MPD5 PPPOE ошибка 629, PPTP - 734

Вопросы и пожелания
Ответить
lasik
Сообщения: 983
Зарегистрирован: Чт янв 10, 2008 5:20 pm
Откуда: Россия, Москва

MPD5 PPPOE ошибка 629, PPTP - 734

Сообщение lasik »

Всем здрасте, давно меня не было тут, уже давно другими делами занимаюсь, а тут приспичило одному человеку доломать сервак.
Ну это все лирика.
Проблема такая:
вроде все настроил (весьма возможно что не правильно), и не работает, pppoe 629 кажет, pptp - 743.
в /var/log/mpd.log по поводу pppoe вижу следующее

Код: Выделить всё

Dec 15 21:50:19 ivonino mpd: Incoming PPPoE connection request via em1: for service "" from 2c:27:d7:80:d9:6a
Dec 15 21:50:19 ivonino mpd: [em1-3] Accepting PPPoE connection
Dec 15 21:50:19 ivonino mpd: [em1-3] Link: OPEN event
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: Open event
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: state change Initial --> Starting
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: LayerStart
Dec 15 21:50:19 ivonino mpd: [em1-3] PPPoE: connection successful
Dec 15 21:50:19 ivonino mpd: [em1-3] Link: UP event
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: Up event
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: state change Starting --> Req-Sent
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: SendConfigReq #1
Dec 15 21:50:19 ivonino mpd: [em1-3]   MRU 1492
Dec 15 21:50:19 ivonino mpd: [em1-3]   MAGICNUM ff71b338
Dec 15 21:50:19 ivonino mpd: [em1-3]   AUTHPROTO CHAP MSOFTv2
Dec 15 21:50:19 ivonino mpd: [em1-3]   MP MRRU 2048
Dec 15 21:50:19 ivonino mpd: [em1-3]   MP SHORTSEQ
Dec 15 21:50:19 ivonino mpd: [em1-3]   ENDPOINTDISC [802.1] 00 0e 04 b7 2b ca
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: rec'd Configure Request #0 (Req-Sent)
Dec 15 21:50:19 ivonino mpd: [em1-3]   MRU 1480
Dec 15 21:50:19 ivonino mpd: [em1-3]   MAGICNUM 2b4116a3
Dec 15 21:50:19 ivonino mpd: [em1-3]   PROTOCOMP
Dec 15 21:50:19 ivonino mpd: [em1-3]   ACFCOMP
Dec 15 21:50:19 ivonino mpd: [em1-3]   CALLBACK 6
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: SendConfigRej #0
Dec 15 21:50:19 ivonino mpd: [em1-3]   PROTOCOMP
Dec 15 21:50:19 ivonino mpd: [em1-3]   ACFCOMP
Dec 15 21:50:19 ivonino mpd: [em1-3]   CALLBACK 6
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: rec'd Configure Reject #1 (Req-Sent)
Dec 15 21:50:19 ivonino mpd: [em1-3]   MP MRRU 2048
Dec 15 21:50:19 ivonino mpd: [em1-3]   MP SHORTSEQ
Dec 15 21:50:19 ivonino mpd: [em1-3]   ENDPOINTDISC [802.1] 00 0e 04 b7 2b ca
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: SendConfigReq #2
Dec 15 21:50:19 ivonino mpd: [em1-3]   MRU 1492
Dec 15 21:50:19 ivonino mpd: [em1-3]   MAGICNUM ff71b338
Dec 15 21:50:19 ivonino mpd: [em1-3]   AUTHPROTO CHAP MSOFTv2
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: rec'd Configure Request #1 (Req-Sent)
Dec 15 21:50:19 ivonino mpd: [em1-3]   MRU 1480
Dec 15 21:50:19 ivonino mpd: [em1-3]   MAGICNUM 2b4116a3
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: SendConfigAck #1
Dec 15 21:50:19 ivonino mpd: [em1-3]   MRU 1480
Dec 15 21:50:19 ivonino mpd: [em1-3]   MAGICNUM 2b4116a3
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: state change Req-Sent --> Ack-Sent
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: rec'd Configure Ack #2 (Ack-Sent)
Dec 15 21:50:19 ivonino mpd: [em1-3]   MRU 1492
Dec 15 21:50:19 ivonino mpd: [em1-3]   MAGICNUM ff71b338
Dec 15 21:50:19 ivonino mpd: [em1-3]   AUTHPROTO CHAP MSOFTv2
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: state change Ack-Sent --> Opened
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: auth: peer wants nothing, I want CHAP
Dec 15 21:50:19 ivonino mpd: [em1-3] CHAP: sending CHALLENGE #1 len: 21
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: LayerUp
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: rec'd Ident #2 (Opened)
Dec 15 21:50:19 ivonino mpd: [em1-3]   MESG: MSRASV5.20
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: rec'd Ident #3 (Opened)
Dec 15 21:50:19 ivonino mpd: [em1-3]   MESG: MSRAS-0-ADIST
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: rec'd Ident #4 (Opened)
Dec 15 21:50:19 ivonino mpd: [em1-3]   MESG: T7t#M-^U#	GE

                                                          Dec 15 21:50:19 ivonino mpd: [em1-3] CHAP: rec'd RESPONSE #1 len: 59
Dec 15 21:50:19 ivonino mpd: [em1-3]   Name: "merei"
Dec 15 21:50:19 ivonino mpd: [em1-3] AUTH: Trying RADIUS
Dec 15 21:50:19 ivonino mpd: [em1-3] RADIUS: Authenticating user 'merei'
Dec 15 21:50:20 ivonino mpd: [em1-3] RADIUS: Rec'd RAD_ACCESS_REJECT for user 'merei'
Dec 15 21:50:20 ivonino mpd: [em1-3] AUTH: RADIUS returned: failed
Dec 15 21:50:20 ivonino mpd: [em1-3] AUTH: ran out of backends
Dec 15 21:50:20 ivonino mpd: [em1-3] CHAP: Auth return status: failed
Dec 15 21:50:20 ivonino mpd: [em1-3] CHAP: Reply message: ^AE=691 R=1
Dec 15 21:50:20 ivonino mpd: [em1-3] CHAP: sending FAILURE #1 len: 14
Dec 15 21:50:20 ivonino mpd: [em1-3] LCP: authorization failed
Dec 15 21:50:20 ivonino mpd: [em1-3] LCP: parameter negotiation failed
Dec 15 21:50:20 ivonino mpd: [em1-3] LCP: state change Opened --> Stopping
Dec 15 21:50:20 ivonino mpd: [em1-3] LCP: SendTerminateReq #3
Dec 15 21:50:20 ivonino mpd: [em1-3] LCP: LayerDown
Dec 15 21:50:20 ivonino mpd: [em1-3] LCP: rec'd Terminate Ack #3 (Stopping)
Dec 15 21:50:20 ivonino mpd: [em1-3] LCP: state change Stopping --> Stopped
Dec 15 21:50:20 ivonino mpd: [em1-3] LCP: LayerFinish
Dec 15 21:50:20 ivonino mpd: [em1-3] PPPoE: connection closed
Dec 15 21:50:20 ivonino mpd: [em1-3] Link: DOWN event
Dec 15 21:50:20 ivonino mpd: [em1-3] LCP: Close event
Dec 15 21:50:20 ivonino mpd: [em1-3] LCP: state change Stopped --> Closed
Dec 15 21:50:20 ivonino mpd: [em1-3] LCP: Down event
Dec 15 21:50:20 ivonino mpd: [em1-3] LCP: state change Closed --> Initial
Dec 15 21:50:20 ivonino mpd: [em1-3] Link: SHUTDOWN event
Dec 15 21:50:20 ivonino mpd: [em1-3] Link: Shutdown
по поводу же pptp там следующее:

Код: Выделить всё

Dec 15 22:06:09 ivonino mpd: [L-3] Accepting PPTP connection
Dec 15 22:06:09 ivonino mpd: [L-3] Link: OPEN event
Dec 15 22:06:09 ivonino mpd: [L-3] LCP: Open event
Dec 15 22:06:09 ivonino mpd: [L-3] LCP: state change Initial --> Starting
Dec 15 22:06:09 ivonino mpd: [L-3] LCP: LayerStart
Dec 15 22:06:09 ivonino mpd: [L-3] PPTP: attaching to peer's outgoing call
Dec 15 22:06:09 ivonino mpd: [L-3] Link: UP event
Dec 15 22:06:09 ivonino mpd: [L-3] LCP: Up event
Dec 15 22:06:09 ivonino mpd: [L-3] LCP: state change Starting --> Req-Sent
Dec 15 22:06:09 ivonino mpd: [L-3] LCP: SendConfigReq #1
Dec 15 22:06:09 ivonino mpd: [L-3]   ACFCOMP
Dec 15 22:06:09 ivonino mpd: [L-3]   PROTOCOMP
Dec 15 22:06:09 ivonino mpd: [L-3]   MRU 1500
Dec 15 22:06:09 ivonino mpd: [L-3]   MAGICNUM f236dcf0
Dec 15 22:06:09 ivonino mpd: [L-3]   AUTHPROTO CHAP MSOFTv2
Dec 15 22:06:09 ivonino mpd: [L-3]   MP MRRU 2048
Dec 15 22:06:09 ivonino mpd: [L-3]   MP SHORTSEQ
Dec 15 22:06:09 ivonino mpd: [L-3]   ENDPOINTDISC [802.1] 00 0e 04 b7 2b ca
Dec 15 22:06:09 ivonino mpd: [L-3] LCP: rec'd Configure Request #0 (Req-Sent)
Dec 15 22:06:09 ivonino mpd: [L-3]   MRU 1400
Dec 15 22:06:09 ivonino mpd: [L-3]   MAGICNUM 056714cb
Dec 15 22:06:09 ivonino mpd: [L-3]   PROTOCOMP
Dec 15 22:06:09 ivonino mpd: [L-3]   ACFCOMP
Dec 15 22:06:09 ivonino mpd: [L-3]   CALLBACK 6
Dec 15 22:06:09 ivonino mpd: [L-3] LCP: SendConfigRej #0
Dec 15 22:06:09 ivonino mpd: [L-3]   CALLBACK 6
Dec 15 22:06:09 ivonino mpd: [L-3] LCP: rec'd Configure Request #1 (Req-Sent)
Dec 15 22:06:09 ivonino mpd: [L-3]   MRU 1400
Dec 15 22:06:09 ivonino mpd: [L-3]   MAGICNUM 056714cb
Dec 15 22:06:09 ivonino mpd: [L-3]   PROTOCOMP
Dec 15 22:06:09 ivonino mpd: [L-3]   ACFCOMP
Dec 15 22:06:09 ivonino mpd: [L-3] LCP: SendConfigAck #1
Dec 15 22:06:09 ivonino mpd: [L-3]   MRU 1400
Dec 15 22:06:09 ivonino mpd: [L-3]   MAGICNUM 056714cb
Dec 15 22:06:09 ivonino mpd: [L-3]   PROTOCOMP
Dec 15 22:06:09 ivonino mpd: [L-3]   ACFCOMP
Dec 15 22:06:09 ivonino mpd: [L-3] LCP: state change Req-Sent --> Ack-Sent
Dec 15 22:06:11 ivonino mpd: [L-3] LCP: SendConfigReq #2
Dec 15 22:06:11 ivonino mpd: [L-3]   ACFCOMP
Dec 15 22:06:11 ivonino mpd: [L-3]   PROTOCOMP
Dec 15 22:06:11 ivonino mpd: [L-3]   MRU 1500
Dec 15 22:06:11 ivonino mpd: [L-3]   MAGICNUM f236dcf0
Dec 15 22:06:11 ivonino mpd: [L-3]   AUTHPROTO CHAP MSOFTv2
Dec 15 22:06:11 ivonino mpd: [L-3]   MP MRRU 2048
Dec 15 22:06:11 ivonino mpd: [L-3]   MP SHORTSEQ
Dec 15 22:06:11 ivonino mpd: [L-3]   ENDPOINTDISC [802.1] 00 0e 04 b7 2b ca
Dec 15 22:06:11 ivonino mpd: [L-3] LCP: rec'd Configure Reject #2 (Ack-Sent)
Dec 15 22:06:11 ivonino mpd: [L-3]   MP MRRU 2048
Dec 15 22:06:11 ivonino mpd: [L-3]   MP SHORTSEQ
Dec 15 22:06:11 ivonino mpd: [L-3]   ENDPOINTDISC [802.1] 00 0e 04 b7 2b ca
Dec 15 22:06:11 ivonino mpd: [L-3] LCP: SendConfigReq #3
Dec 15 22:06:11 ivonino mpd: [L-3]   ACFCOMP
Dec 15 22:06:11 ivonino mpd: [L-3]   PROTOCOMP
Dec 15 22:06:11 ivonino mpd: [L-3]   MRU 1500
Dec 15 22:06:11 ivonino mpd: [L-3]   MAGICNUM f236dcf0
Dec 15 22:06:11 ivonino mpd: [L-3]   AUTHPROTO CHAP MSOFTv2
Dec 15 22:06:11 ivonino mpd: [L-3] LCP: rec'd Configure Ack #3 (Ack-Sent)
Dec 15 22:06:11 ivonino mpd: [L-3]   ACFCOMP
Dec 15 22:06:11 ivonino mpd: [L-3]   PROTOCOMP
Dec 15 22:06:11 ivonino mpd: [L-3]   MRU 1500
Dec 15 22:06:11 ivonino mpd: [L-3]   MAGICNUM f236dcf0
Dec 15 22:06:11 ivonino mpd: [L-3]   AUTHPROTO CHAP MSOFTv2
Dec 15 22:06:11 ivonino mpd: [L-3] LCP: state change Ack-Sent --> Opened
Dec 15 22:06:11 ivonino mpd: [L-3] LCP: auth: peer wants nothing, I want CHAP
Dec 15 22:06:11 ivonino mpd: [L-3] CHAP: sending CHALLENGE #1 len: 21
Dec 15 22:06:11 ivonino mpd: [L-3] LCP: LayerUp
Dec 15 22:06:11 ivonino mpd: [L-3] LCP: rec'd Ident #2 (Opened)
Dec 15 22:06:11 ivonino mpd: [L-3]   MESG: MSRASV5.20
Dec 15 22:06:11 ivonino mpd: [L-3] LCP: rec'd Ident #3 (Opened)
Dec 15 22:06:11 ivonino mpd: [L-3]   MESG: MSRAS-0-ADIST
Dec 15 22:06:11 ivonino mpd: [L-3] LCP: rec'd Ident #4 (Opened)
Dec 15 22:06:11 ivonino mpd: [L-3]   MESG: ^Eΰh;}AJ-^]Y0O^K
Dec 15 22:06:11 ivonino mpd: [L-3] CHAP: rec'd RESPONSE #1 len: 59
Dec 15 22:06:11 ivonino mpd: [L-3]   Name: "merei"
Dec 15 22:06:11 ivonino mpd: [L-3] AUTH: Trying RADIUS
Dec 15 22:06:11 ivonino mpd: [L-3] RADIUS: Authenticating user 'merei'
Dec 15 22:06:12 ivonino mpd: [L-3] RADIUS: Rec'd RAD_ACCESS_REJECT for user 'merei'
Dec 15 22:06:12 ivonino mpd: [L-3] AUTH: RADIUS returned: failed
Dec 15 22:06:12 ivonino mpd: [L-3] AUTH: ran out of backends
Dec 15 22:06:12 ivonino mpd: [L-3] CHAP: Auth return status: failed
Dec 15 22:06:12 ivonino mpd: [L-3] CHAP: Reply message: ^AE=691 R=1
Dec 15 22:06:12 ivonino mpd: [L-3] CHAP: sending FAILURE #1 len: 14
Dec 15 22:06:12 ivonino mpd: [L-3] LCP: authorization failed
Dec 15 22:06:12 ivonino mpd: [L-3] LCP: parameter negotiation failed
Dec 15 22:06:12 ivonino mpd: [L-3] LCP: state change Opened --> Stopping
Dec 15 22:06:12 ivonino mpd: [L-3] LCP: SendTerminateReq #4
Dec 15 22:06:12 ivonino mpd: [L-3] LCP: LayerDown
Dec 15 22:06:12 ivonino mpd: [L-3] LCP: rec'd Terminate Ack #4 (Stopping)
Dec 15 22:06:12 ivonino mpd: [L-3] LCP: state change Stopping --> Stopped
Dec 15 22:06:12 ivonino mpd: [L-3] LCP: LayerFinish
Dec 15 22:06:12 ivonino mpd: [L-3] PPTP call terminated
Dec 15 22:06:12 ivonino mpd: [L-3] Link: DOWN event
Dec 15 22:06:12 ivonino mpd: [L-3] LCP: Close event
Dec 15 22:06:12 ivonino mpd: [L-3] LCP: state change Stopped --> Closed
Dec 15 22:06:12 ivonino mpd: [L-3] LCP: Down event
Dec 15 22:06:12 ivonino mpd: [L-3] LCP: state change Closed --> Initial
Dec 15 22:06:12 ivonino mpd: [L-3] Link: SHUTDOWN event
Dec 15 22:06:12 ivonino mpd: [L-3] Link: Shutdown
radtest merei 123456 127.0.0.1:1812 0 radsecret 0 127.0.0.1 говорит

Код: Выделить всё

Sending Access-Request of id 137 to 127.0.0.1 port 1812
        User-Name = "merei"
        User-Password = "123456"
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 0
        Message-Authenticator = 0x00000000000000000000000000000000
        Framed-Protocol = PPP
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=137, length=44
        Acct-Interim-Interval = 300
        Session-Timeout = 1389922
        Framed-IP-Address = 10.10.10.95
        Framed-IP-Netmask = 255.255.255.255
Использую MPD 5
конфиг

Код: Выделить всё

startup:
        # configure mpd users
        set user admin radsecret admin
#       set user foo1 bar1
        # configure the console
        set console self 127.0.0.1 5005
        set console open
        # configure the web server
        set web self 0.0.0.0 5006
        set web open

default:
        load pppoe_server
        load pptp_server

pppoe_server:
        create bundle template B
        set ipcp ranges 10.10.10.254/32 10.10.10.0/24
#        set ipcp ranges 10.0.0.1/24 10.10.10.0/24
        set iface idle 0
        set iface enable tcpmssfix
        set ipcp no vjcomp
        set iface up-script   "/usr/local/abills/libexec/linkupdown mpd up"
        set iface down-script "/usr/local/abills/libexec/linkupdown mpd down"

        set bundle enable compression
        set ccp yes mppc
        set mppc yes e40
        set mppc yes e128
        set mppc yes stateless

        create link template common pppoe
        set link enable multilink
        set link action bundle B
        set link disable pap eap
        set link enable chap
        load radius
        set pppoe service "*"

        create link template em1 common
        set link max-children 1000
        set pppoe iface em1
        set link enable incoming

        set link no pap eap
        set link yes chap-md5
        set link keep-alive 20 60
        set link enable incoming
        set link no acfcomp protocomp
pptp_server:
        set ippool add pool1 10.0.0.1 10.255.255.255  
        create bundle template B
        set iface enable proxy-arp
        set iface idle 1800
        set iface enable tcpmssfix
        set iface up-script "/usr/abills/libexec/linkupdown mpd up"
        set iface down-script "/usr/abills/libexec/linkupdown mpd down"
        set ipcp yes vjcomp
        set ipcp ranges 192.168.6.1/24 ippool pool1
        set ipcp dns 192.168.6.1
        set bundle enable compression
        set ccp yes mppc
        set mppc yes e40
        set mppc yes e128
        set mppc yes stateless
        create link template L pptp
        set link action bundle B
        set link enable peer-as-calling
        set link enable multilink
        set link yes acfcomp protocomp
        set link no pap chap
        set link enable chap
        set link keep-alive 10 60
        set link mtu 1460
        set link enable incoming
        load radius
radius:
     set radius server 127.0.0.1 radsecret 1812 1813
     set radius retries 3
     set radius timeout 10
     set auth acct-update 300
     set auth enable radius-auth
     set auth enable radius-acct
     set auth disable internal
Radius версии 2.
Куда копать ?

