I think what I'm seeing is just differences in versions, but wanted to get some expert opinions. I have an old Solaris system running radiusd: FreeRADIUS Version 3.0.11, for host sparc-sun-solaris2.11, built on Jul 14 2016 at 00:32:22 And a newly built Ubuntu system running the repo version radiusd: FreeRADIUS Version 3.0.20, for host x86_64-pc-linux-gnu, built on Apr 14 2022 at 20:32:00 On the Solaris, in the logs, I see logs that look more or less like ``` Fri Sep 16 15:16:03 2022 : Auth: (2303098) Login incorrect (No Auth-Type found: rejecting the user via Post-Auth-Type = Reject): [jimmy] (from client all_ipv4 port 9910 cli 112.217.164.107) Fri Sep 16 15:16:12 2022 : Auth: (2303099) Login incorrect (No Auth-Type found: rejecting the user via Post-Auth-Type = Reject): [gemeaux] (from client all_ipv4 port 13949 cli 184.168.126.75) Fri Sep 16 15:16:14 2022 : Auth: (2303100) Login incorrect (No Auth-Type found: rejecting the user via Post-Auth-Type = Reject): [root] (from client all_ipv4 port 13932 cli 209.141.59.116) ``` On Ubuntu, I see less detail ``` Fri Sep 16 08:49:02 2022 : Auth: (0) Login OK: [bpadgett] (from client all_ipv4 port 0) Fri Sep 16 09:15:01 2022 : Auth: (1) Login OK: [bpadgett] (from client all_ipv4 port 0) Fri Sep 16 09:15:06 2022 : Auth: (2) Login incorrect (No Auth-Type found: rejecting the user via Post-Auth-Type = Reject): [bpadgett] (from client all_ipv4 port 0) Fri Sep 16 09:15:10 2022 : Auth: (3) Login incorrect (ldap: Bind credentials incorrect: Invalid credentials): [bpadgett] (from client all_ipv4 port 0) ``` (those last two were me testing wrong info or blank) I am able to get the Packet-Src-IP-Address in msg_goodpass or msg_badpass, but I'm curious if there is a configuration I'm missing otherwise. The radiusd.conf used on Ubuntu is almost line for line identical since I used the Solaris config to build on. They both appear to have the same mods enabled and on the mods-available/detail and detail.log I don't see any differences. I know I can go with the msg_good/badpass option, I just want to make sure I'm not missing some crucial but simple option. The logging section of radiusd.conf: ``` log { destination = files colourise = yes file = ${logdir}/${name}.log syslog_facility = daemon # Log the full User-Name attribute, as it was found in the request. # # allowed values: {no, yes} # stripped_names = no # Log authentication requests to the log file. # # allowed values: {no, yes} # auth = yes # Log passwords with the authentication requests. # auth_badpass - logs password if it's rejected # auth_goodpass - logs password if it's correct # # allowed values: {no, yes} # auth_badpass = no auth_goodpass = no # The message when the user exceeds the Simultaneous-Use limit. # msg_denied = "You are already logged in - access denied" #msg_badpass = "testbad:%{Packet-Src-IP-Address}" #msg_goodpass = "testgood:%{Packet-Src-IP-Address}" } ``` Brantley Padgett The question is not how far. The question is, do you possess the constitution, the depth of faith, to go as far as is needed? -Boondock Saints