Abills 0.55_rc1+accel-ppp+freeradius2.1.12 на debian 7

Установка, настройка, поддержка
Ответить
Avtogen
Сообщения: 19
Зарегистрирован: Чт окт 09, 2008 5:34 pm

Abills 0.55_rc1+accel-ppp+freeradius2.1.12 на debian 7

Сообщение Avtogen »

Проблема подключение vpn у клиента держится 10c помогите плиз

заметил вот еще что ppp+ не создает

freeradius -X

Код: Выделить всё

FreeRADIUS Version 2.1.12, for host x86_64-pc-linux-gnu, built on Dec 16 2012 at 13:28:43
Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License v2.
Starting - reading configuration files ...
including configuration file /etc/freeradius/radiusd.conf
including configuration file /etc/freeradius/clients.conf
including files in directory /etc/freeradius/modules/
including configuration file /etc/freeradius/modules/rediswho
including configuration file /etc/freeradius/modules/replicate
including configuration file /etc/freeradius/modules/digest
including configuration file /etc/freeradius/modules/detail.log
including configuration file /etc/freeradius/modules/expr
including configuration file /etc/freeradius/modules/krb5
including configuration file /etc/freeradius/modules/attr_filter
including configuration file /etc/freeradius/modules/sradutmp
including configuration file /etc/freeradius/modules/sqlcounter_expire_on_login
including configuration file /etc/freeradius/modules/chap
including configuration file /etc/freeradius/modules/smbpasswd
including configuration file /etc/freeradius/modules/otp
including configuration file /etc/freeradius/modules/inner-eap
including configuration file /etc/freeradius/modules/perl
including configuration file /etc/freeradius/modules/redis
including configuration file /etc/freeradius/modules/acct_unique
including configuration file /etc/freeradius/modules/ntlm_auth
including configuration file /etc/freeradius/modules/passwd
including configuration file /etc/freeradius/modules/etc_group
including configuration file /etc/freeradius/modules/linelog
including configuration file /etc/freeradius/modules/ldap
including configuration file /etc/freeradius/modules/detail.example.com
including configuration file /etc/freeradius/modules/radutmp
including configuration file /etc/freeradius/modules/echo
including configuration file /etc/freeradius/modules/mschap
including configuration file /etc/freeradius/modules/mac2vlan
including configuration file /etc/freeradius/modules/sql_log
including configuration file /etc/freeradius/modules/ippool
including configuration file /etc/freeradius/modules/always
including configuration file /etc/freeradius/modules/unix
including configuration file /etc/freeradius/modules/attr_rewrite
including configuration file /etc/freeradius/modules/opendirectory
including configuration file /etc/freeradius/modules/pam
including configuration file /etc/freeradius/modules/preprocess
including configuration file /etc/freeradius/modules/checkval
including configuration file /etc/freeradius/modules/files
including configuration file /etc/freeradius/modules/exec
including configuration file /etc/freeradius/modules/pap
including configuration file /etc/freeradius/modules/counter
including configuration file /etc/freeradius/modules/dynamic_clients
including configuration file /etc/freeradius/modules/mac2ip
including configuration file /etc/freeradius/modules/smsotp
including configuration file /etc/freeradius/modules/logintime
including configuration file /etc/freeradius/modules/expiration
including configuration file /etc/freeradius/modules/realm
including configuration file /etc/freeradius/modules/cui
including configuration file /etc/freeradius/modules/policy
including configuration file /etc/freeradius/modules/wimax
including configuration file /etc/freeradius/modules/detail
including configuration file /etc/freeradius/modules/soh
including configuration file /etc/freeradius/policy.conf
including files in directory /etc/freeradius/sites-enabled/
including configuration file /etc/freeradius/sites-enabled/default
including configuration file /etc/freeradius/sites-enabled/inner-tunnel
main {
        user = "freerad"
        group = "freerad"
        allow_core_dumps = no
}
including dictionary file /etc/freeradius/dictionary
main {
        name = "freeradius"
        prefix = "/usr/"
        localstatedir = "/var"
        sbindir = "/usr//sbin"
        logdir = "/var/log/freeradius"
        run_dir = "/var/run/freeradius"
        libdir = "/usr/lib/freeradius"
        radacctdir = "/var/log/freeradius/radacct"
        hostname_lookups = no
        max_request_time = 30
        cleanup_delay = 5
        max_requests = 512000
        pidfile = "/var/run/freeradius/freeradius.pid"
        checkrad = "/usr//sbin/checkrad"
        debug_level = 0
        proxy_requests = no
 log {
        stripped_names = no
        auth = no
        auth_badpass = no
        auth_goodpass = no
 }
 security {
        max_attributes = 200
        reject_delay = 1
        status_server = yes
 }
}
radiusd: #### Loading Realms and Home Servers ####
radiusd: #### Loading Clients ####
 client localhost {
        ipaddr = 127.0.0.1
        require_message_authenticator = no
        secret = "radsecret"
        nastype = "other"
 }
radiusd: #### Instantiating modules ####
 instantiate {
