Страница 1 из 2
nas mikrotik проблема с radius вроде
Добавлено: Пн апр 09, 2018 9:17 am
borislav-sochi
Добрый день!
Поставил абиллс на freebsd 10.4 с помощью ainstall, в конце установки получил следующее
Код: Выделить всё
ABillS Install complete x
x x
x Admin Interface x
x https://10.0.0.7:9443/admin/ x
x Login: abills x
x Password: abills x
x ------------------------------------------- x
x mysql Running x
x radiusd Not running x
x httpd Running x
x flow-capture Not running x
Решил что радиус не установился, поставил по инструкции.
на radiusd -x ничего не отвечает(не знаю должен ли)
При попытке авторизоваться микротик говорит
Код: Выделить всё
01:21:47 pppoe,info PPPoE connection established from 00:E0:4C:36:0F:6A
01:21:47 pppoe,ppp,error <0012>: user test authentication failed - radius timeou
В веб Отчет-Интернет+ - Последнее подключение ничего не появляется
Подскажите что делать, максимально простым языком пожалуйста
Re: nas mikrotik проблема с radius вроде
Добавлено: Пн апр 09, 2018 6:17 pm
~AsmodeuS~
Re: nas mikrotik проблема с radius вроде
Добавлено: Пн апр 09, 2018 7:17 pm
borislav-sochi
вот, я как раз по этой инструкции установил.
Может быть что-то напутал ....использовал автоконфигурацию,везде нажал yes
и еще, при создании или редактировании пула говорит
SQL Error: [3]
Код: Выделить всё
[1146] Table 'abills.dv_main' doesn't exist
SELECT pool.id, n.name AS nas_name, pool.name AS pool_name, INET_NTOA(pool.ip) AS first_ip, INET_NTOA(pool.ip + pool.counts) AS last_ip, pool.ip, (pool.ip + pool.counts) AS last_ip_num, pool.counts AS ip_count, (pool.counts - (SELECT COUNT(*) FROM dv_main dv WHERE dv.ip > pool.ip AND dv.ip <= pool.ip + pool.counts )) AS ip_free, (pool.counts - (SELECT COUNT(*) FROM internet_main internet WHERE internet.ip > pool.ip AND internet.ip <= pool.ip + pool.counts )) AS ip_free, pool.priority, pool.speed, pool.name AS name, np.nas_id, pool.static, IF(np.nas_id IS NULL, 0, np.nas_id) AS active_nas_id, pool.id
FROM ippools pool
LEFT JOIN nas_ippools np ON (np.pool_id=pool.id)
LEFT JOIN nas n ON (n.id=np.nas_id)
GROUP BY pool.id
ORDER BY 1
Re: nas mikrotik проблема с radius вроде
Добавлено: Вт апр 10, 2018 7:17 am
~AsmodeuS~
cd /usr/abills/
mysql -D abills < db/Dv.sql
Re: nas mikrotik проблема с radius вроде
Добавлено: Вт апр 10, 2018 8:08 am
borislav-sochi
~AsmodeuS~ писал(а):cd /usr/abills/
mysql -D abills < db/Dv.sql
Спасибо,это помогло.
А что на счет радиус, удалить и установить заново?
Так то он вроде установлен
Код: Выделить всё
root@free:/usr/abills # radiusd -v
radiusd: FreeRADIUS Version 3.0.15, for host amd64-portbld-freebsd10.4, built on Apr 8 2018 at 23:39:26
FreeRADIUS Version 3.0.15
Copyright (C) 1999-2017 The FreeRADIUS server project and contributors
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License
For more information about these matters, see the file named COPYRIGHT
Re: nas mikrotik проблема с radius вроде
Добавлено: Вт апр 10, 2018 9:27 am
~AsmodeuS~
настроен ли
radiusd -X
Re: nas mikrotik проблема с radius вроде
Добавлено: Вт апр 10, 2018 5:43 pm
borislav-sochi
~AsmodeuS~ писал(а):настроен ли
radiusd -X
Код: Выделить всё
root@free:/usr/home/borislav # radiusd -X
FreeRADIUS Version 3.0.15
Copyright (C) 1999-2017 The FreeRADIUS server project and contributors
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License
For more information about these matters, see the file named COPYRIGHT
Starting - reading configuration files ...
