Why does auth_log return fail?
Hi Freeradius users,i have FR freeradius-2.2.0-0.fc17.i686 set up on fedora 17 machine. the wimax clients are supplying EAPttls Mschapv2 for authentication. a few weeks ago, the configuration was working and authenticating, but it suddenly stopped. the users are created in the users file and below is the radiusd -X output. any more info required will be promptly provided. could someone help me out on this? the wimax system is 4M alvarion and the CPe are well configured.ignore_null = no}Module: Checking accounting {...} for more modules to loadModule: Instantiating module "detail" from file /etc/raddb/modules/detaildetail {detailfile = "/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"header = "%t"detailperm = 384dirperm = 493locking = nolog_packet_header = no}Module: Linked to module rlm_radutmpModule: Instantiating module "radutmp" from file /etc/raddb/modules/radutmpradutmp {filename = "/var/log/radius/radutmp"username = "%{User-Name}"case_sensitive = yescheck_with_nas = yesperm = 384callerid = yes}Module: Linked to module rlm_attr_filterModule: Instantiating module "attr_filter.accounting_response" from file /etc/raddb/modules/attr_filterattr_filter attr_filter.accounting_response {attrsfile = "/etc/raddb/attrs.accounting_response"key = "%{User-Name}"relaxed = no}reading pairlist file /etc/raddb/attrs.accounting_responseModule: Checking session {...} for more modules to loadModule: Checking post-proxy {...} for more modules to loadModule: Checking post-auth {...} for more modules to loadModule: Instantiating module "attr_filter.access_reject" from file /etc/raddb/modules/attr_filterattr_filter attr_filter.access_reject {attrsfile = "/etc/raddb/attrs.access_reject"key = "%{User-Name}"relaxed = no}reading pairlist file /etc/raddb/attrs.access_reject} # modules} # serverserver inner-tunnel { # from file /etc/raddb/sites-enabled/inner-tunnelmodules {Module: Checking authenticate {...} for more modules to loadModule: Checking authorize {...} for more modules to loadModule: Checking session {...} for more modules to loadModule: Checking post-proxy {...} for more modules to loadModule: Checking post-auth {...} for more modules to load} # modules} # serverradiusd: #### Opening IP addresses and Ports ####listen {type = "auth"ipaddr = *port = 0}listen {type = "acct"ipaddr = *port = 0}listen {type = "control"listen {socket = "/var/run/radiusd/radiusd.sock"}}listen {type = "auth"ipaddr = 127.0.0.1port = 18120}... adding new socket proxy address * port 46422Listening on authentication address * port 1812Listening on accounting address * port 1813Listening on command file /var/run/radiusd/radiusd.sockListening on authentication address 127.0.0.1 port 18120 as server inner-tunnelListening on proxy address * port 1814Ready to process requests.rad_recv: Access-Request packet from host 11.0.0.205 port 1812, id=153, length=196User-Name = "{sm=1}rawlacurone@adn.com"EAP-Message = 0x0201001e017b736d3d317d7261776c616375726f6e654061646e2e636f6dMessage-Authenticator = 0x39a7eb8d6128461e0fa6caf5dd5c26c3NAS-Identifier = "201"NAS-IP-Address = 11.0.0.205Calling-Station-Id = "AC-81-12-78-CA-6E"WiMAX-BS-Id = 0xfff329010102NAS-Port-Type = Wireless-802.16Framed-MTU = 2000Service-Type = Framed-UserWiMAX-GMT-Timezone-offset = 256WiMAX-Release = "1.0"WiMAX-Accounting-Capabilities = IP-Session-BasedWiMAX-Attr-1793 = 0x0000028a# Executing section authorize from file /etc/raddb/sites-enabled/default+- entering group authorize {...}++[preprocess] returns ok[auth_log] expand: /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/radius/radacct/11.0.0.205/auth-detail-20130501[auth_log] /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/11.0.0.205/auth-detail-20130501[auth_log] expand: %t -> Wed May 1 17:46:27 2013++[auth_log] returns failUsing Post-Auth-Type REJECT# Executing group from file /etc/raddb/sites-enabled/default+- entering group REJECT {...}[attr_filter.access_reject] expand: %{User-Name} -> {sm=1}rawlacurone@adn.comattr_filter: Matched entry DEFAULT at line 11++[attr_filter.access_reject] returns updatedDelaying reject of request 0 for 1 secondsGoing to the next requestWaking up in 0.9 seconds.Sending delayed reject for request 0Sending Access-Reject of id 153 to 11.0.0.205 port 1812Waking up in 4.9 seconds.Cleaning up request 0 ID 153 with timestamp +1Ready to process requests.rad_recv: Access-Request packet from host 11.0.0.205 port 1812, id=154, length=196User-Name = "{sm=1}rawlacurone@adn.com"EAP-Message = 0x0201001e017b736d3d317d7261776c616375726f6e654061646e2e636f6dMessage-Authenticator = 0x0ddedece670902a6348d2b16c392c015NAS-Identifier = "201"NAS-IP-Address = 11.0.0.205Calling-Station-Id = "AC-81-12-78-CA-6E"WiMAX-BS-Id = 0xfff329010102NAS-Port-Type = Wireless-802.16Framed-MTU = 2000Service-Type = Framed-UserWiMAX-GMT-Timezone-offset = 256WiMAX-Release = "1.0"WiMAX-Accounting-Capabilities = IP-Session-BasedWiMAX-Attr-1793 = 0x0000028a# Executing section authorize from file /etc/raddb/sites-enabled/default+- entering group authorize {...