Fw: My AP does accountig but radwho doesn't work..
Hi list , I am still have problem with the radwho , i will show you the out put of radiusd -X and some Access-Requests and Accounting-Requests. My Ap (3Com 7250) has the option for accounting and i have enable it. However when i try to do radwho i get this: " radwho: Error reading /usr/local/var/log/radius/radutmp: No such file or directory " Is there something i have to configure in the radiusd.conf file to make radwho work ? Or just my AP (Access Point) doesn't provide to the freeradius the necessary information in the Acct-Request packets ? Starting - reading configuration files ... reread_config: reading radiusd.conf Config: including file: /usr/local/etc/raddb/proxy.conf Config: including file: /usr/local/etc/raddb/clients.conf Config: including file: /usr/local/etc/raddb/snmp.conf Config: including file: /usr/local/etc/raddb/eap.conf Config: including file: /usr/local/etc/raddb/sql.conf main: prefix = "/usr/local" main: localstatedir = "/usr/local/var" main: logdir = "/usr/local/var/log/radius" main: libdir = "/usr/local/lib" main: radacctdir = "/usr/local/var/log/radius/radacct" main: hostname_lookups = no main: max_request_time = 30 main: cleanup_delay = 5 main: max_requests = 1024 main: delete_blocked_requests = 0 main: port = 0 main: allow_core_dumps = no main: log_stripped_names = no main: log_file = "/usr/local/var/log/radius/radius.log" main: log_auth = no main: log_auth_badpass = no main: log_auth_goodpass = no main: pidfile = "/usr/local/var/run/radiusd/radiusd.pid" main: bind_address = 10.0.0.15 IP address [10.0.0.15] main: user = "(null)" main: group = "(null)" main: usercollide = no main: lower_user = "no" main: lower_pass = "no" main: nospace_user = "no" main: nospace_pass = "no" main: checkrad = "/usr/local/sbin/checkrad" main: proxy_requests = yes proxy: retry_delay = 5 proxy: retry_count = 3 proxy: synchronous = no proxy: default_fallback = yes proxy: dead_time = 120 proxy: post_proxy_authorize = no proxy: wake_all_if_all_dead = no security: max_attributes = 200 security: reject_delay = 1 security: status_server = no main: debug_level = 0 read_config_files: reading dictionary read_config_files: reading naslist Using deprecated naslist file. Support for this will go away soon. read_config_files: reading clients read_config_files: reading realms radiusd: entering modules setup Module: Library search path is /usr/local/lib Module: Loaded exec exec: wait = yes exec: program = "(null)" exec: input_pairs = "request" exec: output_pairs = "(null)" exec: packet_type = "(null)" rlm_exec: Wait=yes but no output defined. Did you mean output=none? Module: Instantiated exec (exec) Module: Loaded expr Module: Instantiated expr (expr) Module: Loaded MS-CHAP mschap: use_mppe = no mschap: require_encryption = yes mschap: require_strong = yes mschap: with_ntdomain_hack = yes mschap: passwd = "(null)" mschap: ntlm_auth = "(null)" Module: Instantiated mschap (mschap) Module: Loaded eap eap: default_eap_type = "peap" eap: timer_expire = 60 eap: ignore_unknown_eap_types = no eap: cisco_accounting_username_bug = no tls: rsa_key_exchange = no tls: dh_key_exchange = yes tls: rsa_key_length = 512 tls: dh_key_length = 512 tls: verify_depth = 0 tls: CA_path = "(null)" tls: pem_file_type = yes tls: private_key_file = "/usr/local/etc/raddb/certs/server_keycert.pem" tls: certificate_file = "/usr/local/etc/raddb/certs/server_keycert.pem" tls: CA_file = "/usr/local/etc/raddb/certs/demoCA/cacert.pem" tls: private_key_password = "whatever" tls: dh_file = "/usr/local/etc/raddb/certs/dh" tls: random_file = "/usr/local/etc/raddb/certs/random" tls: fragment_size = 1024 tls: include_length = yes tls: check_crl = no tls: check_cert_cn = "(null)" tls: cipher_list = "(null)" tls: check_cert_issuer = "(null)" rlm_eap_tls: Loading the certificate file as a chain rlm_eap: Loaded and initialized type tls peap: default_eap_type = "mschapv2" peap: copy_request_to_tunnel = yes peap: use_tunneled_reply = no peap: proxy_tunneled_request_as_eap = yes rlm_eap: Loaded and initialized type peap mschapv2: with_ntdomain_hack = no rlm_eap: Loaded and initialized type mschapv2 Module: Instantiated eap (eap) Module: Loaded preprocess preprocess: huntgroups = "/usr/local/etc/raddb/huntgroups" preprocess: hints = "/usr/local/etc/raddb/hints" preprocess: with_ascend_hack = no preprocess: ascend_channels_per_line = 23 preprocess: with_ntdomain_hack = no preprocess: with_specialix_jetstream_hack = no preprocess: with_cisco_vsa_hack = no preprocess: with_alvarion_vsa_hack = no Module: Instantiated preprocess (preprocess) Module: Loaded files files: usersfile = "/usr/local/etc/raddb/users" files: acctusersfile = "/usr/local/etc/raddb/acct_users" files: preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users" files: compat = "no" Module: Instantiated files (files) Module: Loaded Acct-Unique-Session-Id acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port" Module: Instantiated acct_unique (acct_unique) Module: Loaded realm realm: format = "suffix" realm: delimiter = "@" realm: ignore_default = no realm: ignore_null = no Module: Instantiated realm (suffix) Module: Loaded detail detail: detailfile = "/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d" detail: detailperm = 384 detail: dirperm = 493 detail: locking = no Module: Instantiated detail (detail) Module: Loaded radutmp radutmp: filename = "/usr/local/var/log/radius/radutmp" radutmp: username = "%{User-Name}" radutmp: case_sensitive = yes radutmp: check_with_nas = yes radutmp: perm = 384 radutmp: callerid = yes Module: Instantiated radutmp (radutmp) Listening on authentication 10.0.0.15:1812 Listening on accounting 10.0.0.15:1813 Ready to process requests. rad_recv: Access-Request packet from host 10.0.0.10:1408, id=198, length=138 NAS-IP-Address = 10.0.0.10 NAS-Port-Type = Wireless-802.11 NAS-Port = 1 Framed-MTU = 1400 User-Name = "apolyxrono" Calling-Station-Id = "00166f122595" Called-Station-Id = "000d545c4190" NAS-Identifier = "3Com Access Point" EAP-Message = 0x0201000f0161706f6c7978726f6e6f Message-Authenticator = 0x47cc3024d51fb19485e90cd52962ad61 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 rlm_eap: EAP packet type response id 1 length 15 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 0 users: Matched entry DEFAULT at line 155 users: Matched entry apolyxrono at line 220 modcall[authorize]: module "files" returns ok for request 0 modcall: leaving group authorize (returns updated) for request 0 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 0 rlm_eap: EAP Identity rlm_eap: processing type tls rlm_eap_tls: Initiate rlm_eap_tls: Start returned 1 modcall[authenticate]: module "eap" returns handled for request 0 modcall: leaving group authenticate (returns handled) for request 0 Sending Access-Challenge of id 198 to 10.0.0.10 port 1408 Reply-Message = "Welcome , %u" EAP-Message = 0x010200061920 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x234c381b5cc68119faa7499b3cb59fee Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... rad_recv: Access-Request packet from host 10.0.0.10:1409, id=199, length=253 NAS-IP-Address = 10.0.0.10 NAS-Port-Type = Wireless-802.11 NAS-Port = 1 Framed-MTU = 1400 User-Name = "apolyxrono" Calling-Station-Id = "00166f122595" Called-Station-Id = "000d545c4190" NAS-Identifier = "3Com Access Point" State = 0x234c381b5cc68119faa7499b3cb59fee EAP-Message = 0x0202007019800000006616030100610100005d0301459c110f9b82999f23a84db7a26eb27c0b9c6711dd4390cdfbf5c2db4aa57bec2050182aa819b8b58cd0adaeb387a3a622e8709999ff8180a08b02ddb68a7f6840001600040005000a000900640062000300060013001200630100 Message-Authenticator = 0x433ccf5b0655d036f762b73192f98553 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 1 modcall[authorize]: module "preprocess" returns ok for request 1 rlm_eap: EAP packet