Страница 1 из 1
MPD5 PPPOE ошибка 629, PPTP - 734
Добавлено: Сб дек 15, 2012 2:05 pm
lasik
Всем здрасте, давно меня не было тут, уже давно другими делами занимаюсь, а тут приспичило одному человеку доломать сервак.
Ну это все лирика.
Проблема такая:
вроде все настроил (весьма возможно что не правильно), и не работает, pppoe 629 кажет, pptp - 743.
в
/var/log/mpd.log по поводу pppoe вижу следующее
Код: Выделить всё
Dec 15 21:50:19 ivonino mpd: Incoming PPPoE connection request via em1: for service "" from 2c:27:d7:80:d9:6a
Dec 15 21:50:19 ivonino mpd: [em1-3] Accepting PPPoE connection
Dec 15 21:50:19 ivonino mpd: [em1-3] Link: OPEN event
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: Open event
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: state change Initial --> Starting
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: LayerStart
Dec 15 21:50:19 ivonino mpd: [em1-3] PPPoE: connection successful
Dec 15 21:50:19 ivonino mpd: [em1-3] Link: UP event
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: Up event
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: state change Starting --> Req-Sent
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: SendConfigReq #1
Dec 15 21:50:19 ivonino mpd: [em1-3] MRU 1492
Dec 15 21:50:19 ivonino mpd: [em1-3] MAGICNUM ff71b338
Dec 15 21:50:19 ivonino mpd: [em1-3] AUTHPROTO CHAP MSOFTv2
Dec 15 21:50:19 ivonino mpd: [em1-3] MP MRRU 2048
Dec 15 21:50:19 ivonino mpd: [em1-3] MP SHORTSEQ
Dec 15 21:50:19 ivonino mpd: [em1-3] ENDPOINTDISC [802.1] 00 0e 04 b7 2b ca
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: rec'd Configure Request #0 (Req-Sent)
Dec 15 21:50:19 ivonino mpd: [em1-3] MRU 1480
Dec 15 21:50:19 ivonino mpd: [em1-3] MAGICNUM 2b4116a3
Dec 15 21:50:19 ivonino mpd: [em1-3] PROTOCOMP
Dec 15 21:50:19 ivonino mpd: [em1-3] ACFCOMP
Dec 15 21:50:19 ivonino mpd: [em1-3] CALLBACK 6
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: SendConfigRej #0
Dec 15 21:50:19 ivonino mpd: [em1-3] PROTOCOMP
Dec 15 21:50:19 ivonino mpd: [em1-3] ACFCOMP
Dec 15 21:50:19 ivonino mpd: [em1-3] CALLBACK 6
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: rec'd Configure Reject #1 (Req-Sent)
Dec 15 21:50:19 ivonino mpd: [em1-3] MP MRRU 2048
Dec 15 21:50:19 ivonino mpd: [em1-3] MP SHORTSEQ
Dec 15 21:50:19 ivonino mpd: [em1-3] ENDPOINTDISC [802.1] 00 0e 04 b7 2b ca
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: SendConfigReq #2
Dec 15 21:50:19 ivonino mpd: [em1-3] MRU 1492
Dec 15 21:50:19 ivonino mpd: [em1-3] MAGICNUM ff71b338
Dec 15 21:50:19 ivonino mpd: [em1-3] AUTHPROTO CHAP MSOFTv2
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: rec'd Configure Request #1 (Req-Sent)
Dec 15 21:50:19 ivonino mpd: [em1-3] MRU 1480
Dec 15 21:50:19 ivonino mpd: [em1-3] MAGICNUM 2b4116a3
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: SendConfigAck #1
Dec 15 21:50:19 ivonino mpd: [em1-3] MRU 1480
Dec 15 21:50:19 ivonino mpd: [em1-3] MAGICNUM 2b4116a3
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: state change Req-Sent --> Ack-Sent
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: rec'd Configure Ack #2 (Ack-Sent)
Dec 15 21:50:19 ivonino mpd: [em1-3] MRU 1492
Dec 15 21:50:19 ivonino mpd: [em1-3] MAGICNUM ff71b338
Dec 15 21:50:19 ivonino mpd: [em1-3] AUTHPROTO CHAP MSOFTv2
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: state change Ack-Sent --> Opened
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: auth: peer wants nothing, I want CHAP
Dec 15 21:50:19 ivonino mpd: [em1-3] CHAP: sending CHALLENGE #1 len: 21
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: LayerUp
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: rec'd Ident #2 (Opened)
Dec 15 21:50:19 ivonino mpd: [em1-3] MESG: MSRASV5.20
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: rec'd Ident #3 (Opened)
Dec 15 21:50:19 ivonino mpd: [em1-3] MESG: MSRAS-0-ADIST
Dec 15 21:50:19 ivonino mpd: [em1-3] LCP: rec'd Ident #4 (Opened)
Dec 15 21:50:19 ivonino mpd: [em1-3] MESG: T7t#M-^U# GE
Dec 15 21:50:19 ivonino mpd: [em1-3] CHAP: rec'd RESPONSE #1 len: 59
Dec 15 21:50:19 ivonino mpd: [em1-3] Name: "merei"
Dec 15 21:50:19 ivonino mpd: [em1-3] AUTH: Trying RADIUS
Dec 15 21:50:19 ivonino mpd: [em1-3] RADIUS: Authenticating user 'merei'
Dec 15 21:50:20 ivonino mpd: [em1-3] RADIUS: Rec'd RAD_ACCESS_REJECT for user 'merei'
Dec 15 21:50:20 ivonino mpd: [em1-3] AUTH: RADIUS returned: failed
Dec 15 21:50:20 ivonino mpd: [em1-3] AUTH: ran out of backends
Dec 15 21:50:20 ivonino mpd: [em1-3] CHAP: Auth return status: failed
Dec 15 21:50:20 ivonino mpd: [em1-3] CHAP: Reply message: ^AE=691 R=1
Dec 15 21:50:20 ivonino mpd: [em1-3] CHAP: sending FAILURE #1 len: 14
Dec 15 21:50:20 ivonino mpd: [em1-3] LCP: authorization failed
Dec 15 21:50:20 ivonino mpd: [em1-3] LCP: parameter negotiation failed
Dec 15 21:50:20 ivonino mpd: [em1-3] LCP: state change Opened --> Stopping
Dec 15 21:50:20 ivonino mpd: [em1-3] LCP: SendTerminateReq #3
Dec 15 21:50:20 ivonino mpd: [em1-3] LCP: LayerDown
Dec 15 21:50:20 ivonino mpd: [em1-3] LCP: rec'd Terminate Ack #3 (Stopping)
Dec 15 21:50:20 ivonino mpd: [em1-3] LCP: state change Stopping --> Stopped
Dec 15 21:50:20 ivonino mpd: [em1-3] LCP: LayerFinish
Dec 15 21:50:20 ivonino mpd: [em1-3] PPPoE: connection closed
Dec 15 21:50:20 ivonino mpd: [em1-3] Link: DOWN event
Dec 15 21:50:20 ivonino mpd: [em1-3] LCP: Close event
Dec 15 21:50:20 ivonino mpd: [em1-3] LCP: state change Stopped --> Closed
Dec 15 21:50:20 ivonino mpd: [em1-3] LCP: Down event
Dec 15 21:50:20 ivonino mpd: [em1-3] LCP: state change Closed --> Initial
Dec 15 21:50:20 ivonino mpd: [em1-3] Link: SHUTDOWN event
Dec 15 21:50:20 ivonino mpd: [em1-3] Link: Shutdown
по поводу же pptp там следующее:
Код: Выделить всё
Dec 15 22:06:09 ivonino mpd: [L-3] Accepting PPTP connection
Dec 15 22:06:09 ivonino mpd: [L-3] Link: OPEN event
Dec 15 22:06:09 ivonino mpd: [L-3] LCP: Open event
Dec 15 22:06:09 ivonino mpd: [L-3] LCP: state change Initial --> Starting
Dec 15 22:06:09 ivonino mpd: [L-3] LCP: LayerStart
Dec 15 22:06:09 ivonino mpd: [L-3] PPTP: attaching to peer's outgoing call
Dec 15 22:06:09 ivonino mpd: [L-3] Link: UP event
Dec 15 22:06:09 ivonino mpd: [L-3] LCP: Up event
Dec 15 22:06:09 ivonino mpd: [L-3] LCP: state change Starting --> Req-Sent
Dec 15 22:06:09 ivonino mpd: [L-3] LCP: SendConfigReq #1
Dec 15 22:06:09 ivonino mpd: [L-3] ACFCOMP
Dec 15 22:06:09 ivonino mpd: [L-3] PROTOCOMP
Dec 15 22:06:09 ivonino mpd: [L-3] MRU 1500
Dec 15 22:06:09 ivonino mpd: [L-3] MAGICNUM f236dcf0
Dec 15 22:06:09 ivonino mpd: [L-3] AUTHPROTO CHAP MSOFTv2
Dec 15 22:06:09 ivonino mpd: [L-3] MP MRRU 2048
Dec 15 22:06:09 ivonino mpd: [L-3] MP SHORTSEQ
Dec 15 22:06:09 ivonino mpd: [L-3] ENDPOINTDISC [802.1] 00 0e 04 b7 2b ca
Dec 15 22:06:09 ivonino mpd: [L-3] LCP: rec'd Configure Request #0 (Req-Sent)
Dec 15 22:06:09 ivonino mpd: [L-3] MRU 1400
Dec 15 22:06:09 ivonino mpd: [L-3] MAGICNUM 056714cb
Dec 15 22:06:09 ivonino mpd: [L-3] PROTOCOMP
