mar 13 21:08:03 2014 : Debug:  Module: Linked to sub-module rlm_eap_mschapv2
Thu Mar 13 21:08:03 2014 : Debug:  Module: Instantiating eap-mschapv2
Thu Mar 13 21:08:03 2014 : Debug:    mschapv2 {
Thu Mar 13 21:08:03 2014 : Debug:       with_ntdomain_hack = no
Thu Mar 13 21:08:03 2014 : Debug:       send_error = no
Thu Mar 13 21:08:03 2014 : Debug:    }
Thu Mar 13 21:08:03 2014 : Debug:  Module: Checking authorize {...} for more modules to load
Thu Mar 13 21:08:03 2014 : Debug:     (Loaded rlm_preprocess, checking if it's valid)
Thu Mar 13 21:08:03 2014 : Debug:  Module: Linked to module rlm_preprocess
Thu Mar 13 21:08:03 2014 : Debug:  Module: Instantiating module "preprocess" from file /etc/freeradius/modules/preprocess
Thu Mar 13 21:08:03 2014 : Debug:   preprocess {
Thu Mar 13 21:08:03 2014 : Debug:       huntgroups = "/etc/freeradius/huntgroups"
Thu Mar 13 21:08:03 2014 : Debug:       hints = "/etc/freeradius/hints"
Thu Mar 13 21:08:03 2014 : Debug:       with_ascend_hack = no
Thu Mar 13 21:08:03 2014 : Debug:       ascend_channels_per_line = 23
Thu Mar 13 21:08:03 2014 : Debug:       with_ntdomain_hack = no
Thu Mar 13 21:08:03 2014 : Debug:       with_specialix_jetstream_hack = no
Thu Mar 13 21:08:03 2014 : Debug:       with_cisco_vsa_hack = no
Thu Mar 13 21:08:03 2014 : Debug:       with_alvarion_vsa_hack = no
Thu Mar 13 21:08:03 2014 : Debug:   }
Thu Mar 13 21:08:03 2014 : Debug:     (Loaded rlm_realm, checking if it's valid)
Thu Mar 13 21:08:03 2014 : Debug:  Module: Linked to module rlm_realm
Thu Mar 13 21:08:03 2014 : Debug:  Module: Instantiating module "suffix" from file /etc/freeradius/modules/realm
Thu Mar 13 21:08:03 2014 : Debug:   realm suffix {
Thu Mar 13 21:08:03 2014 : Debug:       format = "suffix"
Thu Mar 13 21:08:03 2014 : Debug:       delimiter = "@"
Thu Mar 13 21:08:03 2014 : Debug:       ignore_default = no
Thu Mar 13 21:08:03 2014 : Debug:       ignore_null = no
Thu Mar 13 21:08:03 2014 : Debug:   }
Thu Mar 13 21:08:03 2014 : Debug:     (Loaded rlm_files, checking if it's valid)
Thu Mar 13 21:08:03 2014 : Debug:  Module: Linked to module rlm_files
Thu Mar 13 21:08:03 2014 : Debug:  Module: Instantiating module "files" from file /etc/freeradius/modules/files
Thu Mar 13 21:08:03 2014 : Debug:   files {
Thu Mar 13 21:08:03 2014 : Debug:       usersfile = "/etc/freeradius/users"
Thu Mar 13 21:08:03 2014 : Debug:       acctusersfile = "/etc/freeradius/acct_users"
Thu Mar 13 21:08:03 2014 : Debug:       preproxy_usersfile = "/etc/freeradius/preproxy_users"
Thu Mar 13 21:08:03 2014 : Debug:       compat = "no"
Thu Mar 13 21:08:03 2014 : Debug:   }
Thu Mar 13 21:08:03 2014 : Debug:     (Loaded rlm_sql, checking if it's valid)
Thu Mar 13 21:08:03 2014 : Debug:  Module: Linked to module rlm_sql
Thu Mar 13 21:08:03 2014 : Debug:  Module: Instantiating module "sql" from file /etc/freeradius/sql.conf
Thu Mar 13 21:08:03 2014 : Debug:   sql {
Thu Mar 13 21:08:03 2014 : Debug:       driver = "rlm_sql_mysql"
Thu Mar 13 21:08:03 2014 : Debug:       server = "localhost"
Thu Mar 13 21:08:03 2014 : Debug:       port = "3306"
Thu Mar 13 21:08:03 2014 : Debug:       login = "radius"
Thu Mar 13 21:08:03 2014 : Debug:       password = "radius@xxx"
