<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2900.3059" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2>Thank all for your help.</FONT></DIV>
<DIV><FONT face=Arial size=2>My freeradius with mysql is working
now.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Christian</FONT></DIV>
<BLOCKQUOTE
style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV style="FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV
style="BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: black"><B>From:</B>
<A title=linuxtrap@yahoo.co.in href="mailto:linuxtrap@yahoo.co.in">satish
patel</A> </DIV>
<DIV style="FONT: 10pt arial"><B>To:</B> <A
title=freeradius-users@lists.freeradius.org
href="mailto:freeradius-users@lists.freeradius.org">FreeRadius users mailing
list</A> </DIV>
<DIV style="FONT: 10pt arial"><B>Sent:</B> Friday, April 06, 2007 2:55
AM</DIV>
<DIV style="FONT: 10pt arial"><B>Subject:</B> Re: Problem with freeradius and
mysql</DIV>
<DIV><BR></DIV>Dear
all<BR><BR>
Here I am shareing my Knowledge. for freeradius users. i have done
freeradius-1.1.4 with mysql with cisco VPDN configuration as well as i have
configuraed per user base bandwidth configuration and simultanious user login
configuration i have sharing my configuration for my freeradius users<BR><BR>I
have cisco router with this configuration<BR><BR>aaa
new-model<BR>!<BR>!<BR>aaa group server radius
testing123<BR> server-private <A onclick="return ShowLinkWarning()"
href="http://71.5.250.243/" target=_blank rel=nofollow>71.5.250.243</A>
auth-port 1812 acct-port 1813 key tulipconnect<BR> ip radius
source-interface FastEthernet0/1<BR> deadtime 0<BR>!<BR>aaa
authentication login default local group radius group testing123<BR>aaa
authentication ppp default group testing123 local <BR>aaa authorization exec
default local group radius group testing123<BR>aaa authorization network
default group testing123 local<BR>aaa accounting update periodic 1<BR>aaa
accounting exec default start-stop group testing123<BR>aaa accounting network
default start-stop group testing123<BR>aaa accounting connection default
start-stop group
testing123<BR>!<BR><BR>_________________________________________________________
<BR><BR>My all user databases in mysql and simultanius login also in mysql
<BR><BR>mysql tables :-<BR><BR>mysql> select * from
radcheck;<BR>+----+----------+---------------+----+-------+<BR>| id | UserName
| Attribute | op | Value |
<BR>+----+----------+---------------+----+-------+<BR>| 1 |
satish | User-Password | := | tulip |<BR>| 2 |
priya | User-Password | := | tulip
|<BR>+----+----------+---------------+----+-------+<BR>2 rows in set (0.00
sec)<BR><BR><BR>mysql> select * from
radgroupcheck;;<BR>+----+-----------+------------------+----+-------+<BR>| id
| GroupName | Attribute | op | Value
|<BR>+----+-----------+------------------+----+-------+<BR>| 1 |
64KB | Simultaneous-Use | := |
1 |<BR>| 4 | 128KB |
Simultaneous-Use | := | 1
|<BR>+----+-----------+------------------+----+-------+<BR>2 rows in set (0.00
sec)<BR><BR><BR>mysql> select * from
radgroupreply;;<BR>+----+-----------+-----------------+----+--------------------------------------------------------------------------------------------------------+------+
<BR>| id | GroupName | Attribute | op |
Value
| prio
|<BR>+----+-----------+-----------------+----+--------------------------------------------------------------------------------------------------------+------+
<BR>| 1 | 64KB | Framed-Protocol | =
|
PPP
| 0 |<BR>| 2 | 64KB |
Framed-MTU | = |
1400
| 0 |<BR>| 3 | 64KB |
Service-Type | = |
Framed-User
