<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content="text/html; charset=iso-8859-2" http-equiv=Content-Type>
<META name=GENERATOR content="MSHTML 8.00.6001.19394">
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT size=2 face=Arial>
<DIV><FONT size=2 face=Arial>Hi</FONT></DIV>
<DIV><FONT size=2 face=Arial>i have big problem whit my freeradius 2.2.0 whit
mysql</FONT></DIV>
<DIV><FONT size=2 face=Arial>log from freeradius -X</FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><FONT size=2 face=Arial>FreeRADIUS Version 2.2.0, for host
i386-portbld-freebsd9.0, built on Dec 18 2012 at 15:56:50<BR>Copyright (C)
1999-2012 The FreeRADIUS server project and contributors. <BR>There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A <BR>PARTICULAR PURPOSE.
<BR>You may redistribute copies of FreeRADIUS under the terms of the <BR>GNU
General Public License v2. <BR>Starting - reading configuration files
...<BR>including configuration file
/usr/local/etc/raddb/radiusd.conf<BR>including configuration file
/usr/local/etc/raddb/clients.conf<BR>including files in directory
/usr/local/etc/raddb/modules/<BR>including configuration file
/usr/local/etc/raddb/modules/wimax<BR>including configuration file
/usr/local/etc/raddb/modules/always<BR>including configuration file
/usr/local/etc/raddb/modules/attr_filter<BR>including configuration file
/usr/local/etc/raddb/modules/attr_rewrite<BR>including configuration file
/usr/local/etc/raddb/modules/cache<BR>including configuration file
/usr/local/etc/raddb/modules/chap<BR>including configuration file
/usr/local/etc/raddb/modules/checkval<BR>including configuration file
/usr/local/etc/raddb/modules/counter<BR>including configuration file
/usr/local/etc/raddb/modules/cui<BR>including configuration file
/usr/local/etc/raddb/modules/detail<BR>including configuration file
/usr/local/etc/raddb/modules/detail.example.com<BR>including configuration file
/usr/local/etc/raddb/modules/detail.log<BR>including configuration file
/usr/local/etc/raddb/modules/dhcp_sqlippool<BR>including configuration file
/usr/local/etc/raddb/sql/mysql/ippool-dhcp.conf<BR>including configuration file
/usr/local/etc/raddb/modules/digest<BR>including configuration file
/usr/local/etc/raddb/modules/dynamic_clients<BR>including configuration file
/usr/local/etc/raddb/modules/echo<BR>including configuration file
/usr/local/etc/raddb/modules/etc_group<BR>including configuration file
/usr/local/etc/raddb/modules/exec<BR>including configuration file
/usr/local/etc/raddb/modules/expiration<BR>including configuration file
/usr/local/etc/raddb/modules/expr<BR>including configuration file
/usr/local/etc/raddb/modules/files<BR>including configuration file
/usr/local/etc/raddb/modules/inner-eap<BR>including configuration file
/usr/local/etc/raddb/modules/ippool<BR>including configuration file
/usr/local/etc/raddb/modules/krb5<BR>including configuration file
/usr/local/etc/raddb/modules/ldap<BR>including configuration file
/usr/local/etc/raddb/modules/linelog<BR>including configuration file
/usr/local/etc/raddb/modules/otp<BR>including configuration file
/usr/local/etc/raddb/modules/logintime<BR>including configuration file
/usr/local/etc/raddb/modules/mac2ip<BR>including configuration file
/usr/local/etc/raddb/modules/mac2vlan<BR>including configuration file
/usr/local/etc/raddb/modules/mschap<BR>including configuration file
/usr/local/etc/raddb/modules/ntlm_auth<BR>including configuration file