Thu Mar 13 21:08:03 2014 : Debug:       radius_db = "radius"
Thu Mar 13 21:08:03 2014 : Debug:       read_groups = yes
Thu Mar 13 21:08:03 2014 : Debug:       sqltrace = no
Thu Mar 13 21:08:03 2014 : Debug:       sqltracefile = "/var/log/freeradius/sqltrace.sql"
Thu Mar 13 21:08:03 2014 : Debug:       readclients = yes
Thu Mar 13 21:08:03 2014 : Debug:       deletestalesessions = yes
Thu Mar 13 21:08:03 2014 : Debug:       num_sql_socks = 5
Thu Mar 13 21:08:03 2014 : Debug:       lifetime = 0
Thu Mar 13 21:08:03 2014 : Debug:       max_queries = 0
Thu Mar 13 21:08:03 2014 : Debug:       sql_user_name = "%{User-Name}"
Thu Mar 13 21:08:03 2014 : Debug:       default_user_profile = ""
Thu Mar 13 21:08:03 2014 : Debug:       nas_query = "SELECT id, nasname, shortname, type, secret, server FROM nas"
Thu Mar 13 21:08:03 2014 : Debug:       authorize_check_query = "SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id"
Thu Mar 13 21:08:03 2014 : Debug:       authorize_reply_query = "SELECT id, username, attribute, value, op           FROM radreply           WHERE username = '%{SQL-User-Name}'           ORDER BY id"
Thu Mar 13 21:08:03 2014 : Debug:       authorize_group_check_query = "SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id"
Thu Mar 13 21:08:03 2014 : Debug:       authorize_group_reply_query = "SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id"
Thu Mar 13 21:08:03 2014 : Debug:       accounting_onoff_query = "          UPDATE radacct           SET              acctstoptime       =  '%S',              acctsessiontime    =  unix_timestamp('%S') -                                    unix_timestamp(acctstarttime),              acctterminatecause =  '%{Acct-Terminate-Cause}',              acctstopdelay      =  %{%{Acct-Delay-Time}:-0}           WHERE acctstoptime IS NULL           AND nasipaddress      =  '%{NAS-IP-Address}'           AND acctstarttime     <= '%S'"
Thu Mar 13 21:08:03 2014 : Debug:       accounting_update_query = "           UPDATE radacct           SET              framedipaddress = '%{Framed-IP-Address}',              acctsessiontime     = '%{Acct-Session-Time}',              acctinputoctets     = '%{%{Acct-Input-Gigawords}:-0}'  << 32 |                                    '%{%{Acct-Input-Octets}:-0}',              acctoutputoctets    = '%{%{Acct-Output-Gigawords}:-0}' << 32 |                                    '%{%{Acct-Output-Octets}:-0}'           WHERE acctsessionid = '%{Acct-Session-Id}'           AND username        = '%{SQL-User-Name}'           AND nasipaddress    = '%{NAS-IP-Address}'"
Thu Mar 13 21:08:03 2014 : Debug:       accounting_update_query_alt = "           INSERT INTO radacct             (acctsessionid,    acctuniqueid,      username,              realm,            nasipaddress,      nasportid,              nasporttype,      acctstarttime,     acctsessiontime,              acctauthentic,    connectinfo_start, acctinputoctets,              acctoutputoctets, calledstationid,   callingstationid,              servicetype,      framedprotocol,    framedipaddress,              acctstartdelay,   xascendsessionsvrkey)           VALUES             ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',              '%{SQL-User-Name}',              '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}',              '%{NAS-Port-Type}',              DATE_SUB('%S',                       INTERVAL (%{%{Acct-Session-Time}:-0} +                                 %{%{Acct-Delay-Time}:-0}) SECOND),                       '%{Acct-Session-Time}',              '%{Acct-Authentic}', '',              '%{%{Acct-Input-Gigawords}:-0}' << 32 |              '%{%{Acct-Input-Octets}:-0}',              '%{%{Acct-Output-Gigawords}:-0}' << 32 |              '%{%{Acct-Output-Octets}:-0}',              '%{Called-Station-Id}', '%{Calling-Station-Id}',              '%{Service-Type}', '%{Framed-Protocol}',              '%{Framed-IP-Address}',              '0', '%{X-Ascend-Session-Svr-Key}')"
Thu Mar 13 21:08:03 2014 : Debug:       accounting_start_query = "           INSERT INTO radacct             (acctsessionid,    acctuniqueid,     username,              realm,            nasipaddress,     nasportid,              nasporttype,      acctstarttime,    acctstoptime,              acctsessiontime,  acctauthentic,    connectinfo_start,              connectinfo_stop, acctinputoctets,  acctoutputoctets,              calledstationid,  callingstationid, acctterminatecause,              servicetype,      framedprotocol,   framedipaddress,              acctstartdelay,   acctstopdelay,    xascendsessionsvrkey)           VALUES             ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',              '%{SQL-User-Name}',              '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}',              '%{NAS-Port-Type}', '%S', NULL,              '0', '%{Acct-Authentic}', '%{Connect-Info}',              '', '0', '0',              '%{Called-Station-Id}', '%{Calling-Station-Id}', '',              '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}',              '%{%{Acct-Delay-Time}:-0}', '0', '%{X-Ascend-Session-Svr-Key}')"
Thu Mar 13 21:08:03 2014 : Debug:       accounting_start_query_alt = "           UPDATE radacct SET              acctstarttime     = '%S',              acctstartdelay    = '%{%{Acct-Delay-Time}:-0}',              connectinfo_start = '%{Connect-Info}'           WHERE acctsessionid  = '%{Acct-Session-Id}'           AND username         = '%{SQL-User-Name}'           AND nasipaddress     = '%{NAS-IP-Address}'"
Thu Mar 13 21:08:03 2014 : Debug:       accounting_stop_query = "           UPDATE radacct SET              acctstoptime       = '%S',              acctsessiontime    = '%{Acct-Session-Time}',              acctinputoctets    = '%{%{Acct-Input-Gigawords}:-0}' << 32 |                                   '%{%{Acct-Input-Octets}:-0}',              acctoutputoctets   = '%{%{Acct-Output-Gigawords}:-0}' << 32 |                                   '%{%{Acct-Output-Octets}:-0}',              acctterminatecause = '%{Acct-Terminate-Cause}',              acctstopdelay      = '%{%{Acct-Delay-Time}:-0}',              connectinfo_stop   = '%{Connect-Info}'           WHERE acctsessionid   = '%{Acct-Session-Id}'           AND username          = '%{SQL-User-Name}'           AND nasipaddress      = '%{NAS-IP-Address}'"
