freeradius2

[kule]

блин никак не могу настроить конфиги брал с этои страницы вроде все по теме а вот ошибка 691 выскакивает

логи

Код: Выделить всё

root@ubuntu:~# freeradius -X
  exec abills_postauth {
        wait = yes
        program = "/usr/abills/libexec/rauth.pl post_auth"
        input_pairs = "request"
        output_pairs = "config"
        shell_escape = yes
  }
 }
radiusd: #### Opening IP addresses and Ports ####
listen {
        type = "auth"
        ipaddr = *
        port = 0
Failed binding to socket: Address already in use
/etc/freeradius/radiusd.conf[17]: Error binding to port for 0.0.0.0 port 1812

Код: Выделить всё

root@ubuntu:~# cat /var/log/pptpd.log

Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
pptpd-logwtmp: $Version$
using channel 2
Using interface ppp0
Connect: ppp0 <--> /dev/pts/1
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MD5> <magic 0xb0620d8> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x0 <mru 1400> <magic 0x537a62b1> <pcomp> <accomp> <callback CBCP>]
sent [LCP ConfRej id=0x0 <callback CBCP>]
rcvd [LCP ConfReq id=0x1 <mru 1400> <magic 0x537a62b1> <pcomp> <accomp>]
sent [LCP ConfAck id=0x1 <mru 1400> <magic 0x537a62b1> <pcomp> <accomp>]
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MD5> <magic 0xb0620d8> <pcomp> <accomp>]
rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth chap MD5> <magic 0xb0620d8> <pcomp> <accomp>]
sent [LCP EchoReq id=0x0 magic=0xb0620d8]
sent [CHAP Challenge id=0x13 <00291a8cfeadda4673c599e2c1662838dc7b>, name = "pptpd"]
rcvd [LCP Ident id=0x2 magic=0x537a62b1 "MSRASV5.10"]
rcvd [LCP Ident id=0x3 magic=0x537a62b1 "MSRAS-0-KULE0-PC"]
rcvd [LCP EchoRep id=0x0 magic=0x537a62b1]
rcvd [CHAP Response id=0x13 <fba1bb97be02b4f66337ba6fa1d42a62>, name = "kule"]
Peer kule failed CHAP authentication
sent [CHAP Failure id=0x13 ""]
sent [LCP TermReq id=0x2 "Authentication failed"]
rcvd [LCP TermAck id=0x2 "Authentication failed"]
Connection terminated.
RADATTR plugin removed file /var/run/radattr.ppp0.
Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
pptpd-logwtmp: $Version$
using channel 3
Using interface ppp0
Connect: ppp0 <--> /dev/pts/1
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MD5> <magic 0x6485335c> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x0 <mru 1400> <magic 0x13640ec> <pcomp> <accomp> <callback CBCP>]
sent [LCP ConfRej id=0x0 <callback CBCP>]
rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth chap MD5> <magic 0x6485335c> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x1 <mru 1400> <magic 0x13640ec> <pcomp> <accomp>]
sent [LCP ConfAck id=0x1 <mru 1400> <magic 0x13640ec> <pcomp> <accomp>]
sent [LCP EchoReq id=0x0 magic=0x6485335c]
sent [CHAP Challenge id=0xe2 <becdae212fcc8b00dd135c04d2018d3bd26e4d91ff>, name = "pptpd"]
rcvd [LCP Ident id=0x2 magic=0x13640ec "MSRASV5.10"]
rcvd [LCP Ident id=0x3 magic=0x13640ec "MSRAS-0-KULE0-PC"]
rcvd [LCP EchoRep id=0x0 magic=0x13640ec]
rcvd [CHAP Response id=0xe2 <7359a7f45bcea8e2cb3ad88f0684be4e>, name = "kule"]
Peer kule failed CHAP authentication
sent [CHAP Failure id=0xe2 ""]
sent [LCP TermReq id=0x2 "Authentication failed"]
rcvd [LCP TermReq id=0x4 01 36 40 ec 00 3c cd 74 00 00 02 b3]
sent [LCP TermAck id=0x4]
rcvd [LCP TermAck id=0x2 "Authentication failed"]
Connection terminated.
tcflush failed: Input/output error
RADATTR plugin removed file /var/run/radattr.ppp0.
Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
pptpd-logwtmp: $Version$
using channel 4
Using interface ppp0
Connect: ppp0 <--> /dev/pts/1
sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MD5> <magic 0x2f539c8a> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x0 <mru 1400> <magic 0xd202eaa> <pcomp> <accomp> <callback CBCP>]
sent [LCP ConfRej id=0x0 <callback CBCP>]
rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth chap MD5> <magic 0x2f539c8a> <pcomp> <accomp>]
rcvd [LCP ConfReq id=0x1 <mru 1400> <magic 0xd202eaa> <pcomp> <accomp>]
sent [LCP ConfAck id=0x1 <mru 1400> <magic 0xd202eaa> <pcomp> <accomp>]
sent [LCP EchoReq id=0x0 magic=0x2f539c8a]
sent [CHAP Challenge id=0x89 <3c5466eba3eadfa6f4ac9198ec05af3f6986141bcaf2>, name = "pptpd"]
rcvd [LCP Ident id=0x2 magic=0xd202eaa "MSRASV5.10"]
rcvd [LCP Ident id=0x3 magic=0xd202eaa "MSRAS-0-KULE0-PC"]
rcvd [LCP EchoRep id=0x0 magic=0xd202eaa]
rcvd [CHAP Response id=0x89 <12e34d28fd7757fa79b3e42287f6023e>, name = "kule"]
Peer kule failed CHAP authentication
sent [CHAP Failure id=0x89 ""]
sent [LCP TermReq id=0x2 "Authentication failed"]
rcvd [LCP TermReq id=0x4 0d 20 2e aa 00 3c cd 74 00 00 02 b3]
sent [LCP TermAck id=0x4]
rcvd [LCP TermAck id=0x2 "Authentication failed"]
Connection terminated.
RADATTR plugin removed file /var/run/radattr.ppp0.
root@ubuntu:~#

