radius 2 + abills 0.41

mnk · Сообщение **mnk** » Чт май 07, 2009 4:42 am

Вот попробовал на новой машине настроить эту связку. С abills 0.37 все работало. Схема pppd + RADIUS plugin (Linux).
Настраивал, как напсано в /usr/abills/doc/INSTALL.ru
При соединении со станции радиус и биллинг пишут , что все ок, а станция вываливается и в /var/log/messages пишет, что не правильная chap авторизация.
Вот лог абилса

Код: Выделить всё

2009-05-07 08:21:01 LOG_INFO: AUTH [misha] NAS: 1 (127.0.0.1) CID: 172.16.130.156  GT: 0.50963

Вот лог радиуса.

Код: Выделить всё

rad_recv: Access-Request packet from host 127.0.0.1 port 49064, id=168, length=149
        Service-Type = Framed-User
        Framed-Protocol = PPP
        User-Name = "misha"
        MS-CHAP-Challenge = 0x944348e9590907f5c66e1e180d9ab2b6
        MS-CHAP2-Response = 0x3300b9a81fbd9a97121d4dec1c268abdddc2000000000000000013d96410ecc1940251c747be517acb6c96117e91353c13f9
        Calling-Station-Id = "172.16.130.156"
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 1
+- entering group authorize {...}
++[preprocess] returns ok
[files] users: Matched entry DEFAULT at line 1
++[files] returns ok
Exec-Program output: Acct-Interim-Interval = 60, Session-Timeout = 2129940, Octets-Direction = 0, Session-Octets-Limit = 2146435072,
Exec-Program-Wait: value-pairs: Acct-Interim-Interval = 60, Session-Timeout = 2129940, Octets-Direction = 0, Session-Octets-Limit = 2146435072,
Exec-Program: returned: 0
++[auth] returns ok
[mschap] Found existing Auth-Type.  Not changing it.
++[mschap] returns noop
Found Auth-Type = Accept
Auth-Type = Accept, accepting the user
+- entering group post-auth {...}
++[exec] returns noop
Sending Access-Accept of id 168 to 127.0.0.1 port 49064
        Acct-Interim-Interval = 60
        Session-Timeout = 2129940
        Octets-Direction = Route-IP-No
        Session-Octets-Limit = 2146435072
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 0 ID 168 with timestamp +32
Ready to process requests.

Какой то он не полный. Параметры на станцию не выдаются.
Вот лог c messages

Код: Выделить всё

May  7 08:34:26 mnk pptpd[7099]: CTRL: Client 172.16.130.156 control connection started
May  7 08:34:26 mnk pptpd[7099]: CTRL: Starting call (launching pppd, opening GRE)
May  7 08:34:26 mnk pppd[7100]: Plugin radius.so loaded.
May  7 08:34:26 mnk pppd[7100]: RADIUS plugin initialized.
May  7 08:34:26 mnk pppd[7100]: Plugin radattr.so loaded.
May  7 08:34:26 mnk pppd[7100]: RADATTR plugin initialized.
May  7 08:34:26 mnk pppd[7100]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
May  7 08:34:26 mnk pppd[7100]: pptpd-logwtmp: $Version$
May  7 08:34:26 mnk pppd[7100]: pppd 2.4.4 started by root, uid 0
May  7 08:34:26 mnk pppd[7100]: Using interface ppp1
May  7 08:34:26 mnk pppd[7100]: Connect: ppp1 <--> /dev/pts/9
May  7 08:34:26 mnk pptpd[7099]: GRE: Bad checksum from pppd.
May  7 08:34:26 mnk pptpd[7099]: CTRL: Ignored a SET LINK INFO packet with real ACCMs!
May  7 08:34:27 mnk pppd[7100]:
May  7 08:34:27 mnk pppd[7100]: Peer misha failed CHAP authentication
May  7 08:34:27 mnk pppd[7100]: Connection terminated.
May  7 08:34:27 mnk pppd[7100]: Exit.
May  7 08:34:27 mnk pptpd[7099]: CTRL: Client 172.16.130.156 control connection finished

С подробными описаниями настроек просто беда какая то. Все нужно по крупицам с разных мест выуживать. Очень похоже, что где то в радиусе не все настроено.
pptpd сервер работает на 100% - пробовал вначале без радиуса - все работало.
Может есть уже где подробное описание данной связки?

Евгений · Чт май 07, 2009 5:54 am

mnk писал(а): Вот лог абилса

А как вы заставили писать Абиллс логи? у меня ничего не пишет хотя в конфигах вроде все прописано... у меня вообще вебморда не открывается и виновных найти не могу

mnk · Сообщение **mnk** » Чт май 07, 2009 6:42 am

С web мордой все нормально. Это ты с настройками апача где то не докрутил. Посмотри в моем wiki. Я там все подробно описывал, только может не все по порядку.
А логи abills лежат в /usr/abills/var/log/abills.log

Теперь по теме, которую выше открыл. Удалось все настроить, по своим старым докам, URL смотри выше. А по тому, что написано в inltall.ru ничего не получилось.

Abram · Чт май 07, 2009 9:42 pm

Евгений писал(а):
mnk писал(а): Вот лог абилса
А как вы заставили писать Абиллс логи?