/usr/local/etc/raddb/modules/opendirectory<BR>including configuration file
/usr/local/etc/raddb/modules/pam<BR>including configuration file
/usr/local/etc/raddb/modules/pap<BR>including configuration file
/usr/local/etc/raddb/modules/passwd<BR>including configuration file
/usr/local/etc/raddb/modules/perl<BR>including configuration file
/usr/local/etc/raddb/modules/policy<BR>including configuration file
/usr/local/etc/raddb/modules/preprocess<BR>including configuration file
/usr/local/etc/raddb/modules/radrelay<BR>including configuration file
/usr/local/etc/raddb/modules/radutmp<BR>including configuration file
/usr/local/etc/raddb/modules/realm<BR>including configuration file
/usr/local/etc/raddb/modules/redis<BR>including configuration file
/usr/local/etc/raddb/modules/rediswho<BR>including configuration file
/usr/local/etc/raddb/modules/replicate<BR>including configuration file
/usr/local/etc/raddb/modules/smbpasswd<BR>including configuration file
/usr/local/etc/raddb/modules/smsotp<BR>including configuration file
/usr/local/etc/raddb/modules/soh<BR>including configuration file
/usr/local/etc/raddb/modules/sql_log<BR>including configuration file
/usr/local/etc/raddb/modules/sqlcounter_expire_on_login<BR>including
configuration file /usr/local/etc/raddb/modules/sradutmp<BR>including
configuration file /usr/local/etc/raddb/modules/unix<BR>including configuration
file /usr/local/etc/raddb/modules/acct_unique<BR>including configuration file
/usr/local/etc/raddb/eap.conf<BR>including configuration file
/usr/local/etc/raddb/sql.conf<BR>including configuration file
/usr/local/etc/raddb/sql/mysql/dialup.conf<BR>including configuration file
/usr/local/etc/raddb/sql/mysql/counter.conf<BR>including configuration file
/usr/local/etc/raddb/policy.conf<BR>including files in directory
/usr/local/etc/raddb/sites-enabled/<BR>including configuration file
/usr/local/etc/raddb/sites-enabled/default<BR>including configuration file
/usr/local/etc/raddb/sites-enabled/inner-tunnel<BR>including configuration file
/usr/local/etc/raddb/sites-enabled/control-socket<BR>main {<BR> user =
"freeradius"<BR> group = "freeradius"<BR> allow_core_dumps =
no<BR>}<BR>including dictionary file /usr/local/etc/raddb/dictionary<BR>main
{<BR> name = "radiusd"<BR> prefix =
"/usr/local"<BR> localstatedir = "/var"<BR> sbindir =
"/usr/local/sbin"<BR> logdir = "/var/log"<BR> run_dir =
"/var/run/radiusd"<BR> libdir =
"/usr/local/lib/freeradius-2.2.0"<BR> radacctdir =
"/var/log/radacct"<BR> hostname_lookups = no<BR> max_request_time =
30<BR> cleanup_delay = 5<BR> max_requests = 1024<BR> pidfile =
"/var/run/radiusd/radiusd.pid"<BR> checkrad =
"/usr/local/sbin/checkrad"<BR> debug_level = 0<BR> proxy_requests =
yes<BR> log {<BR> stripped_names = no<BR> auth =
no<BR> auth_badpass = no<BR> auth_goodpass =
no<BR> }<BR> security {<BR> max_attributes =
200<BR> reject_delay = 1<BR> status_server =
yes<BR> }<BR>}<BR>radiusd: #### Loading Realms and Home Servers
####<BR>radiusd: #### Loading Clients ####<BR> client localhost
{<BR> ipaddr = 127.0.0.1<BR> require_message_authenticator =
no<BR> secret = "testing123"<BR> nastype =
"other"<BR> }<BR>radiusd: #### Instantiating modules
####<BR> instantiate {<BR> Module: Linked to module
rlm_exec<BR> Module: Instantiating module "exec" from file
/usr/local/etc/raddb/modules/exec<BR> exec {<BR> wait =
no<BR> input_pairs = "request"<BR> shell_escape = yes<BR>