[ran]

а сколько радиусов то запущено в данный момент? просто

Failed binding to socket: Address already in use
/etc/freeradius/radiusd.conf[17]: Error binding to port for 0.0.0.0 port 1812

наводит на мысль что > 1

ps ax | grep radius

[kule]

туплю я вводил freeradius -X
а надо было /etc/init.d/freeradius stop && freeradius -X

Код: Выделить всё

        Service-Type = Framed-User
        Framed-Protocol = PPP
        User-Name = "kule"
        CHAP-Challenge = 0x663e16d6ef68d9c5dcaabeba23d138e807dc1d870926
        CHAP-Password = 0xce4ed8f210fb399ba89f4a8c78d8e908a2
        NAS-IP-Address = 127.0.1.1
        NAS-Port = 0
+- entering group authorize {...}
++[preprocess] returns ok
Exec-Program output: Auth-Type := Accept
Exec-Program-Wait: value-pairs: Auth-Type := Accept
Exec-Program: returned: 0
++[abills_preauth] returns ok
++[mschap] returns noop
[files] users: Matched entry DEFAULT at line 2
++[files] returns ok
Exec-Program output: Reply-Message = "Unknow server '127.0.1.1'"
Exec-Program-Wait: value-pairs: Reply-Message = "Unknow server '127.0.1.1'"
Exec-Program: returned: 1
++[abills_auth] returns reject
Using Post-Auth-Type Reject
+- entering group REJECT {...}
Exec-Program output:
Exec-Program: returned: 0
++[abills_postauth] returns ok
Delaying reject of request 1 for 1 seconds
Going to the next request
Waking up in 0.6 seconds.
Sending delayed reject for request 1
Sending Access-Reject of id 147 to 127.0.0.1 port 55556
        Reply-Message = "Unknow server '127.0.1.1'"
Waking up in 4.9 seconds.
Cleaning up request 1 ID 147 with timestamp +69
Ready to process requests.

как исправить ?

[dnk2009]

пользуйся поиском много раз обсуждалась именно эта проблема

[kule]

пользуйся поиском много раз обсуждалась именно эта проблема

фаил /etc/hosts

Код: Выделить всё

127.0.0.1       localhost ubuntu

но ошибка осталась

Код: Выделить всё

rad_recv: Access-Request packet from host 127.0.0.1 port 42805, id=27, length=87
        Service-Type = Framed-User
        Framed-Protocol = PPP
        User-Name = "kule"
        CHAP-Challenge = 0x6f206554dd77cd49b380a3beca251b75
        CHAP-Password = 0x4517c238e9b7ea6c307cbb273bf3d05625
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 0
+- entering group authorize {...}
++[preprocess] returns ok
Exec-Program output: Auth-Type := Accept
Exec-Program-Wait: value-pairs: Auth-Type := Accept
Exec-Program: returned: 0
++[abills_preauth] returns ok
++[mschap] returns noop
[files] users: Matched entry DEFAULT at line 2
++[files] returns ok
Exec-Program output: Reply-Message = "Unknow server '127.0.0.1'"
Exec-Program-Wait: value-pairs: Reply-Message = "Unknow server '127.0.0.1'"
Exec-Program: returned: 1
++[abills_auth] returns reject
Using Post-Auth-Type Reject
+- entering group REJECT {...}
Exec-Program output:
Exec-Program: returned: 0
++[abills_postauth] returns ok
Sending Access-Reject of id 27 to 127.0.0.1 port 42805
        Reply-Message = "Unknow server '127.0.0.1'"
Finished request 0.
Going to the next request
Waking up in 4.8 seconds.

пожалуйста дай ссылку на то где это обсуждалось!

[kule]

так и не решил перелопатил пол форума.....

[Tiger]

clients.conf

client localhost {
secret = radsecret
shortname = shortname
}
может это?

