Hi martin,<br>i have enabled all the following things in eap.conf....but still the supplicant shows attempting to authenticate.....i am using winXp as supplicant.....what will be the configuration setting in winxp....it asks
<br>log in name..password..and domain name...what is that domain name.....i am giving the user name and password as same as i have written in "users" file in RADIUS server....but what should i put in domain name....you plz help me how should i set the supplicant......
<br><br>with thanks...<br>apangshu<br><br> eap {<br>> default_eap_type = peap<br>> timer_expire = 60<br>> ignore_unknown_eap_types = no<br>> cisco_accounting_username_bug = no
<br>><br>> md5 {<br>> }<br>><br>> tls {<br>> ...<br>> }<br>><br>> ttls {<br>> ...<br>> }<br>
> peap {<br>> ...<br>> }<br>> >>> mschapv2 {<br>> >>> }<br>> }<br>><br><div><span class="gmail_quote">On 6/11/07,
<b class="gmail_sendername"><a href="mailto:freeradius-users-request@lists.freeradius.org">freeradius-users-request@lists.freeradius.org</a></b> <<a href="mailto:freeradius-users-request@lists.freeradius.org">freeradius-users-request@lists.freeradius.org
</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Send Freeradius-Users mailing list submissions to<br> <a href="mailto:freeradius-users@lists.freeradius.org">
freeradius-users@lists.freeradius.org</a><br><br>To subscribe or unsubscribe via the World Wide Web, visit<br> <a href="http://lists.freeradius.org/mailman/listinfo/freeradius-users">http://lists.freeradius.org/mailman/listinfo/freeradius-users
</a><br>or, via email, send a message with subject or body 'help' to<br> <a href="mailto:freeradius-users-request@lists.freeradius.org">freeradius-users-request@lists.freeradius.org</a><br><br>You can reach the person managing the list at
<br> <a href="mailto:freeradius-users-owner@lists.freeradius.org">freeradius-users-owner@lists.freeradius.org</a><br><br>When replying, please edit your Subject line so it is more specific<br>than "Re: Contents of Freeradius-Users digest..."
<br><br><br>Today's Topics:<br><br> 1. help in setting up PEAP in freeRADIUS with winXp (Apangshu Saha)<br><br><br>----------------------------------------------------------------------<br><br>Message: 1<br>Date: Mon, 11 Jun 2007 20:38:36 +0530
<br>From: "Apangshu Saha" <<a href="mailto:apangshu@gmail.com">apangshu@gmail.com</a>><br>Subject: help in setting up PEAP in freeRADIUS with winXp<br>To: <a href="mailto:freeradius-users@lists.freeradius.org">
freeradius-users@lists.freeradius.org</a><br>Message-ID:<br> <<a href="mailto:c52421460706110808x6fe85e32w7e88da881b7938a5@mail.gmail.com">c52421460706110808x6fe85e32w7e88da881b7938a5@mail.gmail.com</a>><br>Content-Type: text/plain; charset="iso-8859-1"
<br><br>Hi Martin,<br>Thanks for your reply.Everything you mentioned is configured in eap.conf<br>file.Still i am facing the problem.<br>Plz let me know how to proceed to fix it.<br><br>With thanks...<br>Apangshu<br><br>On 6/11/07,
<a href="mailto:freeradius-users-request@lists.freeradius.org">freeradius-users-request@lists.freeradius.org</a> <<br><a href="mailto:freeradius-users-request@lists.freeradius.org">freeradius-users-request@lists.freeradius.org
</a>> wrote:<br>><br>> Send Freeradius-Users mailing list submissions to<br>> <a href="mailto:freeradius-users@lists.freeradius.org">freeradius-users@lists.freeradius.org</a><br>><br>> To subscribe or unsubscribe via the World Wide Web, visit
<br>> <a href="http://lists.freeradius.org/mailman/listinfo/freeradius-users">http://lists.freeradius.org/mailman/listinfo/freeradius-users</a><br>> or, via email, send a message with subject or body 'help' to
<br>> <a href="mailto:freeradius-users-request@lists.freeradius.org">freeradius-users-request@lists.freeradius.org</a><br>><br>> You can reach the person managing the list at<br>> <a href="mailto:freeradius-users-owner@lists.freeradius.org">
freeradius-users-owner@lists.freeradius.org</a><br>><br>> When replying, please edit your Subject line so it is more specific<br>> than "Re: Contents of Freeradius-Users digest..."<br>><br>><br>> Today's Topics:
<br>><br>> 1. Re: help in setting up PEAP in freeRADIUS with winXp<br>> supplicant (Martin Gadbois)<br>> 2. Re: Freeradius as a secondary (Jeff)<br>> 3. Re: Big "VSA + Proxy" problem (Guilherme Franco)
<br>><br>><br>> ----------------------------------------------------------------------<br>><br>> Message: 1<br>> Date: Mon, 11 Jun 2007 09:28:27 -0400<br>> From: Martin Gadbois <<a href="mailto:martin.gadbois@colubris.com">
martin.gadbois@colubris.com</a>><br>> Subject: Re: help in setting up PEAP in freeRADIUS with winXp<br>> supplicant<br>> To: FreeRadius users mailing list<br>> <<a href="mailto:freeradius-users@lists.freeradius.org">