Dec 15 22:06:09 ivonino mpd: [L-3] ACFCOMP
Dec 15 22:06:09 ivonino mpd: [L-3] CALLBACK 6
Dec 15 22:06:09 ivonino mpd: [L-3] LCP: SendConfigRej #0
Dec 15 22:06:09 ivonino mpd: [L-3] CALLBACK 6
Dec 15 22:06:09 ivonino mpd: [L-3] LCP: rec'd Configure Request #1 (Req-Sent)
Dec 15 22:06:09 ivonino mpd: [L-3] MRU 1400
Dec 15 22:06:09 ivonino mpd: [L-3] MAGICNUM 056714cb
Dec 15 22:06:09 ivonino mpd: [L-3] PROTOCOMP
Dec 15 22:06:09 ivonino mpd: [L-3] ACFCOMP
Dec 15 22:06:09 ivonino mpd: [L-3] LCP: SendConfigAck #1
Dec 15 22:06:09 ivonino mpd: [L-3] MRU 1400
Dec 15 22:06:09 ivonino mpd: [L-3] MAGICNUM 056714cb
Dec 15 22:06:09 ivonino mpd: [L-3] PROTOCOMP
Dec 15 22:06:09 ivonino mpd: [L-3] ACFCOMP
Dec 15 22:06:09 ivonino mpd: [L-3] LCP: state change Req-Sent --> Ack-Sent
Dec 15 22:06:11 ivonino mpd: [L-3] LCP: SendConfigReq #2
Dec 15 22:06:11 ivonino mpd: [L-3] ACFCOMP
Dec 15 22:06:11 ivonino mpd: [L-3] PROTOCOMP
Dec 15 22:06:11 ivonino mpd: [L-3] MRU 1500
Dec 15 22:06:11 ivonino mpd: [L-3] MAGICNUM f236dcf0
Dec 15 22:06:11 ivonino mpd: [L-3] AUTHPROTO CHAP MSOFTv2
Dec 15 22:06:11 ivonino mpd: [L-3] MP MRRU 2048
Dec 15 22:06:11 ivonino mpd: [L-3] MP SHORTSEQ
Dec 15 22:06:11 ivonino mpd: [L-3] ENDPOINTDISC [802.1] 00 0e 04 b7 2b ca
Dec 15 22:06:11 ivonino mpd: [L-3] LCP: rec'd Configure Reject #2 (Ack-Sent)
Dec 15 22:06:11 ivonino mpd: [L-3] MP MRRU 2048
Dec 15 22:06:11 ivonino mpd: [L-3] MP SHORTSEQ
Dec 15 22:06:11 ivonino mpd: [L-3] ENDPOINTDISC [802.1] 00 0e 04 b7 2b ca
Dec 15 22:06:11 ivonino mpd: [L-3] LCP: SendConfigReq #3
Dec 15 22:06:11 ivonino mpd: [L-3] ACFCOMP
Dec 15 22:06:11 ivonino mpd: [L-3] PROTOCOMP
Dec 15 22:06:11 ivonino mpd: [L-3] MRU 1500
Dec 15 22:06:11 ivonino mpd: [L-3] MAGICNUM f236dcf0
Dec 15 22:06:11 ivonino mpd: [L-3] AUTHPROTO CHAP MSOFTv2
Dec 15 22:06:11 ivonino mpd: [L-3] LCP: rec'd Configure Ack #3 (Ack-Sent)
Dec 15 22:06:11 ivonino mpd: [L-3] ACFCOMP
Dec 15 22:06:11 ivonino mpd: [L-3] PROTOCOMP
Dec 15 22:06:11 ivonino mpd: [L-3] MRU 1500
Dec 15 22:06:11 ivonino mpd: [L-3] MAGICNUM f236dcf0
Dec 15 22:06:11 ivonino mpd: [L-3] AUTHPROTO CHAP MSOFTv2
Dec 15 22:06:11 ivonino mpd: [L-3] LCP: state change Ack-Sent --> Opened
Dec 15 22:06:11 ivonino mpd: [L-3] LCP: auth: peer wants nothing, I want CHAP
Dec 15 22:06:11 ivonino mpd: [L-3] CHAP: sending CHALLENGE #1 len: 21
Dec 15 22:06:11 ivonino mpd: [L-3] LCP: LayerUp
Dec 15 22:06:11 ivonino mpd: [L-3] LCP: rec'd Ident #2 (Opened)
Dec 15 22:06:11 ivonino mpd: [L-3] MESG: MSRASV5.20
Dec 15 22:06:11 ivonino mpd: [L-3] LCP: rec'd Ident #3 (Opened)
Dec 15 22:06:11 ivonino mpd: [L-3] MESG: MSRAS-0-ADIST
Dec 15 22:06:11 ivonino mpd: [L-3] LCP: rec'd Ident #4 (Opened)
Dec 15 22:06:11 ivonino mpd: [L-3] MESG: ^Eΰh;}AJ-^]Y0O^K
Dec 15 22:06:11 ivonino mpd: [L-3] CHAP: rec'd RESPONSE #1 len: 59
Dec 15 22:06:11 ivonino mpd: [L-3] Name: "merei"
Dec 15 22:06:11 ivonino mpd: [L-3] AUTH: Trying RADIUS
Dec 15 22:06:11 ivonino mpd: [L-3] RADIUS: Authenticating user 'merei'
Dec 15 22:06:12 ivonino mpd: [L-3] RADIUS: Rec'd RAD_ACCESS_REJECT for user 'merei'
Dec 15 22:06:12 ivonino mpd: [L-3] AUTH: RADIUS returned: failed
Dec 15 22:06:12 ivonino mpd: [L-3] AUTH: ran out of backends
Dec 15 22:06:12 ivonino mpd: [L-3] CHAP: Auth return status: failed
Dec 15 22:06:12 ivonino mpd: [L-3] CHAP: Reply message: ^AE=691 R=1
Dec 15 22:06:12 ivonino mpd: [L-3] CHAP: sending FAILURE #1 len: 14
Dec 15 22:06:12 ivonino mpd: [L-3] LCP: authorization failed
Dec 15 22:06:12 ivonino mpd: [L-3] LCP: parameter negotiation failed
Dec 15 22:06:12 ivonino mpd: [L-3] LCP: state change Opened --> Stopping
Dec 15 22:06:12 ivonino mpd: [L-3] LCP: SendTerminateReq #4
Dec 15 22:06:12 ivonino mpd: [L-3] LCP: LayerDown
Dec 15 22:06:12 ivonino mpd: [L-3] LCP: rec'd Terminate Ack #4 (Stopping)
Dec 15 22:06:12 ivonino mpd: [L-3] LCP: state change Stopping --> Stopped
Dec 15 22:06:12 ivonino mpd: [L-3] LCP: LayerFinish
Dec 15 22:06:12 ivonino mpd: [L-3] PPTP call terminated
Dec 15 22:06:12 ivonino mpd: [L-3] Link: DOWN event
Dec 15 22:06:12 ivonino mpd: [L-3] LCP: Close event
Dec 15 22:06:12 ivonino mpd: [L-3] LCP: state change Stopped --> Closed
Dec 15 22:06:12 ivonino mpd: [L-3] LCP: Down event
Dec 15 22:06:12 ivonino mpd: [L-3] LCP: state change Closed --> Initial
Dec 15 22:06:12 ivonino mpd: [L-3] Link: SHUTDOWN event
Dec 15 22:06:12 ivonino mpd: [L-3] Link: Shutdown
radtest merei 123456 127.0.0.1:1812 0 radsecret 0 127.0.0.1 говорит
Код: Выделить всё
Sending Access-Request of id 137 to 127.0.0.1 port 1812
User-Name = "merei"
User-Password = "123456"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Message-Authenticator = 0x00000000000000000000000000000000
Framed-Protocol = PPP
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=137, length=44
Acct-Interim-Interval = 300
Session-Timeout = 1389922
Framed-IP-Address = 10.10.10.95
Framed-IP-Netmask = 255.255.255.255
Использую MPD 5
конфиг
Код: Выделить всё
startup:
# configure mpd users
set user admin radsecret admin
# set user foo1 bar1
# configure the console
set console self 127.0.0.1 5005
set console open
# configure the web server
set web self 0.0.0.0 5006
set web open
default:
load pppoe_server
load pptp_server
pppoe_server:
create bundle template B
set ipcp ranges 10.10.10.254/32 10.10.10.0/24
# set ipcp ranges 10.0.0.1/24 10.10.10.0/24
set iface idle 0
set iface enable tcpmssfix
set ipcp no vjcomp
set iface up-script "/usr/local/abills/libexec/linkupdown mpd up"
set iface down-script "/usr/local/abills/libexec/linkupdown mpd down"
set bundle enable compression
set ccp yes mppc
set mppc yes e40
set mppc yes e128
set mppc yes stateless
create link template common pppoe
set link enable multilink
set link action bundle B
set link disable pap eap
set link enable chap
load radius
set pppoe service "*"
create link template em1 common
set link max-children 1000
set pppoe iface em1
set link enable incoming
set link no pap eap
set link yes chap-md5
set link keep-alive 20 60
set link enable incoming
set link no acfcomp protocomp
pptp_server:
set ippool add pool1 10.0.0.1 10.255.255.255
create bundle template B
set iface enable proxy-arp
set iface idle 1800
set iface enable tcpmssfix
set iface up-script "/usr/abills/libexec/linkupdown mpd up"
set iface down-script "/usr/abills/libexec/linkupdown mpd down"
set ipcp yes vjcomp
set ipcp ranges 192.168.6.1/24 ippool pool1
set ipcp dns 192.168.6.1
set bundle enable compression
set ccp yes mppc
set mppc yes e40
set mppc yes e128
set mppc yes stateless
create link template L pptp
set link action bundle B
set link enable peer-as-calling
set link enable multilink
set link yes acfcomp protocomp
set link no pap chap
set link enable chap
set link keep-alive 10 60
set link mtu 1460
set link enable incoming
load radius
radius:
set radius server 127.0.0.1 radsecret 1812 1813
set radius retries 3
set radius timeout 10
set auth acct-update 300
set auth enable radius-auth
set auth enable radius-acct
set auth disable internal
Radius версии 2.