lasik
Сообщения: 983
Зарегистрирован: Чт янв 10, 2008 5:20 pm
Откуда: Россия, Москва

Re: MPD5 PPPOE ошибка 629, PPTP - 734

Сообщение lasik »

radiusd -X
сначала

Код: Выделить всё

FreeRADIUS Version 2.2.0, for host i386-portbld-freebsd8.3, built on Dec 15 2012 at 02:36:56
Copyright (C) 1999-2012 The FreeRADIUS server project and contributors. 
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A 
PARTICULAR PURPOSE. 
You may redistribute copies of FreeRADIUS under the terms of the 
GNU General Public License v2. 
Starting - reading configuration files ...
including configuration file /usr/local/etc/raddb/radiusd.conf
including configuration file /usr/local/etc/raddb/proxy.conf
including configuration file /usr/local/etc/raddb/clients.conf
including files in directory /usr/local/etc/raddb/modules/
including configuration file /usr/local/etc/raddb/modules/wimax
including configuration file /usr/local/etc/raddb/modules/always
including configuration file /usr/local/etc/raddb/modules/attr_filter
including configuration file /usr/local/etc/raddb/modules/attr_rewrite
including configuration file /usr/local/etc/raddb/modules/cache
including configuration file /usr/local/etc/raddb/modules/chap
including configuration file /usr/local/etc/raddb/modules/checkval
including configuration file /usr/local/etc/raddb/modules/counter
including configuration file /usr/local/etc/raddb/modules/cui
including configuration file /usr/local/etc/raddb/modules/detail
including configuration file /usr/local/etc/raddb/modules/detail.example.com
including configuration file /usr/local/etc/raddb/modules/detail.log
including configuration file /usr/local/etc/raddb/modules/dhcp_sqlippool
including configuration file /usr/local/etc/raddb/sql/mysql/ippool-dhcp.conf
including configuration file /usr/local/etc/raddb/modules/digest
including configuration file /usr/local/etc/raddb/modules/dynamic_clients
including configuration file /usr/local/etc/raddb/modules/echo
including configuration file /usr/local/etc/raddb/modules/etc_group
including configuration file /usr/local/etc/raddb/modules/exec
including configuration file /usr/local/etc/raddb/modules/expiration
including configuration file /usr/local/etc/raddb/modules/expr
including configuration file /usr/local/etc/raddb/modules/files
including configuration file /usr/local/etc/raddb/modules/inner-eap
including configuration file /usr/local/etc/raddb/modules/ippool
including configuration file /usr/local/etc/raddb/modules/krb5
including configuration file /usr/local/etc/raddb/modules/ldap
including configuration file /usr/local/etc/raddb/modules/linelog
including configuration file /usr/local/etc/raddb/modules/otp
including configuration file /usr/local/etc/raddb/modules/logintime
including configuration file /usr/local/etc/raddb/modules/mac2ip
including configuration file /usr/local/etc/raddb/modules/mac2vlan
including configuration file /usr/local/etc/raddb/modules/mschap
including configuration file /usr/local/etc/raddb/modules/ntlm_auth
including configuration file /usr/local/etc/raddb/modules/opendirectory
including configuration file /usr/local/etc/raddb/modules/pam
including configuration file /usr/local/etc/raddb/modules/pap
including configuration file /usr/local/etc/raddb/modules/passwd
including configuration file /usr/local/etc/raddb/modules/perl
including configuration file /usr/local/etc/raddb/modules/policy
including configuration file /usr/local/etc/raddb/modules/preprocess
including configuration file /usr/local/etc/raddb/modules/radrelay
including configuration file /usr/local/etc/raddb/modules/radutmp
including configuration file /usr/local/etc/raddb/modules/realm
including configuration file /usr/local/etc/raddb/modules/redis
including configuration file /usr/local/etc/raddb/modules/rediswho
including configuration file /usr/local/etc/raddb/modules/replicate
including configuration file /usr/local/etc/raddb/modules/smbpasswd
including configuration file /usr/local/etc/raddb/modules/smsotp
including configuration file /usr/local/etc/raddb/modules/soh
including configuration file /usr/local/etc/raddb/modules/sql_log
including configuration file /usr/local/etc/raddb/modules/sqlcounter_expire_on_login
including configuration file /usr/local/etc/raddb/modules/sradutmp
including configuration file /usr/local/etc/raddb/modules/unix
including configuration file /usr/local/etc/raddb/modules/acct_unique
including configuration file /usr/local/etc/raddb/eap.conf
including configuration file /usr/local/etc/raddb/policy.conf
including files in directory /usr/local/etc/raddb/sites-enabled/
including configuration file /usr/local/etc/raddb/sites-enabled/default
including configuration file /usr/local/etc/raddb/sites-enabled/inner-tunnel
including configuration file /usr/local/etc/raddb/sites-enabled/control-socket
main {
        user = "freeradius"
        group = "freeradius"
        allow_core_dumps = no
}
including dictionary file /usr/local/etc/raddb/dictionary
main {
        name = "radiusd"
        prefix = "/usr/local"
        localstatedir = "/var"
        sbindir = "/usr/local/sbin"
        logdir = "/var/log"
        run_dir = "/var/run/radiusd"
        libdir = "/usr/local/lib/freeradius-2.2.0"
        radacctdir = "/var/log/radacct"
        hostname_lookups = no
        max_request_time = 30
        cleanup_delay = 5
        max_requests = 1024
        pidfile = "/var/run/radiusd/radiusd.pid"
        checkrad = "/usr/local/sbin/checkrad"
        debug_level = 0
        proxy_requests = yes
 log {
        stripped_names = no
        auth = no
        auth_badpass = no
        auth_goodpass = no
 }
 security {
        max_attributes = 200
        reject_delay = 1
        status_server = yes
 }
}
radiusd: #### Loading Realms and Home Servers ####
 proxy server {
        retry_delay = 5
        retry_count = 3
        default_fallback = no
        dead_time = 120
        wake_all_if_all_dead = no
 }
 home_server localhost {
        ipaddr = 127.0.0.1
        port = 1812
        type = "auth"
        secret = "testing123"
        response_window = 20
        max_outstanding = 65536
        require_message_authenticator = yes
        zombie_period = 40
        status_check = "status-server"
        ping_interval = 30
        check_interval = 30
        num_answers_to_alive = 3
        num_pings_to_alive = 3
        revive_interval = 120
        status_check_timeout = 4
  coa {
        irt = 2
        mrt = 16
        mrc = 5
        mrd = 30
  }
 }
 home_server_pool my_auth_failover {
        type = fail-over
        home_server = localhost
 }
 realm example.com {
        auth_pool = my_auth_failover
 }
 realm LOCAL {
 }
radiusd: #### Loading Clients ####
 client 127.0.0.1 {
        require_message_authenticator = no
        secret = "radsecret"
        shortname = "exppp"
 }
radiusd: #### Instantiating modules ####
 instantiate {
 Module: Linked to module rlm_exec
 Module: Instantiating module "exec" from file /usr/local/etc/raddb/modules/exec
  exec {
        wait = no
        input_pairs = "request"
        shell_escape = yes
  }
 Module: Linked to module rlm_expr
 Module: Instantiating module "expr" from file /usr/local/etc/raddb/modules/expr
 Module: Linked to module rlm_expiration
 Module: Instantiating module "expiration" from file /usr/local/etc/raddb/modules/expiration
  expiration {
        reply-message = "Password Has Expired  "
  }
 Module: Linked to module rlm_logintime
 Module: Instantiating module "logintime" from file /usr/local/etc/raddb/modules/logintime
  logintime {
        reply-message = "You are calling outside your allowed timespan  "
        minimum-timeout = 60
  }
 }
radiusd: #### Loading Virtual Servers ####
server { # from file /usr/local/etc/raddb/radiusd.conf
 modules {
  Module: Creating Auth-Type = digest
  Module: Creating Post-Auth-Type = REJECT
 Module: Checking authenticate {...} for more modules to load
 Module: Linked to module rlm_pap
 Module: Instantiating module "pap" from file /usr/local/etc/raddb/modules/pap
  pap {
        encryption_scheme = "auto"
        auto_header = no
  }
 Module: Linked to module rlm_chap
 Module: Instantiating module "chap" from file /usr/local/etc/raddb/modules/chap
 Module: Linked to module rlm_mschap
 Module: Instantiating module "mschap" from file /usr/local/etc/raddb/modules/mschap
  mschap {
        use_mppe = yes
        require_encryption = no
        require_strong = no
        with_ntdomain_hack = no
        allow_retry = yes
  }
 Module: Linked to module rlm_digest
 Module: Instantiating module "digest" from file /usr/local/etc/raddb/modules/digest
 Module: Linked to module rlm_unix
 Module: Instantiating module "unix" from file /usr/local/etc/raddb/modules/unix
  unix {
        radwtmp = "/var/log/radwtmp"
  }
 Module: Linked to module rlm_eap
 Module: Instantiating module "eap" from file /usr/local/etc/raddb/eap.conf
  eap {
        default_eap_type = "md5"
        timer_expire = 60
        ignore_unknown_eap_types = no
        cisco_accounting_username_bug = no
        max_sessions = 4096
  }
 Module: Linked to sub-module rlm_eap_md5
 Module: Instantiating eap-md5
 Module: Linked to sub-module rlm_eap_leap
 Module: Instantiating eap-leap
 Module: Linked to sub-module rlm_eap_gtc
 Module: Instantiating eap-gtc
   gtc {
        challenge = "Password: "
        auth_type = "PAP"
   }
 Module: Linked to sub-module rlm_eap_tls
 Module: Instantiating eap-tls
   tls {
        rsa_key_exchange = no
        dh_key_exchange = yes
        rsa_key_length = 512
        dh_key_length = 512
        verify_depth = 0
        CA_path = "/usr/local/etc/raddb/certs"
        pem_file_type = yes
        private_key_file = "/usr/local/etc/raddb/certs/server.pem"
        certificate_file = "/usr/local/etc/raddb/certs/server.pem"
        CA_file = "/usr/local/etc/raddb/certs/ca.pem"
        private_key_password = "whatever"
        dh_file = "/usr/local/etc/raddb/certs/dh"
        random_file = "/usr/local/etc/raddb/certs/random"
        fragment_size = 1024
        include_length = yes
        check_crl = no
        cipher_list = "DEFAULT"
        make_cert_command = "/usr/local/etc/raddb/certs/bootstrap"
        ecdh_curve = "prime256v1"
    cache {
        enable = no
        lifetime = 24
        max_entries = 255
    }
    verify {
    }
    ocsp {
        enable = no
        override_cert_url = yes
        url = "http://127.0.0.1/ocsp/"
        use_nonce = yes
        timeout = 0
        softfail = no
    }
   }
 Module: Linked to sub-module rlm_eap_ttls
 Module: Instantiating eap-ttls
   ttls {
        default_eap_type = "md5"
        copy_request_to_tunnel = no
        use_tunneled_reply = no
        virtual_server = "inner-tunnel"
        include_length = yes
   }
 Module: Linked to sub-module rlm_eap_peap
 Module: Instantiating eap-peap
   peap {
        default_eap_type = "mschapv2"
        copy_request_to_tunnel = no
        use_tunneled_reply = no
        proxy_tunneled_request_as_eap = yes
        virtual_server = "inner-tunnel"
        soh = no
   }
 Module: Linked to sub-module rlm_eap_mschapv2
 Module: Instantiating eap-mschapv2
   mschapv2 {
        with_ntdomain_hack = no
        send_error = no
   }
 Module: Checking authorize {...} for more modules to load
 Module: Linked to module rlm_preprocess
 Module: Instantiating module "preprocess" from file /usr/local/etc/raddb/modules/preprocess
  preprocess {
        huntgroups = "/usr/local/etc/raddb/huntgroups"
        hints = "/usr/local/etc/raddb/hints"
        with_ascend_hack = no
        ascend_channels_per_line = 23
        with_ntdomain_hack = no
        with_specialix_jetstream_hack = no
        with_cisco_vsa_hack = no
        with_alvarion_vsa_hack = no
  }
reading pairlist file /usr/local/etc/raddb/huntgroups
reading pairlist file /usr/local/etc/raddb/hints
 Module: Linked to module rlm_realm
 Module: Instantiating module "suffix" from file /usr/local/etc/raddb/modules/realm
  realm suffix {
        format = "suffix"
        delimiter = "@"
        ignore_default = no
        ignore_null = no
  }
 Module: Linked to module rlm_files
 Module: Instantiating module "files" from file /usr/local/etc/raddb/modules/files
  files {
        usersfile = "/usr/local/etc/raddb/users"
        acctusersfile = "/usr/local/etc/raddb/acct_users"
        preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users"
        compat = "no"
  }
reading pairlist file /usr/local/etc/raddb/users
reading pairlist file /usr/local/etc/raddb/acct_users
reading pairlist file /usr/local/etc/raddb/preproxy_users
 Module: Checking preacct {...} for more modules to load
 Module: Linked to module rlm_acct_unique
 Module: Instantiating module "acct_unique" from file /usr/local/etc/raddb/modules/acct_unique
  acct_unique {
        key = "User-Name, Acct-Session-Id, NAS-IP-Address, NAS-Identifier, NAS-Port"
  }
 Module: Checking accounting {...} for more modules to load
 Module: Linked to module rlm_detail
 Module: Instantiating module "detail" from file /usr/local/etc/raddb/modules/detail
  detail {
        detailfile = "/var/log/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d"
        header = "%t"
        detailperm = 384
        dirperm = 493
        locking = no
        log_packet_header = no
  }
 Module: Linked to module rlm_attr_filter
 Module: Instantiating module "attr_filter.accounting_response" from file /usr/local/etc/raddb/modules/attr_filter
  attr_filter attr_filter.accounting_response {
        attrsfile = "/usr/local/etc/raddb/attrs.accounting_response"
        key = "%{User-Name}"
        relaxed = no
  }
reading pairlist file /usr/local/etc/raddb/attrs.accounting_response
 Module: Checking session {...} for more modules to load
 Module: Linked to module rlm_radutmp
 Module: Instantiating module "radutmp" from file /usr/local/etc/raddb/modules/radutmp
  radutmp {
        filename = "/var/log/radutmp"
        username = "%{User-Name}"
        case_sensitive = yes
        check_with_nas = yes
        perm = 384
        callerid = yes
  }
 Module: Checking post-proxy {...} for more modules to load
 Module: Checking post-auth {...} for more modules to load
 Module: Instantiating module "attr_filter.access_reject" from file /usr/local/etc/raddb/modules/attr_filter
  attr_filter attr_filter.access_reject {
        attrsfile = "/usr/local/etc/raddb/attrs.access_reject"
        key = "%{User-Name}"
        relaxed = no
  }
reading pairlist file /usr/local/etc/raddb/attrs.access_reject
 } # modules
} # server
server inner-tunnel { # from file /usr/local/etc/raddb/sites-enabled/inner-tunnel
 modules {
 Module: Checking authenticate {...} for more modules to load
 Module: Checking authorize {...} for more modules to load
 Module: Checking session {...} for more modules to load
 Module: Checking post-proxy {...} for more modules to load
 Module: Checking post-auth {...} for more modules to load
 } # modules
} # server
radiusd: #### Opening IP addresses and Ports ####
listen {
        type = "auth"
        ipaddr = *
        port = 0
}
listen {
        type = "acct"
        ipaddr = *
        port = 0
}
listen {
        type = "control"
 listen {
        socket = "/var/run/radiusd/radiusd.sock"
 }
}
listen {
        type = "auth"
        ipaddr = 127.0.0.1
        port = 18120
}
 ... adding new socket proxy address * port 12326
Listening on authentication address * port 1812
Listening on accounting address * port 1813
Listening on command file /var/run/radiusd/radiusd.sock
Listening on authentication address 127.0.0.1 port 18120 as server inner-tunnel
Listening on proxy address * port 1814
Ready to process requests.
Для pptp

