abills.net.ua

Значитсо так
Поставил Абилс...
Поставил Радиус...
Ставлю ППтПд (аля==ПоПТоП)
И тут вот такая зараза в логах...

using channel 58
Using interface ppp0
Connect: ppp0 <--> /dev/pts/9
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0xd0ae588c> <pcomp> <accomp>]
rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0xd0ae588c> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x1 <mru 1400> <magic 0x3014f71> <pcomp> <accomp> <callback CBCP>]
sent [LCP ConfRej id=0x1 <callback CBCP>]
rcvd [LCP ConfReq id=0x2 <mru 1400> <magic 0x3014f71> <pcomp> <accomp>]
sent [LCP ConfAck id=0x2 <mru 1400> <magic 0x3014f71> <pcomp> <accomp>]
sent [LCP EchoReq id=0x0 magic=0xd0ae588c]
sent [CHAP Challenge id=0xcf <689bf5bb17e97cb33ea4d74a9f22a359>, name = "isp"]
rcvd [LCP Ident id=0x3 magic=0x3014f71 "MSRASV5.10"]
rcvd [LCP Ident id=0x4 magic=0x3014f71 "MSRAS-0-PRIVATE"]
rcvd [LCP EchoRep id=0x0 magic=0x3014f71]
rcvd [CHAP Response id=0xcf <d9d554ed1fc5511fd4bd7074bad1b3fa00000000000000001e04c62e92a3b3f64e0f652c8045433ac057c7319e9ade2000>, name = "test"]
rc_avpair_new: unknown attribute 11
rc_avpair_new: unknown attribute 25
RADATTR plugin wrote 0 line(s) to file /var/run/radattr.ppp0.

Peer test failed CHAP authentication
sent [CHAP Failure id=0xcf ""]
sent [LCP TermReq id=0x2 "Authentication failed"]
rcvd [LCP TermAck id=0x2 "Authentication failed"]
Connection terminated.
RADATTR plugin removed file /var/run/radattr.ppp0.


По моему это какие-то атрибуты радиуса которых нет словаре клиента ПППД... Прав ли я?

Сам словарь дефолтный из пакета фрирадиус-клиент...
+ добавил строки из инструкции по установке.

Помогите разобраться...

Вы бы поподробнее, какая версия abills, какая версия freeradius

Есть готовые конфиги , /usr/abills/misc/freeradius

rc_avpair_new: unknown attribute 11
rc_avpair_new: unknown attribute 25

По моему это какие-то атрибуты радиуса которых нет словаре клиента ПППД... Прав ли я?

совершенно верно - это атрибуты имени мелкософта и описаны в евойном словаре

A gde etot slovar' mojna dostat'

Nada ocheh'...
Pojalusta pomogite.

Значит поставил словарь мелкософта из радиус.орг
Всё пашет но в логах пптпд...


