Hi, I have searched on the mailing list and I see that it is suggested to limit simultaneous users by doing user,simultaneous-use,:=,1 I just need to know does this limit user to one login on freeradius or on that nas? as I add this value into the radcheck table. and I try login twice from the same NAS, but the second login fails. Then I try login from one NAS and then again from another NAS and it works. So does simultaneous-use only tell the NAS to let user X login once or is supposed to be server side? Do I need to right a script to do it server side? Thank you -- View this message in context: http://old.nabble.com/simultaneous-logins-tp29426841p29426841.html Sent from the FreeRadius - User mailing list archive at Nabble.com.
tyllerd wrote:
Then I try login from one NAS and then again from another NAS and it works.
And what does "radiusd -X" say?
So does simultaneous-use only tell the NAS to let user X login once or is supposed to be server side? Do I need to right a script to do it server side?
The simultaneous-use checking applies to *all* NASes. So it *should* enforce only one login, even if you try to login on two different NASes. Alan DeKok.
Hi Alan, Thank you for the response. Below you can see my user in the table as well as the radius -X. I don't really see any problems, can you? Thanks, T mysql> select * from radcheck where username="71485392"; +--------+----------+--------------------+----+-----------+ | id | username | attribute | op | value | +--------+----------+--------------------+----+-----------+ | 810890 | 71485392 | Auth-Type | := | Perl | | 810891 | 71485392 | databank | := | 104305655 | | 810892 | 71485392 | Cleartext-Password | := | password | | 810893 | 71485392 | Max-All-Session | := | 3600 | | 810894 | 71485392 | Expire-After | := | 864000 | | 810895 | 71485392 | Simultaneous-Use | := | 1 | | 810896 | 71485392 | Idle-Timeout | := | 300 | | 810897 | 71485392 | Cleartext-Password | := | password | +--------+----------+--------------------+----+-----------+ Listening on proxy address * port 1814 Ready to process requests. rad_recv: Access-Request packet from host 192.168.4.28 port 46819, id=100, length=175 NAS-Port-Type = Wireless-802.11 Calling-Station-Id = "00:1E:64:8E:1F:8E" Called-Station-Id = "hotspot1" NAS-Port-Id = "Guest" User-Name = "71485392" NAS-Port = 2154823729 Acct-Session-Id = "80700031" Framed-IP-Address = 10.20.30.253 Mikrotik-Host-IP = 10.20.30.253 User-Password = "password" Service-Type = Login-User WISPr-Logoff-URL = "http://10.20.30.1/logout" NAS-Identifier = "TEST2" NAS-IP-Address = 192.168.4.28 +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "71485392", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[unix] returns notfound [sql] expand: %{User-Name} -> 71485392 [sql] sql_set_user escaped user --> '71485392' rlm_sql (sql): Reserving sql socket id: 3 [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = '71485392' ORDER BY id [sql] User found in radcheck table [sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = '71485392' ORDER BY id [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = '71485392' ORDER BY priority rlm_sql (sql): Released sql socket id: 3 ++[sql] returns ok rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair ++[monthyoctets] returns noop ++[expiration] returns noop ++[logintime] returns noop [pap] Found existing Auth-Type, not changing it. ++[pap] returns noop rlm_sqlcounter: Entering module authorize code sqlcounter_expand: 'SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='%{User-Name}' ORDER BY acctstarttime LIMIT 1;' [expire_on_login] expand: SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='%{User-Name}' ORDER BY acctstarttime LIMIT 1; -> SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='71485392' ORDER BY acctstarttime LIMIT 1; sqlcounter_expand: '%{sql:SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='71485392' ORDER BY acctstarttime LIMIT 1;}' [expire_on_login] sql_xlat [expire_on_login] expand: %{User-Name} -> 71485392 [expire_on_login] sql_set_user escaped user --> '71485392' [expire_on_login] expand: SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='71485392' ORDER BY acctstarttime LIMIT 1; -> SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='71485392' ORDER BY acctstarttime LIMIT 1; rlm_sql (sql): Reserving sql socket id: 2 [expire_on_login] sql_xlat finished rlm_sql (sql): Released sql socket id: 2 [expire_on_login] expand: %{sql:SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='71485392' ORDER BY acctstarttime LIMIT 1;} -> 6161 rlm_sqlcounter: Check item is greater than query result rlm_sqlcounter: Authorized user 71485392, check_item=864000, counter=6161 rlm_sqlcounter: Sent Reply-Item for user 71485392, Type=Session-Timeout, value=857839 ++[expire_on_login] returns ok rlm_sqlcounter: Entering module authorize code sqlcounter_expand: 'SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='%{User-Name}'' [noresetcounter] expand: SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='%{User-Name}' -> SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='71485392' sqlcounter_expand: '%{sql:SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='71485392'}' [noresetcounter] sql_xlat [noresetcounter] expand: %{User-Name} -> 71485392 [noresetcounter] sql_set_user escaped user --> '71485392' [noresetcounter] expand: SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='71485392' -> SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='71485392' rlm_sql (sql): Reserving sql socket id: 1 [noresetcounter] sql_xlat finished rlm_sql (sql): Released sql socket id: 1 [noresetcounter] expand: %{sql:SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='71485392'} -> 205 rlm_sqlcounter: Check item is greater than query result rlm_sqlcounter: Authorized user 71485392, check_item=3600, counter=205 rlm_sqlcounter: Sent Reply-Item for user 71485392, Type=Session-Timeout, value=3395 ++[noresetcounter] returns ok Found Auth-Type = Perl +- entering group Perl {...} GOT CLONE -1208038704 0x93f53d8 rlm_perl: Added pair NAS-Port-Type = Wireless-802.11 rlm_perl: Added pair WISPr-Logoff-URL = http://10.20.30.1/logout rlm_perl: Added pair Acct-Session-Id = 80700031 rlm_perl: Added pair SQL-User-Name = 71485392 rlm_perl: Added pair Service-Type = Login-User rlm_perl: Added pair Called-Station-Id = hotspot1 rlm_perl: Added pair Calling-Station-Id = 00:1E:64:8E:1F:8E rlm_perl: Added pair User-Name = 71485392 rlm_perl: Added pair NAS-Identifier = TEST2 rlm_perl: Added pair User-Password = password rlm_perl: Added pair Mikrotik-Host-IP = 10.20.30.253 rlm_perl: Added pair Framed-IP-Address = 10.20.30.253 rlm_perl: Added pair NAS-IP-Address = 192.168.4.28 rlm_perl: Added pair NAS-Port = 2154823729 rlm_perl: Added pair NAS-Port-Id = Guest rlm_perl: Added pair Session-Timeout = 3395 rlm_perl: Added pair Mikrotik-Xmit-Limit = 104305655 rlm_perl: Added pair Idle-Timeout = 300 rlm_perl: Added pair Cleartext-Password = password rlm_perl: Added pair Expire-After = 864000 rlm_perl: Added pair Max-All-Session = 3600 rlm_perl: Added pair Simultaneous-Use = 1 rlm_perl: Added pair databank = 104305655 rlm_perl: Added pair Auth-Type = Perl ++[perl] returns ok +- entering group session {...} [sql] expand: %{User-Name} -> 71485392 [sql] sql_set_user escaped user --> '71485392' [sql] expand: SELECT COUNT(*) FROM radacct WHERE username = '%{SQL-User-Name}' AND acctstoptime IS NULL -> SELECT COUNT(*) FROM radacct WHERE username = '71485392' AND acctstoptime IS NULL rlm_sql (sql): Reserving sql socket id: 0 rlm_sql (sql): Released sql socket id: 0 ++[sql] returns ok Login OK: [71485392/password] (from client TEST2 port 2154823729 cli 00:1E:64:8E:1F:8E) +- entering group post-auth {...} [sql] expand: %{User-Name} -> 71485392 [sql] sql_set_user escaped user --> '71485392' [sql] expand: %{User-Password} -> password [sql] expand: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') -> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '71485392', 'password', 'Access-Accept', '2010-08-13 11:57:42') rlm_sql (sql) in sql_postauth: query is INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '71485392', 'password', 'Access-Accept', '2010-08-13 11:57:42') rlm_sql (sql): Reserving sql socket id: 4 rlm_sql (sql): Released sql socket id: 4 ++[sql] returns ok ++[exec] returns noop Sending Access-Accept of id 100 to 192.168.4.28 port 46819 Session-Timeout = 3395 Mikrotik-Xmit-Limit = 104305655 Finished request 0. Going to the next request Waking up in 4.9 seconds. rad_recv: Accounting-Request packet from host 192.168.4.28 port 32987, id=101, length=137 Acct-Status-Type = Start NAS-Port-Type = Wireless-802.11 Calling-Station-Id = "00:1E:64:8E:1F:8E" Called-Station-Id = "hotspot1" NAS-Port-Id = "Guest" User-Name = "71485392" NAS-Port = 2154823729 Acct-Session-Id = "80700031" Framed-IP-Address = 10.20.30.253 Mikrotik-Host-IP = 10.20.30.253 Event-Timestamp = "Jan 2 1970 02:16:43 SAST" NAS-Identifier = "TEST2" NAS-IP-Address = 192.168.4.28 Acct-Delay-Time = 0 +- entering group preacct {...} ++[preprocess] returns ok [acct_unique] Hashing 'NAS-Port = 2154823729,Client-IP-Address = 192.168.4.28,NAS-IP-Address = 192.168.4.28,Acct-Session-Id = "80700031",User-Name = "71485392"' [acct_unique] Acct-Unique-Session-ID = "ff0a9b7762ab9e6f". ++[acct_unique] returns ok [suffix] No '@' in User-Name = "71485392", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop ++[files] returns noop +- entering group accounting {...} [sql] expand: %{User-Name} -> 71485392 [sql] sql_set_user escaped user --> '71485392' [sql] expand: %{Acct-Delay-Time} -> 0 [sql] expand: INSERT INTO radacct (acctsessionid, acctuniqueid, username, realm, nasipaddress, nasportid, nasporttype, acctstarttime, acctstoptime, acctsessiontime, acctauthentic, connectinfo_start, connectinfo_stop, acctinputoctets, acctoutputoctets, calledstationid, callingstationid, acctterminatecause, servicetype, framedprotocol, framedipaddress, NASIdentifier, acctstartdelay, acctstopdelay, xascendsessionsvrkey) VALUES ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', '%S', NULL, '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '', '%{Service-Type}', '%{Framed-Protocol}', ' rlm_sql (sql): Reserving sql socket id: 3 rlm_sql (sql): Released sql socket id: 3 ++[sql] returns ok [attr_filter.accounting_response] expand: %{User-Name} -> 71485392 attr_filter: Matched entry DEFAULT at line 12 ++[attr_filter.accounting_response] returns updated Sending Accounting-Response of id 101 to 192.168.4.28 port 32987 Finished request 1. Cleaning up request 1 ID 101 with timestamp +36 Going to the next request Waking up in 4.9 seconds. Cleaning up request 0 ID 100 with timestamp +36 Ready to process requests. rad_recv: Access-Request packet from host 192.168.4.251 port 1025, id=196, length=192 User-Name = "71485392" User-Password = "password" NAS-IP-Address = 192.168.4.251 NAS-Port = 0 Service-Type = Login-User Acct-Session-Id = "EB000063" Called-Station-Id = "00-50-E8-02-53-90" Calling-Station-Id = "00-1D-E0-43-D5-8F" Nomadix-Logoff-URL = "http://1.1.1.1" WISPr-Location-ID = "isocc=,cc=,ac=,network=Firedigit" NAS-Identifier = "JonnyLAW" NAS-Port-Type = ISDN +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "71485392", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[unix] returns notfound [sql] expand: %{User-Name} -> 71485392 [sql] sql_set_user escaped user --> '71485392' rlm_sql (sql): Reserving sql socket id: 2 [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = '71485392' ORDER BY id [sql] User found in radcheck table [sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = '71485392' ORDER BY id [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = '71485392' ORDER BY priority rlm_sql (sql): Released sql socket id: 2 ++[sql] returns ok rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair ++[monthyoctets] returns noop ++[expiration] returns noop ++[logintime] returns noop [pap] Found existing Auth-Type, not changing it. ++[pap] returns noop rlm_sqlcounter: Entering module authorize code sqlcounter_expand: 'SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='%{User-Name}' ORDER BY acctstarttime LIMIT 1;' [expire_on_login] expand: SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='%{User-Name}' ORDER BY acctstarttime LIMIT 1; -> SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='71485392' ORDER BY acctstarttime LIMIT 1; sqlcounter_expand: '%{sql:SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='71485392' ORDER BY acctstarttime LIMIT 1;}' [expire_on_login] sql_xlat [expire_on_login] expand: %{User-Name} -> 71485392 [expire_on_login] sql_set_user escaped user --> '71485392' [expire_on_login] expand: SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='71485392' ORDER BY acctstarttime LIMIT 1; -> SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='71485392' ORDER BY acctstarttime LIMIT 1; rlm_sql (sql): Reserving sql socket id: 1 [expire_on_login] sql_xlat finished rlm_sql (sql): Released sql socket id: 1 [expire_on_login] expand: %{sql:SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='71485392' ORDER BY acctstarttime LIMIT 1;} -> 6186 rlm_sqlcounter: Check item is greater than query result rlm_sqlcounter: Authorized user 71485392, check_item=864000, counter=6186 rlm_sqlcounter: Sent Reply-Item for user 71485392, Type=Session-Timeout, value=857814 ++[expire_on_login] returns ok rlm_sqlcounter: Entering module authorize code sqlcounter_expand: 'SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='%{User-Name}'' [noresetcounter] expand: SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='%{User-Name}' -> SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='71485392' sqlcounter_expand: '%{sql:SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='71485392'}' [noresetcounter] sql_xlat [noresetcounter] expand: %{User-Name} -> 71485392 [noresetcounter] sql_set_user escaped user --> '71485392' [noresetcounter] expand: SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='71485392' -> SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='71485392' rlm_sql (sql): Reserving sql socket id: 0 [noresetcounter] sql_xlat finished rlm_sql (sql): Released sql socket id: 0 [noresetcounter] expand: %{sql:SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='71485392'} -> 205 rlm_sqlcounter: Check item is greater than query result rlm_sqlcounter: Authorized user 71485392, check_item=3600, counter=205 rlm_sqlcounter: Sent Reply-Item for user 71485392, Type=Session-Timeout, value=3395 ++[noresetcounter] returns ok Found Auth-Type = Perl +- entering group Perl {...} rlm_perl: Added pair NAS-Port-Type = ISDN rlm_perl: Added pair Acct-Session-Id = EB000063 rlm_perl: Added pair SQL-User-Name = 71485392 rlm_perl: Added pair Service-Type = Login-User rlm_perl: Added pair Calling-Station-Id = 00-1D-E0-43-D5-8F rlm_perl: Added pair Called-Station-Id = 00-50-E8-02-53-90 rlm_perl: Added pair WISPr-Location-ID = isocc=,cc=,ac=,network=Firedigit rlm_perl: Added pair User-Name = 71485392 rlm_perl: Added pair NAS-Identifier = JonnyLAW rlm_perl: Added pair User-Password = password rlm_perl: Added pair Nomadix-Logoff-URL = http://1.1.1.1 rlm_perl: Added pair NAS-IP-Address = 192.168.4.251 rlm_perl: Added pair NAS-Port = 0 rlm_perl: Added pair Session-Timeout = 3395 rlm_perl: Added pair Nomadix-MaxBytesDown = 104305655 rlm_perl: Added pair Idle-Timeout = 300 rlm_perl: Added pair Cleartext-Password = password rlm_perl: Added pair Expire-After = 864000 rlm_perl: Added pair Max-All-Session = 3600 rlm_perl: Added pair Simultaneous-Use = 1 rlm_perl: Added pair databank = 104305655 rlm_perl: Added pair Auth-Type = Perl ++[perl] returns ok +- entering group session {...