static IP's with rlm_perl

Michael Gale Michael.Gale at pason.com
Fri Oct 20 03:27:06 CEST 2006 

Hello,

Here is the debug info:

>From the information it looks like I have added the information correctly however it is not sent to the client:
--snip--
rlm_perl: Added pair Framed-Protocol = PPP
rlm_perl: Added pair Framed-Netmask = 255.255.255.255
rlm_perl: Added pair Service-Type = Framed-User
rlm_perl: Added pair Framed-IP-Address = 192.168.77.200
rlm_perl: Added pair Framed-Compression = Van-Jacobson-TCP-IP
rlm_perl: Added pair Framed-MTU = 576
rlm_perl: Added pair Framed-Protocol = PPP
rlm_perl: Added pair NT-Password = 213C197ADF831F46188DC68E3F46860F
rlm_perl: Added pair Service-Type = Framed-User
rlm_perl: Added pair Auth-Type = MS-CHAP
......
Sending Access-Accept of id 70 to 127.0.0.1 port 32809
        Framed-IP-Address = 255.255.255.254
        Framed-MTU = 576
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Framed-Compression = Van-Jacobson-TCP-IP
        Framed-Netmask = 255.255.255.255
        MS-CHAP2-Success = 0xa4533d41433543323433323341454632313338464643433730443243453533314646353533423131354634
        MS-MPPE-Recv-Key = 0xae0f9b99af199f01fe9ab857a793739a
        MS-MPPE-Send-Key = 0x3c24917e4b02abdc1bd303ea21d95b71
        MS-MPPE-Encryption-Policy = 0x00000002
        MS-MPPE-Encryption-Types = 0x00000004
--snip--

So any feedback would be helpful, the whole debug info is below:

--snip--
rad_recv: Access-Request packet from host 127.0.0.1:32809, id=70, length=146
        Service-Type = Framed-User
        Framed-Protocol = PPP
        User-Name = "rigvpn_user1"
        MS-CHAP-Challenge = 0xee068979e7bafef383f8c90f3520d8e9
        MS-CHAP2-Response = 0xa400809dff2ecb2017413f1b7b5b71e5e1f30000000000000000cee84de052f0d485d683d9350d9fd4b4410744a13cc2de0c
        Calling-Station-Id = ".271"
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 0
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
  modcall[authorize]: module "preprocess" returns ok for request 0
  modcall[authorize]: module "chap" returns noop for request 0
  rlm_mschap: Found MS-CHAP attributes.  Setting 'Auth-Type  = mschap'
  modcall[authorize]: module "mschap" returns ok for request 0
    users: Matched entry DEFAULT at line 152
    users: Matched entry DEFAULT at line 175
    users: Matched entry DEFAULT at line 187
  modcall[authorize]: module "files" returns ok for request 0
perl_pool: item 0x8eecac0 asigned new request. Handled so far: 1
found interpetator at address 0x8eecac0
rlm_perl: PASON RPM AUTH REQUEST: Service-Type = Framed-User
rlm_perl: PASON RPM AUTH REQUEST: Calling-Station-Id = .271
rlm_perl: PASON RPM AUTH REQUEST: MS-CHAP-Challenge = 0xee068979e7bafef383f8c90f3520d8e9
rlm_perl: PASON RPM AUTH REQUEST: Client-IP-Address = 127.0.0.1
rlm_perl: PASON RPM AUTH REQUEST: Framed-Protocol = PPP
rlm_perl: PASON RPM AUTH REQUEST: User-Name = rigvpn_user1
rlm_perl: PASON RPM AUTH REQUEST: MS-CHAP2-Response = 0xa400809dff2ecb2017413f1b7b5b71e5e1f30000000000000000cee84de052f0d485d683d9350d9fd4b4410744a13cc2de0c
rlm_perl: PASON RPM AUTH REQUEST: NAS-IP-Address = 127.0.0.1
rlm_perl: PASON RPM AUTH REQUEST: NAS-Port = 0
rlm_perl: Added pair Framed-Protocol = PPP
rlm_perl: Added pair Framed-Netmask = 255.255.255.255
rlm_perl: Added pair Service-Type = Framed-User
rlm_perl: Added pair Framed-IP-Address = 192.168.77.200
rlm_perl: Added pair Framed-Compression = Van-Jacobson-TCP-IP
rlm_perl: Added pair Framed-MTU = 576
rlm_perl: Added pair Framed-Protocol = PPP
rlm_perl: Added pair NT-Password = 213C197ADF831F46188DC68E3F46860F
rlm_perl: Added pair Service-Type = Framed-User
rlm_perl: Added pair Auth-Type = MS-CHAP
perl_pool total/active/spare [32/0/32]
Unreserve perl at address 0x8eecac0
  modcall[authorize]: module "perl" returns ok for request 0
modcall: leaving group authorize (returns ok) for request 0
  rad_check_password:  Found Auth-Type MS-CHAP
auth: type "MS-CHAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group MS-CHAP for request 0
  rlm_mschap: No User-Password configured.  Cannot create LM-Password.
  rlm_mschap: Found NT-Password
  rlm_mschap: Told to do MS-CHAPv2 for rigvpn_user1 with NT-Password
rlm_mschap: adding MS-CHAPv2 MPPE keys
  modcall[authenticate]: module "mschap" returns ok for request 0
modcall: leaving group MS-CHAP (returns ok) for request 0
Login OK: [rigvpn_user1/<no User-Password attribute>] (from client localhost port 0 cli .271)
Sending Access-Accept of id 70 to 127.0.0.1 port 32809
        Framed-IP-Address = 255.255.255.254
        Framed-MTU = 576
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Framed-Compression = Van-Jacobson-TCP-IP
        Framed-Netmask = 255.255.255.255
        MS-CHAP2-Success = 0xa4533d41433543323433323341454632313338464643433730443243453533314646353533423131354634
        MS-MPPE-Recv-Key = 0xae0f9b99af199f01fe9ab857a793739a
        MS-MPPE-Send-Key = 0x3c24917e4b02abdc1bd303ea21d95b71
        MS-MPPE-Encryption-Policy = 0x00000002
        MS-MPPE-Encryption-Types = 0x00000004
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 70 with timestamp 4538235e
Nothing to do.  Sleeping until we see a request.
--snip--

Michael

-----Original Message-----
From: freeradius-users-bounces+michael.gale=pason.com at lists.freeradius.org on behalf of Alan DeKok
Sent: Thu 10/19/2006 4:21 PM
To: FreeRadius users mailing list
Subject: Re: static IP's with rlm_perl 
 
Michael Gale <michael.gale at pason.com> wrote:
> 	I thought I could assign the IP by using the method below:
> 
>          $RAD_REPLY{'Framed-IP-Address'} = '192.168.77.200';
>          $RAD_REPLY{'Framed-Netmask'}= '255.255.255.255';
>          $RAD_REPLY{'Framed-Protocol'} = 'PPP';
>          $RAD_REPLY{'Service-Type'} = 'Framed-User';
> 
> However it looks like the IP is not being sent back to the client.

  Did you run the server in DEBUGGING MODE to see if it sent that
address in the Access-Accept?  If not, why are you avoiding the one
tool that will give you the most information about what's really going
on?  If you did run it in debugging mode, why didn't you post the
output here?

  Honestly... repeating the same comment that you're trying to assign
a static IP a second time doesn't help.  Giving more information as
suggested in the FAQ, README, INSTALL, "man" page, and daily on this
list would help.

  Alan DeKok.
--
  http://deployingradius.com       - The web site of the book
  http://deployingradius.com/blog/ - The blog
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

-------------- next part --------------
A non-text attachment was scrubbed...
Name: winmail.dat
Type: application/ms-tnef
Size: 5623 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20061019/6e762950/attachment.bin>

More information about the Freeradius-Users mailing list