 Module: Linked to module rlm_exec
 Module: Instantiating module "exec" from file /etc/freeradius/modules/exec
  exec {
        wait = yes
        input_pairs = "request"
        output_pairs = "reply"
        shell_escape = yes
  }
 Module: Linked to module rlm_expiration
 Module: Instantiating module "expiration" from file /etc/freeradius/modules/expiration
  expiration {
        reply-message = "Password Has Expired  "
  }
 }
radiusd: #### Loading Virtual Servers ####
server { # from file /etc/freeradius/radiusd.conf
 modules {
  Module: Creating Auth-Type = Perl
  Module: Creating Post-Auth-Type = REJECT
 Module: Checking authenticate {...} for more modules to load
 Module: Linked to module rlm_pap
 Module: Instantiating module "pap" from file /etc/freeradius/modules/pap
  pap {
        encryption_scheme = "auto"
        auto_header = no
  }
 Module: Linked to module rlm_chap
 Module: Instantiating module "chap" from file /etc/freeradius/modules/chap
 Module: Linked to module rlm_mschap
 Module: Instantiating module "mschap" from file /etc/freeradius/modules/mschap
  mschap {
        use_mppe = yes
        require_encryption = no
        require_strong = no
        with_ntdomain_hack = no
        allow_retry = yes
  }
 Module: Checking authorize {...} for more modules to load
 Module: Linked to module rlm_preprocess
 Module: Instantiating module "preprocess" from file /etc/freeradius/modules/preprocess
  preprocess {
        huntgroups = "/etc/freeradius/huntgroups"
        hints = "/etc/freeradius/hints"
        with_ascend_hack = no
        ascend_channels_per_line = 23
        with_ntdomain_hack = no
        with_specialix_jetstream_hack = no
        with_cisco_vsa_hack = no
        with_alvarion_vsa_hack = no
  }
 Module: Instantiating module "abills_preauth" from file /etc/freeradius/radiusd.conf
  exec abills_preauth {
        wait = yes
        program = "/usr/abills/libexec/rauth.pl pre_auth"
        input_pairs = "request"
        output_pairs = "config"
        shell_escape = yes
  }
 Module: Linked to module rlm_files
 Module: Instantiating module "files" from file /etc/freeradius/modules/files
  files {
        usersfile = "/etc/freeradius/users"
        acctusersfile = "/etc/freeradius/acct_users"
        preproxy_usersfile = "/etc/freeradius/preproxy_users"
        compat = "no"
  }
 Module: Instantiating module "abills_auth" from file /etc/freeradius/radiusd.conf
  exec abills_auth {
        wait = yes
        program = "/usr/abills/libexec/rauth.pl"
        input_pairs = "request"
        output_pairs = "reply"
        shell_escape = yes
  }
 Module: Checking preacct {...} for more modules to load
 Module: Instantiating module "abills_acc" from file /etc/freeradius/radiusd.conf
  exec abills_acc {
        wait = yes
        program = "/usr/abills/libexec/racct.pl"
        input_pairs = "request"
        output_pairs = "reply"
        shell_escape = yes
  }
 Module: Checking post-auth {...} for more modules to load
 Module: Instantiating module "abills_postauth" from file /etc/freeradius/radiusd.conf
  exec abills_postauth {
        wait = yes
        program = "/usr/abills/libexec/rauth.pl post_auth"
        input_pairs = "request"
        output_pairs = "config"
        shell_escape = yes
  }
 } # modules
} # server
server inner-tunnel { # from file /etc/freeradius/sites-enabled/inner-tunnel
 modules {
 Module: Checking authenticate {...} for more modules to load
 Module: Linked to module rlm_unix
 Module: Instantiating module "unix" from file /etc/freeradius/modules/unix
  unix {
        radwtmp = "/var/log/freeradius/radwtmp"
  }
 Module: Checking authorize {...} for more modules to load
 Module: Linked to module rlm_realm
 Module: Instantiating module "suffix" from file /etc/freeradius/modules/realm
  realm suffix {
        format = "suffix"
        delimiter = "@"
        ignore_default = no
        ignore_null = no
  }
 Module: Linked to module rlm_logintime
 Module: Instantiating module "logintime" from file /etc/freeradius/modules/logintime
  logintime {
        reply-message = "You are calling outside your allowed timespan  "
        minimum-timeout = 60
  }
 Module: Checking session {...} for more modules to load
 Module: Linked to module rlm_radutmp
 Module: Instantiating module "radutmp" from file /etc/freeradius/modules/radutmp
  radutmp {
        filename = "/var/log/freeradius/radutmp"
        username = "%{User-Name}"
        case_sensitive = yes
        check_with_nas = yes
        perm = 384
        callerid = yes
  }
 Module: Checking post-proxy {...} for more modules to load
 Module: Checking post-auth {...} for more modules to load
 Module: Linked to module rlm_attr_filter
 Module: Instantiating module "attr_filter.access_reject" from file /etc/freeradius/modules/attr_filter
  attr_filter attr_filter.access_reject {
        attrsfile = "/etc/freeradius/attrs.access_reject"
        key = "%{User-Name}"
        relaxed = no
  }
 } # modules
} # server
radiusd: #### Opening IP addresses and Ports ####
listen {
        type = "auth"
        ipaddr = *
        port = 0
}
listen {
        type = "acct"
        ipaddr = *
        port = 0
}
Listening on authentication address * port 1812
Listening on accounting address * port 1813
Ready to process requests.