}<BR> Module: Linked to module rlm_expr<BR> Module: Instantiating
module "expr" from file /usr/local/etc/raddb/modules/expr<BR> Module:
Linked to module rlm_expiration<BR> Module: Instantiating module
"expiration" from file /usr/local/etc/raddb/modules/expiration<BR>
expiration {<BR> reply-message = "Password Has Expired "<BR>
}<BR> Module: Linked to module rlm_logintime<BR> Module: Instantiating
module "logintime" from file /usr/local/etc/raddb/modules/logintime<BR>
logintime {<BR> reply-message = "You are calling outside your allowed
timespan "<BR> minimum-timeout = 60<BR>
}<BR> }<BR>radiusd: #### Loading Virtual Servers ####<BR>server { # from
file /usr/local/etc/raddb/radiusd.conf<BR> modules {<BR> Module:
Creating Auth-Type = digest<BR> Module: Creating Post-Auth-Type =
REJECT<BR> Module: Checking authenticate {...} for more modules to
load<BR> Module: Linked to module rlm_mschap<BR> Module: Instantiating
module "mschap" from file /usr/local/etc/raddb/modules/mschap<BR> mschap
{<BR> use_mppe = yes<BR> require_encryption =
no<BR> require_strong = no<BR> with_ntdomain_hack =
no<BR> allow_retry = yes<BR> }<BR> Module: Linked to module
rlm_digest<BR> Module: Instantiating module "digest" from file
/usr/local/etc/raddb/modules/digest<BR> Module: Checking authorize {...}
for more modules to load<BR> Module: Linked to module
rlm_preprocess<BR> Module: Instantiating module "preprocess" from file
/usr/local/etc/raddb/modules/preprocess<BR> preprocess
{<BR> huntgroups = "/usr/local/etc/raddb/huntgroups"<BR> hints =
"/usr/local/etc/raddb/hints"<BR> with_ascend_hack =
no<BR> ascend_channels_per_line = 23<BR> with_ntdomain_hack =
no<BR> with_specialix_jetstream_hack = no<BR> with_cisco_vsa_hack =
no<BR> with_alvarion_vsa_hack = no<BR> }<BR>reading pairlist file
/usr/local/etc/raddb/huntgroups<BR>reading pairlist file
/usr/local/etc/raddb/hints<BR> Module: Linked to module
rlm_chap<BR> Module: Instantiating module "chap" from file
/usr/local/etc/raddb/modules/chap<BR> Module: Linked to module
rlm_realm<BR> Module: Instantiating module "suffix" from file
/usr/local/etc/raddb/modules/realm<BR> realm suffix {<BR> format =
"suffix"<BR> delimiter = "@"<BR> ignore_default =
no<BR> ignore_null = no<BR> }<BR> Module: Linked to module
rlm_eap<BR> Module: Instantiating module "eap" from file
/usr/local/etc/raddb/eap.conf<BR> eap {<BR> default_eap_type =
"md5"<BR> timer_expire = 60<BR> ignore_unknown_eap_types =
no<BR> cisco_accounting_username_bug = no<BR> max_sessions =
4096<BR> }<BR> Module: Linked to sub-module
rlm_eap_md5<BR> Module: Instantiating eap-md5<BR> Module: Linked to
sub-module rlm_eap_leap<BR> Module: Instantiating eap-leap<BR> Module:
Linked to sub-module rlm_eap_gtc<BR> Module: Instantiating
eap-gtc<BR> gtc {<BR> challenge = "Password:
"<BR> auth_type = "PAP"<BR> }<BR> Module: Linked to
sub-module rlm_eap_tls<BR> Module: Instantiating eap-tls<BR>
tls {<BR> rsa_key_exchange = no<BR> dh_key_exchange =
yes<BR> rsa_key_length = 512<BR> dh_key_length =
512<BR> verify_depth = 0<BR> CA_path =
"/usr/local/etc/raddb/certs"<BR> pem_file_type =
yes<BR> private_key_file =
"/usr/local/etc/raddb/certs/server.pem"<BR> certificate_file =
"/usr/local/etc/raddb/certs/server.pem"<BR> CA_file =
"/usr/local/etc/raddb/certs/ca.pem"<BR> private_key_password =
"whatever"<BR> dh_file =
"/usr/local/etc/raddb/certs/dh"<BR> random_file =
"/usr/local/etc/raddb/certs/random"<BR> fragment_size =