Код: Выделить всё

rad_recv: Access-Request packet from host 127.0.0.1 port 37637, id=48, length=294
        NAS-Identifier = "ivonino.local"
        Acct-Session-Id = "5597153-L-3"
        NAS-Port = 3
        NAS-Port-Type = Virtual
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Calling-Station-Id = "192.168.6.2"
        NAS-Port-Id = "em1"
        mpd-link = "L-3"
        mpd-peer-ident = "MSRASV5.20 MSRAS-0-ADIST \210 ;s\027\321\371F\273\204L\024\nm\3123"
        Tunnel-Type:0 = PPTP
        Tunnel-Medium-Type:0 = IPv4
        Tunnel-Server-Endpoint:0 = "192.168.6.1"
        Tunnel-Client-Endpoint:0 = "192.168.6.2"
        Tunnel-Server-Auth-Id:0 = "ivonino.local"
        User-Name = "merei"
        MS-CHAP-Challenge = 0xbb1e686f7275d5e4c83a63b5f529093d
        MS-CHAP2-Response = 0x0100ad822fb44570efdc1676d2fb2a641b3a00000000000000006c18cd0ebc62cc304685ce259fcd4f2894fb5bf8d0b02b2b
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
[mschap] Found MS-CHAP attributes.  Setting 'Auth-Type  = mschap'
++[mschap] returns ok
++[digest] returns noop
[suffix] No '@' in User-Name = "merei", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[files] users: Matched entry DEFAULT at line 1
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user.  Authentication may fail because of this.
++[pap] returns noop
Found Auth-Type = MSCHAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group MS-CHAP {...}
[mschap] No Cleartext-Password configured.  Cannot create LM-Password.
[mschap] No Cleartext-Password configured.  Cannot create NT-Password.
[mschap] Creating challenge hash with username: merei
[mschap] Client is using MS-CHAPv2 for merei, we need NT-Password
[mschap] FAILED: No NT/LM-Password.  Cannot perform authentication.
[mschap] FAILED: MS-CHAP2-Response is incorrect
++[mschap] returns reject
Failed to authenticate the user.
Using Post-Auth-Type REJECT
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group REJECT {...}
[attr_filter.access_reject]     expand: %{User-Name} -> merei
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 0 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 0
Sending Access-Reject of id 48 to 127.0.0.1 port 37637
        MS-CHAP-Error = "\001E=691 R=1"
Waking up in 4.9 seconds.
Cleaning up request 0 ID 48 with timestamp +74
Ready to process requests.
для pppoe