Куда копать ?
Re: MPD5 PPPOE ошибка 629, PPTP - 734
Добавлено: Сб дек 15, 2012 2:43 pm
lasik
radiusd -X
сначала
Код: Выделить всё
FreeRADIUS Version 2.2.0, for host i386-portbld-freebsd8.3, built on Dec 15 2012 at 02:36:56
Copyright (C) 1999-2012 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License v2.
Starting - reading configuration files ...
including configuration file /usr/local/etc/raddb/radiusd.conf
including configuration file /usr/local/etc/raddb/proxy.conf
including configuration file /usr/local/etc/raddb/clients.conf
including files in directory /usr/local/etc/raddb/modules/
including configuration file /usr/local/etc/raddb/modules/wimax
including configuration file /usr/local/etc/raddb/modules/always
including configuration file /usr/local/etc/raddb/modules/attr_filter
including configuration file /usr/local/etc/raddb/modules/attr_rewrite
including configuration file /usr/local/etc/raddb/modules/cache
including configuration file /usr/local/etc/raddb/modules/chap
including configuration file /usr/local/etc/raddb/modules/checkval
including configuration file /usr/local/etc/raddb/modules/counter
including configuration file /usr/local/etc/raddb/modules/cui
including configuration file /usr/local/etc/raddb/modules/detail
including configuration file /usr/local/etc/raddb/modules/detail.example.com
including configuration file /usr/local/etc/raddb/modules/detail.log
including configuration file /usr/local/etc/raddb/modules/dhcp_sqlippool
including configuration file /usr/local/etc/raddb/sql/mysql/ippool-dhcp.conf
including configuration file /usr/local/etc/raddb/modules/digest
including configuration file /usr/local/etc/raddb/modules/dynamic_clients
including configuration file /usr/local/etc/raddb/modules/echo
including configuration file /usr/local/etc/raddb/modules/etc_group
including configuration file /usr/local/etc/raddb/modules/exec
including configuration file /usr/local/etc/raddb/modules/expiration
including configuration file /usr/local/etc/raddb/modules/expr
including configuration file /usr/local/etc/raddb/modules/files
including configuration file /usr/local/etc/raddb/modules/inner-eap
including configuration file /usr/local/etc/raddb/modules/ippool
including configuration file /usr/local/etc/raddb/modules/krb5
including configuration file /usr/local/etc/raddb/modules/ldap
including configuration file /usr/local/etc/raddb/modules/linelog
including configuration file /usr/local/etc/raddb/modules/otp
including configuration file /usr/local/etc/raddb/modules/logintime
including configuration file /usr/local/etc/raddb/modules/mac2ip
including configuration file /usr/local/etc/raddb/modules/mac2vlan
including configuration file /usr/local/etc/raddb/modules/mschap
including configuration file /usr/local/etc/raddb/modules/ntlm_auth
including configuration file /usr/local/etc/raddb/modules/opendirectory
including configuration file /usr/local/etc/raddb/modules/pam
including configuration file /usr/local/etc/raddb/modules/pap
including configuration file /usr/local/etc/raddb/modules/passwd
including configuration file /usr/local/etc/raddb/modules/perl
including configuration file /usr/local/etc/raddb/modules/policy
including configuration file /usr/local/etc/raddb/modules/preprocess
including configuration file /usr/local/etc/raddb/modules/radrelay
including configuration file /usr/local/etc/raddb/modules/radutmp
including configuration file /usr/local/etc/raddb/modules/realm
including configuration file /usr/local/etc/raddb/modules/redis
including configuration file /usr/local/etc/raddb/modules/rediswho
including configuration file /usr/local/etc/raddb/modules/replicate
including configuration file /usr/local/etc/raddb/modules/smbpasswd
including configuration file /usr/local/etc/raddb/modules/smsotp
including configuration file /usr/local/etc/raddb/modules/soh
including configuration file /usr/local/etc/raddb/modules/sql_log
including configuration file /usr/local/etc/raddb/modules/sqlcounter_expire_on_login
including configuration file /usr/local/etc/raddb/modules/sradutmp
including configuration file /usr/local/etc/raddb/modules/unix
including configuration file /usr/local/etc/raddb/modules/acct_unique
including configuration file /usr/local/etc/raddb/eap.conf
including configuration file /usr/local/etc/raddb/policy.conf
including files in directory /usr/local/etc/raddb/sites-enabled/
including configuration file /usr/local/etc/raddb/sites-enabled/default
including configuration file /usr/local/etc/raddb/sites-enabled/inner-tunnel
including configuration file /usr/local/etc/raddb/sites-enabled/control-socket
main {
user = "freeradius"
group = "freeradius"
allow_core_dumps = no
}
including dictionary file /usr/local/etc/raddb/dictionary
main {
name = "radiusd"
prefix = "/usr/local"
localstatedir = "/var"
sbindir = "/usr/local/sbin"
logdir = "/var/log"
run_dir = "/var/run/radiusd"
libdir = "/usr/local/lib/freeradius-2.2.0"
radacctdir = "/var/log/radacct"
hostname_lookups = no
max_request_time = 30
cleanup_delay = 5
max_requests = 1024
pidfile = "/var/run/radiusd/radiusd.pid"
checkrad = "/usr/local/sbin/checkrad"
debug_level = 0
proxy_requests = yes
log {
stripped_names = no
auth = no
auth_badpass = no
auth_goodpass = no
}
security {
max_attributes = 200
reject_delay = 1
status_server = yes
}
}
radiusd: #### Loading Realms and Home Servers ####
proxy server {
retry_delay = 5
retry_count = 3
default_fallback = no
dead_time = 120
wake_all_if_all_dead = no
}
home_server localhost {
ipaddr = 127.0.0.1
port = 1812
type = "auth"
secret = "testing123"
response_window = 20
max_outstanding = 65536
require_message_authenticator = yes
zombie_period = 40
status_check = "status-server"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
coa {
irt = 2
mrt = 16
mrc = 5
mrd = 30
}
}
home_server_pool my_auth_failover {
type = fail-over
home_server = localhost
}
realm example.com {
auth_pool = my_auth_failover
}
realm LOCAL {
}
radiusd: #### Loading Clients ####
client 127.0.0.1 {
require_message_authenticator = no
secret = "radsecret"
shortname = "exppp"
}
radiusd: #### Instantiating modules ####
instantiate {
Module: Linked to module rlm_exec
Module: Instantiating module "exec" from file /usr/local/etc/raddb/modules/exec
exec {
wait = no
input_pairs = "request"
shell_escape = yes
}
Module: Linked to module rlm_expr
Module: Instantiating module "expr" from file /usr/local/etc/raddb/modules/expr
Module: Linked to module rlm_expiration
Module: Instantiating module "expiration" from file /usr/local/etc/raddb/modules/expiration
expiration {
reply-message = "Password Has Expired "
}
Module: Linked to module rlm_logintime
Module: Instantiating module "logintime" from file /usr/local/etc/raddb/modules/logintime
logintime {
reply-message = "You are calling outside your allowed timespan "
minimum-timeout = 60
}
}
radiusd: #### Loading Virtual Servers ####
server { # from file /usr/local/etc/raddb/radiusd.conf
modules {
Module: Creating Auth-Type = digest
Module: Creating Post-Auth-Type = REJECT
Module: Checking authenticate {...} for more modules to load
Module: Linked to module rlm_pap
Module: Instantiating module "pap" from file /usr/local/etc/raddb/modules/pap
pap {
encryption_scheme = "auto"
auto_header = no
}
Module: Linked to module rlm_chap
Module: Instantiating module "chap" from file /usr/local/etc/raddb/modules/chap
Module: Linked to module rlm_mschap
Module: Instantiating module "mschap" from file /usr/local/etc/raddb/modules/mschap
mschap {
use_mppe = yes
require_encryption = no
require_strong = no
with_ntdomain_hack = no
allow_retry = yes
}
Module: Linked to module rlm_digest
Module: Instantiating module "digest" from file /usr/local/etc/raddb/modules/digest
Module: Linked to module rlm_unix
Module: Instantiating module "unix" from file /usr/local/etc/raddb/modules/unix
unix {
radwtmp = "/var/log/radwtmp"
}
Module: Linked to module rlm_eap
Module: Instantiating module "eap" from file /usr/local/etc/raddb/eap.conf
eap {
default_eap_type = "md5"