} [sql] expand: %{User-Name} -> 71485392 [sql] sql_set_user escaped user --> '71485392' [sql] expand: SELECT COUNT(*) FROM radacct WHERE username = '%{SQL-User-Name}' AND acctstoptime IS NULL -> SELECT COUNT(*) FROM radacct WHERE username = '71485392' AND acctstoptime IS NULL rlm_sql (sql): Reserving sql socket id: 4 [sql] expand: SELECT radacctid, acctsessionid, username, nasipaddress, nasportid, framedipaddress, callingstationid, framedprotocol FROM radacct WHERE username = '%{SQL-User-Name}' AND acctstoptime IS NULL -> SELECT radacctid, acctsessionid, username, nasipaddress, nasportid, framedipaddress, callingstationid, framedprotocol FROM radacct WHERE username = '71485392' AND acctstoptime IS NULL checkrad: Net::Telnet 3.00+ CPAN module not installed rlm_sql (sql): Released sql socket id: 4 [sql] Failed to check the terminal server for user '71485392'. ++[sql] returns fail Login OK: [71485392/password] (from client JonnyLAW port 0 cli 00-1D-E0-43-D5-8F) +- entering group post-auth {...} [sql] expand: %{User-Name} -> 71485392 [sql] sql_set_user escaped user --> '71485392' [sql] expand: %{User-Password} -> password [sql] expand: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') -> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '71485392', 'password', 'Access-Accept', '2010-08-13 11:58:07') rlm_sql (sql) in sql_postauth: query is INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '71485392', 'password', 'Access-Accept', '2010-08-13 11:58:07') rlm_sql (sql): Reserving sql socket id: 3 rlm_sql (sql): Released sql socket id: 3 ++[sql] returns ok ++[exec] returns noop Sending Access-Accept of id 196 to 192.168.4.251 port 1025 Session-Timeout = 3395 Nomadix-MaxBytesDown = 104305655 Finished request 2. Going to the next request Waking up in 4.9 seconds. rad_recv: Accounting-Request packet from host 192.168.4.251 port 1026, id=24, length=184 User-Name = "71485392" NAS-IP-Address = 192.168.4.251 NAS-Port = 0 Acct-Status-Type = Start Acct-Session-Id = "EB000063" Event-Timestamp = "Aug 13 2010 12:01:31 SAST" Called-Station-Id = "00-50-E8-02-53-90" Calling-Station-Id = "00-1D-E0-43-D5-8F" NAS-Identifier = "JonnyLAW" NAS-Port-Type = ISDN Nomadix-Attr-17 = 0x00000001 WISPr-Location-ID = "isocc=,cc=,ac=,network=Firedigit" Acct-Delay-Time = 1 +- entering group preacct {...} ++[preprocess] returns ok [acct_unique] Hashing 'NAS-Port = 0,Client-IP-Address = 192.168.4.251,NAS-IP-Address = 192.168.4.251,Acct-Session-Id = "EB000063",User-Name = "71485392"' [acct_unique] Acct-Unique-Session-ID = "58d5aa42e3403008". ++[acct_unique] returns ok [suffix] No '@' in User-Name = "71485392", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop ++[files] returns noop +- entering group accounting {...} [sql] expand: %{User-Name} -> 71485392 [sql] sql_set_user escaped user --> '71485392' [sql] expand: %{Acct-Delay-Time} -> 1 [sql] expand: INSERT INTO radacct (acctsessionid, acctuniqueid, username, realm, nasipaddress, nasportid, nasporttype, acctstarttime, acctstoptime, acctsessiontime, acctauthentic, connectinfo_start, connectinfo_stop, acctinputoctets, acctoutputoctets, calledstationid, callingstationid, acctterminatecause, servicetype, framedprotocol, framedipaddress, NASIdentifier, acctstartdelay, acctstopdelay, xascendsessionsvrkey) VALUES ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', '%S', NULL, '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '', '%{Service-Type}', '%{Framed-Protocol}', ' rlm_sql (sql): Reserving sql socket id: 2 rlm_sql (sql): Released sql socket id: 2 ++[sql] returns ok [attr_filter.accounting_response] expand: %{User-Name} -> 71485392 attr_filter: Matched entry DEFAULT at line 12 ++[attr_filter.accounting_response] returns updated Sending Accounting-Response of id 24 to 192.168.4.251 port 1026 Finished request 3. Cleaning up request 3 ID 24 with timestamp +63 Going to the next request Waking up in 3.8 seconds. Cleaning up request 2 ID 196 with timestamp +61 Ready to process requests. On Fri, Aug 13, 2010 at 11:54 AM, Alan DeKok <aland@deployingradius.com>wrote:
tyllerd wrote:
Then I try login from one NAS and then again from another NAS and it works.
And what does "radiusd -X" say?
So does simultaneous-use only tell the NAS to let user X login once or is supposed to be server side? Do I need to right a script to do it server side?
The simultaneous-use checking applies to *all* NASes. So it *should* enforce only one login, even if you try to login on two different NASes.
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Tyller D wrote:
Hi Alan,
Thank you for the response.
Below you can see my user in the table as well as the radius -X.
I don't really see any problems, can you?
Yes. Look for words like "fail" or "reject" or "error".
checkrad: Net::Telnet 3.00+ CPAN module not installed rlm_sql (sql): Released sql socket id: 4 [sql] Failed to check the terminal server for user '71485392'.