1024<BR> include_length = yes<BR> check_crl = no<BR> cipher_list
= "DEFAULT"<BR> make_cert_command =
"/usr/local/etc/raddb/certs/bootstrap"<BR> ecdh_curve =
"prime256v1"<BR> cache {<BR> enable =
no<BR> lifetime = 24<BR> max_entries = 255<BR>
}<BR> verify {<BR> }<BR>
ocsp {<BR> enable = no<BR> override_cert_url = yes<BR> url = "<A
href="">http://127.0.0.1/ocsp/</A>"<BR> use_nonce = yes<BR> timeout =
0<BR> softfail = no<BR> }<BR>
}<BR> Module: Linked to sub-module rlm_eap_ttls<BR> Module:
Instantiating eap-ttls<BR> ttls {<BR> default_eap_type =
"md5"<BR> copy_request_to_tunnel = no<BR> use_tunneled_reply =
no<BR> virtual_server = "inner-tunnel"<BR> include_length =
yes<BR> }<BR> Module: Linked to sub-module
rlm_eap_peap<BR> Module: Instantiating eap-peap<BR> peap
{<BR> default_eap_type = "mschapv2"<BR> copy_request_to_tunnel =
no<BR> use_tunneled_reply = no<BR> proxy_tunneled_request_as_eap =
yes<BR> virtual_server = "inner-tunnel"<BR> soh = no<BR>
}<BR> Module: Linked to sub-module rlm_eap_mschapv2<BR> Module:
Instantiating eap-mschapv2<BR> mschapv2
{<BR> with_ntdomain_hack = no<BR> send_error = no<BR>
}<BR> Module: Linked to module rlm_sql<BR> Module: Instantiating
module "sql" from file /usr/local/etc/raddb/sql.conf<BR> sql
{<BR> driver = "rlm_sql_mysql"<BR> server = "localhost"<BR> port
= ""<BR> login = "root"<BR> password = "diablo"<BR> radius_db =
"radius"<BR> read_groups = yes<BR> sqltrace = no<BR> sqltracefile
= "/var/log/sqltrace.sql"<BR> readclients =
yes<BR> deletestalesessions = yes<BR> num_sql_socks =
5<BR> lifetime = 0<BR> max_queries = 0<BR> sql_user_name =
"%{User-Name}"<BR> default_user_profile = ""<BR> nas_query = "SELECT
id, nasname, shortname, type, secret, server FROM
nas"<BR> authorize_check_query = "SELECT id, username, attribute, value,
op FROM
radcheck WHERE
username = '%{SQL-User-Name}' AND status =
'1' ORDER BY
id"<BR> authorize_reply_query = "SELECT id, username, attribute, value,
op FROM
radreply WHERE
username =
'%{SQL-User-Name}'
ORDER BY id"<BR> authorize_group_check_query = "SELECT id, groupname,
attribute, Value,
op FROM
radgroupcheck WHERE
groupname =
'%{Sql-Group}' ORDER
BY id"<BR> authorize_group_reply_query = "SELECT id, groupname,
attribute, value,
op FROM
radgroupreply WHERE
groupname =
'%{Sql-Group}' ORDER
BY id"<BR> accounting_onoff_query =
" UPDATE
radacct
SET
acctstoptime =
'%S',
acctsessiontime = unix_timestamp('%S')
-
unix_timestamp(acctstarttime),
acctterminatecause =
'%{Acct-Terminate-Cause}',
acctstopdelay =
%{%{Acct-Delay-Time}:-0}
WHERE acctstoptime IS
NULL AND
nasipaddress =
'%{NAS-IP-Address}'
AND acctstarttime <=
'%S'"<BR> accounting_update_query =
" UPDATE
radacct
SET
framedipaddress =
'%{Framed-IP-Address}',
acctsessiontime =
'%{Acct-Session-Time}',
acctinputoctets = '%{%{Acct-Input-Gigawords}:-0}'
<< 32
|
'%{%{Acct-Input-Octets}:-0}',
acctoutputoctets = '%{%{Acct-Output-Gigawords}:-0}' <<
32
|
'%{%{Acct-Output-Octets}:-0}'
WHERE acctsessionid =
'%{Acct-Session-Id}'
AND username =
'%{SQL-User-Name}'
AND nasipaddress =
'%{NAS-IP-Address}'"<BR> accounting_update_query_alt =
" INSERT INTO
radacct
(acctsessionid, acctuniqueid,
username,
realm,
nasipaddress,
nasportid,
nasporttype,
acctstarttime,
acctsessiontime,
acctauthentic, connectinfo_start,
acctinputoctets,
acctoutputoctets, calledstationid,
callingstationid,
servicetype, framedprotocol,
framedipaddress,
acctstartdelay,
xascendsessionsvrkey)
