Forwarding

Maxim Hitrov mhitrov at yahoo.com
Wed Jun 1 15:13:47 CEST 2005 

Hello Alan
Thanks for you replay.
I have configured freeradius to make preproxing. But i have another problem:
The "Reply-Message" didn't reach the application wich have been made auth request.
 
Ready to process requests.
rad_recv: Access-Request packet from host 11.0.0.2:3187, id=30, length=44
        User-Name = "igor"
        User-Password = "\330\014\257}"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
  modcall[authorize]: module "preprocess" returns ok for request 0
radius_xlat:  '/usr/local/var/log/radius/radacct/11.0.0.2/auth-detail-20050601'
rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/11.0.0.2/auth-detail-20050601
  modcall[authorize]: module "auth_log" returns ok for request 0
  modcall[authorize]: module "chap" returns noop for request 0
  modcall[authorize]: module "mschap" returns noop for request 0
    rlm_realm: No '@' in User-Name = "igor", looking up realm NULL
    rlm_realm: Found realm "NULL"
    rlm_realm: Adding Stripped-User-Name = "igor"
    rlm_realm: Proxying request from user igor to realm NULL
    rlm_realm: Adding Realm = "NULL"
    rlm_realm: Preparing to proxy authentication request to realm "NULL"
  modcall[authorize]: module "suffix" returns updated for request 0
  rlm_eap: No EAP-Message, not doing EAP
  modcall[authorize]: module "eap" returns noop for request 0
    users: Matched entry DEFAULT at line 152
  modcall[authorize]: module "files" returns ok for request 0
modcall: group authorize returns updated for request 0
  Processing the pre-proxy section of radiusd.conf
modcall: entering group pre-proxy for request 0
radius_xlat:  '/usr/local/var/log/radius/radacct/11.0.0.2/pre-proxy-detail-20050601'
rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/pre-proxy-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/11.0.0.2/pre-proxy-detail-20050601
  modcall[pre-proxy]: module "pre_proxy_log" returns ok for request 0
    preproxy_users: Matched entry DEFAULT at line 17
radius_xlat:  ''
  modcall[pre-proxy]: module "files" returns ok for request 0
modcall: group pre-proxy returns ok for request 0
Sending Access-Request of id 0 to 11.0.0.5:1812
        User-Name = "igor"
        User-Password = "\330\014\257}"
        NAS-IP-Address = 11.0.0.2
        Proxy-State = 0x3330
        Calling-Station-Id := ""
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Reject packet from host 11.0.0.5:1812, id=0, length=43
        Reply-Message = "Authorization failed."
  Processing the post-proxy section of radiusd.conf
modcall: entering group post-proxy for request 0
radius_xlat:  '/usr/local/var/log/radius/radacct/11.0.0.2/post-proxy-detail-20050601'
rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/11.0.0.2/post-proxy-detail-20050601
  modcall[post-proxy]: module "post_proxy_log" returns ok for request 0
  modcall[post-proxy]: module "eap" returns noop for request 0
modcall: group post-proxy returns ok for request 0
Login incorrect (Home Server says so): [igor/\330\014\257}] (from client test port 0)
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 11.0.0.2:3187, id=30, length=44
Sending Access-Reject of id 30 to 11.0.0.2:3187
        Reply-Message = "Authorization failed."
--- Walking the entire request list ---
Waking up in 2 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 30 with timestamp 429db3c5
Nothing to do.  Sleeping until we see a request.

 
So, it receives replay only on sencond request. Application failed on the first request timeout.
What to do?
Thank you
 
 


Alan DeKok <aland at ox.org> wrote:
Maxim Hitrov wrote:
> Can i use FreeRadius as intermadiate Radius that will change and forward Access-Requests params?

Yes. You should be able to do this using the "preproxy_users" file:

DEFAULT
Calling-Station-Id = "%{Framed-IP-Address}"

Alan DeKok.
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20050601/333579f3/attachment.html>

More information about the Freeradius-Users mailing list