[zimba]

Добрый день.
Вот и я столкнулся с freeradius v2
Проблема сходна с выше описаными, но к сожалению решения я не нашел
Пользователи у меня подключаются но адрес выдается из 192.168 подсети, а не из 10 как прописано в настройках.
В /var/run/radattr.pppX

Код: Выделить всё

MS-CHAP2-Success US=30386485A05E3400AC5573FD45EFC449308393C1
MS-MPPE-Recv-Key \226\340\276\212\205\2745EA"\032\224\204\214}\013Y\017\333\355\0257=\033\020\257r\204\232\334\217\343\001\256
MS-MPPE-Send-Key \233\224_\247\344?!\200\023X\3545\255\351\263\035\220B\330(\333<\252\257Wabg\311@\260I\333r
MS-MPPE-Encryption-Policy.
MS-MPPE-Encryption-Types.

т.е. шейпер не работает и т.п.

в мониторе тоже все по 0 и через какое то время логин сваливается в ZAP

вот что говорит radius

Код: Выделить всё

Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1 port 34360, id=231, length=133
        Service-Type = Framed-User
        Framed-Protocol = PPP
        User-Name = "sliva"
        MS-CHAP-Challenge = 0xf7d39e84331985a063f808f0944a2204
        MS-CHAP2-Response = 0xee006fdf003f97d86e3792cc91596eb30de60000000000000000ae9736092e49b012a6977762372fe99ea3c2fe121d66dcef
        NAS-IP-Address = 10.0.10.1
        NAS-Port = 11
+- entering group authorize
++[preprocess] returns ok
Exec-Program output: Cleartext-Password := "123456"
Exec-Program-Wait: value-pairs: Cleartext-Password := "123456"
Exec-Program: returned: 0
++[abills_preauth] returns ok
  rlm_mschap: Found MS-CHAP attributes.  Setting 'Auth-Type  = mschap'
++[mschap] returns ok
    users: Matched entry DEFAULT at line 2
++[files] returns ok
Exec-Program output: Session-Timeout = 1740297, Session-Octets-Limit = 0 , PPPD-Downstream-Speed-Limit = 256, Acct-Interim-Interval = 60, PPPD-Upstream-Speed-Limit = 256, Octets-Direction = 0, Framed-IP-Address = 10.0.0.1, Framed-IP-Netmask = 255.255.255.255,
Exec-Program-Wait: plaintext: Session-Timeout = 1740297, Session-Octets-Limit = 0 , PPPD-Downstream-Speed-Limit = 256, Acct-Interim-Interval = 60, PPPD-Upstream-Speed-Limit = 256, Octets-Direction = 0, Framed-IP-Address = 10.0.0.1, Framed-IP-Netmask = 255.255.255.255,
Exec-Program: returned: 0
++[abills_auth] returns ok
  rad_check_password:  Found Auth-Type mschap
auth: type "MSCHAP"
+- entering group MS-CHAP
  rlm_mschap: Told to do MS-CHAPv2 for sliva with NT-Password
rlm_mschap: adding MS-CHAPv2 MPPE keys
++[mschap] returns ok
Login OK: [sliva/<via Auth-Type = mschap>] (from client localhost port 11)
+- entering group post-auth
++[exec] returns noop
Sending Access-Accept of id 231 to 127.0.0.1 port 34360
        MS-CHAP2-Success = 0xee533d31333934433232354137454144334145303635353844344143433036353241393043323139414334
        MS-MPPE-Recv-Key = 0x5facaccfb69f23011a179d4e47b31f65
        MS-MPPE-Send-Key = 0x2e42cb45f9e8c8d965ba5a6f102e2051
        MS-MPPE-Encryption-Policy = 0x00000001
        MS-MPPE-Encryption-Types = 0x00000006
Finished request 4.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Accounting-Request packet from host 127.0.0.1 port 34362, id=233, length=97
        Acct-Session-Id = "4A81ABC71E6000"
        User-Name = "sliva"
        Acct-Status-Type = Start
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Acct-Authentic = RADIUS
        NAS-Port-Type = Async
        Framed-IP-Address = 192.168.1.12
        NAS-IP-Address = 10.0.10.1
        NAS-Port = 11
        Acct-Delay-Time = 0
+- entering group preacct
++[preprocess] returns ok
Exec-Program output:
Exec-Program: returned: 0
++[abills_acc] returns ok
+- entering group accounting
++[unix] returns ok
        expand: /var/log/freeradius/radutmp -> /var/log/freeradius/radutmp
        expand: %{User-Name} -> sliva
++[radutmp] returns ok
        expand: %{User-Name} -> sliva
 attr_filter: Matched entry DEFAULT at line 12
++[attr_filter.accounting_response] returns updated
Sending Accounting-Response of id 233 to 127.0.0.1 port 34362
Finished request 6.
Cleaning up request 6 ID 233 with timestamp +20
Going to the next request
Waking up in 4.7 seconds.

если у кого будут идеи буду признателен за любой совет

[ran]

словари радиусклиента мабуть курить