freeradius-users@lists.freeradius.org</a>><br>> Message-ID: <<a href="mailto:466D4DFB.1020704@colubris.com">466D4DFB.1020704@colubris.com</a>><br>> Content-Type: text/plain; charset=UTF-8<br>><br>> -----BEGIN PGP SIGNED MESSAGE-----
<br>> Hash: SHA1<br>><br>> Apangshu Saha wrote:<br>><br>> > rad_check_password: Found Auth-Type EAP<br>> > auth: type "EAP"<br>> > Processing the authenticate section of radiusd.conf
<br>> > modcall: entering group authenticate for request 5<br>> > rlm_eap: EAP Identity<br>> > rlm_eap: No such EAP type mschapv2<br>> > rlm_eap: Failed in EAP select<br>> > modcall[authenticate]: module "eap" returns invalid for request 5
<br>> > modcall: leaving group authenticate (returns invalid) for request 5<br>> > auth: Failed to validate the user.<br>> > PEAP: Tunneled authentication was rejected.<br>> > rlm_eap_peap: FAILURE
<br>><br>> Do you have mschap enabled in your eap.conf?<br>><br>> eap {<br>> default_eap_type = peap<br>> timer_expire = 60<br>> ignore_unknown_eap_types = no
<br>> cisco_accounting_username_bug = no<br>><br>> md5 {<br>> }<br>><br>> tls {<br>> ...<br>> }<br>><br>> ttls {
<br>> ...<br>> }<br>> peap {<br>> ...<br>> }<br>> >>> mschapv2 {<br>> >>> }<br>> }<br>><br>
><br>> - --<br>> ============== +---------------------------------------------+<br>> Martin Gadbois | "Please answer by yes or no. |<br>> Sr. SW Designer | Uncooperative user waste precious CPU time" |
<br>> Colubris Networks Inc. | -- The Andromeda Strain, M. Crichton, 1969 |<br>> -----BEGIN PGP SIGNATURE-----<br>> Version: GnuPG v1.4.5 (GNU/Linux)<br>> Comment: Using GnuPG with Mozilla - <a href="http://enigmail.mozdev.org">
http://enigmail.mozdev.org</a><br>><br>> iD8DBQFGbU379Y3/iTTCEDkRAhz+AJkBQD2iH/pJHGSFwVdBnNcFAMdILACgomOf<br>> vZhC4ftJ7IjYZXP+1oTcjQI=<br>> =YvGQ<br>> -----END PGP SIGNATURE-----<br>><br>><br>> ------------------------------
<br>><br>> Message: 2<br>> Date: Mon, 11 Jun 2007 10:28:37 -0400<br>> From: Jeff <<a href="mailto:jeffa@jahelpdesk.com">jeffa@jahelpdesk.com</a>><br>> Subject: Re: Freeradius as a secondary<br>> To: "FreeRadius users mailing list"
<br>> <<a href="mailto:freeradius-users@lists.freeradius.org">freeradius-users@lists.freeradius.org</a>><br>> Message-ID: <<a href="mailto:20070611142837.c0c38dfd@ns1.jahelpdesk.com">20070611142837.c0c38dfd@ns1.jahelpdesk.com
</a>><br>> Content-Type: text/plain; charset="us-ascii"<br>><br>> Ok new issue thats eluding me<br>> I uninstalled version 1. then installed version 2<br>><br>> anyway. i resetup the configs and made sure my services file is 1645
<br>> radius and 1646 for acct as before<br>> anyway<br>> when i do a auth with ntradping all connects aok<br>> when i do anykind of an accouting request, stop start update i get error<br>> 10054<br>> which i read may mean check the port which it apperas i am set aok unless
<br>> i am missing something<br>><br>> NEXT<br>> Nothing is going into the radacct dir for detail file either or is it<br>> being created<br>><br>> Also when i do a /etc/init.d/freeradius start or restart everything is aok
<br>> when i do a /etc/init.d/freeradius reload I see in the radius log that its<br>> saying there is errors in the radius config<br>><br>> Anyway anyone have any ideas?<br>> _____<br>><br>> From: Peter Nixon [mailto:
<a href="mailto:listuser@peternixon.net">listuser@peternixon.net</a>]<br>> To: FreeRadius users mailing list [mailto:<br>> <a href="mailto:freeradius-users@lists.freeradius.org">freeradius-users@lists.freeradius.org
</a>]<br>> Sent: Sun, 10 Jun 2007 19:43:58 -0400<br>> Subject: Re: Freeradius as a secondary<br>><br>> On Sun 10 Jun 2007, Jeff wrote:<br>> > I am using the version installed through software update on opensuse
<br>><br>> You may wish to use my updated packages at:<br>> <a href="http://software.opensuse.org/download/network:/aaa/">http://software.opensuse.org/download/network:/aaa/</a><br>><br>> Just add is as a software repository in YaST. (ie.
<br>> <a href="http://software.opensuse.org/download/network:/aaa/openSUSE_10.2/">http://software.opensuse.org/download/network:/aaa/openSUSE_10.2/</a>)<br>><br>> Cheers<br>><br>> --<br>><br>> Peter Nixon
<br>> <a href="http://www.peternixon.net/">http://www.peternixon.net/</a><br>> PGP Key: <a href="http://www.peternixon.net/public.asc">http://www.peternixon.net/public.asc</a><br>> -<br>> List info/subscribe/unsubscribe? See
<br>> <a href="http://www.freeradius.org/list/users.html">http://www.freeradius.org/list/users.html</a><br>><br>><br>><br>> -------------- next part --------------<br>> An HTML attachment was scrubbed...
