Hello, here is the second attempt (I simulated the conection error), when user tries to connect but there is a radacct entry with no acctstoptime. Now I´m using version 2.1.12: rad_recv: Access-Request packet from host 192.168.0.1 port 53431, id=12, length=144 Service-Type = Framed-User Framed-Protocol = PPP NAS-Port = 15729407 NAS-Port-Type = Ethernet User-Name = "test" Calling-Station-Id = "C0:4A:00:87:C6:D9" Called-Station-Id = "service1" NAS-Port-Id = "bridge1" CHAP-Challenge = 0xbbb25ba0071ac1a6179ec6c9b217200a CHAP-Password = 0x01d1ce7fdbaa9f50707871fdfc009c6b4a NAS-Identifier = "Main_Router" NAS-IP-Address = 192.168.0.1 # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default +- entering group authorize {...} ++[preprocess] returns ok [chap] Setting 'Auth-Type := CHAP' ++[chap] returns ok ++[mschap] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop [sql] expand: %{User-Name} -> test [sql] sql_set_user escaped user --> 'test' rlm_sql (sql): Reserving sql socket id: 3 [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'test' ORDER BY id [sql] User found in radcheck table [sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'test' ORDER BY id [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'test' ORDER BY priority [sql] expand: SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '15' ORDER BY id [sql] User found in group 15 [sql] expand: SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '15' ORDER BY id rlm_sql (sql): Released sql socket id: 3 ++[sql] returns ok ++[expiration] returns noop ++[logintime] returns noop [pap] WARNING: Auth-Type already set. Not setting to PAP ++[pap] returns noop Found Auth-Type = CHAP # Executing group from file /usr/local/etc/raddb/sites-enabled/default +- entering group CHAP {...} [chap] login attempt by "test" with CHAP password [chap] Using clear text password "123456" for user test authentication. [chap] chap user test authenticated succesfully ++[chap] returns ok ++? if (reject && Framed-Protocol == PPP) ? Evaluating (reject ) -> FALSE ? Skipping (Framed-Protocol == PPP) ++? if (reject && Framed-Protocol == PPP) -> FALSE ++? if (invalid && Framed-Protocol == PPP) ? Evaluating (invalid ) -> FALSE ? Skipping (Framed-Protocol == PPP) ++? if (invalid && Framed-Protocol == PPP) -> FALSE # Executing section session from file /usr/local/etc/raddb/sites-enabled/default +- entering group session {...} [sql] expand: %{User-Name} -> test [sql] sql_set_user escaped user --> 'test' [sql] expand: SELECT COUNT(*) FROM radacct WHERE username = '%{SQL-User-Name}' AND acctstoptime IS NULL -> SELECT COUNT(*) FROM radacct WHERE username = 'test' AND acctstoptime IS NULL rlm_sql (sql): Reserving sql socket id: 2 [sql] expand: SELECT radacctid, acctsessionid, username, nasipaddress, nasportid, framedipaddress, callingstationid, framedprotocol FROM radacct WHERE username = '%{SQL-User-Name}' AND acctstoptime IS NULL -> SELECT radacctid, acctsessionid, username, nasipaddress, nasportid, framedipaddress, callingstationid, framedprotocol FROM radacct WHERE username = 'test' AND acctstoptime IS NULL # Executing section preacct from file /usr/local/etc/raddb/sites-enabled/default +- entering group preacct {...} ++[preprocess] returns ok [acct_unique] Hashing 'NAS-Port = 15729406,Client-IP-Address = 192.168.0.1,NAS-IP-Address = 192.168.0.1,Acct-Session-Id = "819000c2",User-Name = "test"' [acct_unique] Acct-Unique-Session-ID = "5cc3e8235801dd84". ++[acct_unique] returns ok Look above, NAS-Port is not ZERO (it got the value from Access-Request) so, 5cc3e8235801dd84 will be the same unique already existing in the database! I´ll try the last version from GutHub now. Regards Fabricio Viana --- Este email foi escaneado pelo Avast antivírus. http://www.avast.com