It shouldn't be that difficult. Alan DeKok.
Hi Alan. Thanks for pointing that out. I have gotten rid of most of the error by installing the Net::Telnet 3.00+ CPAN module. I am however still getting the rlm_sql (sql): Released sql socket id: 0 [sql] Failed to check the terminal server for user '92263842'. ++[sql] returns fail error. What could cause this to fail? Ready to process requests. rad_recv: Access-Request packet from host 192.168.4.28 port 50944, id=137, length=175 NAS-Port-Type = Wireless-802.11 Calling-Station-Id = "00:1E:64:8E:1F:8E" Called-Station-Id = "hotspot1" NAS-Port-Id = "Guest" User-Name = "92263842" NAS-Port = 2154823735 Acct-Session-Id = "80700037" Framed-IP-Address = 10.20.30.253 Mikrotik-Host-IP = 10.20.30.253 User-Password = "password" Service-Type = Login-User WISPr-Logoff-URL = "http://10.20.30.1/logout" NAS-Identifier = "TEST2" NAS-IP-Address = 192.168.4.28 +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "92263842", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[unix] returns notfound [sql] expand: %{User-Name} -> 92263842 [sql] sql_set_user escaped user --> '92263842' rlm_sql (sql): Reserving sql socket id: 3 [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = '92263842' ORDER BY id [sql] User found in radcheck table [sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = '92263842' ORDER BY id [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = '92263842' ORDER BY priority rlm_sql (sql): Released sql socket id: 3 ++[sql] returns ok rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair ++[monthyoctets] returns noop ++[expiration] returns noop ++[logintime] returns noop [pap] Found existing Auth-Type, not changing it. ++[pap] returns noop rlm_sqlcounter: Entering module authorize code sqlcounter_expand: 'SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='%{User-Name}' ORDER BY acctstarttime LIMIT 1;' [expire_on_login] expand: SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='%{User-Name}' ORDER BY acctstarttime LIMIT 1; -> SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='92263842' ORDER BY acctstarttime LIMIT 1; sqlcounter_expand: '%{sql:SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='92263842' ORDER BY acctstarttime LIMIT 1;}' [expire_on_login] sql_xlat [expire_on_login] expand: %{User-Name} -> 92263842 [expire_on_login] sql_set_user escaped user --> '92263842' [expire_on_login] expand: SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='92263842' ORDER BY acctstarttime LIMIT 1; -> SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='92263842' ORDER BY acctstarttime LIMIT 1; rlm_sql (sql): Reserving sql socket id: 2 [expire_on_login] sql_xlat finished rlm_sql (sql): Released sql socket id: 2 [expire_on_login] expand: %{sql:SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='92263842' ORDER BY acctstarttime LIMIT 1;} -> 4519 rlm_sqlcounter: Check item is greater than query result rlm_sqlcounter: Authorized user 92263842, check_item=864000, counter=4519 rlm_sqlcounter: Sent Reply-Item for user 92263842, Type=Session-Timeout, value=859481 ++[expire_on_login] returns ok rlm_sqlcounter: Entering module authorize code sqlcounter_expand: 'SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='%{User-Name}'' [noresetcounter] expand: SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='%{User-Name}' -> SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='92263842' sqlcounter_expand: '%{sql:SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='92263842'}' [noresetcounter] sql_xlat [noresetcounter] expand: %{User-Name} -> 92263842 [noresetcounter] sql_set_user escaped user --> '92263842' [noresetcounter] expand: SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='92263842' -> SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='92263842' rlm_sql (sql): Reserving sql socket id: 1 [noresetcounter] sql_xlat finished rlm_sql (sql): Released sql socket id: 1 [noresetcounter] expand: %{sql:SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='92263842'} -> 3368 rlm_sqlcounter: Check item is greater than query result rlm_sqlcounter: Authorized user 92263842, check_item=3600, counter=3368 rlm_sqlcounter: Sent Reply-Item for user 92263842, Type=Session-Timeout, value=232 ++[noresetcounter] returns ok Found Auth-Type = Perl +- entering group Perl {...