timer_expire = 60
ignore_unknown_eap_types = no
cisco_accounting_username_bug = no
max_sessions = 4096
}
Module: Linked to sub-module rlm_eap_md5
Module: Instantiating eap-md5
Module: Linked to sub-module rlm_eap_leap
Module: Instantiating eap-leap
Module: Linked to sub-module rlm_eap_gtc
Module: Instantiating eap-gtc
gtc {
challenge = "Password: "
auth_type = "PAP"
}
Module: Linked to sub-module rlm_eap_tls
Module: Instantiating eap-tls
tls {
rsa_key_exchange = no
dh_key_exchange = yes
rsa_key_length = 512
dh_key_length = 512
verify_depth = 0
CA_path = "/usr/local/etc/raddb/certs"
pem_file_type = yes
private_key_file = "/usr/local/etc/raddb/certs/server.pem"
certificate_file = "/usr/local/etc/raddb/certs/server.pem"
CA_file = "/usr/local/etc/raddb/certs/ca.pem"
private_key_password = "whatever"
dh_file = "/usr/local/etc/raddb/certs/dh"
random_file = "/usr/local/etc/raddb/certs/random"
fragment_size = 1024
include_length = yes
check_crl = no
cipher_list = "DEFAULT"
make_cert_command = "/usr/local/etc/raddb/certs/bootstrap"
ecdh_curve = "prime256v1"
cache {
enable = no
lifetime = 24
max_entries = 255
}
verify {
}
ocsp {
enable = no
override_cert_url = yes
url = "http://127.0.0.1/ocsp/"
use_nonce = yes
timeout = 0
softfail = no
}
}
Module: Linked to sub-module rlm_eap_ttls
Module: Instantiating eap-ttls
ttls {
default_eap_type = "md5"
copy_request_to_tunnel = no
use_tunneled_reply = no
virtual_server = "inner-tunnel"
include_length = yes
}
Module: Linked to sub-module rlm_eap_peap
Module: Instantiating eap-peap
peap {
default_eap_type = "mschapv2"
copy_request_to_tunnel = no
use_tunneled_reply = no
proxy_tunneled_request_as_eap = yes
virtual_server = "inner-tunnel"
soh = no
}
Module: Linked to sub-module rlm_eap_mschapv2
Module: Instantiating eap-mschapv2
mschapv2 {
with_ntdomain_hack = no
send_error = no
}
Module: Checking authorize {...} for more modules to load
Module: Linked to module rlm_preprocess
Module: Instantiating module "preprocess" from file /usr/local/etc/raddb/modules/preprocess
preprocess {
huntgroups = "/usr/local/etc/raddb/huntgroups"
hints = "/usr/local/etc/raddb/hints"
with_ascend_hack = no
ascend_channels_per_line = 23
with_ntdomain_hack = no
with_specialix_jetstream_hack = no
with_cisco_vsa_hack = no
with_alvarion_vsa_hack = no
}
reading pairlist file /usr/local/etc/raddb/huntgroups
reading pairlist file /usr/local/etc/raddb/hints
Module: Linked to module rlm_realm
Module: Instantiating module "suffix" from file /usr/local/etc/raddb/modules/realm
realm suffix {
format = "suffix"
delimiter = "@"
ignore_default = no
ignore_null = no
}
Module: Linked to module rlm_files
Module: Instantiating module "files" from file /usr/local/etc/raddb/modules/files
files {
usersfile = "/usr/local/etc/raddb/users"
acctusersfile = "/usr/local/etc/raddb/acct_users"
preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users"
compat = "no"
}
reading pairlist file /usr/local/etc/raddb/users
reading pairlist file /usr/local/etc/raddb/acct_users
reading pairlist file /usr/local/etc/raddb/preproxy_users
Module: Checking preacct {...} for more modules to load
Module: Linked to module rlm_acct_unique
Module: Instantiating module "acct_unique" from file /usr/local/etc/raddb/modules/acct_unique
acct_unique {
key = "User-Name, Acct-Session-Id, NAS-IP-Address, NAS-Identifier, NAS-Port"
}
Module: Checking accounting {...} for more modules to load
Module: Linked to module rlm_detail
Module: Instantiating module "detail" from file /usr/local/etc/raddb/modules/detail
detail {
detailfile = "/var/log/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d"
header = "%t"
detailperm = 384
dirperm = 493
locking = no
log_packet_header = no
}
Module: Linked to module rlm_attr_filter
Module: Instantiating module "attr_filter.accounting_response" from file /usr/local/etc/raddb/modules/attr_filter
attr_filter attr_filter.accounting_response {
attrsfile = "/usr/local/etc/raddb/attrs.accounting_response"
key = "%{User-Name}"
relaxed = no
}
reading pairlist file /usr/local/etc/raddb/attrs.accounting_response
Module: Checking session {...} for more modules to load
Module: Linked to module rlm_radutmp
Module: Instantiating module "radutmp" from file /usr/local/etc/raddb/modules/radutmp
radutmp {
filename = "/var/log/radutmp"
username = "%{User-Name}"
case_sensitive = yes
check_with_nas = yes
perm = 384
callerid = yes
}
Module: Checking post-proxy {...} for more modules to load
Module: Checking post-auth {...} for more modules to load
Module: Instantiating module "attr_filter.access_reject" from file /usr/local/etc/raddb/modules/attr_filter
attr_filter attr_filter.access_reject {
attrsfile = "/usr/local/etc/raddb/attrs.access_reject"
key = "%{User-Name}"
relaxed = no
}
reading pairlist file /usr/local/etc/raddb/attrs.access_reject
} # modules
} # server
server inner-tunnel { # from file /usr/local/etc/raddb/sites-enabled/inner-tunnel
modules {
Module: Checking authenticate {...} for more modules to load
Module: Checking authorize {...} for more modules to load
Module: Checking session {...} for more modules to load
Module: Checking post-proxy {...} for more modules to load
Module: Checking post-auth {...} for more modules to load
} # modules
} # server
radiusd: #### Opening IP addresses and Ports ####
listen {
type = "auth"
ipaddr = *
port = 0
}
listen {
type = "acct"
ipaddr = *
port = 0
}
listen {
type = "control"
listen {
socket = "/var/run/radiusd/radiusd.sock"
}
}
listen {
type = "auth"
ipaddr = 127.0.0.1
port = 18120
}
... adding new socket proxy address * port 12326
Listening on authentication address * port 1812
Listening on accounting address * port 1813
Listening on command file /var/run/radiusd/radiusd.sock
Listening on authentication address 127.0.0.1 port 18120 as server inner-tunnel
Listening on proxy address * port 1814
Ready to process requests.
Для pptp
Код: Выделить всё
rad_recv: Access-Request packet from host 127.0.0.1 port 37637, id=48, length=294
NAS-Identifier = "ivonino.local"
Acct-Session-Id = "5597153-L-3"
NAS-Port = 3
NAS-Port-Type = Virtual
Service-Type = Framed-User
Framed-Protocol = PPP
Calling-Station-Id = "192.168.6.2"
NAS-Port-Id = "em1"
mpd-link = "L-3"
mpd-peer-ident = "MSRASV5.20 MSRAS-0-ADIST \210 ;s\027\321\371F\273\204L\024\nm\3123"
Tunnel-Type:0 = PPTP
Tunnel-Medium-Type:0 = IPv4
Tunnel-Server-Endpoint:0 = "192.168.6.1"
Tunnel-Client-Endpoint:0 = "192.168.6.2"
Tunnel-Server-Auth-Id:0 = "ivonino.local"
User-Name = "merei"
MS-CHAP-Challenge = 0xbb1e686f7275d5e4c83a63b5f529093d
MS-CHAP2-Response = 0x0100ad822fb44570efdc1676d2fb2a641b3a00000000000000006c18cd0ebc62cc304685ce259fcd4f2894fb5bf8d0b02b2b
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
[mschap] Found MS-CHAP attributes. Setting 'Auth-Type = mschap'
++[mschap] returns ok
++[digest] returns noop
[suffix] No '@' in User-Name = "merei", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[files] users: Matched entry DEFAULT at line 1
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.
++[pap] returns noop
Found Auth-Type = MSCHAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group MS-CHAP {...}
[mschap] No Cleartext-Password configured. Cannot create LM-Password.
[mschap] No Cleartext-Password configured. Cannot create NT-Password.
[mschap] Creating challenge hash with username: merei
[mschap] Client is using MS-CHAPv2 for merei, we need NT-Password
[mschap] FAILED: No NT/LM-Password. Cannot perform authentication.
[mschap] FAILED: MS-CHAP2-Response is incorrect
++[mschap] returns reject
Failed to authenticate the user.
Using Post-Auth-Type REJECT
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group REJECT {...}
[attr_filter.access_reject] expand: %{User-Name} -> merei
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 0 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 0
Sending Access-Reject of id 48 to 127.0.0.1 port 37637
MS-CHAP-Error = "\001E=691 R=1"
Waking up in 4.9 seconds.
Cleaning up request 0 ID 48 with timestamp +74
Ready to process requests.