VALUES
('%{Acct-Session-Id}',
'%{Acct-Unique-Session-Id}',
'%{SQL-User-Name}',
'%{Realm}', '%{NAS-IP-Address}',
'%{NAS-Port}',
'%{NAS-Port-Type}',
DATE_SUB('%S',
INTERVAL (%{%{Acct-Session-Time}:-0}
+
%{%{Acct-Delay-Time}:-0})
SECOND),
'%{Acct-Session-Time}',
'%{Acct-Authentic}',
'',
'%{%{Acct-Input-Gigawords}:-0}' << 32
|
'%{%{Acct-Input-Octets}:-0}',
'%{%{Acct-Output-Gigawords}:-0}' << 32
|
'%{%{Acct-Output-Octets}:-0}',
'%{Called-Station-Id}',
'%{Calling-Station-Id}',
'%{Service-Type}',
'%{Framed-Protocol}',
'%{Framed-IP-Address}',
'0', '%{X-Ascend-Session-Svr-Key}')"<BR> accounting_start_query =
" INSERT INTO
radacct
(acctsessionid, acctuniqueid,
username,
realm,
nasipaddress,
nasportid,
nasporttype, acctstarttime,
acctstoptime,
acctsessiontime, acctauthentic,
connectinfo_start,
connectinfo_stop, acctinputoctets,
acctoutputoctets,
calledstationid, callingstationid,
acctterminatecause,
servicetype, framedprotocol,
framedipaddress,
acctstartdelay, acctstopdelay,
xascendsessionsvrkey)
VALUES
('%{Acct-Session-Id}',
'%{Acct-Unique-Session-Id}',
'%{SQL-User-Name}',
'%{Realm}', '%{NAS-IP-Address}',
'%{NAS-Port}',
'%{NAS-Port-Type}', '%S',
NULL,
'0', '%{Acct-Authentic}',
'%{Connect-Info}',
'', '0',
'0',
'%{Called-Station-Id}', '%{Calling-Station-Id}',
'',
'%{Service-Type}', '%{Framed-Protocol}',
'%{Framed-IP-Address}',
'%{%{Acct-Delay-Time}:-0}', '0',
'%{X-Ascend-Session-Svr-Key}')"<BR> accounting_start_query_alt =
" UPDATE radacct
SET
acctstarttime =
'%S',
acctstartdelay =
'%{%{Acct-Delay-Time}:-0}',
connectinfo_start =
'%{Connect-Info}'
WHERE acctsessionid =
'%{Acct-Session-Id}'
AND username =
'%{SQL-User-Name}'
AND nasipaddress =
'%{NAS-IP-Address}'"<BR> accounting_stop_query =
" UPDATE radacct
SET
acctstoptime =
'%S',
acctsessiontime =
'%{Acct-Session-Time}',
acctinputoctets = '%{%{Acct-Input-Gigawords}:-0}' << 32
|
'%{%{Acct-Input-Octets}:-0}',
acctoutputoctets = '%{%{Acct-Output-Gigawords}:-0}' << 32
|
'%{%{Acct-Output-Octets}:-0}',
acctterminatecause =
'%{Acct-Terminate-Cause}',
acctstopdelay =
'%{%{Acct-Delay-Time}:-0}',
connectinfo_stop =
'%{Connect-Info}'
WHERE acctsessionid =
'%{Acct-Session-Id}'
AND username =
'%{SQL-User-Name}'
AND nasipaddress =
'%{NAS-IP-Address}'"<BR> accounting_stop_query_alt =
" INSERT INTO
radacct
(acctsessionid, acctuniqueid,
username,
realm, nasipaddress,
nasportid,
nasporttype, acctstarttime,
acctstoptime,
acctsessiontime, acctauthentic,
connectinfo_start,
connectinfo_stop, acctinputoctets,
acctoutputoctets,
calledstationid, callingstationid,
acctterminatecause,
servicetype, framedprotocol,
framedipaddress,
acctstartdelay,
acctstopdelay)
VALUES
('%{Acct-Session-Id}',
'%{Acct-Unique-Session-Id}',
'%{SQL-User-Name}',
'%{Realm}', '%{NAS-IP-Address}',
'%{NAS-Port}',
'%{NAS-Port-Type}',
DATE_SUB('%S',
INTERVAL (%{%{Acct-Session-Time}:-0}
+
%{%{Acct-Delay-Time}:-0})
SECOND),
'%S', '%{Acct-Session-Time}', '%{Acct-Authentic}',
'',
'%{Connect-Info}',
'%{%{Acct-Input-Gigawords}:-0}' << 32
|
'%{%{Acct-Input-Octets}:-0}',
'%{%{Acct-Output-Gigawords}:-0}' << 32
|
'%{%{Acct-Output-Octets}:-0}',
'%{Called-Station-Id}',
'%{Calling-Station-Id}',
'%{Acct-Terminate-Cause}',
'%{Service-Type}', '%{Framed-Protocol}',
'%{Framed-IP-Address}',
'0', '%{%{Acct-Delay-Time}:-0}')"<BR> group_membership_query = "SELECT
groupname FROM
radusergroup WHERE
username =
'%{SQL-User-Name}'
ORDER BY priority"<BR> connect_failure_retry_delay =