}++[preprocess] returns ok[auth_log] expand: /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/radius/radacct/11.0.0.205/auth-detail-20130501[auth_log] /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/11.0.0.205/auth-detail-20130501[auth_log] expand: %t -> Wed May 1 17:46:35 2013++[auth_log] returns failUsing Post-Auth-Type REJECT# Executing group from file /etc/raddb/sites-enabled/default+- entering group REJECT {...}[attr_filter.access_reject] expand: %{User-Name} -> {sm=1}rawlacurone@adn.comattr_filter: Matched entry DEFAULT at line 11++[attr_filter.access_reject] returns updatedDelaying reject of request 1 for 1 secondsGoing to the next requestWaking up in 0.9 seconds.Sending delayed reject for request 1Sending Access-Reject of id 154 to 11.0.0.205 port 1812Waking up in 4.9 seconds.Cleaning up request 1 ID 154 with timestamp +9Ready to process requests.rad_recv: Access-Request packet from host 11.0.0.205 port 1812, id=155, length=196User-Name = "{sm=1}rawlacurone@adn.com"EAP-Message = 0x0201001e017b736d3d317d7261776c616375726f6e654061646e2e636f6dMessage-Authenticator = 0x8cbc1a4105e88c044aaa7a95df6dc98aNAS-Identifier = "201"NAS-IP-Address = 11.0.0.205Calling-Station-Id = "AC-81-12-78-CA-6E"WiMAX-BS-Id = 0xfff329010102NAS-Port-Type = Wireless-802.16Framed-MTU = 2000Service-Type = Framed-UserWiMAX-GMT-Timezone-offset = 256WiMAX-Release = "1.0"WiMAX-Accounting-Capabilities = IP-Session-BasedWiMAX-Attr-1793 = 0x0000028a# Executing section authorize from file /etc/raddb/sites-enabled/default+- entering group authorize {...}++[preprocess] returns ok[auth_log] expand: /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/radius/radacct/11.0.0.205/auth-detail-20130501[auth_log] /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/11.0.0.205/auth-detail-20130501[auth_log] expand: %t -> Wed May 1 17:46:43 2013++[auth_log] returns failUsing Post-Auth-Type REJECT# Executing group from file /etc/raddb/sites-enabled/default+- entering group REJECT {...}[attr_filter.access_reject] expand: %{User-Name} -> {sm=1}rawlacurone@adn.comattr_filter: Matched entry DEFAULT at line 11++[attr_filter.access_reject] returns updatedDelaying reject of request 2 for 1 secondsGoing to the next requestWaking up in 0.9 seconds.Sending delayed reject for request 2Sending Access-Reject of id 155 to 11.0.0.205 port 1812Waking up in 4.9 seconds.Cleaning up request 2 ID 155 with timestamp +17Ready to process requests.rad_recv: Access-Request packet from host 11.0.0.205 port 1812, id=157, length=196User-Name = "{sm=1}rawlacurone@adn.com"EAP-Message = 0x0201001e017b736d3d317d7261776c616375726f6e654061646e2e636f6dMessage-Authenticator = 0xd84871a21825f994c68593b4d78ca653NAS-Identifier = "201"NAS-IP-Address = 11.0.0.205Calling-Station-Id = "AC-81-12-78-CA-6E"WiMAX-BS-Id = 0xfff329010102NAS-Port-Type = Wireless-802.16Framed-MTU = 2000Service-Type = Framed-UserWiMAX-GMT-Timezone-offset = 256WiMAX-Release = "1.0"WiMAX-Accounting-Capabilities = IP-Session-BasedWiMAX-Attr-1793 = 0x0000028a# Executing section authorize from file /etc/raddb/sites-enabled/default+- entering group authorize {...}++[preprocess] returns ok[auth_log] expand: /var/log/radius/radacct/%{Client-IP-Address}/auth-detail[auth_log] /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expan[auth_log] expand: %t -> Wed May 1 17:46:50 2013++[auth_log] returns failUsing Post-Auth-Type REJECT# Executing group from file /etc/raddb/sites-enabled/default+- entering group REJECT {...}[attr_filter.access_reject] expand: %{User-Name} -> {sm=1}rawlacurone@adn.coattr_filter: Matched entry DEFAULT at line 11++[attr_filter.access_reject] returns updatedDelaying reject of request 3 for 1 secondsGoing to the next requestWaking up in 0.9 seconds.Sending delayed reject for request 3Sending Access-Reject of id 157 to 11.0.0.205 port 1812Waking up in 4.9 seconds.^C[root@adn larry]#
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html