для pppoe
Код: Выделить всё
rad_recv: Access-Request packet from host 127.0.0.1 port 30480, id=190, length=271
NAS-Identifier = "ivonino.local"
Acct-Session-Id = "5596938-em1-3"
NAS-Port = 3
NAS-Port-Type = Ethernet
Service-Type = Framed-User
Framed-Protocol = PPP
Calling-Station-Id = "2c27d780d96a"
NAS-Port-Id = "em1"
mpd-link = "em1-3"
mpd-peer-ident = "MSRASV5.20 MSRAS-0-ADIST ִ\036|U\025LE\251&\252\007Ue\036w"
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Client-Endpoint:0 = "2c:27:d7:80:d9:6a"
User-Name = "merei"
MS-CHAP-Challenge = 0xbb1e688688b93c2cfe54e248603f0a51
MS-CHAP2-Response = 0x0100da800b896a9c4b3c353798c2a20fb5a50000000000000000254e28f0b6ce85bdc70be1a91c6b77c1ccab30afcd5073d0
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
[mschap] Found MS-CHAP attributes. Setting 'Auth-Type = mschap'
++[mschap] returns ok
++[digest] returns noop
[suffix] No '@' in User-Name = "merei", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[files] users: Matched entry DEFAULT at line 1
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.
++[pap] returns noop
Found Auth-Type = MSCHAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group MS-CHAP {...}
[mschap] No Cleartext-Password configured. Cannot create LM-Password.
[mschap] No Cleartext-Password configured. Cannot create NT-Password.
[mschap] Creating challenge hash with username: merei
[mschap] Client is using MS-CHAPv2 for merei, we need NT-Password
[mschap] FAILED: No NT/LM-Password. Cannot perform authentication.
[mschap] FAILED: MS-CHAP2-Response is incorrect
++[mschap] returns reject
Failed to authenticate the user.
Using Post-Auth-Type REJECT
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group REJECT {...}
[attr_filter.access_reject] expand: %{User-Name} -> merei
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 3 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 3
Sending Access-Reject of id 190 to 127.0.0.1 port 30480
MS-CHAP-Error = "\001E=691 R=1"
Waking up in 4.9 seconds.
Cleaning up request 3 ID 190 with timestamp +224
Ready to process requests.
L-3
Re: MPD5 PPPOE ошибка 629, PPTP - 734
Добавлено: Вт дек 18, 2012 5:07 pm
lasik
немного разобрался, но теперь у меня 691
/var/log/mpd.log pppoe
Код: Выделить всё
Dec 18 21:02:22 ivonino mpd: Incoming PPPoE connection request via em1: for service "" from 00:0c:29:e4:e3:bd
Dec 18 21:02:22 ivonino mpd: [em1-3] Accepting PPPoE connection
Dec 18 21:02:22 ivonino mpd: [em1-3] Link: OPEN event
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: Open event
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: state change Initial --> Starting
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: LayerStart
Dec 18 21:02:22 ivonino mpd: [em1-3] PPPoE: connection successful
Dec 18 21:02:22 ivonino mpd: [em1-3] Link: UP event
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: Up event
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: state change Starting --> Req-Sent
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: SendConfigReq #1
Dec 18 21:02:22 ivonino mpd: [em1-3] MRU 1492
Dec 18 21:02:22 ivonino mpd: [em1-3] MAGICNUM 944f7298
Dec 18 21:02:22 ivonino mpd: [em1-3] AUTHPROTO CHAP MSOFTv2
Dec 18 21:02:22 ivonino mpd: [em1-3] MP MRRU 2048
Dec 18 21:02:22 ivonino mpd: [em1-3] MP SHORTSEQ
Dec 18 21:02:22 ivonino mpd: [em1-3] ENDPOINTDISC [802.1] 00 0e 04 b7 2b ca
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: rec'd Configure Request #0 (Req-Sent)
Dec 18 21:02:22 ivonino mpd: [em1-3] MRU 1480
Dec 18 21:02:22 ivonino mpd: [em1-3] MAGICNUM 57324e5e
Dec 18 21:02:22 ivonino mpd: [em1-3] CALLBACK 6
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: SendConfigRej #0
Dec 18 21:02:22 ivonino mpd: [em1-3] CALLBACK 6
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: rec'd Configure Reject #1 (Req-Sent)
Dec 18 21:02:22 ivonino mpd: [em1-3] MP MRRU 2048
Dec 18 21:02:22 ivonino mpd: [em1-3] MP SHORTSEQ
Dec 18 21:02:22 ivonino mpd: [em1-3] ENDPOINTDISC [802.1] 00 0e 04 b7 2b ca
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: SendConfigReq #2
Dec 18 21:02:22 ivonino mpd: [em1-3] MRU 1492
Dec 18 21:02:22 ivonino mpd: [em1-3] MAGICNUM 944f7298
Dec 18 21:02:22 ivonino mpd: [em1-3] AUTHPROTO CHAP MSOFTv2
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: rec'd Configure Request #1 (Req-Sent)
Dec 18 21:02:22 ivonino mpd: [em1-3] MRU 1480
Dec 18 21:02:22 ivonino mpd: [em1-3] MAGICNUM 57324e5e
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: SendConfigAck #1
Dec 18 21:02:22 ivonino mpd: [em1-3] MRU 1480
Dec 18 21:02:22 ivonino mpd: [em1-3] MAGICNUM 57324e5e
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: state change Req-Sent --> Ack-Sent
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: rec'd Configure Ack #2 (Ack-Sent)
Dec 18 21:02:22 ivonino mpd: [em1-3] MRU 1492
Dec 18 21:02:22 ivonino mpd: [em1-3] MAGICNUM 944f7298
Dec 18 21:02:22 ivonino mpd: [em1-3] AUTHPROTO CHAP MSOFTv2
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: state change Ack-Sent --> Opened
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: auth: peer wants nothing, I want CHAP
Dec 18 21:02:22 ivonino mpd: [em1-3] CHAP: sending CHALLENGE #1 len: 21
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: LayerUp
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: rec'd Ident #2 (Opened)
Dec 18 21:02:22 ivonino mpd: [em1-3] MESG: MSRASV5.10
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: rec'd Ident #3 (Opened)
Dec 18 21:02:22 ivonino mpd: [em1-3] MESG: MSRAS-0-TEST-196DC6E5CE
Dec 18 21:02:22 ivonino mpd: [em1-3] CHAP: rec'd RESPONSE #1 len: 59
Dec 18 21:02:22 ivonino mpd: [em1-3] Name: "merei"
Dec 18 21:02:22 ivonino mpd: [em1-3] AUTH: Trying RADIUS
Dec 18 21:02:22 ivonino mpd: [em1-3] RADIUS: Authenticating user 'merei'
Dec 18 21:02:22 ivonino mpd: [em1-3] RADIUS: Rec'd RAD_ACCESS_ACCEPT for user 'merei'
Dec 18 21:02:22 ivonino mpd: [em1-3] RADIUS: PANIC no MS-CHAP2-Success received from server!