Thu Mar 13 21:08:03 2014 : Debug:       accounting_stop_query_alt = "           INSERT INTO radacct             (acctsessionid, acctuniqueid, username,              realm, nasipaddress, nasportid,              nasporttype, acctstarttime, acctstoptime,              acctsessiontime, acctauthentic, connectinfo_start,              connectinfo_stop, acctinputoctets, acctoutputoctets,              calledstationid, callingstationid, acctterminatecause,              servicetype, framedprotocol, framedipaddress,              acctstartdelay, acctstopdelay)           VALUES             ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',              '%{SQL-User-Name}',              '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}',              '%{NAS-Port-Type}',              DATE_SUB('%S',                  INTERVAL (%{%{Acct-Session-Time}:-0} +                  %{%{Acct-Delay-Time}:-0}) SECOND),              '%S', '%{Acct-Session-Time}', '%{Acct-Authentic}', '',              '%{Connect-Info}',              '%{%{Acct-Input-Gigawords}:-0}' << 32 |              '%{%{Acct-Input-Octets}:-0}',              '%{%{Acct-Output-Gigawords}:-0}' << 32 |              '%{%{Acct-Output-Octets}:-0}',              '%{Called-Station-Id}', '%{Calling-Station-Id}',              '%{Acct-Terminate-Cause}',              '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}',              '0', '%{%{Acct-Delay-Time}:-0}')"
Thu Mar 13 21:08:03 2014 : Debug:       group_membership_query = "SELECT groupname           FROM radusergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority"
Thu Mar 13 21:08:03 2014 : Debug:       connect_failure_retry_delay = 60
Thu Mar 13 21:08:03 2014 : Debug:       simul_count_query = ""
Thu Mar 13 21:08:03 2014 : Debug:       simul_verify_query = "SELECT radacctid, acctsessionid, username,                                nasipaddress, nasportid, framedipaddress,                                callingstationid, framedprotocol                                FROM radacct                                WHERE username = '%{SQL-User-Name}'                                AND acctstoptime IS NULL"
Thu Mar 13 21:08:03 2014 : Debug:       postauth_query = "INSERT INTO radpostauth                           (username, pass, reply, authdate)                           VALUES (                           '%{User-Name}',                           '%{%{User-Password}:-%{Chap-Password}}',                           '%{reply:Packet-Type}', '%S')"
Thu Mar 13 21:08:03 2014 : Debug:       safe-characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
Thu Mar 13 21:08:03 2014 : Debug:   }
Thu Mar 13 21:08:03 2014 : Info: rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
Thu Mar 13 21:08:03 2014 : Info: rlm_sql (sql): Attempting to connect to radius@localhost:3306/radius
Thu Mar 13 21:08:03 2014 : Debug: rlm_sql (sql): starting 0
Thu Mar 13 21:08:03 2014 : Info: rlm_sql (sql): Attempting to connect rlm_sql_mysql #0
Thu Mar 13 21:08:03 2014 : Info: rlm_sql_mysql: Starting connect to MySQL server for #0
Thu Mar 13 21:08:03 2014 : Info: rlm_sql (sql): Connected new DB handle, #0
Thu Mar 13 21:08:03 2014 : Debug: rlm_sql (sql): starting 1
Thu Mar 13 21:08:03 2014 : Info: rlm_sql (sql): Attempting to connect rlm_sql_mysql #1
Thu Mar 13 21:08:03 2014 : Info: rlm_sql_mysql: Starting connect to MySQL server for #1