including dictionary file /usr/local/share/freeradius/dictionary
including dictionary file /usr/local/share/freeradius/dictionary.dhcp
including dictionary file /usr/local/share/freeradius/dictionary.vqp
including configuration file /usr/local/etc/raddb/radiusd.conf
including configuration file /usr/local/etc/raddb/clients.conf
Unable to open file "/usr/local/etc/raddb/clients.conf": No such file or directo ry
Errors reading or parsing /usr/local/etc/raddb/radiusd.conf
root@free:/usr/home/borislav #
Re: nas mikrotik проблема с radius вроде
Добавлено: Вт апр 10, 2018 9:11 pm
borislav-sochi
создал radius.conf
насувал туда не пойми чего и получил
Код: Выделить всё
root@free:/usr/home/borislav # radiusd -X
FreeRADIUS Version 3.0.15
Copyright (C) 1999-2017 The FreeRADIUS server project and contributors
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License
For more information about these matters, see the file named COPYRIGHT
Starting - reading configuration files ...
including dictionary file /usr/local/share/freeradius/dictionary
including dictionary file /usr/local/share/freeradius/dictionary.dhcp
including dictionary file /usr/local/share/freeradius/dictionary.vqp
including configuration file /usr/local/etc/raddb/radiusd.conf
including files in directory /usr/local/etc/raddb/mods-enabled/
including configuration file /usr/local/etc/raddb/mods-enabled/perl
including configuration file /usr/local/etc/raddb/mods-enabled/sql
main {
security {
allow_core_dumps = no
}
name = "radiusd"
prefix = "/usr/local"
localstatedir = "/var"
logdir = "/var/log"
run_dir = "/var/run/radiusd"
}
main {
name = "radiusd"
prefix = "/usr/local"
localstatedir = "/var"
sbindir = "/usr/local/sbin"
logdir = "/var/log"
run_dir = "/var/run/radiusd"
libdir = "/usr/local/lib/freeradius-3.0.15"
radacctdir = "/var/log/radacct"
hostname_lookups = no
max_request_time = 30
cleanup_delay = 5
max_requests = 16384
pidfile = "/var/run/radiusd/radiusd.pid"
checkrad = "/usr/local/sbin/checkrad"
debug_level = 0
proxy_requests = yes
log {
stripped_names = no
auth = no
auth_badpass = no
auth_goodpass = no
colourise = yes
msg_denied = "You are already logged in - access denied"
}
resources {
}
security {
max_attributes = 200
reject_delay = 1.000000
status_server = yes
}
}
radiusd: #### Loading Realms and Home Servers ####
radiusd: #### Loading Clients ####
Debugger not attached
radiusd: #### Instantiating modules ####
modules {
# Loaded module rlm_perl
# Loading module "perl" from file /usr/local/etc/raddb/mods-enabled/perl
perl {
filename = "/usr/abills/libexec/rlm_perl.pl"
func_authorize = "authorize"
func_authenticate = "authenticate"
func_post_auth = "post_auth"
func_accounting = "accounting"
func_preacct = "preacct"
func_checksimul = "checksimul"
func_detach = "detach"
func_xlat = "xlat"
func_pre_proxy = "pre_proxy"
func_post_proxy = "post_proxy"
func_recv_coa = "recv_coa"
func_send_coa = "send_coa"
}
# Loaded module rlm_sql
# Loading module "sql" from file /usr/local/etc/raddb/mods-enabled/sql
sql {
driver = "rlm_sql_mysql"
server = "localhost"
port = 0
login = "abills"
password = <<< secret >>>
radius_db = "abills"
read_groups = yes
read_profiles = yes
read_clients = yes
delete_stale_sessions = yes
sql_user_name = ""
default_user_profile = ""
client_query = "SET sql_mode=''; SELECT ip, INET_NTOA(ip), CONCAT('NAS_', id), nas_type, DECODE(mng_password, 'test12345678901234567890') FR OM nas GROUP BY ip"
safe_characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
accounting {
reference = ".query"
type {
accounting-on {
}
accounting-off {
}
start {
}
interim-update {
}
stop {
}
}
}
post-auth {
reference = ".query"
}
}
rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
instantiate {
}