Dec 18 21:02:22 ivonino mpd: [em1-3] AUTH: RADIUS returned error
Dec 18 21:02:22 ivonino mpd: [em1-3] AUTH: ran out of backends
Dec 18 21:02:22 ivonino mpd: [em1-3] CHAP: Auth return status: failed
Dec 18 21:02:22 ivonino mpd: [em1-3] CHAP: Reply message: E=691 R=0 M=Login incorrect
Dec 18 21:02:22 ivonino mpd: [em1-3] CHAP: sending FAILURE #1 len: 31
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: authorization failed
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: parameter negotiation failed
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: state change Opened --> Stopping
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: SendTerminateReq #3
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: LayerDown
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: rec'd Terminate Ack #3 (Stopping)
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: state change Stopping --> Stopped
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: LayerFinish
Dec 18 21:02:22 ivonino mpd: [em1-3] PPPoE: connection closed
Dec 18 21:02:22 ivonino mpd: [em1-3] Link: DOWN event
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: Close event
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: state change Stopped --> Closed
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: Down event
Dec 18 21:02:22 ivonino mpd: [em1-3] LCP: state change Closed --> Initial
Dec 18 21:02:22 ivonino mpd: [em1-3] Link: SHUTDOWN event
Dec 18 21:02:22 ivonino mpd: [em1-3] Link: Shutdown
/var/log/mpd.log pptp
Код: Выделить всё
Dec 18 21:02:55 ivonino mpd: [L-3] Link: OPEN event
Dec 18 21:02:55 ivonino mpd: [L-3] LCP: Open event
Dec 18 21:02:55 ivonino mpd: [L-3] LCP: state change Initial --> Starting
Dec 18 21:02:55 ivonino mpd: [L-3] LCP: LayerStart
Dec 18 21:02:55 ivonino mpd: [L-3] PPTP: attaching to peer's outgoing call
Dec 18 21:02:55 ivonino mpd: [L-3] Link: UP event
Dec 18 21:02:55 ivonino mpd: [L-3] LCP: Up event
Dec 18 21:02:55 ivonino mpd: [L-3] LCP: state change Starting --> Req-Sent
Dec 18 21:02:55 ivonino mpd: [L-3] LCP: SendConfigReq #1
Dec 18 21:02:55 ivonino mpd: [L-3] ACFCOMP
Dec 18 21:02:55 ivonino mpd: [L-3] PROTOCOMP
Dec 18 21:02:55 ivonino mpd: [L-3] MRU 1500
Dec 18 21:02:55 ivonino mpd: [L-3] MAGICNUM 6b67cf10
Dec 18 21:02:55 ivonino mpd: [L-3] AUTHPROTO CHAP MSOFTv2
Dec 18 21:02:55 ivonino mpd: [L-3] MP MRRU 2048
Dec 18 21:02:55 ivonino mpd: [L-3] MP SHORTSEQ
Dec 18 21:02:55 ivonino mpd: [L-3] ENDPOINTDISC [802.1] 00 0e 04 b7 2b ca
Dec 18 21:02:55 ivonino mpd: [L-3] LCP: rec'd Configure Request #0 (Req-Sent)
Dec 18 21:02:55 ivonino mpd: [L-3] MRU 1400
Dec 18 21:02:55 ivonino mpd: [L-3] MAGICNUM 78f60ea3
Dec 18 21:02:55 ivonino mpd: [L-3] PROTOCOMP
Dec 18 21:02:55 ivonino mpd: [L-3] ACFCOMP
Dec 18 21:02:55 ivonino mpd: [L-3] CALLBACK 6
Dec 18 21:02:55 ivonino mpd: [L-3] LCP: SendConfigRej #0
Dec 18 21:02:55 ivonino mpd: [L-3] CALLBACK 6
Dec 18 21:02:55 ivonino mpd: [L-3] LCP: rec'd Configure Request #1 (Req-Sent)
Dec 18 21:02:55 ivonino mpd: [L-3] MRU 1400
Dec 18 21:02:55 ivonino mpd: [L-3] MAGICNUM 78f60ea3
Dec 18 21:02:55 ivonino mpd: [L-3] PROTOCOMP
Dec 18 21:02:55 ivonino mpd: [L-3] ACFCOMP
Dec 18 21:02:55 ivonino mpd: [L-3] LCP: SendConfigAck #1
Dec 18 21:02:55 ivonino mpd: [L-3] MRU 1400
Dec 18 21:02:55 ivonino mpd: [L-3] MAGICNUM 78f60ea3
Dec 18 21:02:55 ivonino mpd: [L-3] PROTOCOMP
Dec 18 21:02:55 ivonino mpd: [L-3] ACFCOMP
Dec 18 21:02:55 ivonino mpd: [L-3] LCP: state change Req-Sent --> Ack-Sent
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: SendConfigReq #2
Dec 18 21:02:57 ivonino mpd: [L-3] ACFCOMP
Dec 18 21:02:57 ivonino mpd: [L-3] PROTOCOMP
Dec 18 21:02:57 ivonino mpd: [L-3] MRU 1500
Dec 18 21:02:57 ivonino mpd: [L-3] MAGICNUM 6b67cf10
Dec 18 21:02:57 ivonino mpd: [L-3] AUTHPROTO CHAP MSOFTv2
Dec 18 21:02:57 ivonino mpd: [L-3] MP MRRU 2048
Dec 18 21:02:57 ivonino mpd: [L-3] MP SHORTSEQ
Dec 18 21:02:57 ivonino mpd: [L-3] ENDPOINTDISC [802.1] 00 0e 04 b7 2b ca
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: rec'd Configure Reject #2 (Ack-Sent)
Dec 18 21:02:57 ivonino mpd: [L-3] MP MRRU 2048
Dec 18 21:02:57 ivonino mpd: [L-3] MP SHORTSEQ
Dec 18 21:02:57 ivonino mpd: [L-3] ENDPOINTDISC [802.1] 00 0e 04 b7 2b ca
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: SendConfigReq #3
Dec 18 21:02:57 ivonino mpd: [L-3] ACFCOMP
Dec 18 21:02:57 ivonino mpd: [L-3] PROTOCOMP
Dec 18 21:02:57 ivonino mpd: [L-3] MRU 1500
Dec 18 21:02:57 ivonino mpd: [L-3] MAGICNUM 6b67cf10
Dec 18 21:02:57 ivonino mpd: [L-3] AUTHPROTO CHAP MSOFTv2
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: rec'd Configure Ack #3 (Ack-Sent)
Dec 18 21:02:57 ivonino mpd: [L-3] ACFCOMP
Dec 18 21:02:57 ivonino mpd: [L-3] PROTOCOMP
Dec 18 21:02:57 ivonino mpd: [L-3] MRU 1500
Dec 18 21:02:57 ivonino mpd: [L-3] MAGICNUM 6b67cf10
Dec 18 21:02:57 ivonino mpd: [L-3] AUTHPROTO CHAP MSOFTv2
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: state change Ack-Sent --> Opened
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: auth: peer wants nothing, I want CHAP
Dec 18 21:02:57 ivonino mpd: [L-3] CHAP: sending CHALLENGE #1 len: 21
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: LayerUp
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: rec'd Ident #2 (Opened)
Dec 18 21:02:57 ivonino mpd: [L-3] MESG: MSRASV5.10
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: rec'd Ident #3 (Opened)
Dec 18 21:02:57 ivonino mpd: [L-3] MESG: MSRAS-0-TEST-196DC6E5CE
Dec 18 21:02:57 ivonino mpd: [L-3] CHAP: rec'd RESPONSE #1 len: 59
Dec 18 21:02:57 ivonino mpd: [L-3] Name: "merei"
Dec 18 21:02:57 ivonino mpd: [L-3] AUTH: Trying RADIUS
Dec 18 21:02:57 ivonino mpd: [L-3] RADIUS: Authenticating user 'merei'
Dec 18 21:02:57 ivonino mpd: [L-3] RADIUS: Rec'd RAD_ACCESS_ACCEPT for user 'merei'
Dec 18 21:02:57 ivonino mpd: [L-3] RADIUS: PANIC no MS-CHAP2-Success received from server!
Dec 18 21:02:57 ivonino mpd: [L-3] AUTH: RADIUS returned error
Dec 18 21:02:57 ivonino mpd: [L-3] AUTH: ran out of backends
Dec 18 21:02:57 ivonino mpd: [L-3] CHAP: Auth return status: failed
Dec 18 21:02:57 ivonino mpd: [L-3] CHAP: Reply message: E=691 R=0 M=Login incorrect
Dec 18 21:02:57 ivonino mpd: [L-3] CHAP: sending FAILURE #1 len: 31
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: authorization failed
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: parameter negotiation failed
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: state change Opened --> Stopping
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: SendTerminateReq #4
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: LayerDown
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: rec'd Terminate Ack #4 (Stopping)
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: state change Stopping --> Stopped
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: LayerFinish
Dec 18 21:02:57 ivonino mpd: [L-3] PPTP call terminated
Dec 18 21:02:57 ivonino mpd: [L-3] Link: DOWN event
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: Close event
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: state change Stopped --> Closed
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: Down event
Dec 18 21:02:57 ivonino mpd: [L-3] LCP: state change Closed --> Initial
Dec 18 21:02:57 ivonino mpd: [L-3] Link: SHUTDOWN event
Dec 18 21:02:57 ivonino mpd: [L-3] Link: Shutdown
radiusd -X pppoe
Код: Выделить всё
--- Walking the entire request list ---
Cleaning up request 1 ID 205 with timestamp 50d0a25f
Nothing to do. Sleeping until we see a request.
rad_recv: Access-Request packet from host 127.0.0.1:61962, id=57, length=264
NAS-Identifier = "ivonino.local"
Acct-Session-Id = "5850342-em1-3"
NAS-Port = 3
NAS-Port-Type = Ethernet
Service-Type = Framed-User
Framed-Protocol = PPP
Calling-Station-Id = "000c29e4e3bd"
NAS-Port-Id = "em1"
Vendor-12341-Attr-12 = 0x656d312d33
Vendor-12341-Attr-19 = 0x4d5352415356352e3130204d535241532d302d544553542d31393644433645354345
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Client-Endpoint:0 = "00:0c:29:e4:e3:bd"
User-Name = "merei"
MS-CHAP-Challenge = 0xbb1e68aee1f0b325feaf8818eccd7b3d
MS-CHAP2-Response = 0x0100967bd221776b0beddf3c80b3ba7b57840000000000000000aabf6599263ce99dfe9b9f8acf51c5dcce5c320ff0d9e71c
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 2
modcall[authorize]: module "preprocess" returns ok for request 2
rlm_realm: No '@' in User-Name = "merei", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 2
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 2
users: Matched entry DEFAULT at line 1
modcall[authorize]: module "files" returns ok for request 2
rlm_pap: Found existing Auth-Type, not changing it.