Да просто файлик пустой создать

. И права веб-серверу дать на него.

kai · Сообщение **kai** » Пт июл 17, 2009 11:53 am

подскажите плз что делать, а то уже 3 дня мучаюсь, вобщем настроил РАДИУС как тут http://www.volmed.org.ru/wiki/index.php ... .D0.B5_NAS

вот что имеем: radiusd -X

FreeRADIUS Version 2.0.5, for host i686-pc-linux-gnu, built on Oct 9 2008 at 16:13:43
Copyright (C) 1999-2008 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License v2.
Starting - reading configuration files ...
including configuration file /etc/raddb/radiusd.conf
including configuration file /etc/raddb/proxy.conf
including configuration file /etc/raddb/clients.conf
including configuration file /etc/raddb/snmp.conf
including files in directory /etc/raddb/modules/
including configuration file /etc/raddb/modules/detail
including configuration file /etc/raddb/modules/passwd
including configuration file /etc/raddb/modules/ldap
including configuration file /etc/raddb/modules/mschap
including configuration file /etc/raddb/modules/exec
including configuration file /etc/raddb/modules/preprocess
including configuration file /etc/raddb/modules/detail.log
including configuration file /etc/raddb/modules/files
including configuration file /etc/raddb/modules/expr
including configuration file /etc/raddb/modules/counter
including configuration file /etc/raddb/modules/acct_unique
including configuration file /etc/raddb/modules/sql_log
including configuration file /etc/raddb/modules/smbpasswd
including configuration file /etc/raddb/modules/krb5
including configuration file /etc/raddb/modules/etc_group
including configuration file /etc/raddb/modules/sradutmp
including configuration file /etc/raddb/modules/realm
including configuration file /etc/raddb/modules/radutmp
including configuration file /etc/raddb/modules/expiration
including configuration file /etc/raddb/modules/always
including configuration file /etc/raddb/modules/echo
including configuration file /etc/raddb/modules/mac2vlan
including configuration file /etc/raddb/modules/attr_rewrite
including configuration file /etc/raddb/modules/pam
including configuration file /etc/raddb/modules/ippool
including configuration file /etc/raddb/modules/mac2ip
including configuration file /etc/raddb/modules/policy
including configuration file /etc/raddb/modules/logintime
including configuration file /etc/raddb/modules/attr_filter
including configuration file /etc/raddb/modules/digest
including configuration file /etc/raddb/modules/checkval
including configuration file /etc/raddb/modules/chap
including configuration file /etc/raddb/modules/unix
including configuration file /etc/raddb/modules/pap
including configuration file /etc/raddb/eap.conf
including configuration file /etc/raddb/sql.conf
including configuration file /etc/raddb/sql/mysql/dialup.conf
including configuration file /etc/raddb/sql/mysql/counter.conf
including configuration file /etc/raddb/policy.conf
including files in directory /etc/raddb/sites-enabled/
including configuration file /etc/raddb/sites-enabled/default
including configuration file /etc/raddb/sites-enabled/inner-tunnel
group = radiusd
user = radiusd
including dictionary file /etc/raddb/dictionary
main {
prefix = "/usr"
localstatedir = "/var"
logdir = "/var/log/radius"
libdir = "/usr/lib/freeradius"
radacctdir = "/var/log/radius/radacct"
hostname_lookups = no
max_request_time = 30
cleanup_delay = 5
max_requests = 1024
allow_core_dumps = no
pidfile = "/var/run/radiusd/radiusd.pid"
checkrad = "/usr/sbin/checkrad"
debug_level = 0
proxy_requests = yes
log {
stripped_names = no
auth = no
auth_badpass = no
auth_goodpass = no
}
}
client localhost {
ipaddr = 127.0.0.1
require_message_authenticator = no
secret = "radsecret"
nastype = "other"
}
radiusd: #### Loading Realms and Home Servers ####
proxy server {
retry_delay = 5
retry_count = 3
default_fallback = no
dead_time = 120
wake_all_if_all_dead = no
}
home_server localhost {
ipaddr = 127.0.0.1
port = 1812
type = "auth"
secret = "testing123"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "status-server"
ping_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server_pool my_auth_failover {
type = fail-over
home_server = localhost
}
realm example.com {
auth_pool = my_auth_failover
}
realm LOCAL {
}
radiusd: #### Instantiating modules ####
instantiate {
Module: Linked to module rlm_exec
Module: Instantiating exec
exec {
wait = no
input_pairs = "request"
shell_escape = yes
}
Module: Linked to module rlm_expr
Module: Instantiating expr
Module: Linked to module rlm_expiration
Module: Instantiating expiration
expiration {
reply-message = "Password Has Expired "
}
Module: Linked to module rlm_logintime
Module: Instantiating logintime
logintime {
reply-message = "You are calling outside your allowed timespan "
minimum-timeout = 60
}
}
radiusd: #### Loading Virtual Servers ####
server inner-tunnel {
modules {
Module: Checking authenticate {...} for more modules to load
Module: Linked to module rlm_pap
Module: Instantiating pap
pap {
encryption_scheme = "auto"
auto_header = no
}
Module: Linked to module rlm_chap
Module: Instantiating chap
Module: Linked to module rlm_mschap
Module: Instantiating mschap
mschap {
use_mppe = yes
require_encryption = yes
require_strong = yes
with_ntdomain_hack = no
}
Module: Linked to module rlm_unix
Module: Instantiating unix
unix {
radwtmp = "/var/log/radius/radwtmp"
}
Module: Checking authorize {...} for more modules to load
Module: Linked to module rlm_realm
Module: Instantiating suffix
realm suffix {
format = "suffix"
delimiter = "@"
ignore_default = no
ignore_null = no
}
Module: Linked to module rlm_files
Module: Instantiating files
files {
usersfile = "/etc/raddb/users"
acctusersfile = "/etc/raddb/acct_users"
preproxy_usersfile = "/etc/raddb/preproxy_users"
compat = "no"
}
Module: Checking session {...} for more modules to load
Module: Linked to module rlm_radutmp
Module: Instantiating radutmp
radutmp {
filename = "/var/log/radius/radutmp"
username = "%{User-Name}"
case_sensitive = yes
check_with_nas = yes
perm = 384
callerid = yes
}
Module: Checking post-auth {...} for more modules to load
Module: Linked to module rlm_attr_filter
Module: Instantiating attr_filter.access_reject
attr_filter attr_filter.access_reject {
attrsfile = "/etc/raddb/attrs.access_reject"
key = "%{User-Name}"
}
}
}
server {
modules {
Module: Checking authenticate {...} for more modules to load
Module: Checking authorize {...} for more modules to load
Module: Linked to module rlm_preprocess
Module: Instantiating preprocess
preprocess {
huntgroups = "/etc/raddb/huntgroups"
hints = "/etc/raddb/hints"
with_ascend_hack = no
ascend_channels_per_line = 23
with_ntdomain_hack = no
with_specialix_jetstream_hack = no
with_cisco_vsa_hack = no
with_alvarion_vsa_hack = no
}
Module: Instantiating abills_preauth
exec abills_preauth {
wait = yes
program = "/usr/abills/libexec/rauth.pl pre_auth"
input_pairs = "request"
output_pairs = "config"
shell_escape = yes
}
Module: Instantiating abills_auth
exec abills_auth {
wait = yes
program = "/usr/abills/libexec/rauth.pl"
input_pairs = "request"
output_pairs = "reply"
shell_escape = yes
}
Module: Checking preacct {...} for more modules to load
Module: Instantiating abills_acc
exec abills_acc {
wait = yes
program = "/usr/abills/libexec/racct.pl"
input_pairs = "request"
output_pairs = "reply"
shell_escape = yes
}
Module: Checking accounting {...} for more modules to load
Module: Linked to module rlm_detail
Module: Instantiating detail
detail {
detailfile = "/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
header = "%t"
detailperm = 384
dirperm = 493
locking = no
log_packet_header = no
}
Module: Instantiating attr_filter.accounting_response
attr_filter attr_filter.accounting_response {
attrsfile = "/etc/raddb/attrs.accounting_response"
key = "%{User-Name}"
}
Module: Checking session {...} for more modules to load
Module: Checking post-auth {...} for more modules to load
Module: Instantiating abills_postauth
exec abills_postauth {
wait = yes
program = "/usr/abills/libexec/rauth.pl post_auth"
input_pairs = "request"
output_pairs = "config"
shell_escape = yes
}
}
}
radiusd: #### Opening IP addresses and Ports ####
listen {
type = "auth"
ipaddr = *
port = 0
ERROR: Failed to open socket: cannot bind socket: Address already in use
/etc/raddb/radiusd.conf[236]: Error binding to port for 0.0.0.0 port 1812

