Hello,<div> I have the following user in the database:</div><div><br></div><div><div>mysql> SELECT * FROM radcheck;</div><div>+----+----------+--------------------+----+---------+</div><div>| id | username | attribute | op | value |</div>
<div>+----+----------+--------------------+----+---------+</div><div>| 1 | sqltest | Cleartext-Password | := | testpwd |</div><div>| 2 | sqltest | Max-All-Session | := | 600 |</div><div>+----+----------+--------------------+----+---------+</div>
<div>2 rows in set (0.00 sec)</div><div><br></div><div><br></div><div> Well, freeRADIUS should allow this user to connect and stay online for 10 minutes but I can't even connect. Here is the freeRADIUS debug log:</div>
<div><br></div><div><div>Listening on authentication address * port 1812</div><div>Listening on accounting address * port 1813</div><div>Listening on authentication address 127.0.0.1 port 18120 as server inner-tunnel</div>
<div>Listening on proxy address * port 1814</div><div>Ready to process requests.</div><div>rad_recv: Access-Request packet from host xx.xx.72.127 port 33451, id=15, length=135</div><div> Service-Type = Framed-User</div>
<div> Framed-Protocol = PPP</div><div> User-Name = "sqltest"</div><div> MS-CHAP-Challenge = 0xd237c3a9ecf61e669d362193cfb6b33b</div><div> MS-CHAP2-Response = 0x6600d5135b141fa0f0fb3671adef9107716a000000000000000061a6f1db763fb3554c35008e7dec3f57936ca9ca1d2375b7</div>
<div> NAS-IP-Address = 127.0.1.1</div><div> NAS-Port = 0</div><div># Executing section authorize from file /etc/freeradius/sites-enabled/default</div><div>+- entering group authorize {...}</div><div>++[preprocess] returns ok</div>
<div>++[chap] returns noop</div><div>[mschap] Found MS-CHAP attributes. Setting 'Auth-Type = mschap'</div><div>++[mschap] returns ok</div><div>++[digest] returns noop</div><div>[suffix] No '@' in User-Name = "sqltest", looking up realm NULL</div>
<div>[suffix] No such realm "NULL"</div><div>++[suffix] returns noop</div><div>[eap] No EAP-Message, not doing EAP</div><div>++[eap] returns noop</div><div>[files] users: Matched entry DEFAULT at line 172</div>
<div>
++[files] returns ok</div><div>[sql] expand: %{User-Name} -> sqltest</div><div>[sql] sql_set_user escaped user --> 'sqltest'</div><div>rlm_sql (sql): Reserving sql socket id: 3</div><div>[sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'sqltest' ORDER BY id</div>
<div>rlm_sql: Failed to create the pair: Invalid octet string "600" for attribute name "Max-All-Session"</div><div>rlm_sql (sql): Error getting data from database</div><div>[sql] SQL query error; rejecting user</div>
<div>rlm_sql (sql): Released sql socket id: 3</div><div>++[sql] returns fail</div><div>Using Post-Auth-Type Reject</div><div># Executing group from file /etc/freeradius/sites-enabled/default</div><div>+- entering group REJECT {...}</div>
<div>[attr_filter.access_reject] expand: %{User-Name} -> sqltest</div><div> attr_filter: Matched entry DEFAULT at line 11</div><div>++[attr_filter.access_reject] returns updated</div><div>Delaying reject of request 0 for 1 seconds</div>
<div>Going to the next request</div><div>Waking up in 0.9 seconds.</div><div>Sending delayed reject for request 0</div><div>Sending Access-Reject of id 15 to xx.xx.72.127 port 33451</div><div>Waking up in 4.9 seconds.</div>
<div>Cleaning up request 0 ID 15 with timestamp +25</div><div>Ready to process requests.</div><div>rlm_sql: Failed to create the pair: Invalid octet stringrad_recv: Access-Request packet from host xx.xx.72.127 port 40062, id=16, length=135</div>
<div> Service-Type = Framed-User</div><div> Framed-Protocol = PPP</div><div> User-Name = "sqltest"</div><div> MS-CHAP-Challenge = 0x6214c3aad82e064f6e9118c3aa9751d2</div><div> MS-CHAP2-Response = 0x280073eab0bdcb6b149e34b5d5a3be5dd7dc0000000000000000c9652cb77bbd8cf74273f9aa924c7dbe8b6a53968ffb7c6a</div>
<div> NAS-IP-Address = 127.0.1.1</div><div> NAS-Port = 0</div><div># Executing section authorize from file /etc/freeradius/sites-enabled/default</div><div>+- entering group authorize {...}</div><div>++[preprocess] returns ok</div>
<div>++[chap] returns noop</div><div>[mschap] Found MS-CHAP attributes. Setting 'Auth-Type = mschap'</div><div>++[mschap] returns ok</div><div>++[digest] returns noop</div><div>[suffix] No '@' in User-Name = "sqltest", looking up realm NULL</div>
<div>[suffix] No such realm "NULL"</div><div>++[suffix] returns noop</div><div>[eap] No EAP-Message, not doing EAP</div><div>++[eap] returns noop</div><div>[files] users: Matched entry DEFAULT at line 172</div>