modcall[authorize]: module "pap" returns noop for request 2
modcall: leaving group authorize (returns ok) for request 2
rad_check_password: Found Auth-Type Accept
rad_check_password: Auth-Type = Accept, accepting the user
Exec-Program output: Acct-Interim-Interval = 300, Session-Timeout = 1133658, Framed-IP-Address = 10.10.10.77, Framed-IP-Netmask = 255.255.255.255,
Exec-Program-Wait: value-pairs: Acct-Interim-Interval = 300, Session-Timeout = 1133658, Framed-IP-Address = 10.10.10.77, Framed-IP-Netmask = 255.255.255.255,
Exec-Program: returned: 0
Sending Access-Accept of id 57 to 127.0.0.1 port 61962
Acct-Interim-Interval = 300
Session-Timeout = 1133658
Framed-IP-Address = 10.10.10.77
Framed-IP-Netmask = 255.255.255.255
Finished request 2
Going to the next request
--- Walking the entire request list ---
radiusd -X pptp
Код: Выделить всё
rad_recv: Access-Request packet from host 127.0.0.1:35650, id=58, length=287
NAS-Identifier = "ivonino.local"
Acct-Session-Id = "5850406-L-3"
NAS-Port = 3
NAS-Port-Type = Virtual
Service-Type = Framed-User
Framed-Protocol = PPP
Calling-Station-Id = "192.168.6.9"
NAS-Port-Id = "em1"
Vendor-12341-Attr-12 = 0x4c2d33
Vendor-12341-Attr-19 = 0x4d5352415356352e3130204d535241532d302d544553542d31393644433645354345
Tunnel-Type:0 = PPTP
Tunnel-Medium-Type:0 = IPv4
Tunnel-Server-Endpoint:0 = "192.168.6.1"
Tunnel-Client-Endpoint:0 = "192.168.6.9"
Tunnel-Server-Auth-Id:0 = "ivonino.local"
User-Name = "merei"
MS-CHAP-Challenge = 0xbb1e68a7794f4c600560fcaf74f4054d
MS-CHAP2-Response = 0x0100e2bc18a60294798db486b1d722be264f0000000000000000ba62145d006b312daa3ca857a5fd75a4571d8fb708e6da50
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 3
modcall[authorize]: module "preprocess" returns ok for request 3
rlm_realm: No '@' in User-Name = "merei", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 3
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 3
users: Matched entry DEFAULT at line 1
modcall[authorize]: module "files" returns ok for request 3
rlm_pap: Found existing Auth-Type, not changing it.
modcall[authorize]: module "pap" returns noop for request 3
modcall: leaving group authorize (returns ok) for request 3
rad_check_password: Found Auth-Type Accept
rad_check_password: Auth-Type = Accept, accepting the user
Exec-Program output: Acct-Interim-Interval = 300, Session-Timeout = 1133594, Framed-IP-Address = 10.10.10.87, Framed-IP-Netmask = 255.255.255.255,
Exec-Program-Wait: value-pairs: Acct-Interim-Interval = 300, Session-Timeout = 1133594, Framed-IP-Address = 10.10.10.87, Framed-IP-Netmask = 255.255.255.255,
Exec-Program: returned: 0
Sending Access-Accept of id 58 to 127.0.0.1 port 35650
Acct-Interim-Interval = 300
Session-Timeout = 1133594
Framed-IP-Address = 10.10.10.87
Framed-IP-Netmask = 255.255.255.255
Finished request 3
Going to the next request
--- Walking the entire request list ---
Re: MPD5 PPPOE ошибка 629, PPTP - 734
Добавлено: Вт дек 18, 2012 7:38 pm
lasik
Разобрался, сам дурак )))
Re: MPD5 PPPOE ошибка 629, PPTP - 734
Добавлено: Ср дек 19, 2012 11:16 am
~AsmodeuS~
lasik писал(а):Разобрался, сам дурак )))
так описывать нужно а то будущие поколения будут бегать и говорить эта ошибка была у вас в билинге мы на форуме видели, решения так и нету
Re: MPD5 PPPOE ошибка 629, PPTP - 734
Добавлено: Ср дек 19, 2012 5:39 pm
lasik
Основная проблема была в настройках freeradiusa.
во 2 ветку воткнул настройки от первого, вот он и посылал меня.
Следующей ошибкой был неправильный пул адресов в настройках mpd 5.
А сейчас борюсь с шейпером, на те настройки которые сделал.
Re: MPD5 PPPOE ошибка 629, PPTP - 734
Добавлено: Ср дек 19, 2012 5:56 pm
lasik
как настрою полностью, выложу конфиги с описанием.
Re: MPD5 PPPOE ошибка 629, PPTP - 734
Добавлено: Чт дек 20, 2012 8:21 am
~AsmodeuS~
lasik писал(а):как настрою полностью, выложу конфиги с описанием.
странно а что с конфигом с сайта ?
Re: MPD5 PPPOE ошибка 629, PPTP - 734
Добавлено: Чт дек 20, 2012 7:17 pm
lasik
меня немного не устраивает описание.
и на суд публик выложу, а там народ уже буде сам под себя подстраивать )
Re: MPD5 PPPOE ошибка 629, PPTP - 734
Добавлено: Сб мар 16, 2013 10:24 am
Кузьменко
lasik
Так в чем же проблема то, может поделитесь с народом?
Re: MPD5 PPPOE ошибка 629, PPTP - 734
Добавлено: Сб мар 16, 2013 2:29 pm
~AsmodeuS~
Кузьменко писал(а):lasik
Так в чем же проблема то, может поделитесь с народом?
сначало не было связки мпд с радиусом
Re: MPD5 PPPOE ошибка 629, PPTP - 734
Добавлено: Сб мар 16, 2013 6:33 pm
Кузьменко
Как проверить, есть ли звязб между ними?
Re: MPD5 PPPOE ошибка 629, PPTP - 734
Добавлено: Сб мар 16, 2013 6:45 pm
~AsmodeuS~
radiusd -X
Re: MPD5 PPPOE ошибка 629, PPTP - 734
Добавлено: Сб мар 16, 2013 8:05 pm
Кузьменко
radius -X
Код: Выделить всё
athlon# radiusd -X
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /usr/local/etc/raddb/proxy.conf
Config: including file: /usr/local/etc/raddb/clients.conf
Config: including file: /usr/local/etc/raddb/snmp.conf
Config: including file: /usr/local/etc/raddb/eap.conf
Config: including file: /usr/local/etc/raddb/sql.conf
main: prefix = "/usr/local"
main: localstatedir = "/var"
main: logdir = "/var/log"
main: libdir = "/usr/local/lib"
main: radacctdir = "/var/log/radacct"
main: hostname_lookups = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_file = "/var/log/radius.log"
main: log_auth = no
main: log_auth_badpass = no
main: log_auth_goodpass = no
main: pidfile = "/var/run/radiusd/radiusd.pid"
main: user = "freeradius"
main: group = "freeradius"
main: usercollide = no
main: lower_user = "no"
main: lower_pass = "no"
main: nospace_user = "no"
main: nospace_pass = "no"
main: checkrad = "/usr/local/sbin/checkrad"
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
proxy: post_proxy_authorize = no
proxy: wake_all_if_all_dead = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
Using deprecated naslist file. Support for this will go away soon.
read_config_files: reading clients
read_config_files: reading realms
radiusd: entering modules setup
Module: Library search path is /usr/local/lib
Module: Loaded exec
exec: wait = yes
exec: program = "(null)"
exec: input_pairs = "request"
exec: output_pairs = "(null)"
exec: packet_type = "(null)"
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
pap: encryption_scheme = "crypt"
pap: auto_header = yes
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
mschap: use_mppe = yes
mschap: require_encryption = no
mschap: require_strong = no
mschap: with_ntdomain_hack = no
mschap: passwd = "(null)"
mschap: ntlm_auth = "(null)"
Module: Instantiated mschap (mschap)
Module: Loaded System
unix: cache = no
unix: passwd = "(null)"
unix: shadow = "(null)"
unix: group = "(null)"
unix: radwtmp = "/var/log/radwtmp"
unix: usegroup = no
unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded eap
eap: default_eap_type = "md5"
eap: timer_expire = 60
eap: ignore_unknown_eap_types = no
eap: cisco_accounting_username_bug = no
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
gtc: challenge = "Password: "
gtc: auth_type = "PAP"
rlm_eap: Loaded and initialized type gtc
mschapv2: with_ntdomain_hack = no
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded preprocess
preprocess: huntgroups = "/usr/local/etc/raddb/huntgroups"
preprocess: hints = "/usr/local/etc/raddb/hints"
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
preprocess: with_alvarion_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded files
files: usersfile = "/usr/local/etc/raddb/users"
files: acctusersfile = "/usr/local/etc/raddb/acct_users"
files: preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users"
files: compat = "no"
Module: Instantiated files (files)
exec: wait = yes
exec: program = "/usr/local/abills/libexec/rauth.pl pre_auth"
exec: input_pairs = "request"
exec: output_pairs = "config"
exec: packet_type = "(null)"
Module: Instantiated exec (pre_auth)
Module: Loaded Acct-Unique-Session-Id
acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
Module: Instantiated acct_unique (acct_unique)
Module: Loaded realm
realm: format = "suffix"
realm: delimiter = "@"
realm: ignore_default = no
realm: ignore_null = no
Module: Instantiated realm (suffix)
Module: Loaded detail
detail: detailfile = "/var/log/radacct/%{Client-IP-Address}/detail-%Y%m%d"
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (detail)
Module: Loaded radutmp
radutmp: filename = "/var/log/radutmp"
radutmp: username = "%{User-Name}"
radutmp: case_sensitive = yes
radutmp: check_with_nas = yes
radutmp: perm = 384
radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
exec: wait = yes
exec: program = "/usr/local/abills/libexec/rauth.pl post_auth"
exec: input_pairs = "request"
exec: output_pairs = "config"
exec: packet_type = "(null)"
Module: Instantiated exec (post_auth)
Listening on authentication *:1812
Listening on accounting *:1813
Ready to process requests.
при пробе подключения с windows XP!