60<BR> simul_count_query = ""<BR> simul_verify_query = "SELECT
radacctid, acctsessionid,
username,
nasipaddress, nasportid,
framedipaddress,
callingstationid,
framedprotocol
FROM
radacct
WHERE username =
'%{SQL-User-Name}'
AND acctstoptime IS NULL"<BR> postauth_query = "INSERT INTO
radpostauth
(username, pass, reply,
authdate)
VALUES
(
'%{User-Name}',
'%{%{User-Password}:-%{Chap-Password}}',
'%{reply:Packet-Type}', '%S')"<BR> safe-characters =
"@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_:
/"<BR> }<BR>rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql)
loaded and linked<BR>rlm_sql (sql): Attempting to connect to <A
href="">root@localhost:/radius</A><BR>rlm_sql (sql): starting 0<BR>rlm_sql
(sql): Attempting to connect rlm_sql_mysql #0<BR>rlm_sql_mysql: Starting connect
to MySQL server for #0<BR>rlm_sql (sql): Connected new DB handle, #0<BR>rlm_sql
(sql): starting 1<BR>rlm_sql (sql): Attempting to connect rlm_sql_mysql
#1<BR>rlm_sql_mysql: Starting connect to MySQL server for #1<BR>rlm_sql (sql):
Connected new DB handle, #1<BR>rlm_sql (sql): starting 2<BR>rlm_sql (sql):
Attempting to connect rlm_sql_mysql #2<BR>rlm_sql_mysql: Starting connect to
MySQL server for #2<BR>rlm_sql (sql): Connected new DB handle, #2<BR>rlm_sql
(sql): starting 3<BR>rlm_sql (sql): Attempting to connect rlm_sql_mysql
#3<BR>rlm_sql_mysql: Starting connect to MySQL server for #3<BR>rlm_sql (sql):
Connected new DB handle, #3<BR>rlm_sql (sql): starting 4<BR>rlm_sql (sql):
Attempting to connect rlm_sql_mysql #4<BR>rlm_sql_mysql: Starting connect to
MySQL server for #4<BR>rlm_sql (sql): Connected new DB handle, #4<BR>rlm_sql
(sql): Processing generate_sql_clients<BR>rlm_sql (sql) in generate_sql_clients:
query is SELECT id, nasname, shortname, type, secret, server FROM nas<BR>rlm_sql
(sql): Reserving sql socket id: 4<BR>rlm_sql (sql): Read entry
nasname=192.168.30.1,shortname=batorego,secret=test<BR>rlm_sql (sql): Adding
client 192.168.30.1 (batorego, server=<none>) to clients list<BR>rlm_sql
(sql): Released sql socket id: 4<BR> Module: Linked to module
rlm_pap<BR> Module: Instantiating module "pap" from file
/usr/local/etc/raddb/modules/pap<BR> pap {<BR> encryption_scheme =
"auto"<BR> auto_header = no<BR> }<BR> Module: Checking preacct
{...} for more modules to load<BR> Module: Linked to module
rlm_acct_unique<BR> Module: Instantiating module "acct_unique" from file
/usr/local/etc/raddb/modules/acct_unique<BR> acct_unique {<BR> key =
"User-Name, Acct-Session-Id, NAS-IP-Address, NAS-Identifier, NAS-Port"<BR>
}<BR> Module: Linked to module rlm_files<BR> Module: Instantiating
module "files" from file /usr/local/etc/raddb/modules/files<BR> files
{<BR> usersfile = "/usr/local/etc/raddb/users"<BR> acctusersfile =
"/usr/local/etc/raddb/acct_users"<BR> preproxy_usersfile =
"/usr/local/etc/raddb/preproxy_users"<BR> compat = "no"<BR>
}<BR>reading pairlist file /usr/local/etc/raddb/users<BR>reading pairlist file
/usr/local/etc/raddb/acct_users<BR>reading pairlist file
/usr/local/etc/raddb/preproxy_users<BR> Module: Checking accounting {...}
for more modules to load<BR> Module: Linked to module
rlm_detail<BR> Module: Instantiating module "detail" from file
/usr/local/etc/raddb/modules/detail<BR> detail {<BR> detailfile =
"/var/log/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d"<BR> header
= "%t"<BR> detailperm = 384<BR> dirperm = 493<BR> locking =
no<BR> log_packet_header = no<BR> }<BR> Module: Checking session