порт этот свободен: netstat -lnp

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:2049 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:5989 0.0.0.0:* LISTEN 4185/owcimomd
tcp 0 0 0.0.0.0:55333 0.0.0.0:* LISTEN 4019/rpc.statd
tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN 3316/slapd
tcp 0 0 127.0.0.1:199 0.0.0.0:* LISTEN 4768/snmpd
tcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 4547/rsyncd
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 3971/mysqld-max
tcp 0 0 195.189.234.99:427 0.0.0.0:* LISTEN 3386/slpd
tcp 0 0 192.168.70.1:427 0.0.0.0:* LISTEN 3386/slpd
tcp 0 0 192.168.0.1:427 0.0.0.0:* LISTEN 3386/slpd
tcp 0 0 192.168.168.1:427 0.0.0.0:* LISTEN 3386/slpd
tcp 0 0 10.100.100.1:427 0.0.0.0:* LISTEN 3386/slpd
tcp 0 0 127.0.0.1:427 0.0.0.0:* LISTEN 3386/slpd
tcp 0 0 0.0.0.0:52653 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 4576/master
tcp 0 0 127.0.0.1:3310 0.0.0.0:* LISTEN 3661/clamd
tcp 0 0 127.0.0.1:783 0.0.0.0:* LISTEN 4802/spamd.pid
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 4576/master
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 2950/portmap
tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 4892/perl
tcp 0 0 0.0.0.0:2000 0.0.0.0:* LISTEN 4576/master
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 4325/pure-ftpd (SER
tcp 0 0 195.189.234.99:53 0.0.0.0:* LISTEN 3370/named
tcp 0 0 192.168.70.1:53 0.0.0.0:* LISTEN 3370/named
tcp 0 0 192.168.0.1:53 0.0.0.0:* LISTEN 3370/named
tcp 0 0 192.168.168.1:53 0.0.0.0:* LISTEN 3370/named
tcp 0 0 10.100.100.1:53 0.0.0.0:* LISTEN 3370/named
tcp 0 0 127.0.0.2:53 0.0.0.0:* LISTEN 3370/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 3370/named
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 4800/sshd
tcp 0 0 0.0.0.0:119 0.0.0.0:* LISTEN 3870/innd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 3698/cupsd
tcp 0 0 0.0.0.0:3128 0.0.0.0:* LISTEN 6313/(squid)
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 3730/avmailgate.bin
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 3370/named
tcp 0 0 0.0.0.0:1723 0.0.0.0:* LISTEN 4307/pptpd
tcp 0 0 0.0.0.0:57117 0.0.0.0:* LISTEN 4016/rpc.mountd
tcp 0 0 :::9443 :::* LISTEN 5210/httpd2-prefork
tcp 0 0 :::389 :::* LISTEN 3316/slapd
tcp 0 0 :::2601 :::* LISTEN 4917/zebra
tcp 0 0 :::873 :::* LISTEN 4547/rsyncd
tcp 0 0 :::139 :::* LISTEN 4726/smbd
tcp 0 0 :::110 :::* LISTEN 4576/master
tcp 0 0 :::143 :::* LISTEN 4576/master
tcp 0 0 :::80 :::* LISTEN 5210/httpd2-prefork
tcp 0 0 :::2000 :::* LISTEN 4576/master
tcp 0 0 :::21 :::* LISTEN 4325/pure-ftpd (SER
tcp 0 0 :::53 :::* LISTEN 3370/named
tcp 0 0 :::22 :::* LISTEN 4800/sshd
tcp 0 0 ::1:631 :::* LISTEN 3698/cupsd
tcp 0 0 ::1:953 :::* LISTEN 3370/named
tcp 0 0 :::445 :::* LISTEN 4726/smbd