при подключение клиента

Код: Выделить всё

Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1 port 57799, id=1, length=177
        User-Name = "test"
        NAS-Identifier = "accel-ppp"
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 0
        NAS-Port-Type = Virtual
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Calling-Station-Id = "172.16.49.21"
        Called-Station-Id = "172.16.49.94"
        MS-CHAP-Challenge = 0x7d1da997195c178c39fa168834036a6c
        MS-CHAP2-Response = 0x01001eda4ac8081914baecec1b6d5a8489c70000000000000000b0e58ecaf83fa74167e306fe0b833d303a7e24e3a67aae4c
# Executing section authorize from file /etc/freeradius/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
Exec-Program output: Cleartext-Password := "123456"
Exec-Program-Wait: value-pairs: Cleartext-Password := "123456"
Exec-Program: returned: 0
++[abills_preauth] returns ok
[mschap] Found MS-CHAP attributes.  Setting 'Auth-Type  = mschap'
++[mschap] returns ok
[files] users: Matched entry DEFAULT at line 1
++[files] returns ok
Exec-Program output: Acct-Interim-Interval = 60, Session-Timeout = 2127743, User-Name = test, Framed-IP-Address = 10.1.0.35, Framed-IP-Netmask = 255.255.255.0,
Exec-Program-Wait: value-pairs: Acct-Interim-Interval = 60, Session-Timeout = 2127743, User-Name = test, Framed-IP-Address = 10.1.0.35, Framed-IP-Netmask = 255.255.255.0,
Exec-Program: returned: 0
++[abills_auth] returns ok
Found Auth-Type = MSCHAP
# Executing group from file /etc/freeradius/sites-enabled/default
+- entering group MS-CHAP {...}
[mschap] Creating challenge hash with username: test
[mschap] Told to do MS-CHAPv2 for test with NT-Password
[mschap] adding MS-CHAPv2 MPPE keys
++[mschap] returns ok
  WARNING: Empty post-auth section.  Using default return values.
# Executing section post-auth from file /etc/freeradius/sites-enabled/default
Sending Access-Accept of id 1 to 127.0.0.1 port 57799
        Acct-Interim-Interval = 60
        Session-Timeout = 2127743
        User-Name = "test"
        Framed-IP-Address = 10.1.0.35
        Framed-IP-Netmask = 255.255.255.0
        MS-CHAP2-Success = 0x01533d38353539353431364436443242303532344541444631323938303338303538303035393639383944
        MS-MPPE-Recv-Key = 0x58100a6911f3befafd829ab3af0b2d1c
        MS-MPPE-Send-Key = 0x75e19959fa6c799b5b5a76366751f921
        MS-MPPE-Encryption-Policy = 0x00000001
        MS-MPPE-Encryption-Types = 0x00000006
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Accounting-Request packet from host 127.0.0.1 port 36441, id=1, length=173
        User-Name = "test"
        NAS-Identifier = "accel-ppp"
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 0
        NAS-Port-Type = Virtual
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Calling-Station-Id = "172.16.49.21"
        Called-Station-Id = "172.16.49.94"
        Acct-Status-Type = Start
        Acct-Authentic = RADIUS
        Acct-Session-Id = "75db1c41de75dfa3"
        Acct-Session-Time = 0
        Acct-Input-Octets = 0
        Acct-Output-Octets = 0
        Acct-Input-Packets = 0
        Acct-Output-Packets = 0
        Acct-Input-Gigawords = 0
        Acct-Output-Gigawords = 0
        Framed-IP-Address = 10.1.0.35
# Executing section preacct from file /etc/freeradius/sites-enabled/default
+- entering group preacct {...}
++[preprocess] returns ok
Exec-Program output:
Exec-Program: returned: 0
++[abills_acc] returns ok
  WARNING: Empty accounting section.  Using default return values.
Finished request 1.
Cleaning up request 1 ID 1 with timestamp +17
Going to the next request
Waking up in 4.8 seconds.
rad_recv: Accounting-Request packet from host 127.0.0.1 port 36441, id=1, length=173
        User-Name = "test"
        NAS-Identifier = "accel-ppp"
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 0
        NAS-Port-Type = Virtual
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Calling-Station-Id = "172.16.49.21"
        Called-Station-Id = "172.16.49.94"
        Acct-Status-Type = Start
        Acct-Authentic = RADIUS
        Acct-Session-Id = "75db1c41de75dfa3"
        Acct-Session-Time = 0
        Acct-Input-Octets = 0
        Acct-Output-Octets = 0
        Acct-Input-Packets = 0
        Acct-Output-Packets = 0
        Acct-Input-Gigawords = 0
        Acct-Output-Gigawords = 0
        Framed-IP-Address = 10.1.0.35
# Executing section preacct from file /etc/freeradius/sites-enabled/default
+- entering group preacct {...}
++[preprocess] returns ok
Exec-Program output:
Exec-Program: returned: 0
++[abills_acc] returns ok
  WARNING: Empty accounting section.  Using default return values.
Finished request 2.
Cleaning up request 2 ID 1 with timestamp +20
Going to the next request
Waking up in 1.8 seconds.
Cleaning up request 0 ID 1 with timestamp +17
Ready to process requests.
rad_recv: Accounting-Request packet from host 127.0.0.1 port 36441, id=1, length=173
        User-Name = "test"
        NAS-Identifier = "accel-ppp"
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 0
        NAS-Port-Type = Virtual
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Calling-Station-Id = "172.16.49.21"
        Called-Station-Id = "172.16.49.94"
        Acct-Status-Type = Start
        Acct-Authentic = RADIUS
        Acct-Session-Id = "75db1c41de75dfa3"
        Acct-Session-Time = 0
        Acct-Input-Octets = 0
        Acct-Output-Octets = 0
        Acct-Input-Packets = 0
        Acct-Output-Packets = 0
        Acct-Input-Gigawords = 0
        Acct-Output-Gigawords = 0
        Framed-IP-Address = 10.1.0.35
# Executing section preacct from file /etc/freeradius/sites-enabled/default
+- entering group preacct {...}
++[preprocess] returns ok
Exec-Program output:
Exec-Program: returned: 0
++[abills_acc] returns ok
  WARNING: Empty accounting section.  Using default return values.
Finished request 3.
Cleaning up request 3 ID 1 with timestamp +23
Going to the next request
в логе abills

