<div dir="ltr"><div>Sorry for not including it in the first post, freeradius version used is the latest in CentOS repo.<br><br></div>The output on the first post is for the web-based login, I forgot that I only configured it on console login<br>
<br>Here is the output:<br><br><br><br>Ready to process requests.<br>rad_recv: Access-Request packet from host 10.141.1.129 port 49154, id=0, length=91<br> User-Name = "md5password"<br> User-Password = "qwerty"<br>
Cisco-AVPair = "shell:priv-lvl=1"<br> NAS-IP-Address = 10.141.1.129<br> Acct-Session-Id = "05000022"<br># Executing section authorize from file /etc/raddb/sites-enabled/default<br>
+- entering group authorize {...}<br>++[preprocess] returns ok<br>++[chap] returns noop<br>++[mschap] returns noop<br>++[digest] returns noop<br>[suffix] No '@' in User-Name = "md5password", looking up realm NULL<br>
[suffix] No such realm "NULL"<br>++[suffix] returns noop<br>[eap] No EAP-Message, not doing EAP<br>++[eap] returns noop<br>++[files] returns noop<br>[sql] expand: %{User-Name} -> md5password<br>[sql] sql_set_user escaped user --> 'md5password'<br>
rlm_sql (sql): Reserving sql socket id: 3<br>[sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'md5password' ORDER BY id<br>
[sql] User found in radcheck table<br>[sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'md5password' ORDER BY id<br>
[sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'md5password' ORDER BY priority<br>
rlm_sql (sql): Released sql socket id: 3<br>++[sql] returns ok<br>++[expiration] returns noop<br>++[logintime] returns noop<br>[pap] Normalizing MD5-Password from hex encoding<br>++[pap] returns updated<br>Found Auth-Type = PAP<br>
# Executing group from file /etc/raddb/sites-enabled/default<br>+- entering group PAP {...}<br>[pap] login attempt with password "qwerty"<br>[pap] Using MD5 encryption.<br>[pap] User authenticated successfully<br>
++[pap] returns ok<br>Login OK: [md5password] (from client MAAX port 0)<br># Executing section post-auth from file /etc/raddb/sites-enabled/default<br>+- entering group post-auth {...}<br>++[exec] returns noop<br>Sending Access-Accept of id 0 to 10.141.1.129 port 49154<br>
Finished request 0.<br>Going to the next request<br>Waking up in 4.9 seconds.<br>rad_recv: Accounting-Request packet from host 10.141.1.129 port 49154, id=0, length=88<br> User-Name = "md5password"<br> NAS-IP-Address = 10.141.1.129<br>
Called-Station-Id = "10.141.1.129"<br> Calling-Station-Id = "10.141.59.3"<br> Acct-Status-Type = Start<br> Acct-Session-Id = "05000022"<br> Acct-Authentic = RADIUS<br>
# Executing section preacct from file /etc/raddb/sites-enabled/default<br>+- entering group preacct {...}<br>++[preprocess] returns ok<br>[acct_unique] WARNING: Attribute NAS-Port was not found in request, unique ID MAY be inconsistent<br>
[acct_unique] Hashing ',Client-IP-Address = 10.141.1.129,NAS-IP-Address = 10.141.1.129,Acct-Session-Id = "05000022",User-Name = "md5password"'<br>[acct_unique] Acct-Unique-Session-ID = "ca6b399649f9703b".<br>
++[acct_unique] returns ok<br>[suffix] No '@' in User-Name = "md5password", looking up realm NULL<br>[suffix] No such realm "NULL"<br>++[suffix] returns noop<br>++[files] returns noop<br># Executing section accounting from file /etc/raddb/sites-enabled/default<br>
+- entering group accounting {...}<br>[detail] expand: %{Packet-Src-IP-Address} -> 10.141.1.129<br>[detail] expand: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d -> /var/log/radius/radacct/<a href="http://10.141.1.129/detail-20130708">10.141.1.129/detail-20130708</a><br>
[detail] /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d expands to /var/log/radius/radacct/<a href="http://10.141.1.129/detail-20130708">10.141.1.129/detail-20130708</a><br>
[detail] expand: %t -> Mon Jul 8 14:55:20 2013<br>
++[detail] returns ok<br>++[unix] returns noop<br>[radutmp] expand: /var/log/radius/radutmp -> /var/log/radius/radutmp<br>[radutmp] expand: %{User-Name} -> md5password<br> rlm_radutmp: No NAS-Port seen. Cannot do anything.<br>
rlm_radumtp: WARNING: checkrad will probably not work!<br>++[radutmp] returns noop<br>[sql] expand: %{User-Name} -> md5password<br>[sql] sql_set_user escaped user --> 'md5password'<br>[sql] expand: %{Acct-Delay-Time} -><br>
[sql] ... expanding second conditional<br>[sql] expand: INSERT INTO radacct (acctsessionid, acctuniqueid, username, realm, nasipaddress, nasportid, nasporttype, acctstarttime, acctstoptime, acctsessiontime, acctauthentic, connectinfo_start, connectinfo_stop, acctinputoctets, acctoutputoctets, calledstationid, callingstationid, acctterminatecause, servicetype, framedprotocol, framedipaddress, acctstartdelay, acctstopdelay, xascendsessionsvrkey) VALUES ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', '%S', NULL, '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}',<br>
rlm_sql (sql): Reserving sql socket id: 2<br>rlm_sql (sql): Released sql socket id: 2<br>++[sql] returns ok<br>++[exec] returns noop<br>[attr_filter.accounting_response] expand: %{User-Name} -> md5password<br>attr_filter: Matched entry DEFAULT at line 12<br>
++[attr_filter.accounting_response] returns updated<br>Sending Accounting-Response of id 0 to 10.141.1.129 port 49154<br>Finished request 1.<br>Cleaning up request 1 ID 0 with timestamp +19<br>Going to the next request<br>
Waking up in 4.9 seconds.<br>Cleaning up request 0 ID 0 with timestamp +19<br>Ready to process requests.<br><br></div>