dnk2009 · Пт июл 17, 2009 11:56 am

в версии 0.5 лежат конфиги от 2 го радиуса. попробуй с ними

kai · Сообщение **kai** » Пт июл 17, 2009 12:10 pm

При этом радиус вродебы и работает но с виндовой машины зайти нельзя
вот что говорит радиус

Код: Выделить всё

Fri Jul 17 13:30:55 2009 : Auth: Invalid user: [testuser/testpassword] (from client localhost port 1)

вот локалмеседж

Код: Выделить всё

Jul 17 14:49:49 proxy pppd[7418]: Plugin radius.so loaded.
Jul 17 14:49:49 proxy pppd[7418]: RADIUS plugin initialized.
Jul 17 14:49:49 proxy pppd[7418]: Plugin radattr.so loaded.
Jul 17 14:49:49 proxy pppd[7418]: RADATTR plugin initialized.
Jul 17 14:49:49 proxy pppd[7418]: pppd 2.4.4 started by root, uid 0
Jul 17 14:49:49 proxy pppd[7418]: Using interface ppp1
Jul 17 14:49:49 proxy pppd[7418]: Connect: ppp1 <--> /dev/pts/5
Jul 17 14:49:49 proxy pppd[7418]: rc_avpair_new: unknown attribute 11
Jul 17 14:49:49 proxy pppd[7418]: rc_avpair_new: unknown attribute 25
Jul 17 14:49:50 proxy pppd[7418]: Peer testuser failed CHAP authentication
Jul 17 14:49:50 proxy pppd[7418]: Connection terminated.
Jul 17 14:49:50 proxy pppd[7418]: Exit.