Код: Выделить всё

2013-09-06 08:57:37	LOG_INFO	AUTH	test	CID: 172.16.49.21 GT: 0.07405	90
в abills сессия висит что типо клиент подключен

конфиг cat /etc/accel-ppp.conf

Код: Выделить всё

[modules]
#path=/usr/local/lib/accel-ppp
log_file
#log_syslog
#log_tcp
#log_pgsql

pptp
#l2tp
#pppoe

auth_mschap_v2
#auth_mschap_v1
#auth_chap_md5
#auth_pap

radius
ippool
sigchld
#pppd_compat

#shaper
#shaper_tbf (obsolete)
# chap-secrets
#net-snmp
#logwtmp
#connlimit

#ipv6_nd
#ipv6_dhcp
#ipv6pool

[core]
log-error=/var/log/accel-ppp/core.log
thread-count=4

[ppp]
verbose=1
min-mtu=1280
mtu=1480
mru=1480
#ccp=0
#sid-case=upper
#check-ip=0
single-session=replace
#mppe=require
ipv4=require
ipv6=deny
#ipv6-intf-id=0:0:0:1
#ipv6-peer-intf-id=0:0:0:2
#ipv6-accept-peer-intf-id=1
lcp-echo-interval=20
#lcp-echo-failure=3
lcp-echo-timeout=120
#unit-cache=1000

[auth]
#any-login=0
#noauth=0

[pptp]
echo-interval=30
verbose=1

[pppoe]
interface=eth0
#interface=eth1,padi-limit=1000
ac-name=Debian_accel-ppp
service-name=C3
#pado-delay=0
#pado-delay=0,100:100,200:200,-1:500
ifname-in-sid=called-sid
#tr101=1
#padi-limit=0
verbose=1

#[l2tp]
#dictionary=/usr/local/share/accel-ppp/l2tp/dictionary
#hello-interval=60
#timeout=60
#rtimeout=5
#retransmit=5
#host-name=accel-ppp
#dir300_quirk=0
#secret=
#verbose=1

[dns]
dns1=10.128.0.1
#dns2=

[radius]
dictionary=/usr/local/share/accel-ppp/radius/dictionary
nas-identifier=accel-ppp
nas-ip-address=127.0.0.1
gw-ip-address=10.0.0.10
auth-server=127.0.0.1:1812,radsecret
acct-server=127.0.0.1:1813,radsecret
dae-server=127.0.0.1:3799,radsecret
verbose=1
#timeout=3
#max-try=3
#acct-timeout=120
#acct-delay-time=0

#[radius]
#dictionary=/usr/local/share/accel-ppp/radius/dictionary
#nas-identifier=accel-ppp
#nas-ip-address=127.0.0.1               # IP Debiana z accel-ppp
#gw-ip-address=10.128.0.1               # IP Debiana z accel-ppp
##auth-server=127.0.0.1:1812,testing123 (obsolete)
##acct-server=127.0.0.1:1813,testing123 (obsolete)
##server=127.0.0.1,testing123 (obsolete)
##server=127.0.0.1,testing123,auth-port=1812,acct-port=1813,req-limit=0,fail-time=0
##server=127.0.0.1,radsecret,auth-port=1812,acct-port=1813,req-limit=0,fail-time=0
#dae-server=127.0.0.1:3799,radsecret
#verbose=0
#timeout=3
##max-try=3
#acct-timeout=120
##acct-delay-time=0

[client-ip-range]
#10.0.0.0/8
disable

[ip-pool]
#gw-ip-address=192.168.0.1
#vendor=Cisco
#attr=Cisco-AVPair
#attr=Framed-Pool
#192.168.0.2-255
#192.168.1.1-255,pool1
#192.168.2.1-255,pool2
#192.168.3.1-255,pool3
#192.168.4.0/24