Thu Mar 13 21:08:03 2014 : Info: rlm_sql (sql): Connected new DB handle, #1
Thu Mar 13 21:08:03 2014 : Debug: rlm_sql (sql): starting 2
Thu Mar 13 21:08:03 2014 : Info: rlm_sql (sql): Attempting to connect rlm_sql_mysql #2
Thu Mar 13 21:08:03 2014 : Info: rlm_sql_mysql: Starting connect to MySQL server for #2
Thu Mar 13 21:08:03 2014 : Info: rlm_sql (sql): Connected new DB handle, #2
Thu Mar 13 21:08:03 2014 : Debug: rlm_sql (sql): starting 3
Thu Mar 13 21:08:03 2014 : Info: rlm_sql (sql): Attempting to connect rlm_sql_mysql #3
Thu Mar 13 21:08:03 2014 : Info: rlm_sql_mysql: Starting connect to MySQL server for #3
Thu Mar 13 21:08:03 2014 : Info: rlm_sql (sql): Connected new DB handle, #3
Thu Mar 13 21:08:03 2014 : Debug: rlm_sql (sql): starting 4
Thu Mar 13 21:08:03 2014 : Info: rlm_sql (sql): Attempting to connect rlm_sql_mysql #4
Thu Mar 13 21:08:03 2014 : Info: rlm_sql_mysql: Starting connect to MySQL server for #4
Thu Mar 13 21:08:03 2014 : Info: rlm_sql (sql): Connected new DB handle, #4
Thu Mar 13 21:08:03 2014 : Debug: rlm_sql (sql): Processing generate_sql_clients
Thu Mar 13 21:08:03 2014 : Debug: rlm_sql (sql) in generate_sql_clients: query is SELECT id, nasname, shortname, type, secret, server FROM nas
Thu Mar 13 21:08:03 2014 : Debug: rlm_sql (sql): Reserving sql socket id: 4
Thu Mar 13 21:08:03 2014 : Debug: rlm_sql (sql): Released sql socket id: 4
Thu Mar 13 21:08:03 2014 : Debug:  Module: Checking preacct {...} for more modules to load
Thu Mar 13 21:08:03 2014 : Debug:     (Loaded rlm_acct_unique, checking if it's valid)
Thu Mar 13 21:08:03 2014 : Debug:  Module: Linked to module rlm_acct_unique
Thu Mar 13 21:08:03 2014 : Debug:  Module: Instantiating module "acct_unique" from file /etc/freeradius/modules/acct_unique
Thu Mar 13 21:08:03 2014 : Debug:   acct_unique {
Thu Mar 13 21:08:03 2014 : Debug:       key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
Thu Mar 13 21:08:03 2014 : Debug:   }
Thu Mar 13 21:08:03 2014 : Debug:  Module: Checking accounting {...} for more modules to load
Thu Mar 13 21:08:03 2014 : Debug:     (Loaded rlm_detail, checking if it's valid)
Thu Mar 13 21:08:03 2014 : Debug:  Module: Linked to module rlm_detail
Thu Mar 13 21:08:03 2014 : Debug:  Module: Instantiating module "detail" from file /etc/freeradius/modules/detail
Thu Mar 13 21:08:03 2014 : Debug:   detail {
Thu Mar 13 21:08:03 2014 : Debug:       detailfile = "/var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d"
Thu Mar 13 21:08:03 2014 : Debug:       header = "%t"
Thu Mar 13 21:08:03 2014 : Debug:       detailperm = 384
Thu Mar 13 21:08:03 2014 : Debug:       dirperm = 493
Thu Mar 13 21:08:03 2014 : Debug:       locking = no
Thu Mar 13 21:08:03 2014 : Debug:       log_packet_header = no
Thu Mar 13 21:08:03 2014 : Debug:   }
Thu Mar 13 21:08:03 2014 : Debug:  Module: Checking session {...} for more modules to load
Thu Mar 13 21:08:03 2014 : Debug:     (Loaded rlm_radutmp, checking if it's valid)
Thu Mar 13 21:08:03 2014 : Debug:  Module: Linked to module rlm_radutmp
Thu Mar 13 21:08:03 2014 : Debug:  Module: Instantiating module "radutmp" from file /etc/freeradius/modules/radutmp
Thu Mar 13 21:08:03 2014 : Debug:   radutmp {
Thu Mar 13 21:08:03 2014 : Debug:       filename = "/var/log/freeradius/radutmp"