вот меседж

Код: Выделить всё

Jul 17 14:51:43 proxy pptpd[7480]: MGR: Launching /usr/sbin/pptpctrl to handle client
Jul 17 14:51:43 proxy pptpd[7480]: CTRL: local address = 192.168.0.1
Jul 17 14:51:43 proxy pptpd[7480]: CTRL: remote address = 192.168.1.1
Jul 17 14:51:43 proxy pptpd[7480]: CTRL: pppd speed = 115200
Jul 17 14:51:43 proxy pptpd[7480]: CTRL: pppd options file = /etc/ppp/options.pptp
Jul 17 14:51:43 proxy pptpd[7480]: CTRL: Client 192.168.0.150 control connection started
Jul 17 14:51:43 proxy pptpd[7480]: CTRL: Received PPTP Control Message (type: 1)
Jul 17 14:51:43 proxy pptpd[7480]: CTRL: Made a START CTRL CONN RPLY packet
Jul 17 14:51:43 proxy pptpd[7480]: CTRL: I wrote 156 bytes to the client.
Jul 17 14:51:43 proxy pptpd[7480]: CTRL: Sent packet to client
Jul 17 14:51:43 proxy pptpd[7480]: CTRL: Received PPTP Control Message (type: 7)
Jul 17 14:51:43 proxy pptpd[7480]: CTRL: Set parameters to 100000000 maxbps, 64 window size
Jul 17 14:51:43 proxy pptpd[7480]: CTRL: Made a OUT CALL RPLY packet
Jul 17 14:51:43 proxy pptpd[7480]: CTRL: Starting call (launching pppd, opening GRE)
Jul 17 14:51:43 proxy pptpd[7480]: CTRL: pty_fd = 6
Jul 17 14:51:43 proxy pptpd[7480]: CTRL: tty_fd = 7
Jul 17 14:51:43 proxy pptpd[7481]: CTRL (PPPD Launcher): program binary = /usr/sbin/pppd
Jul 17 14:51:43 proxy pptpd[7481]: CTRL (PPPD Launcher): local address = 192.168.0.1
Jul 17 14:51:43 proxy pptpd[7481]: CTRL (PPPD Launcher): remote address = 192.168.1.1
Jul 17 14:51:43 proxy pppd[7481]: Plugin radius.so loaded.
Jul 17 14:51:43 proxy pppd[7481]: RADIUS plugin initialized.
Jul 17 14:51:43 proxy pppd[7481]: Plugin radattr.so loaded.
Jul 17 14:51:43 proxy pppd[7481]: RADATTR plugin initialized.
Jul 17 14:51:43 proxy pppd[7481]: pppd 2.4.4 started by root, uid 0
Jul 17 14:51:43 proxy pptpd[7480]: CTRL: I wrote 32 bytes to the client.
Jul 17 14:51:43 proxy pptpd[7480]: CTRL: Sent packet to client
Jul 17 14:51:43 proxy pppd[7481]: Using interface ppp1
Jul 17 14:51:43 proxy pppd[7481]: Connect: ppp1 <--> /dev/pts/5
Jul 17 14:51:43 proxy pptpd[7480]: GRE: Bad checksum from pppd.
Jul 17 14:51:43 proxy pptpd[7480]: CTRL: Received PPTP Control Message (type: 15)
Jul 17 14:51:43 proxy pptpd[7480]: CTRL: Got a SET LINK INFO packet with standard ACCMs
Jul 17 14:51:43 proxy pptpd[7480]: GRE: accepting packet #0
Jul 17 14:51:43 proxy pptpd[7480]: GRE: accepting packet #1
Jul 17 14:51:43 proxy pptpd[7480]: GRE: accepting packet #2
Jul 17 14:51:43 proxy pptpd[7480]: GRE: accepting packet #3
Jul 17 14:51:43 proxy pptpd[7480]: GRE: accepting packet #4
Jul 17 14:51:43 proxy pptpd[7480]: GRE: accepting packet #5
Jul 17 14:51:43 proxy pptpd[7480]: GRE: accepting packet #6
Jul 17 14:51:43 proxy pppd[7481]: rc_avpair_new: unknown attribute 11
Jul 17 14:51:43 proxy pppd[7481]: rc_avpair_new: unknown attribute 25
Jul 17 14:51:43 proxy pptpd[7480]: CTRL: Received PPTP Control Message (type: 15)
Jul 17 14:51:43 proxy pptpd[7480]: CTRL: Ignored a SET LINK INFO packet with real ACCMs!
Jul 17 14:51:45 proxy pppd[7481]: Peer testuser failed CHAP authentication
Jul 17 14:51:45 proxy pptpd[7480]: CTRL: Received PPTP Control Message (type: 15)
Jul 17 14:51:45 proxy pptpd[7480]: CTRL: Got a SET LINK INFO packet with standard ACCMs
Jul 17 14:51:45 proxy pptpd[7480]: GRE: accepting packet #7
Jul 17 14:51:45 proxy pppd[7481]: Connection terminated.
Jul 17 14:51:45 proxy pptpd[7480]: CTRL: Received PPTP Control Message (type: 12)
Jul 17 14:51:45 proxy pptpd[7480]: CTRL: Made a CALL DISCONNECT RPLY packet
Jul 17 14:51:45 proxy pptpd[7480]: CTRL: Received CALL CLR request (closing call)
Jul 17 14:51:45 proxy pptpd[7480]: CTRL: Reaping child PPP[7481]
Jul 17 14:51:45 proxy pppd[7481]: Exit.
Jul 17 14:51:45 proxy pptpd[7480]: CTRL: Client 192.168.0.150 control connection finished
Jul 17 14:51:45 proxy pptpd[7480]: CTRL: Exiting now
Jul 17 14:51:45 proxy racoon: INFO: 127.0.0.1[500] used as isakmp port (fd=7)
Jul 17 14:51:45 proxy racoon: INFO: 127.0.0.1[500] used for NAT-T
Jul 17 14:51:45 proxy racoon: INFO: 127.0.0.2[500] used as isakmp port (fd=8)
Jul 17 14:51:45 proxy racoon: INFO: 127.0.0.2[500] used for NAT-T
Jul 17 14:51:45 proxy racoon: INFO: 10.100.100.1[500] used as isakmp port (fd=9)
Jul 17 14:51:45 proxy racoon: INFO: 10.100.100.1[500] used for NAT-T
Jul 17 14:51:45 proxy racoon: INFO: 192.168.168.1[500] used as isakmp port (fd=10)
Jul 17 14:51:45 proxy racoon: INFO: 192.168.168.1[500] used for NAT-T
Jul 17 14:51:45 proxy racoon: INFO: 192.168.0.1[500] used as isakmp port (fd=11)
Jul 17 14:51:45 proxy racoon: INFO: 192.168.0.1[500] used for NAT-T
Jul 17 14:51:45 proxy racoon: INFO: 192.168.70.1[500] used as isakmp port (fd=12)
Jul 17 14:51:45 proxy racoon: INFO: 192.168.70.1[500] used for NAT-T
Jul 17 14:51:45 proxy racoon: INFO: 195.189.234.99[500] used as isakmp port (fd=13)
Jul 17 14:51:45 proxy racoon: INFO: 195.189.234.99[500] used for NAT-T
Jul 17 14:51:45 proxy racoon: ERROR: failed to bind to address 192.168.0.1[500] (Address already in use).
Jul 17 14:51:45 proxy pptpd[4307]: MGR: Reaped child 7480
Jul 17 14:51:45 proxy racoon: INFO: ::1[500] used as isakmp port (fd=14)
Jul 17 14:51:45 proxy racoon: INFO: fe80::20a:48ff:fe0e:9ae0%eth1[500] used as isakmp port (fd=15)
Jul 17 14:51:45 proxy racoon: INFO: fe80::240:f4ff:fe7b:3a84%eth0[500] used as isakmp port (fd=16)