[log]
log-file=/var/log/accel-ppp/accel-ppp.log
log-emerg=/var/log/accel-ppp/emerg.log
log-fail-file=/var/log/accel-ppp/auth-fail.log
#log-debug=/dev/stdout
#syslog=accel-pppd,daemon
#log-tcp=127.0.0.1:3000
copy=1
#color=1
#per-user-dir=per_user
#per-session-dir=per_session
#per-session=1
level=3

#[log-pgsql]
#conninfo=user=log
#log-table=log

[pppd-compat]
#ip-pre-up=/etc/ppp/ip-pre-up
#ip-up=/etc/ppp/ip-up
#ip-down=/etc/ppp/ip-down
#ip-change=/etc/ppp/ip-change
#radattr-prefix=/var/run/radattr
verbose=1

#[chap-secrets]
#gw-ip-address=10.128.0.1
#chap-secrets=/etc/ppp/chap-secrets

##[shaper]
#attr=Filter-Id
#down-burst-factor=0.1
#up-burst-factor=1.0
#latency=50
#mpu=0
#r2q=10
#quantum=1500
#cburst=1534
#ifb=ifb0
##up-limiter=police
##down-limiter=tbf
#leaf-qdisc=sfq perturb 10
##verbose=1

#tbf is obsolete, use shaper module
#[tbf]
#attr=Filter-Id
#down-burst-factor=0.1
#up-burst-factor=1.0
#latency=50

[cli]
telnet=127.0.0.1:2000
tcp=127.0.0.1:2001
#password=123

[snmp]
master=0
agent-name=accel-ppp

#[connlimit]
#limit=10/min
#burst=3
#timeout=60

#[ipv6-pool]
#fc00:0:1::/48,64
#delegate=fc00:1::/36,48

#[ipv6-dns]
#fc00:1::1
#fc00:1::2
#fc00:1::3
#dnssl=suffix1.local.net
#dnssl=suffix2.local.net.

#[ipv6-dhcp]
#verbose=1
#pref-lifetime=604800
#valid-lifetime=2592000

snooppy
Сообщения: 37
Зарегистрирован: Пн апр 29, 2013 7:20 am

Re: Abills 0.55_rc1+accel-ppp+freeradius2.1.12 на debian 7

Сообщение snooppy »

Покажите лог accel-ppp level 5


[log]
log-file=/var/log/accel-ppp/accel-ppp.log
log-emerg=/var/log/accel-ppp/emerg.log
log-fail-file=/var/log/accel-ppp/auth-fail.log
#log-debug=/dev/stdout
#syslog=accel-pppd,daemon
#log-tcp=127.0.0.1:3000
copy=1
#color=1
#per-user-dir=per_user
#per-session-dir=per_session
#per-session=1
level=5

Avtogen
Сообщения: 19
Зарегистрирован: Чт окт 09, 2008 5:34 pm

Re: Abills 0.55_rc1+accel-ppp+freeradius2.1.12 на debian 7

Сообщение Avtogen »

snooppy писал(а):Покажите лог accel-ppp level 5


[log]
log-file=/var/log/accel-ppp/accel-ppp.log
log-emerg=/var/log/accel-ppp/emerg.log
log-fail-file=/var/log/accel-ppp/auth-fail.log
#log-debug=/dev/stdout
#syslog=accel-pppd,daemon
#log-tcp=127.0.0.1:3000
copy=1
#color=1
#per-user-dir=per_user
#per-session-dir=per_session
#per-session=1
level=5