Thu Mar 13 21:08:03 2014 : Debug:       username = "%{User-Name}"
Thu Mar 13 21:08:03 2014 : Debug:       case_sensitive = yes
Thu Mar 13 21:08:03 2014 : Debug:       check_with_nas = yes
Thu Mar 13 21:08:03 2014 : Debug:       perm = 384
Thu Mar 13 21:08:03 2014 : Debug:       callerid = yes
Thu Mar 13 21:08:03 2014 : Debug:   }
Thu Mar 13 21:08:03 2014 : Debug:  Module: Checking post-proxy {...} for more modules to load
Thu Mar 13 21:08:03 2014 : Debug:  Module: Checking post-auth {...} for more modules to load
Thu Mar 13 21:08:03 2014 : Debug:     (Loaded rlm_attr_filter, checking if it's valid)
Thu Mar 13 21:08:03 2014 : Debug:  Module: Linked to module rlm_attr_filter
Thu Mar 13 21:08:03 2014 : Debug:  Module: Instantiating module "attr_filter.access_reject" from file /etc/freeradius/modules/attr_filter
Thu Mar 13 21:08:03 2014 : Debug:   attr_filter attr_filter.access_reject {
Thu Mar 13 21:08:03 2014 : Debug:       attrsfile = "/etc/freeradius/attrs.access_reject"
Thu Mar 13 21:08:03 2014 : Debug:       key = "%{User-Name}"
Thu Mar 13 21:08:03 2014 : Debug:       relaxed = no
Thu Mar 13 21:08:03 2014 : Debug:   }
Thu Mar 13 21:08:03 2014 : Debug:  } # modules
Thu Mar 13 21:08:03 2014 : Debug: } # server
Thu Mar 13 21:08:03 2014 : Debug: server inner-tunnel { # from file /etc/freeradius/sites-enabled/inner-tunnel
Thu Mar 13 21:08:03 2014 : Debug:  modules {
Thu Mar 13 21:08:03 2014 : Debug:  Module: Checking authenticate {...} for more modules to load
Thu Mar 13 21:08:03 2014 : Debug:  Module: Checking authorize {...} for more modules to load
Thu Mar 13 21:08:03 2014 : Debug:  Module: Checking session {...} for more modules to load
Thu Mar 13 21:08:03 2014 : Debug:  Module: Checking post-proxy {...} for more modules to load
Thu Mar 13 21:08:03 2014 : Debug:  Module: Checking post-auth {...} for more modules to load
Thu Mar 13 21:08:03 2014 : Debug:  } # modules
Thu Mar 13 21:08:03 2014 : Debug: } # server
Thu Mar 13 21:08:03 2014 : Debug: radiusd: #### Opening IP addresses and Ports ####
Thu Mar 13 21:08:03 2014 : Debug: listen {
Thu Mar 13 21:08:03 2014 : Debug:       type = "auth"
Thu Mar 13 21:08:03 2014 : Debug:       ipaddr = *
Thu Mar 13 21:08:03 2014 : Debug:       port = 0
Thu Mar 13 21:08:03 2014 : Debug: }
Thu Mar 13 21:08:03 2014 : Debug: listen {
Thu Mar 13 21:08:03 2014 : Debug:       type = "acct"
Thu Mar 13 21:08:03 2014 : Debug:       ipaddr = *
Thu Mar 13 21:08:03 2014 : Debug:       port = 0
Thu Mar 13 21:08:03 2014 : Debug: }
Thu Mar 13 21:08:03 2014 : Debug: listen {
Thu Mar 13 21:08:03 2014 : Debug:       type = "auth"
Thu Mar 13 21:08:03 2014 : Debug:       ipaddr = 127.0.0.1
Thu Mar 13 21:08:03 2014 : Debug:       port = 18120
Thu Mar 13 21:08:03 2014 : Debug: }
Thu Mar 13 21:08:03 2014 : Info:  ... adding new socket proxy address * port 36684
Thu Mar 13 21:08:03 2014 : Debug: Listening on authentication address * port 1812
Thu Mar 13 21:08:03 2014 : Debug: Listening on accounting address * port 1813
Thu Mar 13 21:08:03 2014 : Debug: Listening on authentication address 127.0.0.1 port 18120 as server inner-tunnel
Thu Mar 13 21:08:03 2014 : Debug: Listening on proxy address * port 1814
Thu Mar 13 21:08:03 2014 : Info: Ready to process requests.