kai · Сообщение **kai** » Пт июл 17, 2009 12:40 pm

с конфигом от 5 версии другой трабл

Код: Выделить всё

/etc/raddb/modules/exec[24]: Failed to link to module 'rlm_exec': rlm_exec.so: cannot open shared object file: No such file or directory
Errors initializing modules

ran · Сообщение **ran** » Сб июл 18, 2009 4:15 pm

Jul 17 14:49:49 proxy pppd[7418]: rc_avpair_new: unknown attribute 11
Jul 17 14:49:49 proxy pppd[7418]: rc_avpair_new: unknown attribute 25

не знает твой радиусклиент (пппд) атрибутов 11 и 25 словари радиусклиента кури

ЗЫ: насколько мне не изменяет мой склероз - мелкософтофские это атрибутики...

kai · Сообщение **kai** » Пн июл 27, 2009 8:39 am

С атрибутами разобрался, теперь помогите плз с етим
вот локалмеседж

Код: Выделить всё

Jul 27 11:10:53 proxy pppd[17512]: Plugin radius.so loaded.
Jul 27 11:10:53 proxy pppd[17512]: RADIUS plugin initialized.
Jul 27 11:10:53 proxy pppd[17512]: Plugin radattr.so loaded.
Jul 27 11:10:53 proxy pppd[17512]: RADATTR plugin initialized.
Jul 27 11:10:54 proxy pppd[17512]: pppd 2.4.4 started by root, uid 0
Jul 27 11:10:54 proxy pppd[17512]: Using interface ppp1
Jul 27 11:10:54 proxy pppd[17512]: Connect: ppp1 <--> /dev/pts/2
Jul 27 11:11:26 proxy pppd[17512]: rc_send_server: no reply from RADIUS server localhost:1812
Jul 27 11:11:26 proxy pppd[17512]: Peer testuser failed CHAP authentication
Jul 27 11:11:26 proxy pppd[17512]: Modem hangup
Jul 27 11:11:26 proxy pppd[17512]: Connection terminated.
Jul 27 11:11:26 proxy pppd[17512]: Exit.