<br>> URL:<br>> <a href="https://lists.freeradius.org/pipermail/freeradius-users/attachments/20070611/ba461c21/attachment-0001.html">https://lists.freeradius.org/pipermail/freeradius-users/attachments/20070611/ba461c21/attachment-0001.html
</a><br>><br>> ------------------------------<br>><br>> Message: 3<br>> Date: Mon, 11 Jun 2007 11:50:26 -0300<br>> From: "Guilherme Franco" <<a href="mailto:guilhermefranco@gmail.com">guilhermefranco@gmail.com
</a>><br>> Subject: Re: Big "VSA + Proxy" problem<br>> To: "FreeRadius users mailing list"<br>> <<a href="mailto:freeradius-users@lists.freeradius.org">freeradius-users@lists.freeradius.org
</a>><br>> Message-ID:<br>> <<a href="mailto:5e239f520706110750me7fca81weab5378ca94d39ea@mail.gmail.com">5e239f520706110750me7fca81weab5378ca94d39ea@mail.gmail.com</a>><br>> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
<br>><br>> Hello Mr. Alan,<br>><br>> Thank you for answering.<br>><br>> Below, you will find a working local authentication, user<br>> <a href="mailto:steve@local.com">steve@local.com</a> (without proxy), where the VSA "ERX-Service-Bundle" is
<br>> found in radreply (although the debug doesn't says that) and sent back<br>> to the B-RAS:<br>><br>> rad_recv: Access-Request packet from host <a href="http://192.168.1.1:50000">192.168.1.1:50000</a>, id=29,
<br>> length=238<br>> Mon Jun 11 11:18:18 2007 : Debug: --- Walking the entire request list ---<br>> Mon Jun 11 11:18:18 2007 : Debug: Waking up in 31 seconds...<br>> Mon Jun 11 11:18:18 2007 : Debug: Thread 2 got semaphore
<br>> Mon Jun 11 11:18:18 2007 : Debug: Thread 2 handling request 1, (1<br>> handled so far)<br>> User-Password = "testing"<br>> User-Name = "<a href="mailto:steve@local.com">steve@local.com
</a>"<br>> Acct-Session-Id = "erx atm 3/2.42:100.132:0002097381"<br>> Service-Type = Framed-User<br>> Framed-Protocol = PPP<br>> ERX-Pppoe-Description = "pppoe 12:34:56:78:9a:bc"
<br>> Calling-Station-Id = "#BRAS-03#this is a description#100#132"<br>> Connect-Info = "speed:UBR:12000"<br>> NAS-Port-Type = xDSL<br>> NAS-Port = 845414532
<br>> NAS-Port-Id = "atm 3/2.42:100.132"<br>> NAS-IP-Address = <a href="http://192.168.1.1">192.168.1.1</a><br>> NAS-Identifier = "BRAS-03"<br>> Mon Jun 11 11:18:18 2007 : Debug: Processing the authorize section
<br>> of radiusd.conf<br>> Mon Jun 11 11:18:18 2007 : Debug: modcall: entering group authorize<br>> for request 1<br>> Mon Jun 11 11:18:18 2007 : Debug: modsingle[authorize]: calling<br>> preprocess (rlm_preprocess) for request 1
<br>> Mon Jun 11 11:18:18 2007 : Debug: modsingle[authorize]: returned<br>> from preprocess (rlm_preprocess) for request 1<br>> Mon Jun 11 11:18:18 2007 : Debug: modcall[authorize]: module<br>> "preprocess" returns ok for request 1
<br>> Mon Jun 11 11:18:18 2007 : Debug: modsingle[authorize]: calling<br>> auth_log (rlm_detail) for request 1<br>> Mon Jun 11 11:18:18 2007 : Debug: radius_xlat:<br>> '/usr/local/var/log/radius/radacct/192.168.1.1/auth-detail-20070611'
<br>> Mon Jun 11 11:18:18 2007 : Debug: rlm_detail:<br>> /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d<br>> expands to<br>> /usr/local/var/log/radius/radacct/192.168.1.1/auth-detail-20070611
<br>> Mon Jun 11 11:18:18 2007 : Debug: modsingle[authorize]: returned<br>> from auth_log (rlm_detail) for request 1<br>> Mon Jun 11 11:18:18 2007 : Debug: modcall[authorize]: module<br>> "auth_log" returns ok for request 1
<br>> Mon Jun 11 11:18:18 2007 : Debug: modsingle[authorize]: calling chap<br>> (rlm_chap) for request 1<br>> Mon Jun 11 11:18:18 2007 : Debug: modsingle[authorize]: returned<br>> from chap (rlm_chap) for request 1
<br>> Mon Jun 11 11:18:18 2007 : Debug: modcall[authorize]: module "chap"<br>> returns noop for request 1<br>> Mon Jun 11 11:18:18 2007 : Debug: modsingle[authorize]: calling<br>> suffix (rlm_realm) for request 1
<br>> Mon Jun 11 11:18:18 2007 : Debug: rlm_realm: Looking up realm<br>> "<a href="http://local.com">local.com</a>" for User-Name = "<a href="mailto:steve@local.com">steve@local.com</a>"<br>> Mon Jun 11 11:18:18 2007 : Debug: rlm_realm: No such realm "
<a href="http://local.com">local.com</a>"<br>> Mon Jun 11 11:18:18 2007 : Debug: modsingle[authorize]: returned<br>> from suffix (rlm_realm) for request 1<br>> Mon Jun 11 11:18:18 2007 : Debug: modcall[authorize]: module
<br>> "suffix" returns noop for request 1<br>> Mon Jun 11 11:18:18 2007 : Debug: modsingle[authorize]: calling<br>> files (rlm_files) for request 1<br>> Mon Jun 11 11:18:18 2007 : Debug: users: Matched entry DEFAULT at line
<br>> 171<br>> Mon Jun 11 11:18:18 2007 : Debug: users: Matched entry DEFAULT at line<br>> 183<br>> Mon Jun 11 11:18:18 2007 : Debug: modsingle[authorize]: returned<br>> from files (rlm_files) for request 1
