radiusd -X
Код: Выделить всё
Listening on authentication address * port 1812
Listening on accounting address * port 1813
Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1 port 45801, id=1, length=182
User-Name = "test"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
NAS-Port-Type = Virtual
Tunnel-Type:0 = L2TP
Service-Type = Framed-User
Framed-Protocol = PPP
Calling-Station-Id = "00:15:5d:03:23:44"
Called-Station-Id = "00:15:5d:03:23:aa"
MS-CHAP-Challenge = 0xe4af917e2e5a8a0a3955ed76f570dcfb
MS-CHAP2-Response = 0x01001a43b49b85394c005171759d2ee428500000000000000000de8834ed5680f788ffd26dafc31ec4ed19892d15d8197f4b
# Executing section authorize from file /usr/local/freeradius/etc/raddb/sites-enabled/abills_default
+group authorize {
++[preprocess] = ok
[mschap] Found MS-CHAP attributes. Setting 'Auth-Type = mschap'
++[mschap] = ok
[files] users: Matched entry DEFAULT at line 38
++[files] = ok
rlm_perl: Added pair NAS-IP-Address = 127.0.0.1
rlm_perl: Added pair Called-Station-Id = 00:15:5d:03:23:aa
rlm_perl: Added pair Service-Type = Framed-User
rlm_perl: Added pair Framed-Protocol = PPP
rlm_perl: Added pair Tunnel-Type = L2TP
rlm_perl: Added pair NAS-Identifier =
rlm_perl: Added pair MS-CHAP2-Response = 0x01001a43b49b85394c005171759d2ee428500000000000000000de8834ed5680f788ffd26dafc31ec4ed19892d15d8197f4b
rlm_perl: Added pair User-Name = test
rlm_perl: Added pair MS-CHAP-Challenge = 0xe4af917e2e5a8a0a3955ed76f570dcfb
rlm_perl: Added pair Calling-Station-Id = 00:15:5d:03:23:44
rlm_perl: Added pair NAS-Port = 0
rlm_perl: Added pair NAS-Port-Type = Virtual
rlm_perl: Added pair Auth-Type = MSCHAP
rlm_perl: Added pair Cleartext-Password = 123456
++[perl] = ok
+} # group authorize = ok
Found Auth-Type = MSCHAP
# Executing group from file /usr/local/freeradius/etc/raddb/sites-enabled/abills_default
+group MS-CHAP {
[mschap] Creating challenge hash with username: test
[mschap] Client is using MS-CHAPv2 for test, we need NT-Password
[mschap] adding MS-CHAPv2 MPPE keys
++[mschap] = ok
+} # group MS-CHAP = ok
# Executing section post-auth from file /usr/local/freeradius/etc/raddb/sites-enabled/abills_default
+group post-auth {
rlm_perl: Added pair NAS-IP-Address = 127.0.0.1
rlm_perl: Added pair Service-Type = Framed-User
rlm_perl: Added pair Called-Station-Id = 00:15:5d:03:23:aa
rlm_perl: Added pair Framed-Protocol = PPP
rlm_perl: Added pair Tunnel-Type = L2TP
rlm_perl: Added pair NAS-Identifier =
rlm_perl: Added pair MS-CHAP2-Response = 0x01001a43b49b85394c005171759d2ee428500000000000000000de8834ed5680f788ffd26dafc31ec4ed19892d15d8197f4b
rlm_perl: Added pair User-Name = test
rlm_perl: Added pair MS-CHAP-Challenge = 0xe4af917e2e5a8a0a3955ed76f570dcfb
rlm_perl: Added pair Calling-Station-Id = 00:15:5d:03:23:44
rlm_perl: Added pair NAS-Port = 0
rlm_perl: Added pair NAS-Port-Type = Virtual
rlm_perl: Added pair MS-MPPE-Encryption-Policy = 0x00000001
rlm_perl: Added pair Framed-IP-Netmask = 255.255.255.255
rlm_perl: Added pair MS-MPPE-Recv-Key = 0x8de31c267d4e5fa03e154aae7f2e7461
rlm_perl: Added pair Framed-IP-Address = 10.0.0.47
rlm_perl: Added pair Acct-Interim-Interval = 300
rlm_perl: Added pair MS-MPPE-Encryption-Types = 0x00000006
rlm_perl: Added pair MS-MPPE-Send-Key = 0x822f559a5a6e8cbac50124ad00541571
rlm_perl: Added pair User-Name = test
rlm_perl: Added pair MS-CHAP2-Success = 0x01533d46443733334537383537454230433432434341344333423934454337303938433346353746344336
rlm_perl: Added pair Session-Timeout = 2362314
rlm_perl: Added pair NT-Password = 0x32ed87bdb5fdc5e9cba88547376818d4
rlm_perl: Added pair Auth-Type = MSCHAP
rlm_perl: Added pair LM-Password = 0x44efce164ab921caaad3b435b51404ee
rlm_perl: Added pair Cleartext-Password = 123456
++[perl] = ok
+} # group post-auth = ok
Sending Access-Accept of id 1 to 127.0.0.1 port 45801
MS-MPPE-Encryption-Policy = 0x00000001
Framed-IP-Netmask = 255.255.255.255
MS-MPPE-Recv-Key = 0x8de31c267d4e5fa03e154aae7f2e7461
Framed-IP-Address = 10.0.0.47
Acct-Interim-Interval = 300
MS-MPPE-Encryption-Types = 0x00000006
MS-MPPE-Send-Key = 0x822f559a5a6e8cbac50124ad00541571
User-Name = "test"
MS-CHAP2-Success = 0x01533d46443733334537383537454230433432434341344333423934454337303938433346353746344336
Session-Timeout = 2362314
Finished request 0.