Skusil som to aj takto

Kód: Vybrat vše

radtest sqltest testpwd localhost 1820 testing123


Ale tiez nic. viete ma niekto nakopnut kde by som mohol robit chybu ?

Re: Problem s freeradiusom

Napsal: 13 Mar 2014 22:45
od Majklik
To 1820 u radtest? Radius obvykle používá port 1812. Pak by bylo vhodné, aby jsi měl v clients.conf definován klienta na IP 127.0.0.1 s heslem testing123.

Re: Problem s freeradiusom

Napsal: 13 Mar 2014 22:50
od zvukarmiso
Prikladam klienta

Kód: Vybrat vše

# -*- text -*-
##
## clients.conf -- client configuration directives
##
##   $Id$

#######################################################################
#
#  Define RADIUS clients (usually a NAS, Access Point, etc.).

#
#  Defines a RADIUS client.
#
#  '127.0.0.1' is another name for 'localhost'.  It is enabled by default,
#  to allow testing of the server after an initial installation.  If you
#  are not going to be permitting RADIUS queries from localhost, we suggest
#  that you delete, or comment out, this entry.
#
#

#
#  Each client has a "short name" that is used to distinguish it from
#  other clients.
#
#  In version 1.x, the string after the word "client" was the IP
#  address of the client.  In 2.0, the IP address is configured via
#  the "ipaddr" or "ipv6addr" fields.  For compatibility, the 1.x
#  format is still accepted.
#
client localhost {
   #  Allowed values are:
   #   dotted quad (1.2.3.4)
   #       hostname    (radius.example.com)
   ipaddr = 127.0.0.1

   #  OR, you can use an IPv6 address, but not both
   #  at the same time.
#   ipv6addr = ::   # any.  ::1 == localhost

   #
   #  A note on DNS:  We STRONGLY recommend using IP addresses
   #  rather than host names.  Using host names means that the
   #  server will do DNS lookups when it starts, making it
   #  dependent on DNS.  i.e. If anything goes wrong with DNS,
   #  the server won't start!
   #
   #  The server also looks up the IP address from DNS once, and
   #  only once, when it starts.  If the DNS record is later
   #  updated, the server WILL NOT see that update.
   #

   #  One client definition can be applied to an entire network.
   #  e.g. 127/8 should be defined with "ipaddr = 127.0.0.0" and
   #  "netmask = 8"
   #
   #  If not specified, the default netmask is 32 (i.e. /32)
   #
   #  We do NOT recommend using anything other than 32.  There
   #  are usually other, better ways to achieve the same goal.
   #  Using netmasks of other than 32 can cause security issues.
   #
   #  You can specify overlapping networks (127/8 and 127.0/16)
   #  In that case, the smallest possible network will be used
   #  as the "best match" for the client.
   #
   #  Clients can also be defined dynamically at run time, based
   #  on any criteria.  e.g. SQL lookups, keying off of NAS-Identifier,
   #  etc.
   #  See raddb/sites-available/dynamic-clients for details.
   #

#   netmask = 32

   #
   #  The shared secret use to "encrypt" and "sign" packets between
   #  the NAS and FreeRADIUS.  You MUST change this secret from the
   #  default, otherwise it's not a secret any more!
   #
   #  The secret can be any string, up to 8k characters in length.
   #
   #  Control codes can be entered vi octal encoding,
   #   e.g. "\101\102" == "AB"
   #  Quotation marks can be entered by escaping them,
   #   e.g. "foo\"bar"
   #
   #  A note on security:  The security of the RADIUS protocol
   #  depends COMPLETELY on this secret!  We recommend using a
   #  shared secret that is composed of:
   #
   #   upper case letters
   #   lower case letters
   #   numbers
   #
   #  And is at LEAST 8 characters long, preferably 16 characters in
   #  length.  The secret MUST be random, and should not be words,
   #  phrase, or anything else that is recognizable.
   #
   #  The default secret below is only for testing, and should
   #  not be used in any real environment.
   #
   secret      = testing123

   #
   #  Old-style clients do not send a Message-Authenticator
   #  in an Access-Request.  RFC 5080 suggests that all clients
   #  SHOULD include it in an Access-Request.  The configuration
   #  item below allows the server to require it.  If a client
   #  is required to include a Message-Authenticator and it does
   #  not, then the packet will be silently discarded.
   #
   #  allowed values: yes, no
   require_message_authenticator = no

   #
   #  The short name is used as an alias for the fully qualified
   #  domain name, or the IP address.
   #
   #  It is accepted for compatibility with 1.x, but it is no
   #  longer necessary in 2.0
   #
#   shortname   = localhost