<br>> Mon Jun 11 11:18:18 2007 : Debug: modcall[authorize]: module "files"<br>> returns ok for request 1<br>> Mon Jun 11 11:18:18 2007 : Debug: modsingle[authorize]: calling sql<br>> (rlm_sql) for request 1
<br>> Mon Jun 11 11:18:18 2007 : Debug: radius_xlat: '<a href="mailto:steve@local.com">steve@local.com</a>'<br>> Mon Jun 11 11:18:18 2007 : Debug: rlm_sql (sql): sql_set_user escaped<br>> user --> '
<a href="mailto:steve@local.com">steve@local.com</a>'<br>> Mon Jun 11 11:18:18 2007 : Debug: radius_xlat: 'SELECT<br>> id,UserName,Attribute,Value,op FROM radcheck WHERE Username =<br>> '<a href="mailto:steve@local.com">
steve@local.com</a>' ORDER BY id'<br>> Mon Jun 11 11:18:18 2007 : Debug: rlm_sql (sql): Reserving sql socket id:<br>> 30<br>> Mon Jun 11 11:18:18 2007 : Debug: radius_xlat: 'SELECT<br>> <a href="http://radgroupcheck.id">
radgroupcheck.id</a>,radgroupcheck.GroupName,radgroupcheck.Attribute,<br>> radgroupcheck.Value,radgroupcheck.op<br>> FROM radgroupcheck,usergroup WHERE usergroup.Username =<br>> '<a href="mailto:steve@local.com">
steve@local.com</a>' AND usergroup.GroupName = radgroupcheck.GroupName<br>> ORDER BY <a href="http://radgroupcheck.id">radgroupcheck.id</a>'<br>> Mon Jun 11 11:18:18 2007 : Debug: radius_xlat: 'SELECT<br>
> id,UserName,Attribute,Value,op FROM radreply WHERE Username =<br>> '<a href="mailto:steve@local.com">steve@local.com</a>' ORDER BY id'<br>> Mon Jun 11 11:18:18 2007 : Debug: radius_xlat: 'SELECT
<br>> <a href="http://radgroupreply.id">radgroupreply.id</a>,radgroupreply.GroupName,radgroupreply.Attribute,<br>> radgroupreply.Value,radgroupreply.op<br>> FROM radgroupreply,usergroup WHERE usergroup.Username =
<br>> '<a href="mailto:steve@local.com">steve@local.com</a>' AND usergroup.GroupName = radgroupreply.GroupName<br>> ORDER BY <a href="http://radgroupreply.id">radgroupreply.id</a>'<br>> Mon Jun 11 11:18:18 2007 : Debug: rlm_sql (sql): Released sql socket id:
<br>> 30<br>> Mon Jun 11 11:18:18 2007 : Debug: modsingle[authorize]: returned<br>> from sql (rlm_sql) for request 1<br>> Mon Jun 11 11:18:18 2007 : Debug: modcall[authorize]: module "sql"<br>> returns ok for request 1
<br>> Mon Jun 11 11:18:18 2007 : Debug: modsingle[authorize]: calling pap<br>> (rlm_pap) for request 1<br>> Mon Jun 11 11:18:18 2007 : Debug: modsingle[authorize]: returned<br>> from pap (rlm_pap) for request 1
<br>> Mon Jun 11 11:18:18 2007 : Debug: modcall[authorize]: module "pap"<br>> returns updated for request 1<br>> Mon Jun 11 11:18:18 2007 : Debug: modcall: leaving group authorize<br>> (returns updated) for request 1
<br>> Mon Jun 11 11:18:18 2007 : Debug: rad_check_password: Found Auth-Type<br>> pap<br>> Mon Jun 11 11:18:18 2007 : Debug: auth: type "PAP"<br>> Mon Jun 11 11:18:18 2007 : Debug: Processing the authenticate
<br>> section of radiusd.conf<br>> Mon Jun 11 11:18:18 2007 : Debug: modcall: entering group PAP for request<br>> 1<br>> Mon Jun 11 11:18:18 2007 : Debug: modsingle[authenticate]: calling<br>> pap (rlm_pap) for request 1
<br>> Mon Jun 11 11:18:18 2007 : Debug: rlm_pap: login attempt with password<br>> testing<br>> Mon Jun 11 11:18:18 2007 : Debug: rlm_pap: Using clear text password.<br>> Mon Jun 11 11:18:18 2007 : Debug: rlm_pap: User authenticated succesfully
<br>> Mon Jun 11 11:18:18 2007 : Debug: modsingle[authenticate]: returned<br>> from pap (rlm_pap) for request 1<br>> Mon Jun 11 11:18:18 2007 : Debug: modcall[authenticate]: module<br>> "pap" returns ok for request 1
<br>> Mon Jun 11 11:18:18 2007 : Debug: modcall: leaving group PAP (returns<br>> ok) for request 1<br>> Mon Jun 11 11:18:18 2007 : Auth: Login OK: [<a href="mailto:steve@local.com">steve@local.com</a>] (from<br>> client ERX-3 port 845414532 cli #BRAS-03#this is a
<br>> description#100#132)<br>> Mon Jun 11 11:18:18 2007 : Debug: Processing the post-auth section<br>> of radiusd.conf<br>> Mon Jun 11 11:18:18 2007 : Debug: modcall: entering group post-auth<br>> for request 1
<br>> Mon Jun 11 11:18:18 2007 : Debug: modsingle[post-auth]: calling pool<br>> (rlm_sqlippool) for request 0<br>> Mon Jun 11 11:18:18 2007 : Debug: Value Of the Pool-Name is [FIX] and<br>> its [3] Chars<br>
> Mon Jun 11 11:18:18 2007 : Debug: rlm_sql (sql_postgresql): Reserving<br>> sql socket id: 30<br>> Mon Jun 11 11:18:18 2007 : Debug: radius_xlat: 'BEGIN'<br>> Mon Jun 11 11:18:18 2007 : Debug: rlm_sql_postgresql: Status:
<br>> PGRES_COMMAND_OK<br>> Mon Jun 11 11:18:18 2007 : Debug: rlm_sql_postgresql: affected rows =<br>> Mon Jun 11 11:18:18 2007 : Debug: radius_xlat: 'UPDATE radippool<br>> SET nasipaddress = '', pool_key = 0, callingstationid = '',
