Trouble setting up vmps with 3.0.8 (3 series)
Manny
mvarroyo3+freeradius at gmail.com
Wed Jun 17 02:29:43 CEST 2015
Sorry Alan,
I did not intend to be impolite or offend. I included the config files just
in case anyone noticed anything 'odd'. and will refrain.
i've redone everything, and have finally gotten vmps responses. to test, i
have used the check_vmps package from nagios and it appears to work at
least from what I am seeing in the freeradius respones. Has anybody noticed
any odd behavior with freeradius when a mac address have letters in it? It
is like freeradius does not parse these macs correctly to assign it to the
correct vlan.
Example:
mac2vlan file:
00:01:02:03:04:05,VLAN1
03:04:05:06:07:08,VLAN2
03:04:05:06:07:18,VLAN3
03:04:05:06:A7:18,VLAN4
03:04:05:06:B7:18,VLAN4
03:04:05:06:A8:18,VLAN4
03:04:05:06:A9:18,VLAN5
unix# ./check_vmps -s 192.168.2.25 -m 00:01:02:03:04:05
VMPS OK - Vlan: VLAN1, MAC Address: 000102030405, Status: ALLOW
unix#
unix# ./check_vmps -s 192.168.2.25 -m 03:04:05:06:07:08
VMPS OK - Vlan: VLAN2, MAC Address: 030405060708, Status: ALLOW
unix#
unix# ./check_vmps -s 192.168.2.25 -m 03:04:05:06:07:18
VMPS OK - Vlan: VLAN3, MAC Address: 030405060718, Status: ALLOW
unix#
unix# ./check_vmps -s 192.168.2.25 -m 03:04:05:06:A7:18
VMPS OK - Vlan: please_use_real_vlan_here, MAC Address: 03040506a718,
Status: ALLOW
unix#
unix# ./check_vmps -s 192.168.2.25 -m 03:04:05:06:A9:18
VMPS OK - Vlan: please_use_real_vlan_here, MAC Address: 03040506a918,
Status: ALLOW
unix#
unix# ./check_vmps -s 192.168.2.25 -m 03:04:05:06:A8:18
VMPS OK - Vlan: please_use_real_vlan_here, MAC Address: 03040506a818,
Status: ALLOW
unix#
unix# ./check_vmps -s 192.168.2.25 -m 03:04:05:06:07:18
VMPS OK - Vlan: VLAN3, MAC Address: 030405060718, Status: ALLOW
unix#
unix# ./check_vmps -s 192.168.2.25 -m 00:01:02:03:04:05
VMPS OK - Vlan: VLAN1, MAC Address: 000102030405, Status: ALLOW
unix#
debug information:
Ready to process requests
VMPS-Packet-Type = VMPS-Join-Request
VMPS-Error-Code = VMPS-No-Error
VMPS-Sequence-Number = 4660
VMPS-Client-IP-Address = 127.0.0.1
VMPS-Port-Name = 'Fa0/1'
VMPS-VLAN-Name = ''
VMPS-Domain-Name = ''
VMPS-Unknown = 0x00
VMPS-MAC = 03:04:05:06:07:18
(2) Received Access-Request Id 4660 from 192.168.2.5:50874 to
192.168.2.25:1589 length 60
(2) VMPS-Packet-Type = VMPS-Join-Request
(2) VMPS-Error-Code = VMPS-No-Error
(2) VMPS-Sequence-Number = 4660
(2) VMPS-Client-IP-Address = 127.0.0.1
(2) VMPS-Port-Name = 'Fa0/1'
(2) VMPS-VLAN-Name = ''
(2) VMPS-Domain-Name = ''
(2) VMPS-Unknown = 0x00
(2) VMPS-MAC = 03:04:05:06:07:18
Doing VMPS
(2) vmps {
(2) if (!&VMPS-Mac) {
(2) if (!&VMPS-Mac) -> FALSE
(2) mac2vlan: Added VMPS-VLAN-Name: 'VLAN3' to reply_items
(2) [mac2vlan] = ok
(2) update reply {
(2) &VMPS-Packet-Type = VMPS-Join-Response
(2) &VMPS-Cookie = &VMPS-MAC -> 03:04:05:06:07:18
(2) &VMPS-VLAN-Name = "please_use_real_vlan_here"
(2) } # update reply = noop
(2) if (&VMPS-Packet-Type == VMPS-Reconfirm-Request){
(2) if (&VMPS-Packet-Type == VMPS-Reconfirm-Request) -> FALSE
(2) } # vmps = ok
Done VMPS
(2) vmps {
(2) if (!&VMPS-Mac) {
(2) if (!&VMPS-Mac) -> FALSE
(2) mac2vlan: Added VMPS-VLAN-Name: 'VLAN3' to reply_items
(2) [mac2vlan] = ok
(2) update reply {
(2) &VMPS-Packet-Type = VMPS-Join-Response
(2) &VMPS-Cookie = &VMPS-MAC -> 03:04:05:06:07:18
(2) &VMPS-VLAN-Name = "please_use_real_vlan_here"
(2) } # update reply = noop
(2) if (&VMPS-Packet-Type == VMPS-Reconfirm-Request){
(2) if (&VMPS-Packet-Type == VMPS-Reconfirm-Request) -> FALSE
(2) } # vmps = ok
(2) Sent Access-Accept Id 4660 from 192.168.2.25:1589 to
192.168.2.5:50874 length
0
VMPS-VLAN-Name = 'VLAN3'
VMPS-Cookie = 03:04:05:06:07:18
(2) Finished request
Waking up in 4.9 seconds.