а вот меседж

Код: Выделить всё

Jul 27 11:10:53 proxy pptpd[17511]: MGR: Launching /usr/sbin/pptpctrl to handle client
Jul 27 11:10:53 proxy pptpd[17511]: CTRL: local address = 192.168.0.1
Jul 27 11:10:53 proxy pptpd[17511]: CTRL: remote address = 192.168.1.1
Jul 27 11:10:53 proxy pptpd[17511]: CTRL: pppd speed = 115200
Jul 27 11:10:53 proxy pptpd[17511]: CTRL: pppd options file = /etc/ppp/options.pptp
Jul 27 11:10:53 proxy pptpd[17511]: CTRL: Client 192.168.0.150 control connection started
Jul 27 11:10:53 proxy pptpd[17511]: CTRL: Received PPTP Control Message (type: 1)
Jul 27 11:10:53 proxy pptpd[17511]: CTRL: Made a START CTRL CONN RPLY packet
Jul 27 11:10:53 proxy pptpd[17511]: CTRL: I wrote 156 bytes to the client.
Jul 27 11:10:53 proxy pptpd[17511]: CTRL: Sent packet to client
Jul 27 11:10:53 proxy pptpd[17511]: CTRL: Received PPTP Control Message (type: 7)
Jul 27 11:10:53 proxy pptpd[17511]: CTRL: Set parameters to 100000000 maxbps, 64 window size
Jul 27 11:10:53 proxy pptpd[17511]: CTRL: Made a OUT CALL RPLY packet
Jul 27 11:10:53 proxy pptpd[17511]: CTRL: Starting call (launching pppd, opening GRE)
Jul 27 11:10:53 proxy pptpd[17511]: CTRL: pty_fd = 6
Jul 27 11:10:53 proxy pptpd[17511]: CTRL: tty_fd = 7
Jul 27 11:10:53 proxy pptpd[17512]: CTRL (PPPD Launcher): program binary = /usr/sbin/pppd
Jul 27 11:10:53 proxy pptpd[17512]: CTRL (PPPD Launcher): local address = 192.168.0.1
Jul 27 11:10:53 proxy pptpd[17512]: CTRL (PPPD Launcher): remote address = 192.168.1.1
Jul 27 11:10:53 proxy arpwatch: bogon 172.24.20.254 0:e:c:b1:9e:af
Jul 27 11:10:53 proxy pptpd[17511]: CTRL: I wrote 32 bytes to the client.
Jul 27 11:10:53 proxy pptpd[17511]: CTRL: Sent packet to client
Jul 27 11:10:53 proxy arpwatch: bogon 172.24.20.254 0:e:c:b1:9e:af
Jul 27 11:10:53 proxy arpwatch: bogon 172.24.20.254 0:e:c:b1:9e:af
Jul 27 11:10:53 proxy pptpd[17511]: CTRL: Received PPTP Control Message (type: 15)
Jul 27 11:10:53 proxy pptpd[17511]: CTRL: Got a SET LINK INFO packet with standard ACCMs
Jul 27 11:10:53 proxy arpwatch: bogon 172.24.22.234 0:30:18:aa:bc:cc
Jul 27 11:10:53 proxy arpwatch: bogon 172.24.23.205 0:13:8f:70:83:6e
Jul 27 11:10:53 proxy syslog-ng[1774]: last message repeated 2 times
Jul 27 11:10:53 proxy pppd[17512]: Plugin radius.so loaded.
Jul 27 11:10:53 proxy pppd[17512]: RADIUS plugin initialized.
Jul 27 11:10:53 proxy pppd[17512]: Plugin radattr.so loaded.
Jul 27 11:10:53 proxy pppd[17512]: RADATTR plugin initialized.
Jul 27 11:10:54 proxy pptpd[17511]: GRE: accepting packet #0
Jul 27 11:10:54 proxy arpwatch: bogon 172.24.22.44 0:19:21:41:ac:e6
Jul 27 11:10:54 proxy pppd[17512]: pppd 2.4.4 started by root, uid 0
Jul 27 11:10:54 proxy pppd[17512]: Using interface ppp1
Jul 27 11:10:54 proxy pppd[17512]: Connect: ppp1 <--> /dev/pts/2
Jul 27 11:10:54 proxy pptpd[17511]: GRE: Bad checksum from pppd.
Jul 27 11:10:54 proxy pptpd[17511]: GRE: accepting packet #1
Jul 27 11:10:55 proxy pptpd[17511]: GRE: accepting packet #2
Jul 27 11:10:55 proxy pptpd[17511]: GRE: accepting packet #3
Jul 27 11:10:55 proxy pptpd[17511]: GRE: accepting packet #4
Jul 27 11:10:55 proxy pptpd[17511]: CTRL: Received PPTP Control Message (type: 15)
Jul 27 11:10:55 proxy pptpd[17511]: CTRL: Ignored a SET LINK INFO packet with real ACCMs!
Jul 27 11:10:55 proxy pptpd[17511]: GRE: accepting packet #5
Jul 27 11:10:56 proxy pptpd[17511]: GRE: accepting packet #6
Jul 27 11:10:56 proxy arpwatch: bogon 172.24.20.254 0:e:c:b1:9e:af
Jul 27 11:10:56 proxy pptpd[17511]: GRE: accepting packet #7
Jul 27 11:11:10 proxy pptpd[17511]: GRE: accepting packet #12
Jul 27 11:11:22 proxy pptpd[17511]: GRE: accepting packet #16
Jul 27 11:11:25 proxy pptpd[17511]: CTRL: Received PPTP Control Message (type: 15)
Jul 27 11:11:25 proxy pptpd[17511]: CTRL: Got a SET LINK INFO packet with standard ACCMs
Jul 27 11:11:25 proxy pptpd[17511]: GRE: accepting packet #17
Jul 27 11:11:25 proxy pptpd[17511]: CTRL: Received PPTP Control Message (type: 12)
Jul 27 11:11:25 proxy pptpd[17511]: CTRL: Made a CALL DISCONNECT RPLY packet
Jul 27 11:11:25 proxy pptpd[17511]: CTRL: Received CALL CLR request (closing call)
Jul 27 11:11:25 proxy pptpd[17511]: CTRL: Reaping child PPP[17512]
Jul 27 11:11:26 proxy arpwatch: bogon 172.24.19.205 0:1b:fc:6e:e9:f8
Jul 27 11:11:26 proxy arpwatch: bogon 172.24.20.254 0:e:c:b1:9e:af
Jul 27 11:11:26 proxy arpwatch: bogon 172.24.20.108 0:13:8f:85:b:2a
Jul 27 11:11:26 proxy arpwatch: bogon 172.24.17.133 0:14:85:ef:cb:98
Jul 27 11:11:26 proxy pppd[17512]: rc_send_server: no reply from RADIUS server localhost:1812
Jul 27 11:11:26 proxy pppd[17512]: Peer testuser failed CHAP authentication
Jul 27 11:11:26 proxy pppd[17512]: Modem hangup
Jul 27 11:11:26 proxy pppd[17512]: Connection terminated.
Jul 27 11:11:26 proxy arpwatch: bogon 172.24.23.205 0:13:8f:70:83:6e
Jul 27 11:11:26 proxy syslog-ng[1774]: last message repeated 6 times
Jul 27 11:11:26 proxy racoon: INFO: 127.0.0.1[500] used as isakmp port (fd=7)
Jul 27 11:11:26 proxy racoon: INFO: 127.0.0.1[500] used for NAT-T
Jul 27 11:11:26 proxy racoon: INFO: 127.0.0.2[500] used as isakmp port (fd=8)
Jul 27 11:11:26 proxy racoon: INFO: 127.0.0.2[500] used for NAT-T
Jul 27 11:11:26 proxy racoon: INFO: 10.100.100.1[500] used as isakmp port (fd=9)
Jul 27 11:11:26 proxy racoon: INFO: 10.100.100.1[500] used for NAT-T
Jul 27 11:11:26 proxy racoon: INFO: 192.168.168.1[500] used as isakmp port (fd=10)
Jul 27 11:11:26 proxy racoon: INFO: 192.168.168.1[500] used for NAT-T
Jul 27 11:11:26 proxy racoon: INFO: 192.168.0.1[500] used as isakmp port (fd=11)
Jul 27 11:11:26 proxy racoon: INFO: 192.168.0.1[500] used for NAT-T
Jul 27 11:11:26 proxy racoon: INFO: 192.168.70.1[500] used as isakmp port (fd=12)
Jul 27 11:11:26 proxy racoon: INFO: 192.168.70.1[500] used for NAT-T
Jul 27 11:11:26 proxy racoon: ERROR: failed to bind to address 192.168.0.1[500] (Address already in use).
Jul 27 11:11:26 proxy racoon: INFO: 195.189.234.99[500] used as isakmp port (fd=13)
Jul 27 11:11:26 proxy racoon: INFO: 195.189.234.99[500] used for NAT-T
Jul 27 11:11:26 proxy pppd[17512]: Exit.
Jul 27 11:11:26 proxy pptpd[17511]: CTRL: Client 192.168.0.150 control connection finished
Jul 27 11:11:26 proxy pptpd[17511]: CTRL: Exiting now
Jul 27 11:11:26 proxy pptpd[4337]: MGR: Reaped child 17511