<br>> expiry_time = 'now'::timestamp(0) - '1 second'::interval WHERE<br>> nasipaddress = '<a href="http://192.168.1.1">192.168.1.1</a>' and pool_key = 'pppoe 12:34:56:78:9a:bc''
<br>> Mon Jun 11 11:18:18 2007 : Debug: rlm_sql_postgresql: Status:<br>> PGRES_COMMAND_OK<br>> Mon Jun 11 11:18:18 2007 : Debug: rlm_sql_postgresql: affected rows = 0<br>> Mon Jun 11 11:18:18 2007 : Debug: radius_xlat: 'select
<br>> pool('<a href="mailto:steve@local.com">steve@local.com</a>','FIX','#BRAS-03#this is a<br>> description#100#134')'<br>> Mon Jun 11 11:18:19 2007 : Debug: rlm_sql_postgresql: Status:
<br>> PGRES_TUPLES_OK<br>> Mon Jun 11 11:18:19 2007 : Debug: rlm_sql_postgresql: affected rows =<br>> Mon Jun 11 11:18:19 2007 : Info: rlm_sqlippool: ip=[<a href="http://10.10.10.1">10.10.10.1</a>] len=14<br>> Mon Jun 11 11:18:19 2007 : Debug: radius_xlat: 'UPDATE radippool
<br>> SET nasipaddress = '<a href="http://192.168.1.1">192.168.1.1</a>', pool_key = 'pppoe<br>> 12:34:56:78:9a:bc', callingstationid = '#BRAS-03#this is a<br>> description#100#134', username = '
<a href="mailto:steve@local.com">steve@local.com</a>', expiry_time =<br>> 'now'::timestamp(0) + '3600 second'::interval WHERE framedipaddress<br>> = '<a href="http://10.10.10.1">10.10.10.1
</a>''<br>> Mon Jun 11 11:18:19 2007 : Debug: rlm_sql_postgresql: Status:<br>> PGRES_COMMAND_OK<br>> Mon Jun 11 11:18:19 2007 : Debug: rlm_sql_postgresql: affected rows = 1<br>> Mon Jun 11 11:18:19 2007 : Debug: rlm_sqlippool: Allocated IP
<br>> <a href="http://10.10.10.1">10.10.10.1</a> [8ec25ec9]<br>> Mon Jun 11 11:18:19 2007 : Debug: radius_xlat: 'COMMIT'<br>> Mon Jun 11 11:18:19 2007 : Debug: rlm_sql_postgresql: Status:<br>> PGRES_COMMAND_OK
<br>> Mon Jun 11 11:18:19 2007 : Debug: rlm_sql_postgresql: affected rows =<br>> Mon Jun 11 11:18:19 2007 : Debug: rlm_sql (sql_postgresql): Released<br>> sql socket id: 30<br>> Mon Jun 11 11:18:19 2007 : Debug: modsingle[post-auth]: returned
<br>> from pool (rlm_sqlippool) for request 0<br>> Mon Jun 11 11:18:19 2007 : Debug: modcall[post-auth]: module "pool"<br>> returns ok for request 0<br>> Mon Jun 11 11:18:19 2007 : Debug: modsingle[post-auth]: calling
<br>> sql_log (rlm_sql_log) for request 0<br>> Mon Jun 11 11:18:19 2007 : Debug: rlm_sql_log (sql_log): Processing<br>> sql_log_postauth<br>> Mon Jun 11 11:18:19 2007 : Debug: radius_xlat: 'INSERT INTO<br>
> radpostauth ?? (username, pass, reply, authdate)<br>> VALUES ?? ('<a href="mailto:steve@local.com">steve@local.com</a>', 'testing',<br>> ?? 'Access-Accept', TO_DATE('2007-06-11 11:18:18','yyyy-mm-dd
<br>> hh24:mi:ss'))'<br>> Mon Jun 11 11:18:19 2007 : Debug: radius_xlat:<br>> '/usr/local/var/log/radius/radacct/sql-relay'<br>> Mon Jun 11 11:18:19 2007 : Debug: modsingle[post-auth]: returned
<br>> from sql_log (rlm_sql_log) for request 0<br>> Mon Jun 11 11:18:19 2007 : Debug: modcall[post-auth]: module<br>> "sql_log" returns ok for request 0<br>> Mon Jun 11 11:18:19 2007 : Debug: modcall: leaving group post-auth
<br>> (returns ok) for request 0<br>> Sending Access-Accept of id 30 to <a href="http://192.168.1.1">192.168.1.1</a> port 50000<br>> X-Ascend-Client-Primary-DNS := <a href="http://172.16.1.1">172.16.1.1</a>
<br>> X-Ascend-Client-Secondary-DNS := <a href="http://172.16.1.2">172.16.1.2</a><br>> X-Ascend-Client-Assign-DNS := DNS-Assign-Yes<br>> ERX-Virtual-Router-Name := "default"<br>> ERX-Service-Bundle := "test1"
<br>> Framed-IP-Address = <a href="http://10.10.10.1">10.10.10.1</a><br>> Mon Jun 11 11:18:19 2007 : Debug: Finished request 0<br>><br>> ---------------<br>><br>> Now, <a href="mailto:steve@proxy.com">
steve@proxy.com</a> gets authenticated, but in a proxied realm (this<br>> user is also in radreply):<br>><br>> rad_recv: Access-Request packet from host <a href="http://192.168.1.1:50000">192.168.1.1:50000</a>, id=30,
<br>> length=250<br>> Mon Jun 11 11:02:10 2007 : Debug: --- Walking the entire request list ---<br>> Mon Jun 11 11:02:10 2007 : Debug: Thread 1 got semaphore<br>> Mon Jun 11 11:02:10 2007 : Debug: Thread 1 handling request 0, (1
<br>> handled so far)<br>> User-Password = "testing"<br>> User-Name = "<a href="mailto:steve@proxy.com">steve@proxy.com</a>"<br>> Acct-Session-Id = "erx atm 3/2.42:
100.133:0002097382"<br>> Service-Type = Framed-User<br>> Framed-Protocol = PPP<br>> ERX-Pppoe-Description = "pppoe 12:34:56:78:9a:bc"<br>> Calling-Station-Id = "#BRAS-03#this is a description#100#133"
<br>> Connect-Info = "speed:UBR:12000"<br>> NAS-Port-Type = xDSL<br>> NAS-Port = 845414533<br>> NAS-Port-Id = "atm 3/2.42:100.133"<br>> NAS-IP-Address =
<a href="http://192.168.1.1">192.168.1.1</a><br>> NAS-Identifier = "BRAS-03"<br>> Mon Jun 11 11:02:10 2007 : Debug: Processing the authorize section<br>> of radiusd.conf<br>> Mon Jun 11 11:02:10 2007 : Debug: Waking up in 31 seconds...