(2) <done>: Cleaning up request packet ID 4660 with timestamp +40
Ready to process requests
VMPS-Packet-Type = VMPS-Join-Request
VMPS-Error-Code = VMPS-No-Error
VMPS-Sequence-Number = 4660
VMPS-Client-IP-Address = 127.0.0.1
VMPS-Port-Name = 'Fa0/1'
VMPS-VLAN-Name = ''
VMPS-Domain-Name = ''
VMPS-Unknown = 0x00
VMPS-MAC = 00:01:02:03:04:05
(3) Received Access-Request Id 4660 from 192.168.2.5:50875 to
192.168.2.25:1589 length 60
(3) VMPS-Packet-Type = VMPS-Join-Request
(3) VMPS-Error-Code = VMPS-No-Error
(3) VMPS-Sequence-Number = 4660
(3) VMPS-Client-IP-Address = 127.0.0.1
(3) VMPS-Port-Name = 'Fa0/1'
(3) VMPS-VLAN-Name = ''
(3) VMPS-Domain-Name = ''
(3) VMPS-Unknown = 0x00
(3) VMPS-MAC = 00:01:02:03:04:05
Doing VMPS
(3) vmps {
(3) if (!&VMPS-Mac) {
(3) if (!&VMPS-Mac) -> FALSE
(3) mac2vlan: Added VMPS-VLAN-Name: 'VLAN1' to reply_items
(3) [mac2vlan] = ok
(3) update reply {
(3) &VMPS-Packet-Type = VMPS-Join-Response
(3) &VMPS-Cookie = &VMPS-MAC -> 00:01:02:03:04:05
(3) &VMPS-VLAN-Name = "please_use_real_vlan_here"
(3) } # update reply = noop
(3) if (&VMPS-Packet-Type == VMPS-Reconfirm-Request){
(3) if (&VMPS-Packet-Type == VMPS-Reconfirm-Request) -> FALSE
(3) } # vmps = ok
Done VMPS
(3) vmps {
(3) if (!&VMPS-Mac) {
(3) if (!&VMPS-Mac) -> FALSE
(3) mac2vlan: Added VMPS-VLAN-Name: 'VLAN1' to reply_items
(3) [mac2vlan] = ok
(3) update reply {
(3) &VMPS-Packet-Type = VMPS-Join-Response
(3) &VMPS-Cookie = &VMPS-MAC -> 00:01:02:03:04:05
(3) &VMPS-VLAN-Name = "please_use_real_vlan_here"
(3) } # update reply = noop
(3) if (&VMPS-Packet-Type == VMPS-Reconfirm-Request){
(3) if (&VMPS-Packet-Type == VMPS-Reconfirm-Request) -> FALSE
(3) } # vmps = ok
(3) Sent Access-Accept Id 4660 from 192.168.2.25:1589 to
192.168.2.5:50875 length
0
VMPS-VLAN-Name = 'VLAN1'
VMPS-Cookie = 00:01:02:03:04:05
(3) Finished request
Waking up in 4.9 seconds.
(3) <done>: Cleaning up request packet ID 4660 with timestamp +221
Ready to process requests
thanks again,
--
Manuel
More information about the Freeradius-Users
mailing list