FreeRADIUS + Mysql + xl2tpd and pptpd

Matthew Newton mcn4 at leicester.ac.uk
Thu Nov 15 21:10:21 CET 2012


Can't help much, as I didn't set up our system, but have you tried
"require authentication = no" in xl2tpd.conf? You've got auth in
IPsec (one assumes), and also in PPP (CHAP; we use MSCHAPv2 for
Windows compatibility), so my understanding is you don't need it
in L2TP as well, which goes inside IPsec.

Just make sure you have an iptables rule to block direct access to
L2TP, and force it through IPsec.

But really, this isn't a FreeRADIUS question...

Matthew


On Thu, Nov 15, 2012 at 09:33:28PM +0200, Dmitry Korzhevin wrote:
> Here, is links to logs on pastebin service:
> 
> freeradius_debug_log (freeradius -X): http://dpaste.com/831692/
> xl2tpd_debug_log (xl2tpd -D): http://dpaste.com/831693/
> /etc/xl2tpd/xl2tpd.conf http://dpaste.com/831695/
> /etc/ppp/options.xl2tpd http://dpaste.com/831696/
> 
> Guys, i just need "another eyes" to look at config files.. Strange,
> that ipsec auth with same freeradius server works without any
> problems, while xl2tpd - doesn't
> 
> 15.11.2012 12:52, Dmitry Korzhevin пишет:
> >Hello,
> >
> >Can anyone please share working configs for freeradius + xl2tpd or
> >pptpd? Radius server is already configured, and works with mysql backend
> >+ strongSwan ipsec (dirrect connection). But, i try several pptpd /
> >xl2tpd configurations, and suddenly they doesn't work..
> >
> >I even try configuration from wiki:
> >http://wiki.freeradius.org/config/PopTop
> >
> >And it is not working.
> >
> >I use Debian 6.0.6 x86_64, freeradius 2.1.10+dfsg-2+squeeze1, xl2tpd
> >1.2.7+dfsg-1, pptpd 1.3.4-3
> >
> >
> >
> >Best Regards,
> >Dmitry
> >
> >---
> >Dmitry KORZHEVIN
> >System Administrator
> >STIDIA S.A. - Luxembourg
> >
> >e: dmitry.korzhevin at stidia.com
> >m: +38 093 874 5453
> >w: http://www.stidia.com
> >
> >
> >
> >-
> >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> >
> 
> Best Regards,
> Dmitry
> 
> ---
> Dmitry KORZHEVIN
> System Administrator
> STIDIA S.A. - Luxembourg
> 
> e: dmitry.korzhevin at stidia.com
> m: +38 093 874 5453
> w: http://www.stidia.com
> 



> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


-- 
Matthew Newton, Ph.D. <mcn4 at le.ac.uk>

Systems Architect (UNIX and Networks), Network Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom

For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>


More information about the Freeradius-Users mailing list