<br>> Mon Jun 11 11:02:10 2007 : Debug: modcall: entering group authorize<br>> for request 0<br>> Mon Jun 11 11:02:10 2007 : Debug: modsingle[authorize]: calling<br>> preprocess (rlm_preprocess) for request 0
<br>> Mon Jun 11 11:02:10 2007 : Debug: Threads: total/active/spare threads =<br>> 5/1/4<br>> Mon Jun 11 11:02:10 2007 : Debug: modsingle[authorize]: returned<br>> from preprocess (rlm_preprocess) for request 0
<br>> Mon Jun 11 11:02:10 2007 : Debug: modcall[authorize]: module<br>> "preprocess" returns ok for request 0<br>> Mon Jun 11 11:02:10 2007 : Debug: modsingle[authorize]: calling<br>> auth_log (rlm_detail) for request 0
<br>> Mon Jun 11 11:02:10 2007 : Debug: radius_xlat:<br>> '/usr/local/var/log/radius/radacct/192.168.1.1/auth-detail-20070611'<br>> Mon Jun 11 11:02:10 2007 : Debug: rlm_detail:<br>> /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
<br>> expands to<br>> /usr/local/var/log/radius/radacct/192.168.1.1/auth-detail-20070611<br>> Mon Jun 11 11:02:10 2007 : Debug: modsingle[authorize]: returned<br>> from auth_log (rlm_detail) for request 0<br>
> Mon Jun 11 11:02:10 2007 : Debug: modcall[authorize]: module<br>> "auth_log" returns ok for request 0<br>> Mon Jun 11 11:02:10 2007 : Debug: modsingle[authorize]: calling chap<br>> (rlm_chap) for request 0
<br>> Mon Jun 11 11:02:10 2007 : Debug: modsingle[authorize]: returned<br>> from chap (rlm_chap) for request 0<br>> Mon Jun 11 11:02:10 2007 : Debug: modcall[authorize]: module "chap"<br>> returns noop for request 0
<br>> Mon Jun 11 11:02:10 2007 : Debug: modsingle[authorize]: calling<br>> suffix (rlm_realm) for request 0<br>> Mon Jun 11 11:02:10 2007 : Debug: rlm_realm: Looking up realm<br>> "<a href="http://proxy.com">
proxy.com</a>" for User-Name = "<a href="mailto:steve@proxy.com">steve@proxy.com</a>"<br>> Mon Jun 11 11:02:10 2007 : Debug: rlm_realm: Found realm "<a href="http://proxy.com">proxy.com</a>"
<br>> Mon Jun 11 11:02:10 2007 : Debug: rlm_realm: Adding<br>> Stripped-User-Name = "steve"<br>> Mon Jun 11 11:02:10 2007 : Debug: rlm_realm: Proxying request from<br>> user steve to realm <a href="http://proxy.com">
proxy.com</a><br>> Mon Jun 11 11:02:10 2007 : Debug: rlm_realm: Adding Realm = "<a href="http://proxy.com">proxy.com</a><br>> "<br>> Mon Jun 11 11:02:10 2007 : Debug: rlm_realm: Preparing to proxy
<br>> authentication request to realm "<a href="http://proxy.com">proxy.com</a>"<br>> Mon Jun 11 11:02:10 2007 : Debug: modsingle[authorize]: returned<br>> from suffix (rlm_realm) for request 0<br>> Mon Jun 11 11:02:10 2007 : Debug: modcall[authorize]: module
<br>> "suffix" returns updated for request 0<br>> Mon Jun 11 11:02:10 2007 : Debug: modsingle[authorize]: calling<br>> files (rlm_files) for request 0<br>> Mon Jun 11 11:02:10 2007 : Debug: users: Matched entry DEFAULT at line
<br>> 171<br>> Mon Jun 11 11:02:10 2007 : Debug: users: Matched entry DEFAULT at line<br>> 183<br>> Mon Jun 11 11:02:10 2007 : Debug: modsingle[authorize]: returned<br>> from files (rlm_files) for request 0
<br>> Mon Jun 11 11:02:10 2007 : Debug: modcall[authorize]: module "files"<br>> returns ok for request 0<br>> Mon Jun 11 11:02:10 2007 : Debug: modsingle[authorize]: calling sql<br>> (rlm_sql) for request 0
<br>> Mon Jun 11 11:02:10 2007 : Debug: radius_xlat: '<a href="mailto:steve@proxy.com">steve@proxy.com</a>'<br>> Mon Jun 11 11:02:10 2007 : Debug: rlm_sql (sql): sql_set_user escaped<br>> user --> '
<a href="mailto:steve@proxy.com">steve@proxy.com</a>' ORDER BY id'<br>> Mon Jun 11 11:02:10 2007 : Debug: rlm_sql (sql): Reserving sql socket id:<br>> 31<br>> Mon Jun 11 11:02:10 2007 : Debug: radius_xlat: 'SELECT
<br>> <a href="http://radgroupcheck.id">radgroupcheck.id</a>,radgroupcheck.GroupName,radgroupcheck.Attribute,<br>> radgroupcheck.Value,radgroupcheck.op<br>> FROM radgroupcheck,usergroup WHERE usergroup.Username =
<br>> '<a href="mailto:steve@proxy.com">steve@proxy.com</a>' AND usergroup.GroupName = radgroupcheck.GroupName<br>> ORDER BY <a href="http://radgroupcheck.id">radgroupcheck.id</a>'<br>> Mon Jun 11 11:02:10 2007 : Debug: radius_xlat: 'SELECT
<br>> id,UserName,Attribute,Value,op FROM radreply WHERE Username =<br>> '<a href="mailto:steve@proxy.com">steve@proxy.com</a>' ORDER BY id'<br>> Mon Jun 11 11:02:10 2007 : Debug: radius_xlat: 'SELECT
<br>> <a href="http://radgroupreply.id">radgroupreply.id</a>,radgroupreply.GroupName,radgroupreply.Attribute,<br>> radgroupreply.Value,radgroupreply.op<br>> FROM radgroupreply,usergroup WHERE usergroup.Username =
<br>> '<a href="mailto:steve@proxy.com">steve@proxy.com</a>' AND usergroup.GroupName = radgroupreply.GroupName<br>> ORDER BY <a href="http://radgroupreply.id">radgroupreply.id</a>'<br>> Mon Jun 11 11:02:10 2007 : Debug: rlm_sql (sql): Released sql socket id:
<br>> 31<br>> Mon Jun 11 11:02:10 2007 : Debug: modsingle[authorize]: returned<br>> from sql (rlm_sql) for request 0<br>> Mon Jun 11 11:02:10 2007 : Debug: modcall[authorize]: module "sql"<br>> returns ok for request 0
<br>> Mon Jun 11 11:02:10 2007 : Debug: modsingle[authorize]: calling pap<br>> (rlm_pap) for request 0<br>> Mon Jun 11 11:02:10 2007 : Debug: modsingle[authorize]: returned<br>> from pap (rlm_pap) for request 0
<br>> Mon Jun 11 11:02:10 2007 : Debug: modcall[authorize]: module "pap"<br>> returns noop for request 0<br>> Mon Jun 11 11:02:10 2007 : Debug: modcall: leaving group authorize<br>> (returns updated) for request 0
<br>> Mon Jun 11 11:02:10 2007 : Debug: proxy: creating fc229bc8:1812<br>> Mon Jun 11 11:02:10 2007 : Debug: proxy: allocating fc229bc8:1812 0<br>> Sending Access-Request of id 0 to <a href="http://192.168.1.2">
192.168.1.2</a> port 1812<br>> User-Password = "testing"<br>> User-Name = "steve"<br>> Acct-Session-Id = "erx atm 3/2.42:100.133:0002097382"<br>> Service-Type = Framed-User
<br>> Framed-Protocol = PPP<br>> ERX-Pppoe-Description = "pppoe 12:34:56:78:9a:bc"<br>> Calling-Station-Id = "#BRAS-03#this is a description#100#133"<br>> Connect-Info = "speed:UBR:12000"
<br>> NAS-Port-Type = xDSL<br>> NAS-Port = 845414533<br>> NAS-Port-Id = "atm 3/2.42:100.133"<br>> NAS-IP-Address = <a href="http://192.168.1.1">192.168.1.1</a><br>> NAS-Identifier = "BRAS-03"
<br>> Proxy-State = 0x3330<br>> Mon Jun 11 11:02:10 2007 : Debug: Thread 1 waiting to be assigned a<br>> request<br>> rad_recv: Access-Accept packet from host <a href="http://192.168.1.2:1812">192.168.1.2:1812
</a>, id=0, length=24<br>> Mon Jun 11 11:02:10 2007 : Debug: proxy: de-allocating fc229bc8:1812 0<br>> Mon Jun 11 11:02:10 2007 : Debug: rl_next: returning NULL<br>> Mon Jun 11 11:02:10 2007 : Debug: Waking up in 31 seconds...
<br>> Mon Jun 11 11:02:10 2007 : Debug: Threads: total/active/spare threads =<br>> 5/0/5<br>> Mon Jun 11 11:02:10 2007 : Debug: Thread 2 got semaphore<br>> Mon Jun 11 11:02:10 2007 : Debug: Thread 2 handling request 0, (1
<br>> handled so far)<br>> Proxy-State = 0x3330<br>> Mon Jun 11 11:02:10 2007 : Debug: Processing the post-proxy section<br>> of radiusd.conf<br>> Mon Jun 11 11:02:10 2007 : Debug: modcall: entering group post-proxy
<br>> for request 0<br>> Mon Jun 11 11:02:10 2007 : Debug: modsingle[post-proxy]: calling<br>> attr_filter (rlm_attr_filter) for request 0<br>> Mon Jun 11 11:02:10 2007 : Debug: attr_filter: Matched entry<br>
> <a href="http://proxy.com">proxy.com</a> at line 84<br>> Mon Jun 11 11:02:10 2007 : Debug: modsingle[post-proxy]: returned<br>> from attr_filter (rlm_attr_filter) for request 0<br>> Mon Jun 11 11:02:10 2007 : Debug: modcall[post-proxy]: module
<br>> "attr_filter" returns updated for request 0<br>> Mon Jun 11 11:02:10 2007 : Debug: modcall: leaving group post-proxy<br>> (returns updated) for request 0<br>> Mon Jun 11 11:02:10 2007 : Debug: authorize: Skipping authorize in
<br>> post-proxy stage<br>> Mon Jun 11 11:02:10 2007 : Debug: rad_check_password: Found Auth-Type<br>> Mon Jun 11 11:02:10 2007 : Debug: rad_check_password: Auth-Type =<br>> Accept, accepting the user<br>
> Mon Jun 11 11:02:10 2007 : Auth: Login OK: [<a href="mailto:steve@proxy.com">steve@proxy.com</a>] (from<br>> client ERX-3 port 845414533 cli #BRAS-03#this is a<br>> description#100#133)<br>> Mon Jun 11 11:02:10 2007 : Debug: Processing the post-auth section
<br>> of radiusd.conf<br>> Mon Jun 11 11:02:10 2007 : Debug: modcall: entering group post-auth<br>> for request 0<br>> Mon Jun 11 11:02:10 2007 : Debug: modsingle[post-auth]: calling pool<br>> (rlm_sqlippool) for request 0
<br>> Mon Jun 11 11:02:10 2007 : Debug: Value Of the Pool-Name is [FIX] and<br>> its [3] Chars<br>> Mon Jun 11 11:02:10 2007 : Debug: rlm_sql (sql_postgresql): Reserving<br>> sql socket id: 30<br>> Mon Jun 11 11:02:10 2007 : Debug: radius_xlat: 'BEGIN'
<br>> Mon Jun 11 11:02:10 2007 : Debug: rlm_sql_postgresql: Status:<br>> PGRES_COMMAND_OK<br>> Mon Jun 11 11:02:10 2007 : Debug: rlm_sql_postgresql: affected rows =<br>> Mon Jun 11 11:02:10 2007 : Debug: radius_xlat: 'UPDATE radippool
<br>> SET nasipaddress = '', pool_key = 0, callingstationid = '',<br>> expiry_time = 'now'::timestamp(0) - '1 second'::interval WHERE<br>> nasipaddress = '<a href="http://192.168.1.1">
192.168.1.1</a>' and pool_key = 'pppoe 12:34:56:78:9a:bc''<br>> Mon Jun 11 11:02:10 2007 : Debug: rlm_sql_postgresql: Status:<br>> PGRES_COMMAND_OK<br>> Mon Jun 11 11:02:10 2007 : Debug: rlm_sql_postgresql: affected rows = 0