<div>
++[files] returns ok</div><div>[sql] expand: %{User-Name} -> sqltest</div><div>[sql] sql_set_user escaped user --> 'sqltest'</div><div>rlm_sql (sql): Reserving sql socket id: 2</div><div>[sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'sqltest' ORDER BY id</div>
<div>rlm_sql: Failed to create the pair: Invalid octet string "600" for attribute name "Max-All-Session"</div><div>rlm_sql (sql): Error getting data from database</div><div>[sql] SQL query error; rejecting user</div>
<div>rlm_sql (sql): Released sql socket id: 2</div><div>++[sql] returns fail</div><div>Using Post-Auth-Type Reject</div><div># Executing group from file /etc/freeradius/sites-enabled/default</div><div>+- entering group REJECT {...}</div>
<div>[attr_filter.access_reject] expand: %{User-Name} -> sqltest</div><div> attr_filter: Matched entry DEFAULT at line 11</div><div>++[attr_filter.access_reject] returns updated</div><div>Delaying reject of request 1 for 1 seconds</div>
<div>Going to the next request</div><div>Waking up in 0.9 seconds.</div><div>Sending delayed reject for request 1</div><div>Sending Access-Reject of id 16 to xx.xx.72.127 port 40062</div><div>Waking up in 4.9 seconds.</div>
<div>Cleaning up request 1 ID 16 with timestamp +93</div><div>Ready to process requests.</div><div>rad_recv: Access-Request packet from host xx.xx.72.127 port 40203, id=17, length=135</div><div> Service-Type = Framed-User</div>
<div> Framed-Protocol = PPP</div><div> User-Name = "sqltest"</div><div> MS-CHAP-Challenge = 0x470c8b8089c5b8a4a322d16b51ab1a91</div><div> MS-CHAP2-Response = 0x3300c3bac8e9819c7a7e962f3611fad2cda20000000000000000c8e0d842bdff8a8183104ac176bb16835ea6626028a146da</div>
<div> NAS-IP-Address = 127.0.1.1</div><div> NAS-Port = 0</div><div># Executing section authorize from file /etc/freeradius/sites-enabled/default</div><div>+- entering group authorize {...}</div><div>++[preprocess] returns ok</div>
<div>++[chap] returns noop</div><div>[mschap] Found MS-CHAP attributes. Setting 'Auth-Type = mschap'</div><div>++[mschap] returns ok</div><div>++[digest] returns noop</div><div>[suffix] No '@' in User-Name = "sqltest", looking up realm NULL</div>
<div>[suffix] No such realm "NULL"</div><div>++[suffix] returns noop</div><div>[eap] No EAP-Message, not doing EAP</div><div>++[eap] returns noop</div><div>[files] users: Matched entry DEFAULT at line 172</div>
<div>
++[files] returns ok</div><div>[sql] expand: %{User-Name} -> sqltest</div><div>[sql] sql_set_user escaped user --> 'sqltest'</div><div>rlm_sql (sql): Reserving sql socket id: 1</div><div>[sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'sqltest' ORDER BY id</div>
<div>rlm_sql: Failed to create the pair: Invalid octet string "600" for attribute name "Max-All-Session"</div><div>rlm_sql (sql): Error getting data from database</div><div>[sql] SQL query error; rejecting user</div>
<div>rlm_sql (sql): Released sql socket id: 1</div><div>++[sql] returns fail</div><div>Using Post-Auth-Type Reject</div><div># Executing group from file /etc/freeradius/sites-enabled/default</div><div>+- entering group REJECT {...}</div>
<div>[attr_filter.access_reject] expand: %{User-Name} -> sqltest</div><div> attr_filter: Matched entry DEFAULT at line 11</div><div>++[attr_filter.access_reject] returns updated</div><div>Delaying reject of request 2 for 1 seconds</div>
<div>Going to the next request</div><div>Waking up in 0.9 seconds.</div><div>Sending delayed reject for request 2</div><div>Sending Access-Reject of id 17 to xx.xx.72.127 port 40203</div><div>Waking up in 4.9 seconds.</div>
<div>Cleaning up request 2 ID 17 with timestamp +469</div><div>Ready to process requests.</div></div><div> </div></div><div><br></div><div>I was so happy that I could install freeRADIUS last week! I can't disconnect users using freeRADIUS cause there is no NAS in my network and if I can't get time and traffic limits to work I would have to code a script to do it myself maybe.</div>
<div><br></div><div>I would be thankful if someone helps to work it out.</div><div><br></div><div>PS: I have just noticed that radacct table is empty. I had the session logs in this table when pptpd and freeRADIUS servers where on the same machine but I can't see anything in this table now. Do I have to setup something on the pptpd server to have to session logs in freeRADIUS database?</div>
<div><br></div><div> </div>