Question on attributes

Tiago sytker at gmail.com
Thu Jan 17 12:29:30 CET 2013 

Hello everyone,
I'm struggling with something that should be simple to fix.

I have a rp-pppoe NAS server here that correctly understand a few
attributes (radreply) that come from freeradius 1.x (w/mysql
database). Example:

Download (for download rates) attribute

Simple real example, from pppoe server:
# cat /var/run/radattr.ppp479
....
Framed-Compression Van-Jacobson-TCP-IP
Framed-Protocol PPP
Framed-MTU 1500
Download 12000
Upload 3072

Its ok.

However, when I change the auth target to redirect auth requests to my
freeradius 2.x (using the same database as freeradius 1.x), I will get
the customer authenticated perfectly, but:
# cat /var/run/radattr.pppxxx
....
Framed-Compression Van-Jacobson-TCP-IP
Framed-Protocol PPP
Framed-MTU 1500

Without Download/Upload attributes.

Debugging my freeradius 2.x I get a few relevant lines:

including dictionary file /etc/freeradius/dictionary (which contains
the same attributes as freeradius 1.x, including Download/Upload)

.... few sql lines here...
[sql]   expand: SELECT id, username, attribute, value, op
FROM radcheck           WHERE username = '%{SQL-User-Name}'
ORDER BY id -> SELECT id, username, attribute, value, op
FROM radcheck           WHERE username = 'lokan'           ORDER BY id
[sql] User found in radcheck table
[sql]   expand: SELECT id, username, attribute, value, op
FROM radreply           WHERE username = '%{SQL-User-Name}'
ORDER BY id -> SELECT id, username, attribute, value, op
FROM radreply           WHERE username = 'lokan'           ORDER BY id

.... few other SQL lines here
rlm_sql (sql): Released sql socket id: 19
++[sql] returns ok

Found Auth-Type = PAP
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!    Replacing User-Password in config items with Cleartext-Password.     !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Please update your configuration so that the "known good"               !!!
!!! clear text password is in Cleartext-Password, and not in User-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# Executing group from file /etc/freeradius/sites-enabled/default
+- entering group PAP {...}
[pap] login attempt with password "852236"
[pap] Using clear text password "852236"
[pap] User authenticated successfully
++[pap] returns ok
Login OK: [lokan/852236] (from client pppoe01 port 110 cli 52:E6:FC:9C:54:E7)
#

+- entering group post-auth {...}
++[exec] returns noop
Sending Access-Accept of id 192 to NASPPPOE01 port 48956
        Framed-Protocol = PPP
        Framed-Compression = Van-Jacobson-TCP-IP
        Cliente = "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
        Framed-MTU = 1500
        WISPr-Bandwidth-Max-Down = 256000
        WISPr-Bandwidth-Max-Up = 256000
Finished request 0.
Going to the next request

What I'm missing? it seems like the attributes are not being sent to
NAS, but I could be wrong.

Thanks in advance for any help.

More information about the Freeradius-Users mailing list