accel-ppp.log

Код: Выделить всё

[2013-09-06 14:01:32]:  info: pptp: new connection from 172.16.49.21
[2013-09-06 14:01:32]:  info: : recv [PPTP Start-Ctrl-Conn-Request <Version 1> <Framing 1> <Bearer 1> <Max-Chan 0>]
[2013-09-06 14:01:32]:  info: : send [PPTP Start-Ctrl-Conn-Reply <Version 1> <Result 1> <Error 0> <Framing 3> <Bearer 3> <Max-Chan 1>]
[2013-09-06 14:01:32]:  info: : recv [PPTP Outgoing-Call-Request <Call-ID 5274> <Call-Serial 19> <Min-BPS 300> <Max-BPS 100000000> <Bearer 3> <Framing 3> <Window-Size 64> <Delay 0>]
[2013-09-06 14:01:32]:  info: : send [PPTP Outgoing-Call-Reply <Call-ID b6> <Peer-Call-ID 5274> <Result 1> <Error 0> <Cause 0> <Speed 100000000> <Window-Size 64> <Delay 0> <Channel 0>]
[2013-09-06 14:01:32]:  info: ppp0: connect: ppp0 <--> pptp(172.16.49.21)
[2013-09-06 14:01:32]: debug: ppp0: lcp_layer_init
[2013-09-06 14:01:32]: debug: ppp0: auth_layer_init
[2013-09-06 14:01:32]: debug: ppp0: ccp_layer_init
[2013-09-06 14:01:32]: debug: ppp0: ipcp_layer_init
[2013-09-06 14:01:32]: debug: ppp0: ipv6cp_layer_init
[2013-09-06 14:01:32]: debug: ppp0: ppp established
[2013-09-06 14:01:32]: debug: ppp0: lcp_layer_start
[2013-09-06 14:01:32]:  info: ppp0: send [LCP ConfReq id=1 <auth MSCHAP-v2> <mru 1436> <magic 643c9869>]
[2013-09-06 14:01:32]:  info: ppp0: recv [PPTP Set-Link-Info]
[2013-09-06 14:01:34]:  info: ppp0: recv [LCP ConfReq id=1 <mru 1400> <magic 0c2a749b> <pcomp> <accomp> < d 3 6 >]
[2013-09-06 14:01:34]:  info: ppp0: send [LCP ConfRej id=1  <pcomp> <accomp> < d 3 6 >]
[2013-09-06 14:01:34]:  info: ppp0: recv [LCP ConfReq id=2 <mru 1400> <magic 0c2a749b>]
[2013-09-06 14:01:34]:  info: ppp0: send [LCP ConfAck id=2 ]
[2013-09-06 14:01:35]: debug: ppp0: fsm timeout
[2013-09-06 14:01:35]:  info: ppp0: send [LCP ConfReq id=1 <auth MSCHAP-v2> <mru 1436> <magic 643c9869>]
[2013-09-06 14:01:35]:  info: ppp0: recv [LCP ConfAck id=1 <auth MSCHAP-v2> <mru 1436> <magic 643c9869>]
[2013-09-06 14:01:35]: debug: ppp0: lcp_layer_started
[2013-09-06 14:01:35]: debug: ppp0: auth_layer_start
[2013-09-06 14:01:35]:  info: ppp0: send [MSCHAP-v2 Challenge id=1 <319afec850f07fbfcc99982d5cd339>]
[2013-09-06 14:01:35]:  info: ppp0: recv [LCP Ident id=3 <MSRASV5.20>]
[2013-09-06 14:01:35]:  info: ppp0: recv [LCP Ident id=4 <MSRAS-0-WS003001>]
[2013-09-06 14:01:35]:  info: ppp0: recv [LCP Ident id=5 <▒M$▒z|WE▒%▒▒▒▒▒)>]
[2013-09-06 14:01:35]:  info: ppp0: recv [PPTP Set-Link-Info]
[2013-09-06 14:01:35]:  info: ppp0: recv [MSCHAP-v2 Response id=1 <9bccadf3a8524474cdc75da63dbdce9>, <be3fd6bd754cc0edf777eb8b56675f22e9d71dc267dbd1a>, F=0, name="test"]
[2013-09-06 14:01:35]:  info: ppp0: send [RADIUS(1) Access-Request id=1 <User-Name "test"> <NAS-Identifier "accel-ppp"> <NAS-IP-Address 127.0.0.1> <NAS-Port 0> <NAS-Port-Type Virtual> <Service-Type Framed-User> <Framed-Protocol PPP> <Calling-Station-Id "172.16.49.21"> <Called-Station-Id "172.16.49.94"><Microsoft MS-CHAP-Challenge ><Microsoft MS-CHAP2-Response >]
[2013-09-06 14:01:35]:  info: ppp0: recv [RADIUS(1) Access-Accept id=1 <Acct-Interim-Interval 60> <Session-Timeout 2109505> <User-Name "test"> <Framed-IP-Address 10.1.0.100> <Framed-IP-Netmask 255.255.255.0><Microsoft MS-CHAP2-Success ><Microsoft MS-MPPE-Recv-Key ><Microsoft MS-MPPE-Send-Key ><Microsoft MS-MPPE-Encryption-Policy 1><Microsoft MS-MPPE-Encryption-Type 6>]
[2013-09-06 14:01:35]:  info: ppp0: send [MSCHAP-v2 Success id=1 "S=F06382BD3D2E1C2B9E3B51859EAA9AB6505E15AB M=Authentication succeeded"]
[2013-09-06 14:01:35]: debug: ppp0: auth_layer_started
[2013-09-06 14:01:35]: debug: ppp0: ccp_layer_start
[2013-09-06 14:01:35]: debug: ppp0: ipcp_layer_start
[2013-09-06 14:01:35]:  info: ppp0: send [IPCP ConfReq id=1 <addr 10.0.0.10>]
[2013-09-06 14:01:35]: debug: ppp0: ipv6cp_layer_start
[2013-09-06 14:01:35]:  info: ppp0: test: authentication succeeded
[2013-09-06 14:01:35]:  info: ppp0: recv [CCP ConfReq id=6 <mppe +H -M -S -L -D -C>]
[2013-09-06 14:01:35]:  info: ppp0: send [CCP ConfReq id=1 <mppe +H -M +S -L -D -C>]
[2013-09-06 14:01:35]:  info: ppp0: send [CCP ConfNak id=6 <mppe +H -M +S -L -D -C>]
[2013-09-06 14:01:35]:  info: ppp0: recv [IPCP ConfReq id=7 <addr 0.0.0.0> <wins1 0.0.0.0> <wins2 0.0.0.0>]
