<div class="gmail_quote">Sorry I didn't understand.<br><br>I executed freeradius on debug mode, then I used the radtest command.<br><br>The message is almost the same, but the proxy (@dialup,<a href="http://usp.br" target="_blank">usp.br</a> - another radius server in another city) returns OK.<br>
<br>Why using radtest it returns OK and using monowall it retorns Reject?<br><br>Thanks, sorry about my english.<br><br>Daniel<br><br><div class="gmail_quote">2009/2/3 SDamron <span dir="ltr"><<a href="mailto:sdamron@gmail.com" target="_blank">sdamron@gmail.com</a>></span><div>
<div></div><div class="Wj3C7c"><br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Looks like some kind of problem with your database. It clears when<br>
you auth against the radtest, but when you try to use a user in the<br>
database, it fails.<br>
<div><div></div><div><br>
On Tue, Feb 3, 2009 at 6:45 PM, Daniel Bojczuk <<a href="mailto:daniel@cirp.usp.br" target="_blank">daniel@cirp.usp.br</a>> wrote:<br>
> Hi!!<br>
><br>
> I have a Monowall athorizing and accounting on a Freeradius 2.1.1<br>
><br>
> When I execute:<br>
> radtest <a href="mailto:nbatista@dialup.usp.br" target="_blank">nbatista@dialup.usp.br</a> ******* 123.123.123.123 0 's3mf!o/'<br>
> I get the folowing answer:<br>
> Sending Access-Request of id 177 to 123.123.123.123 port 1812<br>
> User-Name = "<a href="mailto:nbatista@dialup.usp.br" target="_blank">nbatista@dialup.usp.br</a>"<br>
> User-Password = "nat6672"<br>
> NAS-IP-Address = 123.123.123.123<br>
> NAS-Port = 0<br>
> rad_recv: Access-Accept packet from host 123.123.123.123 port 1812,<br>
> id=177, length=68<br>
> Framed-IP-Address = 255.255.255.254<br>
> Framed-MTU = 1500<br>
> Service-Type = Framed-User<br>
> Framed-Protocol = PPP<br>
> Framed-Compression = Van-Jacobson-TCP-IP<br>
> Session-Timeout = 86400<br>
> Framed-IP-Netmask = 255.255.255.0<br>
> Idle-Timeout = 3600<br>
><br>
> Everything works fine. But when I try to login using Monowall login page on<br>
> debug mode I have this:<br>
><br>
> ___________________________________________________________________________________________________________________________<br>
><br>
> rad_recv: Access-Request packet from host 124.124.124.124 port 63026,<br>
> id=166, length=150<br>
> NAS-IP-Address = 124.124.124.124<br>
> NAS-Identifier = "<a href="http://gwrp.semfio.usp.br" target="_blank">gwrp.semfio.usp.br</a>"<br>
> User-Name = "<a href="mailto:nbatista@dialup.usp.br" target="_blank">nbatista@dialup.usp.br</a>"<br>
> User-Password = "*******"<br>
> Service-Type = Login-User<br>
> NAS-Port-Type = Ethernet<br>
> NAS-Port = 83<br>
> Framed-IP-Address = 125.125.125.125<br>
> Called-Station-Id = "00:11:2f:75:81:7c"<br>
> Calling-Station-Id = "00:1b:77:b5:34:9d"<br>
> +- entering group authorize {...}<br>
> ++[preprocess] returns ok<br>
> [auth_log] expand:<br>
> /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -><br>
> /usr/local/var/log/radius/radacct/<a href="http://143.107.192.54/auth-detail-20090203" target="_blank">143.107.192.54/auth-detail-20090203</a><br>
> [auth_log]<br>
> /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d<br>
> expands to<br>
> /usr/local/var/log/radius/radacct/<a href="http://143.107.192.54/auth-detail-20090203" target="_blank">143.107.192.54/auth-detail-20090203</a><br>
> [auth_log] expand: %t -> Tue Feb 3 17:30:54 2009<br>
> ++[auth_log] returns ok<br>
> [suffix] Looking up realm "<a href="http://dialup.usp.br" target="_blank">dialup.usp.br</a>" for User-Name =<br>
> "<a href="mailto:nbatista@dialup.usp.br" target="_blank">nbatista@dialup.usp.br</a>"<br>
> [suffix] Found realm "<a href="http://dialup.usp.br" target="_blank">dialup.usp.br</a>"<br>
> [suffix] Adding Realm = "<a href="http://dialup.usp.br" target="_blank">dialup.usp.br</a>"<br>
> [suffix] Proxying request from user nbatista to realm <a href="http://dialup.usp.br" target="_blank">dialup.usp.br</a><br>
> [suffix] Preparing to proxy authentication request to realm "<a href="http://dialup.usp.br" target="_blank">dialup.usp.br</a>"<br>
> ++[suffix] returns updated<br>
> [sql] expand: %{User-Name} -> <a href="mailto:nbatista@dialup.usp.br" target="_blank">nbatista@dialup.usp.br</a><br>
