Looks like some kind of problem with your database. It clears when you auth against the radtest, but when you try to use a user in the database, it fails. On Tue, Feb 3, 2009 at 6:45 PM, Daniel Bojczuk <daniel@cirp.usp.br> wrote:
Hi!!
I have a Monowall athorizing and accounting on a Freeradius 2.1.1
When I execute: radtest nbatista@dialup.usp.br ******* 123.123.123.123 0 's3mf!o/' I get the folowing answer: Sending Access-Request of id 177 to 123.123.123.123 port 1812 User-Name = "nbatista@dialup.usp.br" User-Password = "nat6672" NAS-IP-Address = 123.123.123.123 NAS-Port = 0 rad_recv: Access-Accept packet from host 123.123.123.123 port 1812, id=177, length=68 Framed-IP-Address = 255.255.255.254 Framed-MTU = 1500 Service-Type = Framed-User Framed-Protocol = PPP Framed-Compression = Van-Jacobson-TCP-IP Session-Timeout = 86400 Framed-IP-Netmask = 255.255.255.0 Idle-Timeout = 3600
Everything works fine. But when I try to login using Monowall login page on debug mode I have this:
___________________________________________________________________________________________________________________________
rad_recv: Access-Request packet from host 124.124.124.124 port 63026, id=166, length=150 NAS-IP-Address = 124.124.124.124 NAS-Identifier = "gwrp.semfio.usp.br" User-Name = "nbatista@dialup.usp.br" User-Password = "*******" Service-Type = Login-User NAS-Port-Type = Ethernet NAS-Port = 83 Framed-IP-Address = 125.125.125.125 Called-Station-Id = "00:11:2f:75:81:7c" Calling-Station-Id = "00:1b:77:b5:34:9d" +- entering group authorize {...} ++[preprocess] returns ok [auth_log] expand: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/143.107.192.54/auth-detail-20090203 [auth_log] /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/143.107.192.54/auth-detail-20090203 [auth_log] expand: %t -> Tue Feb 3 17:30:54 2009 ++[auth_log] returns ok [suffix] Looking up realm "dialup.usp.br" for User-Name = "nbatista@dialup.usp.br" [suffix] Found realm "dialup.usp.br" [suffix] Adding Realm = "dialup.usp.br" [suffix] Proxying request from user nbatista to realm dialup.usp.br [suffix] Preparing to proxy authentication request to realm "dialup.usp.br" ++[suffix] returns updated [sql] expand: %{User-Name} -> nbatista@dialup.usp.br [sql] sql_set_user escaped user --> 'nbatista@dialup.usp.br' rlm_sql (sql): Reserving sql socket id: 6 [sql] expand: SELECT id, UserName, Attribute, Value, Op FROM radcheck WHERE Username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, UserName, Attribute, Value, Op FROM radcheck WHERE Username = 'nbatista@dialup.usp.br' ORDER BY id rlm_sql_postgresql: Status: PGRES_TUPLES_OK rlm_sql_postgresql: query affected rows = 0 , fields = 5 [sql] expand: SELECT GroupName FROM radusergroup WHERE UserName='%{SQL-User-Name}' ORDER BY priority -> SELECT GroupName FROM radusergroup WHERE UserName='nbatista@dialup.usp.br' ORDER BY priority rlm_sql_postgresql: Status: PGRES_TUPLES_OK rlm_sql_postgresql: query affected rows = 0 , fields = 1 rlm_sql (sql): Released sql socket id: 6 [sql] User nbatista@dialup.usp.br not found ++[sql] returns notfound ++[pap] returns noop Sending Access-Request of id 239 to 126.126.126.126 port 1812 NAS-IP-Address = 124.124.124.124 NAS-Identifier = "gwrp.semfio.usp.br" User-Name = "nbatista@dialup.usp.br" User-Password = "*******" Service-Type = Login-User NAS-Port-Type = Ethernet NAS-Port = 83 Framed-IP-Address = 125.125.125.125 Called-Station-Id = "00:11:2f:75:81:7c" Calling-Station-Id = "00:1b:77:b5:34:Sending Access-Request of id 239 to 143.107.253.10 port 1812 NAS-IP-Address = 124.124.124.124 NAS-Identifier = "gwrp.semfio.usp.br" User-Name = "nbatista@dialup.usp.br" User-Password = "*******" Service-Type = Login-User NAS-Port-Type = Ethernet NAS-Port = 83 Framed-IP-Address = 125.125.125.125 Called-Station-Id = "00:11:2f:75:81:7c" Calling-Station-Id = "00:1b:77:b5:34:9d" Proxy-State = 0x313636 Going to the next request Waking up in 0.8 seconds. Cleaning up request 5 ID 194 with timestamp +9 Waking up in 0.1 seconds. Waking up in 13.0 seconds. rad_recv: Access-Reject packet from host 126.126.126.126 port 1812, id=239, length=82 Reply-Message = "\r\nYou are already logged in 2 times - access denied\r\n\n" Proxy-State = 0x313636 +- entering group post-proxy {...} [eap] No pre-existing handler found ++[eap] returns noop Login incorrect (Home Server says so): [nbatista@dialup.usp.br] (from client gwrp port 83 cli 00:1b:77:b5:34:9d) Using Post-Auth-Type Reject WARNING: Unknown value specified for Post-Auth-Type. Cannot perform requested action. Sending Access-Reject of id 166 to 123.123.123.123 port 63026 Reply-Message = "\r\nYou are already logged in 2 times - access denied\r\n\n" Finished request 6. Going to the next request Waking up in 4.9 seconds. ____________________________________________________________________________________________________________________
I understood that there are 2 sessions opened. am I correct? If I am how can I close these sessions? And why does radtest work?
Thanks!
Sorry about my English.
Daniel Bojczuk
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html