{...} for more modules to load<BR> Module: Linked to module
rlm_radutmp<BR> Module: Instantiating module "radutmp" from file
/usr/local/etc/raddb/modules/radutmp<BR> radutmp {<BR> filename =
"/var/log/radutmp"<BR> username = "%{User-Name}"<BR> case_sensitive =
yes<BR> check_with_nas = yes<BR> perm = 384<BR> callerid =
yes<BR> }<BR> Module: Checking post-proxy {...} for more modules to
load<BR> Module: Checking post-auth {...} for more modules to
load<BR> Module: Linked to module rlm_sql_log<BR> Module:
Instantiating module "sql_log" from file
/usr/local/etc/raddb/modules/sql_log<BR> sql_log {<BR> path =
"/var/log/radacct/sql-relay"<BR> Post-Auth = "INSERT INTO
radpostauth
(username, pass, reply, authdate)
VALUES
('%{User-Name}',
'%{User-Password:-Chap-Password}',
'%{reply:Packet-Type}', '%S');"<BR> sql_user_name =
"%{%{User-Name}:-DEFAULT}"<BR> utf8 = no<BR> safe-characters =
"@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_:
/"<BR> }<BR> Module: Linked to module
rlm_attr_filter<BR> Module: Instantiating module
"attr_filter.access_reject" from file
/usr/local/etc/raddb/modules/attr_filter<BR> attr_filter
attr_filter.access_reject {<BR> attrsfile =
"/usr/local/etc/raddb/attrs.access_reject"<BR> key =
"%{User-Name}"<BR> relaxed = no<BR> }<BR>reading pairlist file
/usr/local/etc/raddb/attrs.access_reject<BR> } # modules<BR>} #
server<BR>server inner-tunnel { # from file
/usr/local/etc/raddb/sites-enabled/inner-tunnel<BR> modules
{<BR> Module: Checking authenticate {...} for more modules to
load<BR> Module: Linked to module rlm_unix<BR> Module: Instantiating
module "unix" from file /usr/local/etc/raddb/modules/unix<BR> unix
{<BR> radwtmp = "/var/log/radwtmp"<BR> }<BR> Module: Checking
authorize {...} for more modules to load<BR> Module: Checking session {...}
for more modules to load<BR> Module: Checking post-proxy {...} for more
modules to load<BR> Module: Checking post-auth {...} for more modules to
load<BR> } # modules<BR>} # server<BR>radiusd: #### Opening IP addresses
and Ports ####<BR>listen {<BR> type = "auth"<BR> ipaddr =
*<BR> port = 0<BR>}<BR>listen {<BR> type = "acct"<BR> ipaddr =
*<BR> port = 0<BR>}<BR>listen {<BR> type = "control"<BR> listen
{<BR> socket = "/var/run/radiusd/radiusd.sock"<BR> }<BR>}<BR>listen
{<BR> type = "auth"<BR> ipaddr = 127.0.0.1<BR> port =
18120<BR>}<BR>Listening on authentication address * port 1812<BR>Listening on
accounting address * port 1813<BR>Listening on command file
/var/run/radiusd/radiusd.sock<BR>Listening on authentication address 127.0.0.1
port 18120 as server inner-tunnel<BR>Listening on proxy address * port
1814<BR>Ready to process requests.<BR>rad_recv: Access-Request packet from host
192.168.30.25 port 56465, id=93, length=192<BR> Service-Type =
Framed-User<BR> Framed-Protocol = PPP<BR> NAS-Port =
52088<BR> NAS-Port-Type = Ethernet<BR> User-Name =
"makowska_t"<BR> Calling-Station-Id =
"00:02:72:72:AC:26"<BR> Called-Station-Id = "osiedle"<BR> NAS-Port-Id
= "anteny2.4"<BR> MS-CHAP-Challenge =
0xb141e7a2b9fa3b6ce38853fca0b840ab<BR> MS-CHAP2-Response =
0x0100fd95e527bf09943e54f4835baa4684ae0000000000000000e19fa7e004fd1ff998159565eacaeb94f1b53d4e89db66e1<BR> NAS-Identifier
= "OSIEDLE"<BR> NAS-IP-Address = 192.168.30.25<BR># Executing section
authorize from file /usr/local/etc/raddb/sites-enabled/default<BR>+- entering
group authorize {...}<BR>++[preprocess] returns ok<BR>++[chap] returns