Код: Выделить всё

rad_recv: Access-Request packet from host 127.0.0.1 port 30480, id=190, length=271
        NAS-Identifier = "ivonino.local"
        Acct-Session-Id = "5596938-em1-3"
        NAS-Port = 3
        NAS-Port-Type = Ethernet
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Calling-Station-Id = "2c27d780d96a"
        NAS-Port-Id = "em1"
        mpd-link = "em1-3"
        mpd-peer-ident = "MSRASV5.20 MSRAS-0-ADIST ִ\036|U\025LE\251&\252\007Ue\036w"
        Tunnel-Medium-Type:0 = IEEE-802
        Tunnel-Client-Endpoint:0 = "2c:27:d7:80:d9:6a"
        User-Name = "merei"
        MS-CHAP-Challenge = 0xbb1e688688b93c2cfe54e248603f0a51
        MS-CHAP2-Response = 0x0100da800b896a9c4b3c353798c2a20fb5a50000000000000000254e28f0b6ce85bdc70be1a91c6b77c1ccab30afcd5073d0
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
[mschap] Found MS-CHAP attributes.  Setting 'Auth-Type  = mschap'
++[mschap] returns ok
++[digest] returns noop
[suffix] No '@' in User-Name = "merei", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[files] users: Matched entry DEFAULT at line 1
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user.  Authentication may fail because of this.
++[pap] returns noop
Found Auth-Type = MSCHAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group MS-CHAP {...}
[mschap] No Cleartext-Password configured.  Cannot create LM-Password.
[mschap] No Cleartext-Password configured.  Cannot create NT-Password.
[mschap] Creating challenge hash with username: merei
[mschap] Client is using MS-CHAPv2 for merei, we need NT-Password
[mschap] FAILED: No NT/LM-Password.  Cannot perform authentication.
[mschap] FAILED: MS-CHAP2-Response is incorrect
++[mschap] returns reject
Failed to authenticate the user.
Using Post-Auth-Type REJECT
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group REJECT {...}
[attr_filter.access_reject]     expand: %{User-Name} -> merei
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 3 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 3
Sending Access-Reject of id 190 to 127.0.0.1 port 30480
        MS-CHAP-Error = "\001E=691 R=1"
Waking up in 4.9 seconds.
Cleaning up request 3 ID 190 with timestamp +224
Ready to process requests.
L-3

lasik
Сообщения: 983
Зарегистрирован: Чт янв 10, 2008 5:20 pm
Откуда: Россия, Москва

Re: MPD5 PPPOE ошибка 629, PPTP - 734

Сообщение lasik »

немного разобрался, но теперь у меня 691
/var/log/mpd.log pppoe

Код: Выделить всё

Dec 18 21:02:22 ivonino mpd: Incoming PPPoE connection request via em1: for service "" from 00:0c:29:e4:e3:bd
Dec 18 21:02:22 ivonino mpd: [em1-3] Accepting PPPoE connection
Dec 18 21:02:22 ivonino mpd: [em1-3] Link: OPEN event
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: Open event
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: state change Initial --> Starting
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: LayerStart
Dec 18 21:02:22 ivonino mpd: [em1-3] PPPoE: connection successful
Dec 18 21:02:22 ivonino mpd: [em1-3] Link: UP event
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: Up event
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: state change Starting --> Req-Sent
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: SendConfigReq #1
Dec 18 21:02:22 ivonino mpd: [em1-3]   MRU 1492
Dec 18 21:02:22 ivonino mpd: [em1-3]   MAGICNUM 944f7298
Dec 18 21:02:22 ivonino mpd: [em1-3]   AUTHPROTO CHAP MSOFTv2
Dec 18 21:02:22 ivonino mpd: [em1-3]   MP MRRU 2048
Dec 18 21:02:22 ivonino mpd: [em1-3]   MP SHORTSEQ
Dec 18 21:02:22 ivonino mpd: [em1-3]   ENDPOINTDISC [802.1] 00 0e 04 b7 2b ca
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: rec'd Configure Request #0 (Req-Sent)
Dec 18 21:02:22 ivonino mpd: [em1-3]   MRU 1480
Dec 18 21:02:22 ivonino mpd: [em1-3]   MAGICNUM 57324e5e
Dec 18 21:02:22 ivonino mpd: [em1-3]   CALLBACK 6
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: SendConfigRej #0
Dec 18 21:02:22 ivonino mpd: [em1-3]   CALLBACK 6
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: rec'd Configure Reject #1 (Req-Sent)
Dec 18 21:02:22 ivonino mpd: [em1-3]   MP MRRU 2048
Dec 18 21:02:22 ivonino mpd: [em1-3]   MP SHORTSEQ
Dec 18 21:02:22 ivonino mpd: [em1-3]   ENDPOINTDISC [802.1] 00 0e 04 b7 2b ca
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: SendConfigReq #2
Dec 18 21:02:22 ivonino mpd: [em1-3]   MRU 1492
Dec 18 21:02:22 ivonino mpd: [em1-3]   MAGICNUM 944f7298
Dec 18 21:02:22 ivonino mpd: [em1-3]   AUTHPROTO CHAP MSOFTv2
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: rec'd Configure Request #1 (Req-Sent)
Dec 18 21:02:22 ivonino mpd: [em1-3]   MRU 1480
Dec 18 21:02:22 ivonino mpd: [em1-3]   MAGICNUM 57324e5e
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: SendConfigAck #1
Dec 18 21:02:22 ivonino mpd: [em1-3]   MRU 1480
Dec 18 21:02:22 ivonino mpd: [em1-3]   MAGICNUM 57324e5e
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: state change Req-Sent --> Ack-Sent
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: rec'd Configure Ack #2 (Ack-Sent)
Dec 18 21:02:22 ivonino mpd: [em1-3]   MRU 1492
Dec 18 21:02:22 ivonino mpd: [em1-3]   MAGICNUM 944f7298
Dec 18 21:02:22 ivonino mpd: [em1-3]   AUTHPROTO CHAP MSOFTv2
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: state change Ack-Sent --> Opened
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: auth: peer wants nothing, I want CHAP
Dec 18 21:02:22 ivonino mpd: [em1-3] CHAP: sending CHALLENGE #1 len: 21
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: LayerUp
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: rec'd Ident #2 (Opened)
Dec 18 21:02:22 ivonino mpd: [em1-3]   MESG: MSRASV5.10
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: rec'd Ident #3 (Opened)
Dec 18 21:02:22 ivonino mpd: [em1-3]   MESG: MSRAS-0-TEST-196DC6E5CE
Dec 18 21:02:22 ivonino mpd: [em1-3] CHAP: rec'd RESPONSE #1 len: 59
Dec 18 21:02:22 ivonino mpd: [em1-3]   Name: "merei"
Dec 18 21:02:22 ivonino mpd: [em1-3] AUTH: Trying RADIUS
Dec 18 21:02:22 ivonino mpd: [em1-3] RADIUS: Authenticating user 'merei'
Dec 18 21:02:22 ivonino mpd: [em1-3] RADIUS: Rec'd RAD_ACCESS_ACCEPT for user 'merei'
Dec 18 21:02:22 ivonino mpd: [em1-3] RADIUS: PANIC no MS-CHAP2-Success received from server!
Dec 18 21:02:22 ivonino mpd: [em1-3] AUTH: RADIUS returned error
Dec 18 21:02:22 ivonino mpd: [em1-3] AUTH: ran out of backends
Dec 18 21:02:22 ivonino mpd: [em1-3] CHAP: Auth return status: failed
Dec 18 21:02:22 ivonino mpd: [em1-3] CHAP: Reply message: E=691 R=0 M=Login incorrect
Dec 18 21:02:22 ivonino mpd: [em1-3] CHAP: sending FAILURE #1 len: 31
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: authorization failed
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: parameter negotiation failed
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: state change Opened --> Stopping
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: SendTerminateReq #3
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: LayerDown
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: rec'd Terminate Ack #3 (Stopping)
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: state change Stopping --> Stopped
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: LayerFinish
Dec 18 21:02:22 ivonino mpd: [em1-3] PPPoE: connection closed
Dec 18 21:02:22 ivonino mpd: [em1-3] Link: DOWN event
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: Close event
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: state change Stopped --> Closed
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: Down event
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: state change Closed --> Initial
Dec 18 21:02:22 ivonino mpd: [em1-3] Link: SHUTDOWN event
Dec 18 21:02:22 ivonino mpd: [em1-3] Link: Shutdown
/var/log/mpd.log pptp