Using interface ppp0
Connect: ppp0 <--> /dev/pts/12
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x764d111b> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x0 <mru 1400> <magic 0x433b59a3> <pcomp> <accomp> <callback CBCP>]
sent [LCP ConfRej id=0x0 <callback CBCP>]
rcvd [LCP ConfReq id=0x1 <mru 1400> <magic 0x433b59a3> <pcomp> <accomp>]
sent [LCP ConfAck id=0x1 <mru 1400> <magic 0x433b59a3> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x764d111b> <pcomp> <accomp>]
rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x764d111b> <pcomp> <accomp>]
sent [LCP EchoReq id=0x0 magic=0x764d111b]
sent [CHAP Challenge id=0x14 <4b020c841381e7125615289ee6fe2ffc>, name = "isp"]
rcvd [LCP Ident id=0x2 magic=0x433b59a3 "MSRASV5.10"]
rcvd [LCP Ident id=0x3 magic=0x433b59a3 "MSRAS-0-PRIVATE"]
rcvd [LCP EchoRep id=0x0 magic=0x433b59a3]
rcvd [CHAP Response id=0x14 <f4dc9d26ffbf052d6ae2e49b821641170000000000000000fdc8da552e59af100d58ef3a2afbb0fa65e26801cc6c57d200>, name = "test"]
rc_send_server: no reply from RADIUS server localhost:1812
Peer test failed CHAP authentication
sent [CHAP Failure id=0x14 ""]
sent [LCP TermReq id=0x2 "Authentication failed"]
rcvd [CHAP Response id=0x14 <f4dc9d26ffbf052d6ae2e49b821641170000000000000000fdc8da552e59af100d58ef3a2afbb0fa65e26801cc6c57d200>, name = "test"]
Discarded non-LCP packet when LCP not open
rcvd [CHAP Response id=0x14 <f4dc9d26ffbf052d6ae2e49b821641170000000000000000fdc8da552e59af100d58ef3a2afbb0fa65e26801cc6c57d200>, name = "test"]
Discarded non-LCP packet when LCP not open
rcvd [CHAP Response id=0x14 <f4dc9d26ffbf052d6ae2e49b821641170000000000000000fdc8da552e59af100d58ef3a2afbb0fa65e26801cc6c57d200>, name = "test"]
Discarded non-LCP packet when LCP not open
rcvd [CHAP Response id=0x14 <f4dc9d26ffbf052d6ae2e49b821641170000000000000000fdc8da552e59af100d58ef3a2afbb0fa65e26801cc6c57d200>, name = "test"]
Discarded non-LCP packet when LCP not open
rcvd [CHAP Response id=0x14 <f4dc9d26ffbf052d6ae2e49b821641170000000000000000fdc8da552e59af100d58ef3a2afbb0fa65e26801cc6c57d200>, name = "test"]
Discarded non-LCP packet when LCP not open
rcvd [CHAP Response id=0x14 <f4dc9d26ffbf052d6ae2e49b821641170000000000000000fdc8da552e59af100d58ef3a2afbb0fa65e26801cc6c57d200>, name = "test"]
Discarded non-LCP packet when LCP not open
rcvd [CHAP Response id=0x14 <f4dc9d26ffbf052d6ae2e49b821641170000000000000000fdc8da552e59af100d58ef3a2afbb0fa65e26801cc6c57d200>, name = "test"]
Discarded non-LCP packet when LCP not open
rcvd [CHAP Response id=0x14 <f4dc9d26ffbf052d6ae2e49b821641170000000000000000fdc8da552e59af100d58ef3a2afbb0fa65e26801cc6c57d200>, name = "test"]
Discarded non-LCP packet when LCP not open
rcvd [CHAP Response id=0x14 <f4dc9d26ffbf052d6ae2e49b821641170000000000000000fdc8da552e59af100d58ef3a2afbb0fa65e26801cc6c57d200>, name = "test"]
Discarded non-LCP packet when LCP not open
rcvd [LCP TermReq id=0x4 "C;Y\37777777643\000<\37777777715t\000\000\002\37777777716"]
sent [LCP TermAck id=0x4]
rcvd [LCP TermReq id=0x5 "C;Y\37777777643\000<\37777777715t\000\000\002\37777777716"]
sent [LCP TermAck id=0x5]
Modem hangup
Connection terminated.
RADATTR plugin removed file /var/run/radattr.ppp0.

И с єтим разобрался...
Ща ещё может какой-то артефакт откопаю - отпишу...


Нашёл!!!
ВОт лог радиуса...
Помогите что это значит?

rad_recv: Access-Request packet from host 127.0.0.1 port 51877, id=115, length=132
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = "test"
MS-CHAP-Challenge = "֬r\357tr\r\313\365\016\031?1\210\277}"
MS-CHAP2-Response = "\265\000\203.\225\005\034AHk\327\324`g\024\214l\336\000\000\000\000\000\000\000\000+\326 \224\234\235\r\001\300\244*\377!\214\220\2431\241\310l)\352-w"
NAS-IP-Address = 10.1.1.101
NAS-Port = 0
+- entering group authorize
++[preprocess] returns ok
Exec-Program output: User-Password == "test"
Exec-Program-Wait: value-pairs: User-Password == "test"
Exec-Program: returned: 0
++[pre_auth] returns ok
rlm_mschap: Found MS-CHAP attributes. Setting 'Auth-Type = mschap'
++[mschap] returns ok
users: Matched entry DEFAULT at line 52
++[files] returns ok
rad_check_password: Found Auth-Type mschap
auth: type "MSCHAP"
+- entering group MS-CHAP
rlm_mschap: No Cleartext-Password configured. Cannot create LM-Password.
rlm_mschap: No Cleartext-Password configured. Cannot create NT-Password.
rlm_mschap: Told to do MS-CHAPv2 for test with NT-Password
rlm_mschap: FAILED: No NT/LM-Password. Cannot perform authentication.
rlm_mschap: FAILED: MS-CHAP2-Response is incorrect
++[mschap] returns reject
auth: Failed to validate the user.
Found Post-Auth-Type Reject
+- entering group REJECT
Exec-Program output:
Exec-Program: returned: 0
++[post_auth] returns ok
Sending Access-Reject of id 115 to 127.0.0.1 port 51877
MS-CHAP-Error = "\265E=691 R=1"
Finished request 0.
Going to the next request
Waking up in 4.8 seconds.

Как можно вырубить этот тест на НТ пароль в МСЧап2 ???
ИЛИ вообще вырубить МсЧап2 из rlm_mschap ???

радиус-та 2.х небось... тебе сюда