} GOT CLONE -1208333616 0x9f349b0 rlm_perl: Added pair NAS-Port-Type = Wireless-802.11 rlm_perl: Added pair WISPr-Logoff-URL = http://10.20.30.1/logout rlm_perl: Added pair Acct-Session-Id = 80700037 rlm_perl: Added pair SQL-User-Name = 92263842 rlm_perl: Added pair Service-Type = Login-User rlm_perl: Added pair Called-Station-Id = hotspot1 rlm_perl: Added pair Calling-Station-Id = 00:1E:64:8E:1F:8E rlm_perl: Added pair User-Name = 92263842 rlm_perl: Added pair NAS-Identifier = TEST2 rlm_perl: Added pair User-Password = password rlm_perl: Added pair Mikrotik-Host-IP = 10.20.30.253 rlm_perl: Added pair Framed-IP-Address = 10.20.30.253 rlm_perl: Added pair NAS-IP-Address = 192.168.4.28 rlm_perl: Added pair NAS-Port = 2154823735 rlm_perl: Added pair NAS-Port-Id = Guest rlm_perl: Added pair Idle-Timeout = 300 rlm_perl: Added pair Acct-Interim-Interval = 60 rlm_perl: Added pair Session-Timeout = 232 rlm_perl: Added pair Mikrotik-Xmit-Limit = 102796327 rlm_perl: Added pair Cleartext-Password = password rlm_perl: Added pair Expire-After = 864000 rlm_perl: Added pair Simultaneous-Use = 1 rlm_perl: Added pair Auth-Type = Perl rlm_perl: Added pair Idle-Timeout = 300 rlm_perl: Added pair Acct-Interim-Interval = 60 rlm_perl: Added pair Max-All-Session = 3600 rlm_perl: Added pair databank = 102796327 ++[perl] returns ok +- entering group session {...} [sql] expand: %{User-Name} -> 92263842 [sql] sql_set_user escaped user --> '92263842' [sql] expand: SELECT COUNT(*) FROM radacct WHERE username = '%{SQL-User-Name}' AND acctstoptime IS NULL -> SELECT COUNT(*) FROM radacct WHERE username = '92263842' AND acctstoptime IS NULL rlm_sql (sql): Reserving sql socket id: 0 [sql] expand: SELECT radacctid, acctsessionid, username, nasipaddress, nasportid, framedipaddress, callingstationid, framedprotocol FROM radacct WHERE username = '%{SQL-User-Name}' AND acctstoptime IS NULL -> SELECT radacctid, acctsessionid, username, nasipaddress, nasportid, framedipaddress, callingstationid, framedprotocol FROM radacct WHERE username = '92263842' AND acctstoptime IS NULL rlm_sql (sql): Released sql socket id: 0 [sql] Failed to check the terminal server for user '92263842'. ++[sql] returns fail Login OK: [92263842/password] (from client TEST2 port 2154823735 cli 00:1E:64:8E:1F:8E) +- entering group post-auth {...} [sql] expand: %{User-Name} -> 92263842 [sql] sql_set_user escaped user --> '92263842' [sql] expand: %{User-Password} -> password [sql] expand: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') -> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '92263842', 'password', 'Access-Accept', '2010-08-13 14:42:19') rlm_sql (sql) in sql_postauth: query is INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '92263842', 'password', 'Access-Accept', '2010-08-13 14:42:19') rlm_sql (sql): Reserving sql socket id: 4 rlm_sql (sql): Released sql socket id: 4 ++[sql] returns ok ++[exec] returns noop Sending Access-Accept of id 137 to 192.168.4.28 port 50944 Idle-Timeout = 300 Acct-Interim-Interval = 60 Session-Timeout = 232 Mikrotik-Xmit-Limit = 102796327 Finished request 0. Going to the next request Waking up in 4.9 seconds. rad_recv: Accounting-Request packet from host 192.168.4.28 port 57753, id=138, length=137 Acct-Status-Type = Start NAS-Port-Type = Wireless-802.11 Calling-Station-Id = "00:1E:64:8E:1F:8E" Called-Station-Id = "hotspot1" NAS-Port-Id = "Guest" User-Name = "92263842" NAS-Port = 2154823735 Acct-Session-Id = "80700037" Framed-IP-Address = 10.20.30.253 Mikrotik-Host-IP = 10.20.30.253 Event-Timestamp = "Jan 2 1970 05:01:20 SAST" NAS-Identifier = "TEST2" NAS-IP-Address = 192.168.4.28 Acct-Delay-Time = 0 +- entering group preacct {...} ++[preprocess] returns ok [acct_unique] Hashing 'NAS-Port = 2154823735,Client-IP-Address = 192.168.4.28,NAS-IP-Address = 192.168.4.28,Acct-Session-Id = "80700037",User-Name = "92263842"' [acct_unique] Acct-Unique-Session-ID = "8abdfdb94645d80c". ++[acct_unique] returns ok [suffix] No '@' in User-Name = "92263842", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop ++[files] returns noop +- entering group accounting {...} [sql] expand: %{User-Name} -> 92263842 [sql] sql_set_user escaped user --> '92263842' [sql] expand: %{Acct-Delay-Time} -> 0 [sql] expand: INSERT INTO radacct (acctsessionid, acctuniqueid, username, realm, nasipaddress, nasportid, nasporttype, acctstarttime, acctstoptime, acctsessiontime, acctauthentic, connectinfo_start, connectinfo_stop, acctinputoctets, acctoutputoctets, calledstationid, callingstationid, acctterminatecause, servicetype, framedprotocol, framedipaddress, NASIdentifier, acctstartdelay, acctstopdelay, xascendsessionsvrkey) VALUES ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', '%S', NULL, '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '', '%{Service-Type}', '%{Framed-Protocol}', ' rlm_sql (sql): Reserving sql socket id: 3 rlm_sql (sql): Released sql socket id: 3 ++[sql] returns ok [attr_filter.accounting_response] expand: %{User-Name} -> 92263842 attr_filter: Matched entry DEFAULT at line 12 ++[attr_filter.accounting_response] returns updated Sending Accounting-Response of id 138 to 192.168.4.28 port 57753 Finished request 1. Cleaning up request 1 ID 138 with timestamp +10 Going to the next request Waking up in 4.9 seconds. Cleaning up request 0 ID 137 with timestamp +10 Ready to process requests. rad_recv: Access-Request packet from host 192.168.4.251 port 1025, id=4, length=192 User-Name = "92263842" User-Password = "password" NAS-IP-Address = 192.168.4.251 NAS-Port = 0 Service-Type = Login-User Acct-Session-Id = "EB000083" Called-Station-Id = "00-50-E8-02-53-90" Calling-Station-Id = "00-1D-E0-43-D5-8F" Nomadix-Logoff-URL = "http://1.1.1.1" WISPr-Location-ID = "isocc=,cc=,ac=,network=Firedigit" NAS-Identifier = "JonnyLAW" NAS-Port-Type = ISDN +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "92263842", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[unix] returns notfound [sql] expand: %{User-Name} -> 92263842 [sql] sql_set_user escaped user --> '92263842' rlm_sql (sql): Reserving sql socket id: 2 [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = '92263842' ORDER BY id [sql] User found in radcheck table [sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = '92263842' ORDER BY id [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = '92263842' ORDER BY priority rlm_sql (sql): Released sql socket id: 2 ++[sql] returns ok rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair ++[monthyoctets] returns noop ++[expiration] returns noop ++[logintime] returns noop [pap] Found existing Auth-Type, not changing it. ++[pap] returns noop rlm_sqlcounter: Entering module authorize code sqlcounter_expand: 'SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='%{User-Name}' ORDER BY acctstarttime LIMIT 1;' [expire_on_login] expand: SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='%{User-Name}' ORDER BY acctstarttime LIMIT 1; -> SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='92263842' ORDER BY acctstarttime LIMIT 1; sqlcounter_expand: '%{sql:SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='92263842' ORDER BY acctstarttime LIMIT 1;}' [expire_on_login] sql_xlat [expire_on_login] expand: %{User-Name} -> 92263842 [expire_on_login] sql_set_user escaped user --> '92263842' [expire_on_login] expand: SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='92263842' ORDER BY acctstarttime LIMIT 1; -> SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='92263842' ORDER BY acctstarttime LIMIT 1; rlm_sql (sql): Reserving sql socket id: 1 [expire_on_login] sql_xlat finished rlm_sql (sql): Released sql socket id: 1 [expire_on_login] expand: %{sql:SELECT TIME_TO_SEC(TIMEDIFF(NOW(), acctstarttime)) FROM radacct WHERE UserName='92263842' ORDER BY acctstarttime LIMIT 1;} -> 4527 rlm_sqlcounter: Check item is greater than query result rlm_sqlcounter: Authorized user 92263842, check_item=864000, counter=4527 rlm_sqlcounter: Sent Reply-Item for user 92263842, Type=Session-Timeout, value=859473 ++[expire_on_login] returns ok rlm_sqlcounter: Entering module authorize code sqlcounter_expand: 'SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='%{User-Name}'' [noresetcounter] expand: SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='%{User-Name}' -> SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='92263842' sqlcounter_expand: '%{sql:SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='92263842'}' [noresetcounter] sql_xlat [noresetcounter] expand: %{User-Name} -> 92263842 [noresetcounter] sql_set_user escaped user --> '92263842' [noresetcounter] expand: SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='92263842' -> SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='92263842' rlm_sql (sql): Reserving sql socket id: 0 [noresetcounter] sql_xlat finished rlm_sql (sql): Released sql socket id: 0 [noresetcounter] expand: %{sql:SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='92263842'} -> 3368 rlm_sqlcounter: Check item is greater than query result rlm_sqlcounter: Authorized user 92263842, check_item=3600, counter=3368 rlm_sqlcounter: Sent Reply-Item for user 92263842, Type=Session-Timeout, value=232 ++[noresetcounter] returns ok Found Auth-Type = Perl +- entering group Perl {...} rlm_perl: Added pair NAS-Port-Type = ISDN rlm_perl: Added pair Acct-Session-Id = EB000083 rlm_perl: Added pair SQL-User-Name = 92263842 rlm_perl: Added pair Service-Type = Login-User rlm_perl: Added pair Calling-Station-Id = 00-1D-E0-43-D5-8F rlm_perl: Added pair Called-Station-Id = 00-50-E8-02-53-90 rlm_perl: Added pair WISPr-Location-ID = isocc=,cc=,ac=,network=Firedigit rlm_perl: Added pair User-Name = 92263842 rlm_perl: Added pair NAS-Identifier = JonnyLAW rlm_perl: Added pair User-Password = password rlm_perl: Added pair Nomadix-Logoff-URL = http://1.1.1.1 rlm_perl: Added pair NAS-IP-Address = 192.168.4.251 rlm_perl: Added pair NAS-Port = 0 rlm_perl: Added pair Idle-Timeout = 300 rlm_perl: Added pair Acct-Interim-Interval = 60 rlm_perl: Added pair Session-Timeout = 232 rlm_perl: Added pair Nomadix-MaxBytesDown = 102796327 rlm_perl: Added pair Cleartext-Password = password rlm_perl: Added pair Expire-After = 864000 rlm_perl: Added pair Simultaneous-Use = 1 rlm_perl: Added pair Auth-Type = Perl rlm_perl: Added pair Idle-Timeout = 300 rlm_perl: Added pair Acct-Interim-Interval = 60 rlm_perl: Added pair Max-All-Session = 3600 rlm_perl: Added pair databank = 102796327 ++[perl] returns ok +- entering group session {...