| 0 |<BR>| 4 | 128KB |
Framed-Protocol | = |
PPP
| 0 |<BR>| 5 | 128KB |
Framed-MTU | = |
1450
| 0 |<BR>| 6 | 128KB |
Service-Type | = |
Framed-User
| 0 |<BR>| 7 | 128KB |
Cisco-Avpair | = | lcp:interface-config#1=rate-limit
output 128000 10000 10000 conform-action continue exceed-action drop
| 0 |
<BR>+----+-----------+-----------------+----+--------------------------------------------------------------------------------------------------------+------+<BR>7
rows in set (0.00 sec)<BR><BR><BR>mysql> select * from
usergroup;<BR>+----+----------+-----------+<BR>| id | UserName | GroupName
|<BR>+----+----------+-----------+<BR>| 1 | satish |
64KB |<BR>| 3 | priya |
128KB |<BR>+----+----------+-----------+<BR>2 rows in
set (0.00
sec)<BR><BR>________________________________________________________<BR><BR>Simultanious
Login configuration ( edit this file /etc/raddb/sql.conf
)<BR><BR> #######################################################################
<BR> # Simultaneous Use Checking
Queries<BR>
#######################################################################<BR>
# simul_count_query - query for the number of current
connections<BR>
#
- If this is not defined, no simultaneouls use
checking<BR>
#
- will be performed by this module
instance<BR> #
simul_verify_query - query to return details of current
connections for verification<BR>
#
- Leave blank or commented out to disable verification
step<BR>
#
- Note that the returned field order should not be
changed.<BR>
#######################################################################<BR><BR>
# Uncomment simul_count_query to enable simultaneous use checking
<BR> simul_count_query =
"SELECT COUNT(*) FROM ${acct_table1} WHERE UserName='%{SQL-User-Name}' AND
AcctStopTime = 0"<BR>
simul_verify_query = "SELECT RadAcctId, AcctSessionId, UserName, NASIPAddress,
NASPortId, FramedIPAddress, CallingStationId, FramedProtocol FROM
${acct_table1} WHERE UserName='%{SQL-User-Name}' AND AcctStopTime =
0"<BR><BR>____________________________________________________________<BR><BR><BR><BR>My
Sqlcounter.conf file for time limit for user and u cat read more about in
freeradius tarball doc directory there is some more help regarding
sqlcounter.conf<BR><BR>edit file
/etc/raddb/sqlcounter.conf<BR><BR>suse:/etc/raddb # cat
sqlcounter.conf<BR>sqlcounter noresetcounter
{<BR>
counter-name =
Max-All-Session-Time<BR>
check-name =
Max-All-Session<BR>
sqlmod-inst = sql
<BR> key =
User-Name<BR>
reset =
never<BR>
query = "SELECT SUM(AcctSessionTime) FROM radacct WHERE
UserName='%{%k}'"<BR><BR>}<BR><BR>sqlcounter dailycounter
{<BR> driver
=
"rlm_sqlcounter"<BR>
counter-name =
Daily-Session-Time<BR>
check-name =
Max-Daily-Session<BR>
sqlmod-inst =
sqlcca3<BR>
key =
User-Name<BR>
reset =
daily<BR>
query = "SELECT SUM(AcctSessionTime - GREATEST((%b -
UNIX_TIMESTAMP(AcctStartTime)), 0)) FROM radacct WHERE UserName='%{%k}' AND
UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime >
'%b'"<BR><BR>}<BR><BR>sqlcounter monthlycounter
{<BR>
counter-name =
Monthly-Session-Time<BR>
check-name =
Max-Monthly-Session<BR>
sqlmod-inst =
sqlcca3<BR>
key =
User-Name<BR>
reset =
monthly<BR>
query = "SELECT SUM(AcctSessionTime - GREATEST((%b -
UNIX_TIMESTAMP(AcctStartTime)), 0)) FROM radacct WHERE UserName='%{%k}' AND
UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime >
'%b'"<BR><BR>}<BR>___________________________________________________________<BR><BR>/etc/raddbd/client.conf<BR><BR><BR>My
client.conf u have to change NAS type when u use Simultanious use with
Mysql databases so take care of this configuration <BR><BR>In my care i have