Going to the next request
Waking up in 4.8 seconds.
Cleaning up request 0 ID 1 with timestamp +8
Ready to process requests.
^C
Код: Выделить всё
root@trump:/usr/local/freeradius/etc/raddb# cat clients.conf
client 192.168.250.144 {
secret = secretpass
shortname = shortname
}
Код: Выделить всё
root@trump:~# cat /etc/accel-ppp.conf
#ABillS 2017-01-31
[modules]
log_file
radius
ipoe
ippool
shaper
pptp
pppoe
auth_mschap_v2
auth_pap
auth_chap_md5
auth_mschap_v1
chap-secrets
sigchld
pppd_compat
[core]
log-error=/var/log/accel-ppp/core.log
thread-count=1
#[common]
#single-session=replace
#sid-case=upper
#sid-source=seq
[radius]
dictionary=/usr/local/share/accel-ppp/radius/dictionary
#nas-identifier=accel-ipoe
nas-ip-address=127.0.0.1
server=127.0.0.1,secretpass,auth-port=1812,acct-port=1813,req-limit=50,fail-timeout=0,max-fail=10,weight=1
dae-server=127.0.0.1:3799,secretpass
verbose=100
attr-tunnel-type=NAS-Identifier
gw-ip-address=192.168.250.144
[ipoe]
verbose=100
interface=eth2,mode=L2,start=dhcpv4,shared=1,ifcfg=1
gw-ip-address=10.0.0.1/16
# attr-dhcp-client-ip
attr-dhcp-lease-time=Acct-Interim-Interval
attr-dhcp-router-ip=DHCP-Router-IP-Address
attr-dhcp-mask=DHCP-Mask
lease-time=600
max-lease-time=86400
proxy-arp=1
username=lua:username
lua-file=/etc/accel-ppp.lua
nas-identifier=accel-ipoe
#l4-redirect-on-reject=600
#l4-redirect-ip-pool=pool1
#l4-redirect-ipset=l4-redirect
#[ip-pool]
#gw-ip-address=192.168.0.1/24
#attr=Framed-Pool
#192.168.0.2-254,name=pool1
#[lcp]
#echo-interval=30
#echo-failure=3
[pptp]
bind=192.168.250.144
verbose=1
mppe=allow
echo-interval=30
[ppp]
verbose=1
min-mtu=1400
mtu=1492
mru=1492
#ccp=0
#sid-case=lower
mppe=allow
#ipv4=require
#lcp-echo-interval=3
#lcp-echo-failure=9
[pppoe]
interface=eth1
nas-identifier=accel-pppoe
#ac-name=xxx
#service-name=yyy
#pado-delay=0
#pado-delay=0,100:100,200:200,-1:500
#ifname-in-sid=called-sid
#tr101=1
verbose=1
[client-ip-range]
10.0.0.0/8
[dns]
dns1=8.8.8.8
[log]
log-file=/var/log/accel-ppp/accel-ppp.log
log-emerg=/var/log/accel-ppp/emerg.log
log-fail-file=/var/log/accel-ppp/auth-fail.log
copy=1
color=1
#per-user-dir=per_user
#per-session-dir=per_session
#per-session=1
level=100
[shaper]
attr=Filter-Id
#down-burst-factor=0.1
#up-burst-factor=1.0
#latency=50
#mpu=0
#mtu=0
#r2q=10
#quantum=1500
#moderate-quantum=1
#hightspeed shaper
ifb=ifb0
cburst=1534
up-limiter=htb
down-limiter=htb
#low speed shaper
#up-limiter=police
#down-limiter=tbf
#leaf-qdisc=sfq perturb 10
#leaf-qdisc=fq_codel [limit PACKETS] [flows NUMBER] [target TIME] [interval TIME] [quantum BYTES] [[no]ecn]
#rate-multiplier=1
#fwmark=1
attr-down=PPPD-Downstream-Speed-Limit
attr-up=PPPD-Upstream-Speed-Limit
verbose=10
[pppd-compat]
#ip-up=/etc/ppp/ip-up
#ip-down=/etc/ppp/ip-down
#radattr-prefix=/var/run/radattr
verbose=1
[cli]
verbose=100
telnet=127.0.0.1:2000
tcp=127.0.0.1:2001
password=secretpass
[snmp]
master=0
agent-name=accel-ppp
[connlimit]
limit=10/min
burst=3
timeout=60
192.168.250.144 - eth1 на этом же сервере
Еще вопрос, что писать в "gw-ip-address=192.168.250.144"?
ip pool nas 10.0.0.1 - размеров в 600 пользователей
Подскажите где косяки ?