} [sql] expand: %{User-Name} -> 92263842 [sql] sql_set_user escaped user --> '92263842' [sql] expand: SELECT COUNT(*) FROM radacct WHERE username = '%{SQL-User-Name}' AND acctstoptime IS NULL -> SELECT COUNT(*) FROM radacct WHERE username = '92263842' AND acctstoptime IS NULL rlm_sql (sql): Reserving sql socket id: 4 [sql] expand: SELECT radacctid, acctsessionid, username, nasipaddress, nasportid, framedipaddress, callingstationid, framedprotocol FROM radacct WHERE username = '%{SQL-User-Name}' AND acctstoptime IS NULL -> SELECT radacctid, acctsessionid, username, nasipaddress, nasportid, framedipaddress, callingstationid, framedprotocol FROM radacct WHERE username = '92263842' AND acctstoptime IS NULL rlm_sql (sql): Released sql socket id: 4 [sql] Failed to check the terminal server for user '92263842'. ++[sql] returns fail Login OK: [92263842/password] (from client JonnyLAW port 0 cli 00-1D-E0-43-D5-8F) +- entering group post-auth {...} [sql] expand: %{User-Name} -> 92263842 [sql] sql_set_user escaped user --> '92263842' [sql] expand: %{User-Password} -> password [sql] expand: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') -> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '92263842', 'password', 'Access-Accept', '2010-08-13 14:42:27') rlm_sql (sql) in sql_postauth: query is INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '92263842', 'password', 'Access-Accept', '2010-08-13 14:42:27') rlm_sql (sql): Reserving sql socket id: 3 rlm_sql (sql): Released sql socket id: 3 ++[sql] returns ok ++[exec] returns noop Sending Access-Accept of id 4 to 192.168.4.251 port 1025 Idle-Timeout = 300 Acct-Interim-Interval = 60 Session-Timeout = 232 Nomadix-MaxBytesDown = 102796327 Finished request 2. Going to the next request Waking up in 4.9 seconds. rad_recv: Accounting-Request packet from host 192.168.4.251 port 1026, id=158, length=190 User-Name = "92263842" NAS-IP-Address = 192.168.4.251 NAS-Port = 0 Acct-Status-Type = Start Acct-Session-Id = "EB000083" Idle-Timeout = 300 Event-Timestamp = "Aug 13 2010 14:45:51 SAST" Called-Station-Id = "00-50-E8-02-53-90" Calling-Station-Id = "00-1D-E0-43-D5-8F" NAS-Identifier = "JonnyLAW" NAS-Port-Type = ISDN Nomadix-Attr-17 = 0x00000001 WISPr-Location-ID = "isocc=,cc=,ac=,network=Firedigit" Acct-Delay-Time = 1 +- entering group preacct {...} ++[preprocess] returns ok [acct_unique] Hashing 'NAS-Port = 0,Client-IP-Address = 192.168.4.251,NAS-IP-Address = 192.168.4.251,Acct-Session-Id = "EB000083",User-Name = "92263842"' [acct_unique] Acct-Unique-Session-ID = "5aed8c02743f3776". ++[acct_unique] returns ok [suffix] No '@' in User-Name = "92263842", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop ++[files] returns noop +- entering group accounting {...} [sql] expand: %{User-Name} -> 92263842 [sql] sql_set_user escaped user --> '92263842' [sql] expand: %{Acct-Delay-Time} -> 1 [sql] expand: INSERT INTO radacct (acctsessionid, acctuniqueid, username, realm, nasipaddress, nasportid, nasporttype, acctstarttime, acctstoptime, acctsessiontime, acctauthentic, connectinfo_start, connectinfo_stop, acctinputoctets, acctoutputoctets, calledstationid, callingstationid, acctterminatecause, servicetype, framedprotocol, framedipaddress, NASIdentifier, acctstartdelay, acctstopdelay, xascendsessionsvrkey) VALUES ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', '%S', NULL, '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '', '%{Service-Type}', '%{Framed-Protocol}', ' rlm_sql (sql): Reserving sql socket id: 2 rlm_sql (sql): Released sql socket id: 2 ++[sql] returns ok [attr_filter.accounting_response] expand: %{User-Name} -> 92263842 attr_filter: Matched entry DEFAULT at line 12 ++[attr_filter.accounting_response] returns updated Sending Accounting-Response of id 158 to 192.168.4.251 port 1026 Finished request 3. Cleaning up request 3 ID 158 with timestamp +20 Going to the next request Waking up in 3.2 seconds. Cleaning up request 2 ID 4 with timestamp +18 Ready to process requests. On Fri, Aug 13, 2010 at 1:53 PM, Alan DeKok <aland@deployingradius.com>wrote:
Tyller D wrote:
Hi Alan,
Thank you for the response.
Below you can see my user in the table as well as the radius -X.
I don't really see any problems, can you?
Yes. Look for words like "fail" or "reject" or "error".
checkrad: Net::Telnet 3.00+ CPAN module not installed rlm_sql (sql): Released sql socket id: 4 [sql] Failed to check the terminal server for user '71485392'.
It shouldn't be that difficult.
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Tyller D wrote:
Hi Alan.
Thanks for pointing that out. I have gotten rid of most of the error by installing the Net::Telnet 3.00+ CPAN module. I am however still getting the
rlm_sql (sql): Released sql socket id: 0 [sql] Failed to check the terminal server for user '92263842'. ++[sql] returns fail
error. What could cause this to fail?
The "clients.conf" file probably isn't set up right. You may also be running an older version of the server, which doesn't produce as useful error messages. Try a newer version. Alan DeKok.
participants (3)
-
Alan DeKok -
Tyller D -
tyllerd