useing other caz my cisco not support it so if u would use NAS type other it
will work fine ....enjoy<BR><BR>client <A onclick="return ShowLinkWarning()"
href="http://127.0.0.1/" target=_blank rel=nofollow>127.0.0.1</A>
{<BR>
secret =
testing123<BR>
shortname = localhost<BR>}<BR>client <A
onclick="return ShowLinkWarning()" href="http://71.5.250.199/" target=_blank
rel=nofollow>71.5.250.199</A> {<BR>
secret = tulipconnect
<BR>
shortname =
test<BR>
nastype = other
<---------- ( care full about it if u want to simultanous user tih
mysql )
<BR>}<BR><BR>_________________________________________________________<BR><BR>/etc/raddb/radius.conf<BR><BR>My
main radius.conf file <BR><BR>prefix = /usr<BR>exec_prefix =
${prefix}<BR>sysconfdir = /etc<BR>localstatedir = /var <BR>sbindir =
${exec_prefix}/sbin<BR>logdir = ${localstatedir}/log/radius<BR>raddbdir =
${sysconfdir}/raddb<BR>radacctdir = ${logdir}/radacct<BR>confdir =
${raddbdir}<BR>run_dir = ${localstatedir}/run/radiusd<BR>log_file =
${logdir}/radius.log<BR>libdir = /usr/lib/freeradius<BR>pidfile =
${run_dir}/radiusd.pid<BR>user = radiusd<BR>group =
radiusd<BR>max_request_time = 30<BR>delete_blocked_requests = no
<BR>cleanup_delay = 5<BR>max_requests = 1024<BR>bind_address = *<BR>port =
0<BR>hostname_lookups = no<BR>allow_core_dumps =
no<BR>regular_expressions =
yes<BR>extended_expressions = yes<BR>log_stripped_names =
no<BR>log_auth = yes<BR>log_auth_badpass = yes<BR>log_auth_goodpass =
no<BR>usercollide = no<BR>lower_user = no<BR>lower_pass = no<BR>nospace_user =
no<BR>nospace_pass = no<BR>checkrad = ${sbindir}/checkrad<BR>security
{<BR> max_attributes = 200
<BR> reject_delay =
1<BR> status_server =
no<BR>}<BR>proxy_requests = yes<BR>$INCLUDE
${confdir}/proxy.conf<BR>$INCLUDE
${confdir}/clients.conf<BR>snmp = no<BR>$INCLUDE
${confdir}/snmp.conf<BR>thread pool
{<BR> start_servers =
5<BR> max_servers =
32<BR> min_spare_servers =
3<BR> max_spare_servers =
10<BR> max_requests_per_server = 0
<BR>}<BR>modules {<BR> $INCLUDE
${confdir}/sqlcounter.conf<BR><BR>
pap
{<BR>
encryption_scheme = crypt<BR>
}<BR> chap
{<BR>
authtype = CHAP<BR>
}<BR> pam
{<BR>
pam_auth = radiusd<BR>
}<BR> unix
{<BR>
cache =
no<BR>
cache_reload =
600<BR>
radwtmp = ${logdir}/radwtmp<BR>
}<BR>$INCLUDE
${confdir}/eap.conf<BR> mschap
{<BR>
authtype = MS-CHAP<BR><BR>
}<BR> ldap
{<BR>
server =
"ldap.your.domain"<BR>
basedn = "o=My
Org,c=UA"<BR>
filter =
"(uid=%{Stripped-User-Name:-%{User-Name}})"<BR>
start_tls =
no<BR>
access_attr =
"dialupAccess"<BR>
dictionary_mapping =
${raddbdir}/ldap.attrmap<BR>
ldap_connections_number =
5<BR>
edir_account_policy_check=no<BR>
timeout =
4<BR>
timelimit =
3<BR>
net_timeout = 1<BR>
}<BR> realm IPASS
{<BR>
format =
prefix<BR>
delimiter = "/"
<BR>
ignore_default =
no<BR>
ignore_null = no<BR>
}<BR> realm suffix
{<BR>
format =
suffix<BR>
delimiter =
"@"<BR>
ignore_default =
no<BR>
ignore_null = no<BR>
}<BR> realm realmpercent {
<BR>
format =
suffix<BR>
delimiter =
"%"<BR>
ignore_default =
no<BR>
ignore_null = no<BR>
}<BR> realm ntdomain
{<BR>
format =
prefix<BR>
delimiter =
"\\"<BR>
ignore_default =
no<BR>
ignore_null = no <BR>
}<BR> checkval
{<BR>
item-name =
Calling-Station-Id<BR>
check-name =
Calling-Station-Id<BR>
data-type = string<BR>
}<BR><BR> preprocess
{<BR>
huntgroups =
${confdir}/huntgroups<BR>
hints = ${confdir}/hints
<BR>
with_ascend_hack =
no<BR>
ascend_channels_per_line =
23<BR>
with_ntdomain_hack =
no<BR>
with_specialix_jetstream_hack =
no<BR>
with_cisco_vsa_hack = no<BR>
}<BR> files
{<BR>
usersfile =
${confdir}/users<BR>
acctusersfile = ${confdir}/acct_users