noop<BR>[mschap] Found MS-CHAP attributes. Setting 'Auth-Type =
mschap'<BR>++[mschap] returns ok<BR>[suffix] No <A href="">'@'</A> in User-Name
= "makowska_t", looking up realm NULL<BR>[suffix] No such realm
"NULL"<BR>++[suffix] returns noop<BR>[eap] No EAP-Message, not doing
EAP<BR>++[eap] returns noop<BR>[sql] expand: %{User-Name} ->
makowska_t<BR>[sql] sql_set_user escaped user --> 'makowska_t'<BR>rlm_sql
(sql): Reserving sql socket id: 3<BR>[sql] expand: SELECT id, username,
attribute, value, op
FROM radcheck WHERE
username = '%{SQL-User-Name}' AND status =
'1' ORDER BY id ->
SELECT id, username, attribute, value,
op FROM
radcheck WHERE
username = 'makowska_t' AND status =
'1' ORDER BY id<BR>[sql]
expand: SELECT
groupname FROM
radusergroup WHERE
username =
'%{SQL-User-Name}'
ORDER BY priority -> SELECT
groupname FROM
radusergroup WHERE
username =
'makowska_t' ORDER
BY priority<BR>rlm_sql (sql): Released sql socket id: 3<BR>[sql] User makowska_t
not found<BR>++[sql] returns notfound<BR>[pap] WARNING! No "known good" password
found for the user. Authentication may fail because of this.<BR>++[pap]
returns noop<BR>Found Auth-Type = MSCHAP<BR># Executing group from file
/usr/local/etc/raddb/sites-enabled/default<BR>+- entering group MS-CHAP
{...}<BR>[mschap] No Cleartext-Password configured. Cannot create
LM-Password.<BR>[mschap] No Cleartext-Password configured. Cannot create
NT-Password.<BR>[mschap] Creating challenge hash with username:
makowska_t<BR>[mschap] Client is using MS-CHAPv2 for makowska_t, we need
NT-Password<BR>[mschap] FAILED: No NT/LM-Password. Cannot perform
authentication.<BR>[mschap] FAILED: MS-CHAP2-Response is incorrect<BR>++[mschap]
returns reject<BR>Failed to authenticate the user.<BR>Using Post-Auth-Type
REJECT<BR># Executing group from file
/usr/local/etc/raddb/sites-enabled/default<BR>+- entering group REJECT
{...}<BR>[sql] expand: %{User-Name} -> makowska_t<BR>[sql] sql_set_user
escaped user --> 'makowska_t'<BR>[sql] expand: %{User-Password} ->
<BR>[sql] ... expanding second conditional<BR>[sql] expand:
%{Chap-Password} -> <BR>[sql] expand: INSERT INTO
radpostauth
(username, pass, reply,
authdate)
VALUES
(
'%{User-Name}',
'%{%{User-Password}:-%{Chap-Password}}',
'%{reply:Packet-Type}', '%S') -> INSERT INTO
radpostauth
(username, pass, reply,
authdate)
VALUES
(
'makowska_t',
'',
'Access-Reject', '2013-01-31 14:34:41')<BR>rlm_sql (sql) in sql_postauth: query
is INSERT INTO
radpostauth
(username, pass, reply,
authdate)
VALUES
(
'makowska_t',
'',
'Access-Reject', '2013-01-31 14:34:41')<BR>rlm_sql (sql): Reserving sql socket
id: 2<BR>rlm_sql (sql): Released sql socket id: 2<BR>++[sql] returns
ok<BR>[attr_filter.access_reject] expand: %{User-Name} ->
makowska_t<BR>attr_filter: Matched entry DEFAULT at line
11<BR>++[attr_filter.access_reject] returns updated<BR>Delaying reject of
request 0 for 1 seconds<BR>Going to the next request </FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><SPAN id=result_box lang=en><SPAN class=hps>When</SPAN> <SPAN class=hps>a
combination</SPAN> <SPAN class=hps>of</SPAN> <SPAN class=hps>coding</SPAN> <SPAN
class=hps>mschapv1</SPAN> <SPAN class=hps>everything</SPAN> <SPAN
class=hps>works ok</SPAN></SPAN></DIV>
<DIV><SPAN lang=en><SPAN class=hps>all options in :/sites-enabled (defoult and
inner-tunnel) whot 'sql' enabled.</SPAN></SPAN></DIV>
<DIV><SPAN lang=en><SPAN
class=hps></SPAN></SPAN> </DIV></FONT></DIV></BODY></HTML>