Код: Выделить всё

Dec 18 21:02:55 ivonino mpd: [L-3] Link: OPEN event
Dec 18 21:02:55 ivonino mpd: [L-3] LCP: Open event
Dec 18 21:02:55 ivonino mpd: [L-3] LCP: state change Initial --> Starting
Dec 18 21:02:55 ivonino mpd: [L-3] LCP: LayerStart
Dec 18 21:02:55 ivonino mpd: [L-3] PPTP: attaching to peer's outgoing call
Dec 18 21:02:55 ivonino mpd: [L-3] Link: UP event
Dec 18 21:02:55 ivonino mpd: [L-3] LCP: Up event
Dec 18 21:02:55 ivonino mpd: [L-3] LCP: state change Starting --> Req-Sent
Dec 18 21:02:55 ivonino mpd: [L-3] LCP: SendConfigReq #1
Dec 18 21:02:55 ivonino mpd: [L-3]   ACFCOMP
Dec 18 21:02:55 ivonino mpd: [L-3]   PROTOCOMP
Dec 18 21:02:55 ivonino mpd: [L-3]   MRU 1500
Dec 18 21:02:55 ivonino mpd: [L-3]   MAGICNUM 6b67cf10
Dec 18 21:02:55 ivonino mpd: [L-3]   AUTHPROTO CHAP MSOFTv2
Dec 18 21:02:55 ivonino mpd: [L-3]   MP MRRU 2048
Dec 18 21:02:55 ivonino mpd: [L-3]   MP SHORTSEQ
Dec 18 21:02:55 ivonino mpd: [L-3]   ENDPOINTDISC [802.1] 00 0e 04 b7 2b ca
Dec 18 21:02:55 ivonino mpd: [L-3] LCP: rec'd Configure Request #0 (Req-Sent)
Dec 18 21:02:55 ivonino mpd: [L-3]   MRU 1400
Dec 18 21:02:55 ivonino mpd: [L-3]   MAGICNUM 78f60ea3
Dec 18 21:02:55 ivonino mpd: [L-3]   PROTOCOMP
Dec 18 21:02:55 ivonino mpd: [L-3]   ACFCOMP
Dec 18 21:02:55 ivonino mpd: [L-3]   CALLBACK 6
Dec 18 21:02:55 ivonino mpd: [L-3] LCP: SendConfigRej #0
Dec 18 21:02:55 ivonino mpd: [L-3]   CALLBACK 6
Dec 18 21:02:55 ivonino mpd: [L-3] LCP: rec'd Configure Request #1 (Req-Sent)
Dec 18 21:02:55 ivonino mpd: [L-3]   MRU 1400
Dec 18 21:02:55 ivonino mpd: [L-3]   MAGICNUM 78f60ea3
Dec 18 21:02:55 ivonino mpd: [L-3]   PROTOCOMP
Dec 18 21:02:55 ivonino mpd: [L-3]   ACFCOMP
Dec 18 21:02:55 ivonino mpd: [L-3] LCP: SendConfigAck #1
Dec 18 21:02:55 ivonino mpd: [L-3]   MRU 1400
Dec 18 21:02:55 ivonino mpd: [L-3]   MAGICNUM 78f60ea3
Dec 18 21:02:55 ivonino mpd: [L-3]   PROTOCOMP
Dec 18 21:02:55 ivonino mpd: [L-3]   ACFCOMP
Dec 18 21:02:55 ivonino mpd: [L-3] LCP: state change Req-Sent --> Ack-Sent
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: SendConfigReq #2
Dec 18 21:02:57 ivonino mpd: [L-3]   ACFCOMP
Dec 18 21:02:57 ivonino mpd: [L-3]   PROTOCOMP
Dec 18 21:02:57 ivonino mpd: [L-3]   MRU 1500
Dec 18 21:02:57 ivonino mpd: [L-3]   MAGICNUM 6b67cf10
Dec 18 21:02:57 ivonino mpd: [L-3]   AUTHPROTO CHAP MSOFTv2
Dec 18 21:02:57 ivonino mpd: [L-3]   MP MRRU 2048
Dec 18 21:02:57 ivonino mpd: [L-3]   MP SHORTSEQ
Dec 18 21:02:57 ivonino mpd: [L-3]   ENDPOINTDISC [802.1] 00 0e 04 b7 2b ca
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: rec'd Configure Reject #2 (Ack-Sent)
Dec 18 21:02:57 ivonino mpd: [L-3]   MP MRRU 2048
Dec 18 21:02:57 ivonino mpd: [L-3]   MP SHORTSEQ
Dec 18 21:02:57 ivonino mpd: [L-3]   ENDPOINTDISC [802.1] 00 0e 04 b7 2b ca
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: SendConfigReq #3
Dec 18 21:02:57 ivonino mpd: [L-3]   ACFCOMP
Dec 18 21:02:57 ivonino mpd: [L-3]   PROTOCOMP
Dec 18 21:02:57 ivonino mpd: [L-3]   MRU 1500
Dec 18 21:02:57 ivonino mpd: [L-3]   MAGICNUM 6b67cf10
Dec 18 21:02:57 ivonino mpd: [L-3]   AUTHPROTO CHAP MSOFTv2
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: rec'd Configure Ack #3 (Ack-Sent)
Dec 18 21:02:57 ivonino mpd: [L-3]   ACFCOMP
Dec 18 21:02:57 ivonino mpd: [L-3]   PROTOCOMP
Dec 18 21:02:57 ivonino mpd: [L-3]   MRU 1500
Dec 18 21:02:57 ivonino mpd: [L-3]   MAGICNUM 6b67cf10
Dec 18 21:02:57 ivonino mpd: [L-3]   AUTHPROTO CHAP MSOFTv2
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: state change Ack-Sent --> Opened
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: auth: peer wants nothing, I want CHAP
Dec 18 21:02:57 ivonino mpd: [L-3] CHAP: sending CHALLENGE #1 len: 21
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: LayerUp
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: rec'd Ident #2 (Opened)
Dec 18 21:02:57 ivonino mpd: [L-3]   MESG: MSRASV5.10
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: rec'd Ident #3 (Opened)
Dec 18 21:02:57 ivonino mpd: [L-3]   MESG: MSRAS-0-TEST-196DC6E5CE
Dec 18 21:02:57 ivonino mpd: [L-3] CHAP: rec'd RESPONSE #1 len: 59
Dec 18 21:02:57 ivonino mpd: [L-3]   Name: "merei"
Dec 18 21:02:57 ivonino mpd: [L-3] AUTH: Trying RADIUS
Dec 18 21:02:57 ivonino mpd: [L-3] RADIUS: Authenticating user 'merei'
Dec 18 21:02:57 ivonino mpd: [L-3] RADIUS: Rec'd RAD_ACCESS_ACCEPT for user 'merei'
Dec 18 21:02:57 ivonino mpd: [L-3] RADIUS: PANIC no MS-CHAP2-Success received from server!
Dec 18 21:02:57 ivonino mpd: [L-3] AUTH: RADIUS returned error
Dec 18 21:02:57 ivonino mpd: [L-3] AUTH: ran out of backends
Dec 18 21:02:57 ivonino mpd: [L-3] CHAP: Auth return status: failed
Dec 18 21:02:57 ivonino mpd: [L-3] CHAP: Reply message: E=691 R=0 M=Login incorrect
Dec 18 21:02:57 ivonino mpd: [L-3] CHAP: sending FAILURE #1 len: 31
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: authorization failed
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: parameter negotiation failed
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: state change Opened --> Stopping
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: SendTerminateReq #4
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: LayerDown
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: rec'd Terminate Ack #4 (Stopping)
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: state change Stopping --> Stopped
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: LayerFinish
Dec 18 21:02:57 ivonino mpd: [L-3] PPTP call terminated
Dec 18 21:02:57 ivonino mpd: [L-3] Link: DOWN event
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: Close event
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: state change Stopped --> Closed
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: Down event
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: state change Closed --> Initial
Dec 18 21:02:57 ivonino mpd: [L-3] Link: SHUTDOWN event
Dec 18 21:02:57 ivonino mpd: [L-3] Link: Shutdown
radiusd -X pppoe

Код: Выделить всё

--- Walking the entire request list ---
Cleaning up request 1 ID 205 with timestamp 50d0a25f
Nothing to do.  Sleeping until we see a request.
rad_recv: Access-Request packet from host 127.0.0.1:61962, id=57, length=264
        NAS-Identifier = "ivonino.local"
        Acct-Session-Id = "5850342-em1-3"
        NAS-Port = 3
        NAS-Port-Type = Ethernet
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Calling-Station-Id = "000c29e4e3bd"
        NAS-Port-Id = "em1"
        Vendor-12341-Attr-12 = 0x656d312d33
        Vendor-12341-Attr-19 = 0x4d5352415356352e3130204d535241532d302d544553542d31393644433645354345
        Tunnel-Medium-Type:0 = IEEE-802
        Tunnel-Client-Endpoint:0 = "00:0c:29:e4:e3:bd"
        User-Name = "merei"
        MS-CHAP-Challenge = 0xbb1e68aee1f0b325feaf8818eccd7b3d
        MS-CHAP2-Response = 0x0100967bd221776b0beddf3c80b3ba7b57840000000000000000aabf6599263ce99dfe9b9f8acf51c5dcce5c320ff0d9e71c
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 2
  modcall[authorize]: module "preprocess" returns ok for request 2
    rlm_realm: No '@' in User-Name = "merei", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 2
  rlm_eap: No EAP-Message, not doing EAP
  modcall[authorize]: module "eap" returns noop for request 2
    users: Matched entry DEFAULT at line 1
  modcall[authorize]: module "files" returns ok for request 2
rlm_pap: Found existing Auth-Type, not changing it.
  modcall[authorize]: module "pap" returns noop for request 2
modcall: leaving group authorize (returns ok) for request 2
  rad_check_password:  Found Auth-Type Accept
  rad_check_password: Auth-Type = Accept, accepting the user
Exec-Program output: Acct-Interim-Interval = 300, Session-Timeout = 1133658, Framed-IP-Address = 10.10.10.77, Framed-IP-Netmask = 255.255.255.255, 
Exec-Program-Wait: value-pairs: Acct-Interim-Interval = 300, Session-Timeout = 1133658, Framed-IP-Address = 10.10.10.77, Framed-IP-Netmask = 255.255.255.255, 
Exec-Program: returned: 0
Sending Access-Accept of id 57 to 127.0.0.1 port 61962
        Acct-Interim-Interval = 300
        Session-Timeout = 1133658
        Framed-IP-Address = 10.10.10.77
        Framed-IP-Netmask = 255.255.255.255
Finished request 2
Going to the next request
--- Walking the entire request list ---

radiusd -X pptp

Код: Выделить всё

rad_recv: Access-Request packet from host 127.0.0.1:35650, id=58, length=287
        NAS-Identifier = "ivonino.local"
        Acct-Session-Id = "5850406-L-3"
        NAS-Port = 3
        NAS-Port-Type = Virtual
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Calling-Station-Id = "192.168.6.9"
        NAS-Port-Id = "em1"
        Vendor-12341-Attr-12 = 0x4c2d33
        Vendor-12341-Attr-19 = 0x4d5352415356352e3130204d535241532d302d544553542d31393644433645354345
        Tunnel-Type:0 = PPTP
        Tunnel-Medium-Type:0 = IPv4
        Tunnel-Server-Endpoint:0 = "192.168.6.1"
        Tunnel-Client-Endpoint:0 = "192.168.6.9"
        Tunnel-Server-Auth-Id:0 = "ivonino.local"
        User-Name = "merei"
        MS-CHAP-Challenge = 0xbb1e68a7794f4c600560fcaf74f4054d
        MS-CHAP2-Response = 0x0100e2bc18a60294798db486b1d722be264f0000000000000000ba62145d006b312daa3ca857a5fd75a4571d8fb708e6da50
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 3
  modcall[authorize]: module "preprocess" returns ok for request 3
    rlm_realm: No '@' in User-Name = "merei", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 3
  rlm_eap: No EAP-Message, not doing EAP
  modcall[authorize]: module "eap" returns noop for request 3
    users: Matched entry DEFAULT at line 1
  modcall[authorize]: module "files" returns ok for request 3
rlm_pap: Found existing Auth-Type, not changing it.
  modcall[authorize]: module "pap" returns noop for request 3
modcall: leaving group authorize (returns ok) for request 3
  rad_check_password:  Found Auth-Type Accept
  rad_check_password: Auth-Type = Accept, accepting the user
Exec-Program output: Acct-Interim-Interval = 300, Session-Timeout = 1133594, Framed-IP-Address = 10.10.10.87, Framed-IP-Netmask = 255.255.255.255, 
Exec-Program-Wait: value-pairs: Acct-Interim-Interval = 300, Session-Timeout = 1133594, Framed-IP-Address = 10.10.10.87, Framed-IP-Netmask = 255.255.255.255, 
Exec-Program: returned: 0
Sending Access-Accept of id 58 to 127.0.0.1 port 35650
        Acct-Interim-Interval = 300
        Session-Timeout = 1133594
        Framed-IP-Address = 10.10.10.87
        Framed-IP-Netmask = 255.255.255.255
Finished request 3
Going to the next request
--- Walking the entire request list ---

lasik
Сообщения: 983
Зарегистрирован: Чт янв 10, 2008 5:20 pm
Откуда: Россия, Москва