# Instantiating module "perl" from file /usr/local/etc/raddb/mods-enabled/perl
# Instantiating module "sql" from file /usr/local/etc/raddb/mods-enabled/sql
rlm_sql_mysql: libmysql version: 5.6.39
mysql {
tls {
}
warnings = "auto"
}
rlm_sql (sql): Attempting to connect to database "abills"
rlm_sql (sql): Initialising connection pool
pool {
start = 5
min = 5
max = 10
spare = 3
uses = 0
lifetime = 0
cleanup_interval = 30
idle_timeout = 60
retry_delay = 1
spread = no
}
rlm_sql (sql): Opening additional connection (0), 1 of 10 pending slots used
rlm_sql_mysql: Starting connect to MySQL server
rlm_sql_mysql: Connected to database 'abills' on Localhost via UNIX socket, server version 5.6.39, protocol version 10
rlm_sql (sql): Opening additional connection (1), 1 of 9 pending slots used
rlm_sql_mysql: Starting connect to MySQL server
rlm_sql_mysql: Connected to database 'abills' on Localhost via UNIX socket, server version 5.6.39, protocol version 10
rlm_sql (sql): Opening additional connection (2), 1 of 8 pending slots used
rlm_sql_mysql: Starting connect to MySQL server
rlm_sql_mysql: Connected to database 'abills' on Localhost via UNIX socket, server version 5.6.39, protocol version 10
rlm_sql (sql): Opening additional connection (3), 1 of 7 pending slots used
rlm_sql_mysql: Starting connect to MySQL server
rlm_sql_mysql: Connected to database 'abills' on Localhost via UNIX socket, server version 5.6.39, protocol version 10
rlm_sql (sql): Opening additional connection (4), 1 of 6 pending slots used
rlm_sql_mysql: Starting connect to MySQL server
rlm_sql_mysql: Connected to database 'abills' on Localhost via UNIX socket, server version 5.6.39, protocol version 10
rlm_sql (sql): Processing generate_sql_clients
rlm_sql (sql) in generate_sql_clients: query is SET sql_mode=''; SELECT ip, INET_NTOA(ip), CONCAT('NAS_', id), nas_type, DECODE(mng_password, 'test1 2345678901234567890') FROM nas GROUP BY ip
rlm_sql (sql): Reserved connection (0)
rlm_sql (sql): Executing select query: SET sql_mode=''; SELECT ip, INET_NTOA(ip), CONCAT('NAS_', id), nas_type, DECODE(mng_password, 'test1234567890 1234567890') FROM nas GROUP BY ip
rlm_sql (sql): Adding client 10.0.0.8 (NAS_2) to global clients list
rlm_sql (10.0.0.8): Client "NAS_2" (sql) added
rlm_sql (sql): Adding client 127.0.0.1 (NAS_1) to global clients list
rlm_sql (127.0.0.1): Client "NAS_1" (sql) added
rlm_sql (sql): Released connection (0)
} # modules
radiusd: #### Loading Virtual Servers ####
server { # from file /usr/local/etc/raddb/radiusd.conf
} # server
radiusd: #### Opening IP addresses and Ports ####
The server is not configured to listen on any ports. Cannot start
Re: nas mikrotik проблема с radius вроде
Добавлено: Ср апр 11, 2018 8:00 am
~AsmodeuS~
нужно все делать по инструкции а не в случайном порядке
http://abills.net.ua/wiki/doku.php/abil ... freeradius
Re: nas mikrotik проблема с radius вроде
Добавлено: Ср апр 11, 2018 5:27 pm
borislav-sochi
Воу, все заработало, спасибо!
А вот эти красные строчки когда абон подключается - это нормально?
Код: Выделить всё
(2) perl: $RAD_REQUEST{'NAS-Port-Id'} = &request:NAS-Port-Id -> 'ether4'
(2) perl: &request:Acct-Status-Type = $RAD_REQUEST{'Acct-Status-Type'} -> 'Start'
(2) perl: ERROR: Failed to create pair - Invalid vendor name in attribute name "OUTBYTE"
(2) perl: ERROR: &request:OUTBYTE = $RAD_REQUEST{'OUTBYTE'} -> '0'
(2) perl: ERROR: Failed to create pair - Invalid vendor name in attribute name "INBYTE"
(2) perl: ERROR: &request:INBYTE = $RAD_REQUEST{'INBYTE'} -> '0'
(2) perl: &request:NAS-IP-Address = $RAD_REQUEST{'NAS-IP-Address'} -> '10.0.0.8'
(2) perl: ERROR: Failed to create pair - Invalid vendor name in attribute name "OUTBYTE2"