Код: Выделить всё
rad_recv: Access-Request packet from host 127.0.0.1:48193, id=111, length=283
NAS-Identifier = "athlon.ua"
Message-Authenticator = 0x0734b0148cbd18d4e00f5739143c5ae7
Acct-Session-Id = "3492472-rl0-2"
NAS-Port = 2
NAS-Port-Type = Ethernet
Service-Type = Framed-User
Framed-Protocol = PPP
Calling-Station-Id = "742f68a3598c"
NAS-Port-Id = "rl0"
mpd-link = "rl0-2"
mpd-Attr-19 = 0x4d5352415356352e3230204d535241532d302d4335302029a15e36d42c3d4b9345b5140a9fce2a
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Client-Endpoint:0 = "74:2f:68:a3:59:8c"
User-Name = "user1"
MS-CHAP-Challenge = 0xbb1e68d25c413cf00879fc8697619850
MS-CHAP2-Response = 0x0100c4a5de26dc0bfb0d9ba324288a7d62dc00000000000000001cac41628aa4a7b83f8b0226efedac7483de7a227e050fd1
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
rlm_mschap: Found MS-CHAP attributes. Setting 'Auth-Type = mschap'
modcall[authorize]: module "mschap" returns ok for request 0
users: Matched entry DEFAULT at line 1
modcall[authorize]: module "files" returns ok for request 0
Exec-Program output: User-Password == "123456"
Exec-Program-Wait: value-pairs: User-Password == "123456"
Exec-Program: returned: 0
modcall[authorize]: module "pre_auth" returns ok for request 0
modcall: leaving group authorize (returns ok) for request 0
rad_check_password: Found Auth-Type MS-CHAP
auth: type "MS-CHAP"
Processing the authenticate section of radiusd.conf
modcall: entering group MS-CHAP for request 0
rlm_mschap: Told to do MS-CHAPv2 for user1 with NT-Password
rlm_mschap: adding MS-CHAPv2 MPPE keys
modcall[authenticate]: module "mschap" returns ok for request 0
modcall: leaving group MS-CHAP (returns ok) for request 0
Exec-Program output: Acct-Interim-Interval = 60, Session-Timeout = 1281928, Framed-IP-Address = 10.10.10.26, Framed-IP-Netmask = 255.255.255.255, mpd-limit += "in#1=all rate-limit 5120000 192000 384000", mpd-limit += "out#1=all rate-limit 1024000 192000 384000",
Exec-Program-Wait: value-pairs: Acct-Interim-Interval = 60, Session-Timeout = 1281928, Framed-IP-Address = 10.10.10.26, Framed-IP-Netmask = 255.255.255.255, mpd-limit += "in#1=all rate-limit 5120000 192000 384000", mpd-limit += "out#1=all rate-limit 1024000 192000 384000",
Exec-Program: returned: 0
Sending Access-Accept of id 111 to 127.0.0.1 port 48193
MS-CHAP2-Success = 0x01533d46383235393141373834383739374332423642343336434435413532313244413945453238393735
MS-MPPE-Recv-Key = 0x66ae0e75b3862fb897d5b4cbc7febe88
MS-MPPE-Send-Key = 0xe695e337c0a1f1994c7dade35859e011
MS-MPPE-Encryption-Policy = 0x00000001
MS-MPPE-Encryption-Types = 0x00000006
Acct-Interim-Interval = 60
Session-Timeout = 1281928
Framed-IP-Address = 10.10.10.26
Framed-IP-Netmask = 255.255.255.255
mpd-limit += "in#1=all rate-limit 5120000 192000 384000"
mpd-limit += "out#1=all rate-limit 1024000 192000 384000"
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Accounting-Request packet from host 127.0.0.1:46590, id=72, length=307
NAS-Identifier = "athlon.ua"
Acct-Session-Id = "3492472-rl0-2"
NAS-Port = 2
NAS-Port-Type = Ethernet
Service-Type = Framed-User
Framed-Protocol = PPP
Calling-Station-Id = "742f68a3598c"
NAS-Port-Id = "rl0"
mpd-link = "rl0-2"
mpd-Attr-19 = 0x4d5352415356352e3230204d535241532d302d4335302029a15e36d42c3d4b9345b5140a9fce2a
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Client-Endpoint:0 = "74:2f:68:a3:59:8c"
Acct-Status-Type = Start
Framed-IP-Address = 10.10.10.26
Framed-IP-Netmask = 255.255.255.255
User-Name = "user1"
Acct-Multi-Session-Id = "3492472-B-1"
mpd-bundle = "B-1"
mpd-iface = "ng0"
mpd-iface-index = 13
mpd-Attr-19 = 0x4d5352415356352e3230204d535241532d302d4335302029a15e36d42c3d4b9345b5140a9fce2a
Acct-Link-Count = 1
Acct-Authentic = RADIUS
Processing the preacct section of radiusd.conf
modcall: entering group preacct for request 1
modcall[preacct]: module "preprocess" returns noop for request 1
rlm_acct_unique: Hashing 'NAS-Port = 2,Client-IP-Address = 127.0.0.1,NAS-IP-Address = 127.0.0.1,Acct-Session-Id = "3492472-rl0-2",User-Name = "user1"'
rlm_acct_unique: Acct-Unique-Session-ID = "d96fb619b8571f11".
modcall[preacct]: module "acct_unique" returns ok for request 1
rlm_realm: No '@' in User-Name = "user1", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[preacct]: module "suffix" returns noop for request 1
acct_users: Matched entry DEFAULT at line 1
modcall[preacct]: module "files" returns ok for request 1
modcall: leaving group preacct (returns ok) for request 1
Processing the accounting section of radiusd.conf
modcall: entering group accounting for request 1
radius_xlat: '/var/log/radacct/127.0.0.1/detail-20130317'
rlm_detail: /var/log/radacct/%{Client-IP-Address}/detail-%Y%m%d expands to /var/log/radacct/127.0.0.1/detail-20130317
modcall[accounting]: module "detail" returns ok for request 1
modcall[accounting]: module "unix" returns ok for request 1
radius_xlat: '/var/log/radutmp'
radius_xlat: 'user1'
modcall[accounting]: module "radutmp" returns ok for request 1
modcall: leaving group accounting (returns ok) for request 1
Sending Accounting-Response of id 72 to 127.0.0.1 port 46590
Finished request 1
Going to the next request
Cleaning up request 1 ID 72 with timestamp 51453e78
Waking up in 6 seconds...
rad_recv: Accounting-Request packet from host 127.0.0.1:29148, id=163, length=355
NAS-Identifier = "athlon.ua"
Acct-Session-Id = "3492472-rl0-2"
NAS-Port = 2
NAS-Port-Type = Ethernet
Service-Type = Framed-User
Framed-Protocol = PPP
Calling-Station-Id = "742f68a3598c"
NAS-Port-Id = "rl0"
mpd-link = "rl0-2"
mpd-Attr-19 = 0x4d5352415356352e3230204d535241532d302d4335302029a15e36d42c3d4b9345b5140a9fce2a
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Client-Endpoint:0 = "74:2f:68:a3:59:8c"
Framed-IP-Address = 10.10.10.26
Framed-IP-Netmask = 255.255.255.255
User-Name = "user1"
Acct-Multi-Session-Id = "3492472-B-1"
mpd-bundle = "B-1"
mpd-iface = "ng0"
mpd-iface-index = 13
mpd-Attr-19 = 0x4d5352415356352e3230204d535241532d302d4335302029a15e36d42c3d4b9345b5140a9fce2a
Acct-Link-Count = 1
Acct-Authentic = RADIUS
Acct-Status-Type = Stop
Acct-Terminate-Cause = Service-Unavailable
Acct-Session-Time = 2
Acct-Input-Octets = 309
Acct-Input-Packets = 12
Acct-Input-Gigawords = 0
Acct-Output-Octets = 174
Acct-Output-Packets = 10
Acct-Output-Gigawords = 0
Processing the preacct section of radiusd.conf
modcall: entering group preacct for request 2
modcall[preacct]: module "preprocess" returns noop for request 2
rlm_acct_unique: Hashing 'NAS-Port = 2,Client-IP-Address = 127.0.0.1,NAS-IP-Address = 127.0.0.1,Acct-Session-Id = "3492472-rl0-2",User-Name = "user1"'
rlm_acct_unique: Acct-Unique-Session-ID = "d96fb619b8571f11".
modcall[preacct]: module "acct_unique" returns ok for request 2
rlm_realm: No '@' in User-Name = "user1", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[preacct]: module "suffix" returns noop for request 2
acct_users: Matched entry DEFAULT at line 7
modcall[preacct]: module "files" returns ok for request 2
modcall: leaving group preacct (returns ok) for request 2
Processing the accounting section of radiusd.conf
modcall: entering group accounting for request 2
radius_xlat: '/var/log/radacct/127.0.0.1/detail-20130317'
rlm_detail: /var/log/radacct/%{Client-IP-Address}/detail-%Y%m%d expands to /var/log/radacct/127.0.0.1/detail-20130317
modcall[accounting]: module "detail" returns ok for request 2
modcall[accounting]: module "unix" returns ok for request 2
radius_xlat: '/var/log/radutmp'
radius_xlat: 'user1'
modcall[accounting]: module "radutmp" returns ok for request 2
modcall: leaving group accounting (returns ok) for request 2
Sending Accounting-Response of id 163 to 127.0.0.1 port 29148
Finished request 2
Going to the next request
Cleaning up request 2 ID 163 with timestamp 51453e78
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 111 with timestamp 51453e78
Nothing to do. Sleeping until we see a request.
Re: MPD5 PPPOE ошибка 629, PPTP - 734
Добавлено: Вс мар 17, 2013 9:27 am
~AsmodeuS~
смотрите лог mpd у Вас есть связь с радиусом клиент авторизируется