Re: MPD5 PPPOE ошибка 629, PPTP - 734

Сообщение lasik »

Разобрался, сам дурак )))

~AsmodeuS~
Site Admin
Сообщения: 5746
Зарегистрирован: Пт янв 28, 2005 3:11 pm
Контактная информация:

Re: MPD5 PPPOE ошибка 629, PPTP - 734

Сообщение ~AsmodeuS~ »

lasik писал(а):Разобрался, сам дурак )))

так описывать нужно а то будущие поколения будут бегать и говорить эта ошибка была у вас в билинге мы на форуме видели, решения так и нету

lasik
Сообщения: 983
Зарегистрирован: Чт янв 10, 2008 5:20 pm
Откуда: Россия, Москва

Re: MPD5 PPPOE ошибка 629, PPTP - 734

Сообщение lasik »

Основная проблема была в настройках freeradiusa.
во 2 ветку воткнул настройки от первого, вот он и посылал меня.

Следующей ошибкой был неправильный пул адресов в настройках mpd 5.

А сейчас борюсь с шейпером, на те настройки которые сделал.

lasik
Сообщения: 983
Зарегистрирован: Чт янв 10, 2008 5:20 pm
Откуда: Россия, Москва

Re: MPD5 PPPOE ошибка 629, PPTP - 734

Сообщение lasik »

как настрою полностью, выложу конфиги с описанием.

~AsmodeuS~
Site Admin
Сообщения: 5746
Зарегистрирован: Пт янв 28, 2005 3:11 pm
Контактная информация:

Re: MPD5 PPPOE ошибка 629, PPTP - 734

Сообщение ~AsmodeuS~ »

lasik писал(а):как настрою полностью, выложу конфиги с описанием.

странно а что с конфигом с сайта ?

lasik
Сообщения: 983
Зарегистрирован: Чт янв 10, 2008 5:20 pm
Откуда: Россия, Москва

Re: MPD5 PPPOE ошибка 629, PPTP - 734

Сообщение lasik »

меня немного не устраивает описание.
и на суд публик выложу, а там народ уже буде сам под себя подстраивать )

Кузьменко
Сообщения: 26
Зарегистрирован: Сб мар 16, 2013 10:13 am

Re: MPD5 PPPOE ошибка 629, PPTP - 734

Сообщение Кузьменко »

lasik

Так в чем же проблема то, может поделитесь с народом?

~AsmodeuS~
Site Admin
Сообщения: 5746
Зарегистрирован: Пт янв 28, 2005 3:11 pm
Контактная информация:

Re: MPD5 PPPOE ошибка 629, PPTP - 734

Сообщение ~AsmodeuS~ »

Кузьменко писал(а):lasik

Так в чем же проблема то, может поделитесь с народом?
сначало не было связки мпд с радиусом

Кузьменко
Сообщения: 26
Зарегистрирован: Сб мар 16, 2013 10:13 am

Re: MPD5 PPPOE ошибка 629, PPTP - 734

Сообщение Кузьменко »

Как проверить, есть ли звязб между ними?

~AsmodeuS~
Site Admin
Сообщения: 5746
Зарегистрирован: Пт янв 28, 2005 3:11 pm
Контактная информация:

Re: MPD5 PPPOE ошибка 629, PPTP - 734

Сообщение ~AsmodeuS~ »

radiusd -X

Кузьменко
Сообщения: 26
Зарегистрирован: Сб мар 16, 2013 10:13 am

Re: MPD5 PPPOE ошибка 629, PPTP - 734

Сообщение Кузьменко »

radius -X

Код: Выделить всё

athlon# radiusd -X
Starting - reading configuration files ...
reread_config:  reading radiusd.conf
Config:   including file: /usr/local/etc/raddb/proxy.conf
Config:   including file: /usr/local/etc/raddb/clients.conf
Config:   including file: /usr/local/etc/raddb/snmp.conf
Config:   including file: /usr/local/etc/raddb/eap.conf
Config:   including file: /usr/local/etc/raddb/sql.conf
 main: prefix = "/usr/local"
 main: localstatedir = "/var"
 main: logdir = "/var/log"
 main: libdir = "/usr/local/lib"
 main: radacctdir = "/var/log/radacct"
 main: hostname_lookups = no
 main: max_request_time = 30
 main: cleanup_delay = 5
 main: max_requests = 1024
 main: delete_blocked_requests = 0
 main: port = 0
 main: allow_core_dumps = no
 main: log_stripped_names = no
 main: log_file = "/var/log/radius.log"
 main: log_auth = no
 main: log_auth_badpass = no
 main: log_auth_goodpass = no
 main: pidfile = "/var/run/radiusd/radiusd.pid"
 main: user = "freeradius"
 main: group = "freeradius"
 main: usercollide = no
 main: lower_user = "no"
 main: lower_pass = "no"
 main: nospace_user = "no"
 main: nospace_pass = "no"
 main: checkrad = "/usr/local/sbin/checkrad"
 main: proxy_requests = yes
 proxy: retry_delay = 5
 proxy: retry_count = 3
 proxy: synchronous = no
 proxy: default_fallback = yes
 proxy: dead_time = 120
 proxy: post_proxy_authorize = no
 proxy: wake_all_if_all_dead = no
 security: max_attributes = 200
 security: reject_delay = 1
 security: status_server = no
 main: debug_level = 0
read_config_files:  reading dictionary
read_config_files:  reading naslist
Using deprecated naslist file.  Support for this will go away soon.
read_config_files:  reading clients
read_config_files:  reading realms
radiusd:  entering modules setup
Module: Library search path is /usr/local/lib
Module: Loaded exec
 exec: wait = yes
 exec: program = "(null)"
 exec: input_pairs = "request"
 exec: output_pairs = "(null)"
 exec: packet_type = "(null)"
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
 pap: encryption_scheme = "crypt"
 pap: auto_header = yes
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
 mschap: use_mppe = yes
 mschap: require_encryption = no
 mschap: require_strong = no
 mschap: with_ntdomain_hack = no
 mschap: passwd = "(null)"
 mschap: ntlm_auth = "(null)"
Module: Instantiated mschap (mschap)
Module: Loaded System
 unix: cache = no
 unix: passwd = "(null)"
 unix: shadow = "(null)"
 unix: group = "(null)"
 unix: radwtmp = "/var/log/radwtmp"
 unix: usegroup = no
 unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded eap
 eap: default_eap_type = "md5"
 eap: timer_expire = 60
 eap: ignore_unknown_eap_types = no
 eap: cisco_accounting_username_bug = no
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
 gtc: challenge = "Password: "
 gtc: auth_type = "PAP"
rlm_eap: Loaded and initialized type gtc
 mschapv2: with_ntdomain_hack = no
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded preprocess
 preprocess: huntgroups = "/usr/local/etc/raddb/huntgroups"
 preprocess: hints = "/usr/local/etc/raddb/hints"
 preprocess: with_ascend_hack = no
 preprocess: ascend_channels_per_line = 23
 preprocess: with_ntdomain_hack = no
 preprocess: with_specialix_jetstream_hack = no
 preprocess: with_cisco_vsa_hack = no
 preprocess: with_alvarion_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded files
 files: usersfile = "/usr/local/etc/raddb/users"
 files: acctusersfile = "/usr/local/etc/raddb/acct_users"
 files: preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users"
 files: compat = "no"
Module: Instantiated files (files)
 exec: wait = yes
 exec: program = "/usr/local/abills/libexec/rauth.pl pre_auth"
 exec: input_pairs = "request"
 exec: output_pairs = "config"
 exec: packet_type = "(null)"
Module: Instantiated exec (pre_auth)
Module: Loaded Acct-Unique-Session-Id
 acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
Module: Instantiated acct_unique (acct_unique)
Module: Loaded realm
 realm: format = "suffix"
 realm: delimiter = "@"
 realm: ignore_default = no
 realm: ignore_null = no
Module: Instantiated realm (suffix)
Module: Loaded detail
 detail: detailfile = "/var/log/radacct/%{Client-IP-Address}/detail-%Y%m%d"
 detail: detailperm = 384
 detail: dirperm = 493
 detail: locking = no
Module: Instantiated detail (detail)
Module: Loaded radutmp
 radutmp: filename = "/var/log/radutmp"
 radutmp: username = "%{User-Name}"
 radutmp: case_sensitive = yes
 radutmp: check_with_nas = yes
 radutmp: perm = 384
 radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
 exec: wait = yes
 exec: program = "/usr/local/abills/libexec/rauth.pl post_auth"
 exec: input_pairs = "request"
 exec: output_pairs = "config"
 exec: packet_type = "(null)"
Module: Instantiated exec (post_auth)
Listening on authentication *:1812
Listening on accounting *:1813
Ready to process requests.
при пробе подключения с windows XP!

