proxy questions

Sebastien Boucher cannibalist at gmail.com
Wed Mar 25 17:05:22 CET 2009


i don't know if this was asked before but here it goes :

we are currently using FreeRADIUS Version 1.1.1 that authenticates
local users via LDAP

I am trying to setup an IPASS realm for another company and can't get any
success .. here is what i have done so far:

i have the following in radiusd.conf

       realm IPASS {
               format = prefix
               delimiter = "/"
               ignore_default = yes
               ignore_null = yes
       }


i also uncommented IPASS  in authorize and preacct


and this is what i have in proxy.conf

realm IPASS {
      type             = radius
      authhost         = server.ip.here:1812
      accthost         = server.ip.here:1813
      secret           = ****
      retry_delay      = 10
      retry_count      = 3
      dead_time        = 1
      nostrip
}

realm NULL {
       type            = radius
       authhost        = LOCAL
       accthost        = LOCAL
}


this what i get when i run radiusd in debug :


rad_recv: Access-Request packet from host nas.ip.address:1645, id=82, length=168
        Framed-Protocol = PPP
        User-Name = "IPASS/user at company.com"
        User-Password = "somepassword"
        Called-Station-Id = "5143174746"
        Calling-Station-Id = "5148776026"
        Cisco-NAS-Port = "Async1/8/97"
        NAS-Port = 3013
        NAS-Port-Type = Async
        Service-Type = Framed-User
        NAS-IP-Address = nas.ip.address
        Acct-Session-Id = "0017A2FD"
        NAS-Identifier = "NAS01.MTLCNDS."
rlm_ldap: Entering ldap_groupcmp()
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: object not found or got ambiguous search result
rlm_ldap::ldap_groupcmp: search failed
rlm_ldap: ldap_release_conn: Release Id: 0
rlm_ldap: Entering ldap_groupcmp()
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: object not found or got ambiguous search result
rlm_ldap::ldap_groupcmp: search failed
rlm_ldap: ldap_release_conn: Release Id: 0
rlm_ldap: - authorize
rlm_ldap: performing user authorization for IPASS/user at company.com
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: object not found or got ambiguous search result
rlm_ldap: search failed
rlm_ldap: ldap_release_conn: Release Id: 0 Sending Access-Reject of id
82 to 206.80.253.252 port 1645


i am sure i am missing something .. if i understand radius is trying
to validate it in LDAP before sending the proxy request to the other
server

any help would be very appreciated

thanks

seb



More information about the Freeradius-Users mailing list