что вот это за такая строка может в этом проблемма ??

Код: Выделить всё

rc_send_server: no reply from RADIUS server localhost:1812

вот что происходит если подключиться по ПППОЕ

Код: Выделить всё

Plugin radius.so loaded.
RADIUS plugin initialized.
Plugin radattr.so loaded.
RADATTR plugin initialized.
using channel 25
Using interface ppp1
Connect: ppp1 <--> /dev/pts/2
sent [LCP ConfReq id=0x1 <mru 1492> <auth pap> <magic 0x5a53d01a>]
rcvd [LCP ConfAck id=0x1 <mru 1492> <auth pap> <magic 0x5a53d01a>]
rcvd [LCP ConfReq id=0x1 <mru 1480> <magic 0x7f6119e0> <callback CBCP>]
sent [LCP ConfRej id=0x1 <callback CBCP>]
rcvd [LCP ConfReq id=0x2 <mru 1480> <magic 0x7f6119e0>]
sent [LCP ConfAck id=0x2 <mru 1480> <magic 0x7f6119e0>]
sent [LCP EchoReq id=0x0 magic=0x5a53d01a]
rcvd [LCP Ident id=0x3 magic=0x7f6119e0 "MSRASV5.20"]
rcvd [LCP Ident id=0x4 magic=0x7f6119e0 "MSRAS-0-ITMARKET"]
rcvd [PAP AuthReq id=0xa user="testuser" password=<hidden>]
rc_send_server: no reply from RADIUS server localhost:1812
sent [PAP AuthNak id=0xa ""]
PAP peer authentication failed for testuser
sent [LCP TermReq id=0x2 "Authentication failed"]
Terminating on signal 15
rcvd [LCP EchoRep id=0x0 magic=0x7f6119e0]
rcvd [PAP AuthReq id=0xb user="testuser" password=<hidden>]
Discarded non-LCP packet when LCP not open
rcvd [PAP AuthReq id=0xc user="testuser" password=<hidden>]
Discarded non-LCP packet when LCP not open
rcvd [PAP AuthReq id=0xd user="testuser" password=<hidden>]
Discarded non-LCP packet when LCP not open
rcvd [PAP AuthReq id=0xe user="testuser" password=<hidden>]
Discarded non-LCP packet when LCP not open
rcvd [PAP AuthReq id=0xf user="testuser" password=<hidden>]
Discarded non-LCP packet when LCP not open
rcvd [PAP AuthReq id=0x10 user="testuser" password=<hidden>]
Discarded non-LCP packet when LCP not open
rcvd [PAP AuthReq id=0x11 user="testuser" password=<hidden>]
Discarded non-LCP packet when LCP not open
rcvd [PAP AuthReq id=0x12 user="testuser" password=<hidden>]
Discarded non-LCP packet when LCP not open
rcvd [PAP AuthReq id=0x13 user="testuser" password=<hidden>]
Discarded non-LCP packet when LCP not open
rcvd [LCP TermReq id=0x5 7f 61 19 e0 00 3c cd 74 00 00 02 ce]
sent [LCP TermAck id=0x5]
sent [LCP TermReq id=0x3 "User request"]
Connection terminated.
Modem hangup
Waiting for 1 child processes...
  script /usr/sbin/pppoe -n -I eth1 -e 3:00:11:5b:71:65:b2 -S '', pid 17803
pppoe: read (asyncReadFromPPP): Session 3: Input/output error
Script /usr/sbin/pppoe -n -I eth1 -e 3:00:11:5b:71:65:b2 -S '' finished (pid 17803), status = 0x1
RADATTR plugin removed file /var/run/radattr.ppp1.

abills.net.ua

radius 2 + abills 0.41

radius 2 + abills 0.41

Re: radius 2 + abills 0.41

Re: radius 2 + abills 0.41

Re: radius 2 + abills 0.41

Re: radius 2 + abills 0.41

Re: radius 2 + abills 0.41

Re: radius 2 + abills 0.41

Re: radius 2 + abills 0.41

Re: radius 2 + abills 0.41