Код: Выделить всё

rad_recv: Access-Request packet from host 127.0.0.1:48193, id=111, length=283
        NAS-Identifier = "athlon.ua"
        Message-Authenticator = 0x0734b0148cbd18d4e00f5739143c5ae7
        Acct-Session-Id = "3492472-rl0-2"
        NAS-Port = 2
        NAS-Port-Type = Ethernet
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Calling-Station-Id = "742f68a3598c"
        NAS-Port-Id = "rl0"
        mpd-link = "rl0-2"
        mpd-Attr-19 = 0x4d5352415356352e3230204d535241532d302d4335302029a15e36d42c3d4b9345b5140a9fce2a
        Tunnel-Medium-Type:0 = IEEE-802
        Tunnel-Client-Endpoint:0 = "74:2f:68:a3:59:8c"
        User-Name = "user1"
        MS-CHAP-Challenge = 0xbb1e68d25c413cf00879fc8697619850
        MS-CHAP2-Response = 0x0100c4a5de26dc0bfb0d9ba324288a7d62dc00000000000000001cac41628aa4a7b83f8b0226efedac7483de7a227e050fd1
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
  modcall[authorize]: module "preprocess" returns ok for request 0
  rlm_mschap: Found MS-CHAP attributes.  Setting 'Auth-Type  = mschap'
  modcall[authorize]: module "mschap" returns ok for request 0
    users: Matched entry DEFAULT at line 1
  modcall[authorize]: module "files" returns ok for request 0
Exec-Program output: User-Password == "123456"
Exec-Program-Wait: value-pairs: User-Password == "123456"
Exec-Program: returned: 0
  modcall[authorize]: module "pre_auth" returns ok for request 0
modcall: leaving group authorize (returns ok) for request 0
  rad_check_password:  Found Auth-Type MS-CHAP
auth: type "MS-CHAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group MS-CHAP for request 0
  rlm_mschap: Told to do MS-CHAPv2 for user1 with NT-Password
rlm_mschap: adding MS-CHAPv2 MPPE keys
  modcall[authenticate]: module "mschap" returns ok for request 0
modcall: leaving group MS-CHAP (returns ok) for request 0
Exec-Program output: Acct-Interim-Interval = 60, Session-Timeout = 1281928, Framed-IP-Address = 10.10.10.26, Framed-IP-Netmask = 255.255.255.255, mpd-limit += "in#1=all rate-limit 5120000 192000 384000", mpd-limit += "out#1=all rate-limit 1024000 192000 384000",
Exec-Program-Wait: value-pairs: Acct-Interim-Interval = 60, Session-Timeout = 1281928, Framed-IP-Address = 10.10.10.26, Framed-IP-Netmask = 255.255.255.255, mpd-limit += "in#1=all rate-limit 5120000 192000 384000", mpd-limit += "out#1=all rate-limit 1024000 192000 384000",
Exec-Program: returned: 0
Sending Access-Accept of id 111 to 127.0.0.1 port 48193
        MS-CHAP2-Success = 0x01533d46383235393141373834383739374332423642343336434435413532313244413945453238393735
        MS-MPPE-Recv-Key = 0x66ae0e75b3862fb897d5b4cbc7febe88
        MS-MPPE-Send-Key = 0xe695e337c0a1f1994c7dade35859e011
        MS-MPPE-Encryption-Policy = 0x00000001
        MS-MPPE-Encryption-Types = 0x00000006
        Acct-Interim-Interval = 60
        Session-Timeout = 1281928
        Framed-IP-Address = 10.10.10.26
        Framed-IP-Netmask = 255.255.255.255
        mpd-limit += "in#1=all rate-limit 5120000 192000 384000"
        mpd-limit += "out#1=all rate-limit 1024000 192000 384000"
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Accounting-Request packet from host 127.0.0.1:46590, id=72, length=307
        NAS-Identifier = "athlon.ua"
        Acct-Session-Id = "3492472-rl0-2"
        NAS-Port = 2
        NAS-Port-Type = Ethernet
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Calling-Station-Id = "742f68a3598c"
        NAS-Port-Id = "rl0"
        mpd-link = "rl0-2"
        mpd-Attr-19 = 0x4d5352415356352e3230204d535241532d302d4335302029a15e36d42c3d4b9345b5140a9fce2a
        Tunnel-Medium-Type:0 = IEEE-802
        Tunnel-Client-Endpoint:0 = "74:2f:68:a3:59:8c"
        Acct-Status-Type = Start
        Framed-IP-Address = 10.10.10.26
        Framed-IP-Netmask = 255.255.255.255
        User-Name = "user1"
        Acct-Multi-Session-Id = "3492472-B-1"
        mpd-bundle = "B-1"
        mpd-iface = "ng0"
        mpd-iface-index = 13
        mpd-Attr-19 = 0x4d5352415356352e3230204d535241532d302d4335302029a15e36d42c3d4b9345b5140a9fce2a
        Acct-Link-Count = 1
        Acct-Authentic = RADIUS
  Processing the preacct section of radiusd.conf
modcall: entering group preacct for request 1
  modcall[preacct]: module "preprocess" returns noop for request 1
rlm_acct_unique: Hashing 'NAS-Port = 2,Client-IP-Address = 127.0.0.1,NAS-IP-Address = 127.0.0.1,Acct-Session-Id = "3492472-rl0-2",User-Name = "user1"'
rlm_acct_unique: Acct-Unique-Session-ID = "d96fb619b8571f11".
  modcall[preacct]: module "acct_unique" returns ok for request 1
    rlm_realm: No '@' in User-Name = "user1", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[preacct]: module "suffix" returns noop for request 1
    acct_users: Matched entry DEFAULT at line 1
  modcall[preacct]: module "files" returns ok for request 1
modcall: leaving group preacct (returns ok) for request 1
  Processing the accounting section of radiusd.conf
modcall: entering group accounting for request 1
radius_xlat:  '/var/log/radacct/127.0.0.1/detail-20130317'
rlm_detail: /var/log/radacct/%{Client-IP-Address}/detail-%Y%m%d expands to /var/log/radacct/127.0.0.1/detail-20130317
  modcall[accounting]: module "detail" returns ok for request 1
  modcall[accounting]: module "unix" returns ok for request 1
radius_xlat:  '/var/log/radutmp'
radius_xlat:  'user1'
  modcall[accounting]: module "radutmp" returns ok for request 1
modcall: leaving group accounting (returns ok) for request 1
Sending Accounting-Response of id 72 to 127.0.0.1 port 46590
Finished request 1
Going to the next request
Cleaning up request 1 ID 72 with timestamp 51453e78
Waking up in 6 seconds...
rad_recv: Accounting-Request packet from host 127.0.0.1:29148, id=163, length=355
        NAS-Identifier = "athlon.ua"
        Acct-Session-Id = "3492472-rl0-2"
        NAS-Port = 2
        NAS-Port-Type = Ethernet
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Calling-Station-Id = "742f68a3598c"
        NAS-Port-Id = "rl0"
        mpd-link = "rl0-2"
        mpd-Attr-19 = 0x4d5352415356352e3230204d535241532d302d4335302029a15e36d42c3d4b9345b5140a9fce2a
        Tunnel-Medium-Type:0 = IEEE-802
        Tunnel-Client-Endpoint:0 = "74:2f:68:a3:59:8c"
        Framed-IP-Address = 10.10.10.26
        Framed-IP-Netmask = 255.255.255.255
        User-Name = "user1"
        Acct-Multi-Session-Id = "3492472-B-1"
        mpd-bundle = "B-1"
        mpd-iface = "ng0"
        mpd-iface-index = 13
        mpd-Attr-19 = 0x4d5352415356352e3230204d535241532d302d4335302029a15e36d42c3d4b9345b5140a9fce2a
        Acct-Link-Count = 1
        Acct-Authentic = RADIUS
        Acct-Status-Type = Stop
        Acct-Terminate-Cause = Service-Unavailable
        Acct-Session-Time = 2
        Acct-Input-Octets = 309
        Acct-Input-Packets = 12
        Acct-Input-Gigawords = 0
        Acct-Output-Octets = 174
        Acct-Output-Packets = 10
        Acct-Output-Gigawords = 0
  Processing the preacct section of radiusd.conf
modcall: entering group preacct for request 2
  modcall[preacct]: module "preprocess" returns noop for request 2
rlm_acct_unique: Hashing 'NAS-Port = 2,Client-IP-Address = 127.0.0.1,NAS-IP-Address = 127.0.0.1,Acct-Session-Id = "3492472-rl0-2",User-Name = "user1"'
rlm_acct_unique: Acct-Unique-Session-ID = "d96fb619b8571f11".
  modcall[preacct]: module "acct_unique" returns ok for request 2
    rlm_realm: No '@' in User-Name = "user1", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[preacct]: module "suffix" returns noop for request 2
    acct_users: Matched entry DEFAULT at line 7
  modcall[preacct]: module "files" returns ok for request 2
modcall: leaving group preacct (returns ok) for request 2
  Processing the accounting section of radiusd.conf
modcall: entering group accounting for request 2
radius_xlat:  '/var/log/radacct/127.0.0.1/detail-20130317'
rlm_detail: /var/log/radacct/%{Client-IP-Address}/detail-%Y%m%d expands to /var/log/radacct/127.0.0.1/detail-20130317
  modcall[accounting]: module "detail" returns ok for request 2
  modcall[accounting]: module "unix" returns ok for request 2
radius_xlat:  '/var/log/radutmp'
radius_xlat:  'user1'
  modcall[accounting]: module "radutmp" returns ok for request 2
modcall: leaving group accounting (returns ok) for request 2
Sending Accounting-Response of id 163 to 127.0.0.1 port 29148
Finished request 2
Going to the next request
Cleaning up request 2 ID 163 with timestamp 51453e78
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 111 with timestamp 51453e78
Nothing to do.  Sleeping until we see a request.

~AsmodeuS~
Site Admin
Сообщения: 5746
Зарегистрирован: Пт янв 28, 2005 3:11 pm
Контактная информация:

Re: MPD5 PPPOE ошибка 629, PPTP - 734

Сообщение ~AsmodeuS~ »

смотрите лог mpd у Вас есть связь с радиусом клиент авторизируется

Ответить