<br>> Mon Jun 11 11:02:10 2007 : Debug: radius_xlat: 'select<br>> pool('<a href="mailto:steve@proxy.com">steve@proxy.com</a>','FIX','#BRAS-03#this is a<br>> description#100#133')'
<br>> Mon Jun 11 11:02:10 2007 : Debug: rlm_sql_postgresql: Status:<br>> PGRES_TUPLES_OK<br>> Mon Jun 11 11:02:10 2007 : Debug: rlm_sql_postgresql: affected rows =<br>> Mon Jun 11 11:02:10 2007 : Info: rlm_sqlippool: ip=[
<a href="http://10.10.10.1">10.10.10.1</a>] len=13<br>> Mon Jun 11 11:02:10 2007 : Debug: radius_xlat: 'UPDATE radippool<br>> SET nasipaddress = '<a href="http://192.168.1.1">192.168.1.1</a>', pool_key = 'pppoe
<br>> 12:34:56:78:9a:bc', callingstationid = '#BRAS-03#this is a<br>> description#100#133', username = '<a href="mailto:steve@proxy.com">steve@proxy.com</a>', expiry_time =<br>> 'now'::timestamp(0) + '3600 second'::interval WHERE framedipaddress
<br>> = '<a href="http://10.10.10.1">10.10.10.1</a>''<br>> Mon Jun 11 11:02:10 2007 : Debug: rlm_sql_postgresql: Status:<br>> PGRES_COMMAND_OK<br>> Mon Jun 11 11:02:10 2007 : Debug: rlm_sql_postgresql: affected rows = 1
<br>> Mon Jun 11 11:02:10 2007 : Debug: rlm_sqlippool: Allocated IP<br>> <a href="http://10.10.10.1">10.10.10.1</a> [97310ebd]<br>> Mon Jun 11 11:02:10 2007 : Debug: radius_xlat: 'COMMIT'<br>> Mon Jun 11 11:02:10 2007 : Debug: rlm_sql_postgresql: Status:
<br>> PGRES_COMMAND_OK<br>> Mon Jun 11 11:02:10 2007 : Debug: rlm_sql_postgresql: affected rows =<br>> Mon Jun 11 11:02:10 2007 : Debug: rlm_sql (sql_postgresql): Released<br>> sql socket id: 30<br>> Mon Jun 11 11:02:10 2007 : Debug: modsingle[post-auth]: returned
<br>> from pool (rlm_sqlippool) for request 0<br>> Mon Jun 11 11:02:10 2007 : Debug: modcall[post-auth]: module "pool"<br>> returns ok for request 0<br>> Mon Jun 11 11:02:10 2007 : Debug: modsingle[post-auth]: calling
<br>> sql_log (rlm_sql_log) for request 0<br>> Mon Jun 11 11:02:10 2007 : Debug: rlm_sql_log (sql_log): Processing<br>> sql_log_postauth<br>> Mon Jun 11 11:02:10 2007 : Debug: radius_xlat: 'INSERT INTO<br>
> radpostauth ?? (username, pass, reply, authdate)<br>> VALUES ?? ('<a href="mailto:steve@proxy.com">steve@proxy.com</a>', 'testing',<br>> ?? 'Access-Accept', TO_DATE('2007-06-11 11:02:10','yyyy-mm-dd
<br>> hh24:mi:ss'))'<br>> Mon Jun 11 11:02:10 2007 : Debug: radius_xlat:<br>> '/usr/local/var/log/radius/radacct/sql-relay'<br>> Mon Jun 11 11:02:10 2007 : Debug: modsingle[post-auth]: returned
<br>> from sql_log (rlm_sql_log) for request 0<br>> Mon Jun 11 11:02:10 2007 : Debug: modcall[post-auth]: module<br>> "sql_log" returns ok for request 0<br>> Mon Jun 11 11:02:10 2007 : Debug: modcall: leaving group post-auth
<br>> (returns ok) for request 0<br>> Sending Access-Accept of id 30 to <a href="http://192.168.1.1">192.168.1.1</a> port 50000<br>> X-Ascend-Client-Primary-DNS := <a href="http://172.16.1.1">172.16.1.1</a>
<br>> X-Ascend-Client-Secondary-DNS := <a href="http://172.16.1.2">172.16.1.2</a><br>> X-Ascend-Client-Assign-DNS := DNS-Assign-Yes<br>> ERX-Virtual-Router-Name := "default"<br>> Framed-IP-Address =
<a href="http://10.10.10.1">10.10.10.1</a><br>> Mon Jun 11 11:02:10 2007 : Debug: Finished request 0<br>><br>> -------------<br>><br>> > The debug logs will still tell you what modules are being executed,
<br>> > and when. That will give information as to *why* it's not being added.<br>><br>> *Sorry, but where is the VSA "ERX-Service-Bundle" here?<br>><br>> > This is what the post-auth section is for: adding attributes to
<br>> > packets after a user has been authenticated.<br>><br>> *What config shall I put in post-auth to send this VSA back to the<br>> B-RAS? Create a module and call it in post-auth?<br>><br>> > This will be better supported in
2.0.0.<br>><br>> *Should I install 2.0.0 then? Is it the only way?<br>><br>> Thank you very much!<br>><br>> Guilherme<br>><br>><br>> ------------------------------<br>><br>> -<br>> List info/subscribe/unsubscribe? See
<br>> <a href="http://www.freeradius.org/list/users.html">http://www.freeradius.org/list/users.html</a><br>><br>><br>> End of Freeradius-Users Digest, Vol 26, Issue 33<br>> ************************************************
<br>><br>-------------- next part --------------<br>An HTML attachment was scrubbed...<br>URL: <a href="https://lists.freeradius.org/pipermail/freeradius-users/attachments/20070611/f189cbae/attachment.html">https://lists.freeradius.org/pipermail/freeradius-users/attachments/20070611/f189cbae/attachment.html
</a><br><br>------------------------------<br><br>-<br>List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html">http://www.freeradius.org/list/users.html</a><br><br><br>End of Freeradius-Users Digest, Vol 26, Issue 34
<br>************************************************<br></blockquote></div><br>