(2) perl: ERROR: &request:OUTBYTE2 = $RAD_REQUEST{'OUTBYTE2'} -> '0'
(2) perl: &request:NAS-Port = $RAD_REQUEST{'NAS-Port'} -> '15728691'
(2) perl: &request:Acct-Output-Gigawords = $RAD_REQUEST{'Acct-Output-Gigawords'} -> '0'
(2) perl: &request:Framed-IP-Address = $RAD_REQUEST{'Framed-IP-Address'} -> '10.0.0.190'
(2) perl: &request:Connect-Info = $RAD_REQUEST{'Connect-Info'} -> ''
(2) perl: &request:Acct-Authentic = $RAD_REQUEST{'Acct-Authentic'} -> 'RADIUS'
(2) perl: &request:User-Name = $RAD_REQUEST{'User-Name'} -> 'test'
(2) perl: ERROR: Failed to create pair - Invalid vendor name in attribute name "INTERIUM_OUTBYTE"
(2) perl: ERROR: &request:INTERIUM_OUTBYTE = $RAD_REQUEST{'INTERIUM_OUTBYTE'} -> '0'
(2) perl: &request:Event-Timestamp = $RAD_REQUEST{'Event-Timestamp'} -> 'Apr 11 2018 20:06:34 MSK'
(2) perl: &request:NAS-Port-Id = $RAD_REQUEST{'NAS-Port-Id'} -> 'ether4'
(2) perl: &request:Acct-Session-Id = $RAD_REQUEST{'Acct-Session-Id'} -> '81200032'
(2) perl: &request:Service-Type = $RAD_REQUEST{'Service-Type'} -> 'Framed-User'
(2) perl: &request:NAS-Identifier = $RAD_REQUEST{'NAS-Identifier'} -> 'MikroTik'
(2) perl: &request:Called-Station-Id = $RAD_REQUEST{'Called-Station-Id'} -> 'pppoe-in'
(2) perl: &request:Acct-Delay-Time = $RAD_REQUEST{'Acct-Delay-Time'} -> '0'
(2) perl: &request:Acct-Input-Gigawords = $RAD_REQUEST{'Acct-Input-Gigawords'} -> '0'
(2) perl: &request:NAS-Port-Type = $RAD_REQUEST{'NAS-Port-Type'} -> 'Ethernet'
(2) perl: ERROR: Failed to create pair - Invalid vendor name in attribute name "INTERIUM_INBYTE2"
(2) perl: ERROR: &request:INTERIUM_INBYTE2 = $RAD_REQUEST{'INTERIUM_INBYTE2'} -> '0'
(2) perl: &request:Calling-Station-Id = $RAD_REQUEST{'Calling-Station-Id'} -> '00:E0:4C:36:0F:6A'
(2) perl: &request:Framed-Protocol = $RAD_REQUEST{'Framed-Protocol'} -> 'PPP'
(2) perl: ERROR: Failed to create pair - Invalid vendor name in attribute name "INTERIUM_OUTBYTE2"
(2) perl: ERROR: &request:INTERIUM_OUTBYTE2 = $RAD_REQUEST{'INTERIUM_OUTBYTE2'} -> '0'
(2) perl: ERROR: Failed to create pair - Invalid vendor name in attribute name "INTERIUM_INBYTE"
(2) perl: ERROR: &request:INTERIUM_INBYTE = $RAD_REQUEST{'INTERIUM_INBYTE'} -> '0'
(2) perl: &request:Acct-Session-Time = $RAD_REQUEST{'Acct-Session-Time'} -> '0'
(2) perl: ERROR: Failed to create pair - Invalid vendor name in attribute name "INBYTE2"
(2) perl: ERROR: &request:INBYTE2 = $RAD_REQUEST{'INBYTE2'} -> '0'
(2) [perl] = ok
(2) } # accounting = ok
(2) Sent Accounting-Response Id 21 from 10.0.0.7:1813 to 10.0.0.8:56237 length 0
(2) Finished request
(2) Cleaning up request packet ID 21 with timestamp +84
Waking up in 4.8 seconds.
(0) Cleaning up request packet ID 19 with timestamp +83
Ready to process requests
Re: nas mikrotik проблема с radius вроде
Добавлено: Ср апр 11, 2018 9:31 pm
borislav-sochi
По ходу чета неправильно
Новых пользователей создаю - не конектятся.
radiusd -X говорит
Код: Выделить всё
ql_mysql: Connected to database 'abills' on Localhost via UNIX socket, server version 5.6.39, protocol version 10
rlm_sql (sql): Processing generate_sql_clients
rlm_sql (sql) in generate_sql_clients: query is SET sql_mode=''; SELECT ip, INET_NTOA(ip), CONCAT('NAS_', id), nas_type, DECODE(mng_password, 'test12345678901234567890') FROM nas GROUP BY ip
rlm_sql (sql): Reserved connection (0)
rlm_sql (sql): Executing select query: SET sql_mode=''; SELECT ip, INET_NTOA(ip), CONCAT('NAS_', id), nas_type, DECODE(mng_password, 'test12345678901234567890') FROM nas GROUP BY ip
rlm_sql (sql): Adding client 10.0.0.8 (NAS_2) to global clients list
rlm_sql (10.0.0.8): Client "NAS_2" (sql) added
rlm_sql (sql): Adding client 127.0.0.1 (NAS_1) to global clients list
Failed to add duplicate client NAS_1
Failed to add client, possible duplicate?