> [sql] sql_set_user escaped user --> '<a href="mailto:nbatista@dialup.usp.br" target="_blank">nbatista@dialup.usp.br</a>'<br>
> rlm_sql (sql): Reserving sql socket id: 6<br>
> [sql] expand: SELECT id, UserName, Attribute, Value, Op FROM radcheck<br>
> WHERE Username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, UserName,<br>
> Attribute, Value, Op FROM radcheck WHERE Username =<br>
> '<a href="mailto:nbatista@dialup.usp.br" target="_blank">nbatista@dialup.usp.br</a>' ORDER BY id<br>
> rlm_sql_postgresql: Status: PGRES_TUPLES_OK<br>
> rlm_sql_postgresql: query affected rows = 0 , fields = 5<br>
> [sql] expand: SELECT GroupName FROM radusergroup WHERE<br>
> UserName='%{SQL-User-Name}' ORDER BY priority -> SELECT GroupName FROM<br>
> radusergroup WHERE UserName='<a href="mailto:nbatista@dialup.usp.br" target="_blank">nbatista@dialup.usp.br</a>' ORDER BY priority<br>
> rlm_sql_postgresql: Status: PGRES_TUPLES_OK<br>
> rlm_sql_postgresql: query affected rows = 0 , fields = 1<br>
> rlm_sql (sql): Released sql socket id: 6<br>
> [sql] User <a href="mailto:nbatista@dialup.usp.br" target="_blank">nbatista@dialup.usp.br</a> not found<br>
> ++[sql] returns notfound<br>
> ++[pap] returns noop<br>
> Sending Access-Request of id 239 to 126.126.126.126 port 1812<br>
> NAS-IP-Address = 124.124.124.124<br>
> NAS-Identifier = "<a href="http://gwrp.semfio.usp.br" target="_blank">gwrp.semfio.usp.br</a>"<br>
> User-Name = "<a href="mailto:nbatista@dialup.usp.br" target="_blank">nbatista@dialup.usp.br</a>"<br>
> User-Password = "*******"<br>
> Service-Type = Login-User<br>
> NAS-Port-Type = Ethernet<br>
> NAS-Port = 83<br>
> Framed-IP-Address = 125.125.125.125<br>
> Called-Station-Id = "00:11:2f:75:81:7c"<br>
> Calling-Station-Id = "00:1b:77:b5:34:Sending Access-Request of id<br>
> 239 to 143.107.253.10 port 1812<br>
> NAS-IP-Address = 124.124.124.124<br>
> NAS-Identifier = "<a href="http://gwrp.semfio.usp.br" target="_blank">gwrp.semfio.usp.br</a>"<br>
> User-Name = "<a href="mailto:nbatista@dialup.usp.br" target="_blank">nbatista@dialup.usp.br</a>"<br>
> User-Password = "*******"<br>
> Service-Type = Login-User<br>
> NAS-Port-Type = Ethernet<br>
> NAS-Port = 83<br>
> Framed-IP-Address = 125.125.125.125<br>
> Called-Station-Id = "00:11:2f:75:81:7c"<br>
> Calling-Station-Id = "00:1b:77:b5:34:9d"<br>
> Proxy-State = 0x313636<br>
> Going to the next request<br>
> Waking up in 0.8 seconds.<br>
> Cleaning up request 5 ID 194 with timestamp +9<br>
> Waking up in 0.1 seconds.<br>
> Waking up in 13.0 seconds.<br>
> rad_recv: Access-Reject packet from host 126.126.126.126 port 1812, id=239,<br>
> length=82<br>
> Reply-Message = "\r\nYou are already logged in 2 times - access<br>
> denied\r\n\n"<br>
> Proxy-State = 0x313636<br>
> +- entering group post-proxy {...}<br>
> [eap] No pre-existing handler found<br>
> ++[eap] returns noop<br>
> Login incorrect (Home Server says so): [<a href="mailto:nbatista@dialup.usp.br" target="_blank">nbatista@dialup.usp.br</a>] (from client<br>
> gwrp port 83 cli 00:1b:77:b5:34:9d)<br>
> Using Post-Auth-Type Reject<br>
> WARNING: Unknown value specified for Post-Auth-Type. Cannot perform<br>
> requested action.<br>
> Sending Access-Reject of id 166 to 123.123.123.123 port 63026<br>
> Reply-Message = "\r\nYou are already logged in 2 times - access<br>
> denied\r\n\n"<br>
> Finished request 6.<br>
> Going to the next request<br>
> Waking up in 4.9 seconds.<br>
> ____________________________________________________________________________________________________________________<br>
><br>
> I understood that there are 2 sessions opened. am I correct? If I am how can<br>
> I close these sessions?<br>
> And why does radtest work?<br>
><br>
><br>
> Thanks!<br>
><br>
> Sorry about my English.<br>
><br>
> Daniel Bojczuk<br>
><br>
><br>
</div></div>> -<br>
> List info/subscribe/unsubscribe? See<br>
> <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br>
><br>
-<br>
List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br>
<br>
</blockquote></div></div></div><br><br clear="all"><div><div></div><br></div></div><br>