[2013-09-06 14:01:35]:  info: ppp0: send [IPCP ConfNak id=7 <addr 10.1.0.100>]
[2013-09-06 14:01:35]:  info: ppp0: recv [IPCP ConfAck id=1 <addr 10.0.0.10>]
[2013-09-06 14:01:35]:  info: ppp0: recv [CCP ConfAck id=1 <mppe +H -M +S -L -D -C>]
[2013-09-06 14:01:35]:  info: ppp0: recv [CCP ConfReq id=8 <mppe +H -M +S -L -D -C> (mppe enabled)]
[2013-09-06 14:01:35]:  info: ppp0: send [CCP ConfAck id=8]
[2013-09-06 14:01:35]: debug: ppp0: ccp_layer_started
[2013-09-06 14:01:35]:  info: ppp0: recv [IPCP ConfReq id=9 <addr 10.1.0.100> <wins1 0.0.0.0> <wins2 0.0.0.0>]
[2013-09-06 14:01:35]:  info: ppp0: send [IPCP ConfAck id=9]
[2013-09-06 14:01:35]: debug: ppp0: ipcp_layer_started
[2013-09-06 14:01:35]:  info: ppp0: send [RADIUS(1) Accounting-Request id=1 <User-Name "test"> <NAS-Identifier "accel-ppp"> <NAS-IP-Address 127.0.0.1> <NAS-Port 0> <NAS-Port-Type Virtual> <Service-Type Framed-User> <Framed-Protocol PPP> <Calling-Station-Id "172.16.49.21"> <Called-Station-Id "172.16.49.94"> <Acct-Status-Type Start> <Acct-Authentic RADIUS> <Acct-Session-Id "75db1c41de75e38e"> <Acct-Session-Time 0> <Acct-Input-Octets 0> <Acct-Output-Octets 0> <Acct-Input-Packets 0> <Acct-Output-Packets 0> <Acct-Input-Gigawords 0> <Acct-Output-Gigawords 0> <Framed-IP-Address 10.1.0.100>]
[2013-09-06 14:01:38]:  info: ppp0: send [RADIUS(1) Accounting-Request id=1 <User-Name "test"> <NAS-Identifier "accel-ppp"> <NAS-IP-Address 127.0.0.1> <NAS-Port 0> <NAS-Port-Type Virtual> <Service-Type Framed-User> <Framed-Protocol PPP> <Calling-Station-Id "172.16.49.21"> <Called-Station-Id "172.16.49.94"> <Acct-Status-Type Start> <Acct-Authentic RADIUS> <Acct-Session-Id "75db1c41de75e38e"> <Acct-Session-Time 0> <Acct-Input-Octets 0> <Acct-Output-Octets 0> <Acct-Input-Packets 0> <Acct-Output-Packets 0> <Acct-Input-Gigawords 0> <Acct-Output-Gigawords 0> <Framed-IP-Address 10.1.0.100>]
[2013-09-06 14:01:41]:  info: ppp0: send [RADIUS(1) Accounting-Request id=1 <User-Name "test"> <NAS-Identifier "accel-ppp"> <NAS-IP-Address 127.0.0.1> <NAS-Port 0> <NAS-Port-Type Virtual> <Service-Type Framed-User> <Framed-Protocol PPP> <Calling-Station-Id "172.16.49.21"> <Called-Station-Id "172.16.49.94"> <Acct-Status-Type Start> <Acct-Authentic RADIUS> <Acct-Session-Id "75db1c41de75e38e"> <Acct-Session-Time 0> <Acct-Input-Octets 0> <Acct-Output-Octets 0> <Acct-Input-Packets 0> <Acct-Output-Packets 0> <Acct-Input-Gigawords 0> <Acct-Output-Gigawords 0> <Framed-IP-Address 10.1.0.100>]
[2013-09-06 14:01:44]:  warn: ppp0: radius: server(1) not responding
[2013-09-06 14:01:44]:  warn: radius: server(1) not responding
[2013-09-06 14:01:44]:  warn: ppp0: radius:acct_start: no servers available
[2013-09-06 14:01:44]: debug: ppp0: terminate
[2013-09-06 14:01:44]: debug: ppp0: lcp_layer_finish
[2013-09-06 14:01:44]:  info: ppp0: send [LCP TermReq id=3]
[2013-09-06 14:01:44]: debug: ppp0: auth_layer_finish
[2013-09-06 14:01:44]: debug: ppp0: auth_layer_finished
[2013-09-06 14:01:44]: debug: ppp0: ccp_layer_finish
[2013-09-06 14:01:44]: debug: ppp0: ccp_layer_finished
[2013-09-06 14:01:44]: debug: ppp0: ipcp_layer_finish
[2013-09-06 14:01:44]: debug: ppp0: ipcp_layer_finished
[2013-09-06 14:01:44]: debug: ppp0: ipv6cp_layer_finish
[2013-09-06 14:01:44]: debug: ppp0: ipv6cp_layer_finished
[2013-09-06 14:01:44]:  info: ppp0: recv [PPTP Set-Link-Info]
[2013-09-06 14:01:44]:  info: ppp0: recv [LCP TermAck id=3]
[2013-09-06 14:01:44]: debug: ppp0: lcp_layer_finished
[2013-09-06 14:01:44]: debug: ppp0: lcp_layer_free
[2013-09-06 14:01:44]: debug: ppp0: auth_layer_free
[2013-09-06 14:01:44]: debug: ppp0: ccp_layer_free
[2013-09-06 14:01:44]: debug: ppp0: ipcp_layer_free
[2013-09-06 14:01:44]: debug: ppp0: ipv6cp_layer_free
[2013-09-06 14:01:44]: debug: ppp0: ppp destablished
[2013-09-06 14:01:44]: debug: ppp0: pptp: ppp finished
[2013-09-06 14:01:44]:  info: ppp0: send [PPTP Call-Disconnect-Notify <Call-ID 7452> <Result 3> <Error 0> <Cause 0>]
[2013-09-06 14:01:44]:  info: ppp0: send [PPTP Stop-Ctrl-Conn-Request <Reason 0>]
[2013-09-06 14:01:44]:  info: ppp0: recv [PPTP Stop-Ctrl-Conn-Reply <Result 1> <Error 0>]
[2013-09-06 14:01:44]: debug: ppp0: pptp: disconnect
[2013-09-06 14:01:44]:  info: ppp0: disconnected