<BR>
preproxy_usersfile =
${confdir}/preproxy_users<BR>
compat = no<BR>
}<BR> detail
{<BR>
detailfile =
${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d<BR>
detailperm = 0600<BR>
}<BR> acct_unique
{<BR>
key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address,
NAS-Port"<BR>
}<BR> $INCLUDE
${confdir}/sql.conf<BR><BR><BR>
radutmp
{<BR>
filename =
${logdir}/radutmp<BR>
username =
%{User-Name}<BR>
case_sensitive =
yes<BR>
check_with_nas =
yes<BR>
perm =
0600<BR>
callerid = "yes"<BR>
}<BR> radutmp sradutmp
{<BR>
filename = ${logdir}/sradutmp
<BR>
perm =
0644<BR>
callerid = "no"<BR>
}<BR> attr_filter
{<BR>
attrsfile = ${confdir}/attrs<BR>
}<BR> counter daily
{<BR>
filename =
${raddbdir}/db.daily<BR>
key =
User-Name<BR>
count-attribute = Acct-Session-Time
<BR>
reset =
daily<BR>
counter-name =
Daily-Session-Time<BR>
check-name =
Max-Daily-Session<BR>
allowed-servicetype =
Framed-User<BR>
cache-size = 5000<BR>
}<BR> always fail
{<BR>
rcode = fail <BR>
}<BR> always reject
{<BR>
rcode = reject<BR>
}<BR> always ok
{<BR>
rcode =
ok<BR>
simulcount =
0<BR>
mpp = no<BR>
}<BR> expr
{<BR>
}<BR> digest
{<BR>
}<BR> exec
{<BR>
wait =
yes<BR>
input_pairs = request<BR>
}<BR> exec echo
{<BR>
wait =
yes<BR>
program = "/bin/echo
%{User-Name}"<BR>
input_pairs =
request<BR>
output_pairs = reply<BR>
}<BR> ippool main_pool {
<BR>
range-start = <A onclick="return ShowLinkWarning()" href="http://192.168.1.1/"
target=_blank
rel=nofollow>192.168.1.1</A><BR>
range-stop = <A onclick="return ShowLinkWarning()"
href="http://192.168.3.254/" target=_blank
rel=nofollow>192.168.3.254</A><BR>
netmask = <A onclick="return ShowLinkWarning()" href="http://255.255.255.0/"
target=_blank
rel=nofollow>255.255.255.0</A><BR>
cache-size =
800<BR>
session-db =
${raddbdir}/db.ippool<BR>
ip-index = ${raddbdir}/db.ipindex
<BR>
override =
no<BR>
maximum-timeout = 0<BR>
}<BR>}<BR>instantiate {<BR>
exec<BR> expr<BR>}<BR>authorize
{<BR>
preprocess<BR><BR>
chap<BR>
mschap<BR>
suffix<BR>
sql<BR>
noresetcounter<BR>
dailycounter<BR>
monthlycounter<BR>
daily<BR>}<BR>authenticate {<BR>
Auth-Type PAP
{<BR>
pap<BR>
}<BR> Auth-Type CHAP
{<BR>
chap<BR>
}<BR> Auth-Type MS-CHAP
{<BR>
mschap<BR> }<BR>}<BR>preacct
{<BR>
preprocess<BR>
acct_unique<BR>
suffix<BR> files<BR>}<BR>accounting
{<BR>
detail<BR>
daily<BR>
unix<BR>
sql<BR> radutmp <BR>}<BR>session
{<BR> sql<BR>}<BR>post-auth
{<BR>}<BR>pre-proxy {<BR>}<BR>post-proxy
{<BR> eap<BR>}<BR><BR><B><I>Alan
DeKok <aland@deployingradius.com></I></B> wrote:
<BLOCKQUOTE class=replbq
style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: rgb(16,16,255) 2px solid">José
Christian Rodríguez wrote:<BR>...<BR>> *ERROR: Cannot find a
configuration entry for module "sql".<BR>> radiusd.conf[1801] Unknown
module "sql".<BR>> radiusd.conf[1730] Failed to parse authorize
section.<BR><BR>You didn't configure the SQL module.<BR><BR>Read
radiusd.conf, and look for the word "sql". Configure it. Also<BR>see
"sql.conf".<BR><BR>Alan DeKok.<BR>--<BR>http://deployingradius.com - The web
site of the book<BR>http://deployingradius.com/blog/ - The blog<BR>-
<BR>List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html<BR></BLOCKQUOTE><BR><BR><BR>$ cat
~/satish/url.txt<BR><BR>System administrator ( Data Center )<BR><BR>please
visit this site<BR><BR>http://linux.tulipit.com
<P>
<HR SIZE=1>
</HR>Here’s a new way to find what you're looking for - <A
href="http://us.rd.yahoo.com/mail/in/yanswers/*http://in.answers.yahoo.com/">Yahoo!
Answers</A>
<P>
<HR>
<P></P>- <BR>List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html</BLOCKQUOTE></BODY></HTML>