rlm_sql (sql): Released connection (0)
} # modules
radiusd: #### Loading Virtual Servers ####
server { # from file /usr/local/etc/raddb/radiusd.conf
} # server
server default { # from file /usr/local/etc/raddb/sites-enabled/abills_default
# Loading authenticate {...}
# Loading authorize {...}
# Loading preacct {...}
# Loading accounting {...}
# Loading post-auth {...}
} # server default
radiusd: #### Opening IP addresses and Ports ####
listen {
type = "auth"
ipaddr = *
port = 0
limit {
max_connections = 16
lifetime = 0
idle_timeout = 30
}
Failed binding to auth address * port 1812 bound to server default: Address already in use
/usr/local/etc/raddb/sites-enabled/abills_default[3]: Error binding to port for 0.0.0.0 port 1812
а еще при редактировании пользователей говорит
Код: Выделить всё
Не существует '../../Abills/main_tpls///form_user'
No such file or directory
Re: nas mikrotik проблема с radius вроде
Добавлено: Чт апр 12, 2018 2:37 pm
~AsmodeuS~
Код: Выделить всё
Failed binding to auth address * port 1812 bound to server default: Address already in use
/usr/local/etc/raddb/sites-enabled/abills_default[3]: Error binding to port for 0.0.0.0 port 1812
уже звпущен радиус
killall -9 radiusd
radiusd -X
Re: nas mikrotik проблема с radius вроде
Добавлено: Чт апр 12, 2018 4:23 pm
borislav-sochi
при попытке авторизоваться
Код: Выделить всё
6) perl: &request:NAS-Port-Id = $RAD_REQUEST{'NAS-Port-Id'} -> 'ether4'
(6) perl: &request:User-Name = $RAD_REQUEST{'User-Name'} -> '1111'
(6) perl: &request:Calling-Station-Id = $RAD_REQUEST{'Calling-Station-Id'} -> '00:E0:4C:36:0F:6A'
(6) perl: &request:CHAP-Password = $RAD_REQUEST{'CHAP-Password'} -> '0x01ddde6612c0c3990fe0d15927708a805 2'
(6) perl: &request:NAS-Port = $RAD_REQUEST{'NAS-Port'} -> '15728744'
(6) perl: &reply:Reply-Message = $RAD_REPLY{'Reply-Message'} -> 'Login Not Exist or Expire'
(6) perl: &control:Post-Auth-Type = $RAD_CHECK{'Post-Auth-Type'} -> 'Reject'
(6) perl: &control:Auth-Type = $RAD_CHECK{'Auth-Type'} -> 'Reject'
(6) [perl] = reject
(6) } # Post-Auth-Type REJECT = reject
(6) Delaying response for 1.000000 seconds
Waking up in 0.3 seconds.
(6) (6) Discarding duplicate request from client NAS_2 port 36823 - ID: 135 due to delayed response
Waking up in 0.6 seconds.
(6) (6) Discarding duplicate request from client NAS_2 port 36823 - ID: 135 due to delayed response
Waking up in 0.4 seconds.
(6) Sending delayed response
(6) Sent Access-Reject Id 135 from 10.0.0.7:1812 to 10.0.0.8:36823 length 47
(6) Reply-Message = "Login Not Exist or Expire"
Waking up in 3.9 seconds.
(6) Cleaning up request packet ID 135 with timestamp +845
Ready to process requests
В веб интерфейсе Отчет -интернет+ - последнее подключение
Код: Выделить всё
2018-04-12 18:42:54 LOG_WARNING AUTH 1111 Login Not Exist or Expire CID: 00:E0:4C:36:0F:6A nas/
Пользователь test подключается без проблем.
и еще - захожу в логины - интернет+ - там интернет статус активно
а в логины - логины -интернет статус - не активизирован
Re: nas mikrotik проблема с radius вроде
Добавлено: Пт апр 13, 2018 6:12 pm
~AsmodeuS~
- проверте наличие абонента
- и поля активации и завершения услуги
Re: nas mikrotik проблема с radius вроде
Добавлено: Пт апр 13, 2018 7:46 pm
borislav-sochi
~AsmodeuS~ писал(а):- проверте наличие абонента
- и поля активации и завершения услуги
как проверить его наличие?
- и поля активации и завершения услуги
там все по нулям, пробовал ставить дату активации, ничего не меняется
логин статус -" не активизирован" - что это значит? Как его активизировать? Если удаляешь абона - надпись становится "Активно"