<div dir="ltr"><div><div><div>Dear All,<br><br></div>I have issue with configure radius. I have one Juniper MX80 for doing as LNS in my lab and FreeRADIUS Version 2.1.12 installed. I can see there is successful connected log to radius but after around 1mn it connect again and again. I have check in MX80 but has no any significant log. <br>
</div>Below is the full log in debug mode of radius during connect. Please advice <br><br>rad_recv: Access-Request packet from host 22.0.0.77 port 51280, id=32, length=237<br> User-Name = "<a href="mailto:testuser@intel.com">testuser@intel.com</a>"<br>
Service-Type = Framed-User<br> CHAP-Password = 0x6424072271437b7df6f638bd05496fe856<br> CHAP-Challenge = 0xcf44cbf713aedaac40824ffc535532d96e7b109b025cb2a3b0<br> Chargeable-User-Identity = ""<br>
Acct-Session-Id = "491"<br> ERX-Dhcp-Mac-Addr = "0000.0000.0000"<br> NAS-Identifier = "MX80-LAB-LNS"<br> NAS-Port = 4095<br> NAS-Port-Id = "Ip:192.168.77.1:192.168.77.2:55776:38107:10971:4534:2765160448"<br>
NAS-Port-Type = Virtual<br> ERX-Attr-162 = 0x05f5e1<br> ERX-Attr-163 = 0x05f5e1<br> NAS-IP-Address = 22.0.0.77<br># Executing section authorize from file /etc/raddb/sites-enabled/default<br>+- entering group authorize {...}<br>
++[preprocess] returns ok<br>[chap] Setting 'Auth-Type := CHAP'<br>++[chap] returns ok<br>++[mschap] returns noop<br>++[digest] returns noop<br>[suffix] Looking up realm "<a href="http://eintel.com">eintel.com</a>" for User-Name = "<a href="mailto:testuser@intel.com">testuser@intel.com</a>"<br>
[suffix] No such realm "<a href="http://eintel.com">eintel.com</a>"<br>++[suffix] returns noop<br>[eap] No EAP-Message, not doing EAP<br>++[eap] returns noop<br>++[files] returns noop<br>[sql] expand: %{User-Name} -> <a href="mailto:testuser@intel.com">testuser@intel.com</a><br>
[sql] sql_set_user escaped user --> '<a href="mailto:testuser@intel.com">testuser@intel.com</a>'<br>rlm_sql (sql): Reserving sql socket id: 4<br>[sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = '<a href="mailto:testuser@intel.com">testuser@intel.com</a>' ORDER BY id<br>
[sql] User found in radcheck table<br>[sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = '<a href="mailto:testuser@intel.com">testuser@intel.com</a>' ORDER BY id<br>
[sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = '<a href="mailto:testuser@intel.com">testuser@intel.com</a>' ORDER BY priority<br>
rlm_sql (sql): Released sql socket id: 4<br>++[sql] returns ok<br>++[expiration] returns noop<br>++[logintime] returns noop<br>[pap] WARNING: Auth-Type already set. Not setting to PAP<br>++[pap] returns noop<br>Found Auth-Type = CHAP<br>
# Executing group from file /etc/raddb/sites-enabled/default<br>+- entering group CHAP {...}<br>[chap] login attempt by "<a href="mailto:testuser@intel.com">testuser@intel.com</a>" with CHAP password<br>[chap] Using clear text password "saba" for user <a href="mailto:testuser@intel.com">testuser@intel.com</a> authentication.<br>
[chap] chap user <a href="mailto:testuser@intel.com">testuser@intel.com</a> authenticated succesfully<br>++[chap] returns ok<br># Executing section post-auth from file /etc/raddb/sites-enabled/default<br>+- entering group post-auth {...}<br>
[sql] expand: %{User-Name} -> <a href="mailto:testuser@intel.com">testuser@intel.com</a><br>[sql] sql_set_user escaped user --> '<a href="mailto:testuser@intel.com">testuser@intel.com</a>'<br>[sql] expand: %{User-Password} -> <br>
[sql] ... expanding second conditional<br>[sql] expand: %{Chap-Password} -> 0x6424072271437b7df6f638bd05496fe856<br>[sql] expand: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') -> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '<a href="mailto:testuser@intel.com">testuser@intel.com</a>', '0x6424072271437b7df6f638bd05496fe856', 'Access-Accept', '2013-08-22 15:51:05')<br>
rlm_sql (sql) in sql_postauth: query is INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '<a href="mailto:testuser@intel.com">testuser@intel.com</a>', '0x6424072271437b7df6f638bd05496fe856', 'Access-Accept', '2013-08-22 15:51:05')<br>
rlm_sql (sql): Reserving sql socket id: 3<br>rlm_sql (sql): Released sql socket id: 3<br>++[sql] returns ok<br>++[exec] returns noop<br>Sending Access-Accept of id 32 to 22.0.0.77 port 51280<br> Framed-IP-Address = 10.1.1.123<br>
Finished request 2.<br>Going to the next request<br>Waking up in 4.9 seconds.<br>Cleaning up request 2 ID 32 with timestamp +177<br>Ready to process requests.<br><br></div>Regards,<br>SP<br></div>