snooppy
Сообщения: 37
Зарегистрирован: Пн апр 29, 2013 7:20 am

Re: Abills 0.55_rc1+accel-ppp+freeradius2.1.12 на debian 7

Сообщение snooppy »

[2013-09-06 14:01:44]: warn: ppp0: radius: server(1) not responding
[2013-09-06 14:01:44]: warn: radius: server(1) not responding

Это значит что радиус не ответил, и сессия отвалилась.

[ppp]
ccp=0
verbose=1
min-mtu=1280
mppe=deny
mtu=1400
mru=1400
ipv4=require
ipv6=deny
lcp-echo-interval=30
lcp-echo-failure=3


[pptp]
verbose=1

[radius]
nas-identifier=accel-ppp
nas-ip-address=127.0.0.1
gw-ip-address=10.0.0.10
server=127.0.0.1,radsecret
dae-server=127.0.0.1:3799,radsecret
acct-timeout=0
verbose=1

Попробуйте часть конфига привести к такому виду, и покажите лог accel-ppp если сессия не останется.

И в логе радиуса смущает данное

WARNING: Empty accounting section. Using default return values.

~AsmodeuS~
Site Admin
Сообщения: 5746
Зарегистрирован: Пт янв 28, 2005 3:11 pm
Контактная информация:

Re: Abills 0.55_rc1+accel-ppp+freeradius2.1.12 на debian 7

Сообщение ~AsmodeuS~ »

tcpdump покажет что ответ радиуса не возвращается на сервер доступа

попробуйте или изменить ип или посмотреть фаервол

Avtogen
Сообщения: 19
Зарегистрирован: Чт окт 09, 2008 5:34 pm

Re: Abills 0.55_rc1+accel-ppp+freeradius2.1.12 на debian 7

Сообщение Avtogen »

~AsmodeuS~ писал(а):tcpdump покажет что ответ радиуса не возвращается на сервер доступа

попробуйте или изменить ип или посмотреть фаервол

фаервол еще не стоит
iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

ип поменял не чего не изменилась

Avtogen
Сообщения: 19
Зарегистрирован: Чт окт 09, 2008 5:34 pm

Re: Abills 0.55_rc1+accel-ppp+freeradius2.1.12 на debian 7

Сообщение Avtogen »

snooppy писал(а):[2013-09-06 14:01:44]: warn: ppp0: radius: server(1) not responding
[2013-09-06 14:01:44]: warn: radius: server(1) not responding

Это значит что радиус не ответил, и сессия отвалилась.

[ppp]
ccp=0
verbose=1
min-mtu=1280
mppe=deny
mtu=1400
mru=1400
ipv4=require
ipv6=deny
lcp-echo-interval=30
lcp-echo-failure=3


[pptp]
verbose=1

[radius]
nas-identifier=accel-ppp
nas-ip-address=127.0.0.1
gw-ip-address=10.0.0.10
server=127.0.0.1,radsecret
dae-server=127.0.0.1:3799,radsecret
acct-timeout=0
verbose=1

Попробуйте часть конфига привести к такому виду, и покажите лог accel-ppp если сессия не останется.

И в логе радиуса смущает данное

WARNING: Empty accounting section. Using default return values.

поменял результат то же :(

snooppy
Сообщения: 37
Зарегистрирован: Пн апр 29, 2013 7:20 am

Re: Abills 0.55_rc1+accel-ppp+freeradius2.1.12 на debian 7

Сообщение snooppy »

Avtogen, сверьте config радиуса с http://abills.net.ua/wiki/doku.php/abil ... ersija_2xx

Avtogen
Сообщения: 19
Зарегистрирован: Чт окт 09, 2008 5:34 pm

Re: Abills 0.55_rc1+accel-ppp+freeradius2.1.12 на debian 7

Сообщение Avtogen »

все всем спасибо! разобрались проблема была в конфиге freeradius в частности в файле
default не хватала параметра

Код: Выделить всё

accounting {
       abills_acc
}
большое спасибо за помощь snooppy он нашел причину

Ответить