   #
   # the following three fields are optional, but may be used by
   # checkrad.pl for simultaneous use checks
   #

   #
   # The nastype tells 'checkrad.pl' which NAS-specific method to
   #  use to query the NAS for simultaneous use.
   #
   #  Permitted NAS types are:
   #
   #   cisco
   #   computone
   #   livingston
   #   max40xx
   #   multitech
   #   netserver
   #   pathras
   #   patton
   #   portslave
   #   tc
   #   usrhiper
   #   other      # for all other types

   #
   nastype     = other   # localhost isn't usually a NAS...

   #
   #  The following two configurations are for future use.
   #  The 'naspasswd' file is currently used to store the NAS
   #  login name and password, which is used by checkrad.pl
   #  when querying the NAS for simultaneous use.
   #
#   login       = !root
#   password    = someadminpas

   #
   #  As of 2.0, clients can also be tied to a virtual server.
   #  This is done by setting the "virtual_server" configuration
   #  item, as in the example below.
   #
#   virtual_server = home1

   #
   #  A pointer to the "home_server_pool" OR a "home_server"
   #  section that contains the CoA configuration for this
   #  client.  For an example of a coa home server or pool,
   #  see raddb/sites-available/originate-coa
#   coa_server = coa
}

# IPv6 Client
#client ::1 {
#   secret      = testing123
#   shortname   = localhost
#}
#
# All IPv6 Site-local clients
#client fe80::/16 {
#   secret      = testing123
#   shortname   = localhost
#}

#client some.host.org {
#   secret      = testing123
#   shortname   = localhost
#}
   
client 192.168.101.236 {
    secret        = 91982650d89
        nastype         = other

client 127.0.0.1 {
    secret = radiussecret
}
}

#
#  You can now specify one secret for a network of clients.
#  When a client request comes in, the BEST match is chosen.
#  i.e. The entry from the smallest possible network.
#
#client 192.168.0.0/24 {
#   secret      = testing123-1
#   shortname   = private-network-1
#}
#
#client 192.168.0.0/16 {
#   secret      = testing123-2
#   shortname   = private-network-2
#}


#client 10.10.10.10 {
#   # secret and password are mapped through the "secrets" file.
#   secret      = testing123
#   shortname   = liv1
#       # the following three fields are optional, but may be used by
#       # checkrad.pl for simultaneous usage checks
#   nastype     = livingston
#   login       = !root
#   password    = someadminpas
#}

#######################################################################
#
#  Per-socket client lists.  The configuration entries are exactly
#  the same as above, but they are nested inside of a section.
#
#  You can have as many per-socket client lists as you have "listen"
#  sections, or you can re-use a list among multiple "listen" sections.
#
#  Un-comment this section, and edit a "listen" section to add:
#  "clients = per_socket_clients".  That IP address/port combination
#  will then accept ONLY the clients listed in this section.
#
#clients per_socket_clients {
#   client 192.168.3.4 {
#      secret = testing123
#        }
#}



Uz pozeram asi 50 navod na webe, a nie a nie to rozbehat, Port som opravil ale stale to iste

Re: Problem s freeradiusom

Napsal: 13 Mar 2014 23:01
od Majklik
Tohle máš blbě:

Kód: Vybrat vše

client 192.168.101.236 {
    secret        = 91982650d89
        nastype         = other

client 127.0.0.1 {
    secret = radiussecret
}
}

Vnořuješ jednu definici do druhé, to nezahučí na chybě?
Mělo by asi být:

Kód: Vybrat vše

client 192.168.101.236 {
    secret        = 91982650d89
        nastype         = other
}
client 127.0.0.1 {
    secret = radiussecret
}

A pak i ten poslendí parametr radtest má být radiussecret a ne tsting123.
A pak s emrkni, v jakém stavu mš i firewall, zda dovolílokální komunikaci na 1812.

Re: Problem s freeradiusom

Napsal: 13 Mar 2014 23:17
od zvukarmiso
To som opravil a stale nic,
a co je horsie ziadny error, neviem ani kde patrat
Všechny časy jsou v UTC+02:00
Stránka 1 z 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/