type response id 2 length 112 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 1 users: Matched entry DEFAULT at line 155 users: Matched entry apolyxrono at line 220 modcall[authorize]: module "files" returns ok for request 1 modcall: leaving group authorize (returns updated) for request 1 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 1 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 (other): before/accept initialization TLS_accept: before/accept initialization rlm_eap_tls: <<< TLS 1.0 Handshake [length 0061], ClientHello TLS_accept: SSLv3 read client hello A rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello TLS_accept: SSLv3 write server hello A rlm_eap_tls: >>> TLS 1.0 Handshake [length 05c7], Certificate TLS_accept: SSLv3 write certificate A rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone TLS_accept: SSLv3 write server done A TLS_accept: SSLv3 flush data TLS_accept:error in SSLv3 read client certificate A rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0) In SSL Handshake Phase In SSL Accept mode eaptls_process returned 13 rlm_eap_peap: EAPTLS_HANDLED modcall[authenticate]: module "eap" returns handled for request 1 modcall: leaving group authenticate (returns handled) for request 1 Sending Access-Challenge of id 199 to 10.0.0.10 port 1409 Reply-Message = "Welcome , %u" EAP-Message = 0x0103040a19c000000624160301004a020000460301459c110c72f30bb48cc61e2cfefdd7b22f3f769088d8070b7fe1dde43f0b4fbb203657eb36fab0f3d097829ecd32df30fff5c3248187469347e1602169d8acf23e00040016030105c70b0005c30005c00002b3308202af30820218a003020102020101300d06092a864886f70d0101050500308188310b3009060355040613024752310f300d06035504081306416368616961310c300a060355040a130365636531123010060355040b13096563652e63736c6162311f301d0603550403131661706f6c7978726f6e6f322e64796e646e732e6f72673125302306092a864886f70d010901161661 EAP-Message = 0x706f6c7978726f6e6f407961686f6f2e636f2e756b301e170d3036313232393134353531305a170d3037313232393134353531305a308198310b3009060355040613024752310f300d06035504081306416368616961310e300c060355040713055061747261310c300a060355040a130365636531123010060355040b13096563652e63736c6162311f301d0603550403131661706f6c7978726f6e6f322e64796e646e732e6f72673125302306092a864886f70d010901161661706f6c7978726f6e6f407961686f6f2e636f2e756b30819f300d06092a864886f70d010101050003818d0030818902818100c9fb97cf2d9a82ed3ab81aebddf5b1e7 EAP-Message = 0xdcf787e60a91d86319f766d38e9e6f2af8f03efd7b2d7c92de4af0a30b2fb5d5661e709b421e15724951cc4da98e0e5b1d92d20f61fa553e3dfce33a9306fa09b788f0ab4156144c3ccb48196d18710a11705dab958926f1879794705a6c6aa1ae878b5e3c0ddc5471c9a80edd39929b0203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d0101050500038181007bc44533035deb3201fe3a4e1f111d7d513ed3122ce5c1f7fb8e14e4eb11387150afb568e1d027afbc48af622b38407e0d94b352f5b7f46c95f724b521742d70d15b16ac33fc6727fd0a62678a8879c2ca4f9e3c7a000089495c0d63 EAP-Message = 0x47e3aa91c4a7c62d855ebefbb225c270321d32ce654de2912e25c66095225ba00c3a0bd8000307308203033082026ca003020102020100300d06092a864886f70d0101050500308188310b3009060355040613024752310f300d06035504081306416368616961310c300a060355040a130365636531123010060355040b13096563652e63736c6162311f301d0603550403131661706f6c7978726f6e6f322e64796e646e732e6f72673125302306092a864886f70d010901161661706f6c7978726f6e6f407961686f6f2e636f2e756b301e170d3036313232393134343730345a170d3039313232383134343730345a308188310b30090603550406 EAP-Message = 0x13024752310f300d0603550408130641636861696131 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xda4ab1c620d6543d234fea807c3610fd Finished request 1 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 10.0.0.10:1410, id=200, length=147 NAS-IP-Address = 10.0.0.10 NAS-Port-Type = Wireless-802.11 NAS-Port = 1 Framed-MTU = 1400 User-Name = "apolyxrono" Calling-Station-Id = "00166f122595" Called-Station-Id = "000d545c4190" NAS-Identifier = "3Com Access Point" State = 0xda4ab1c620d6543d234fea807c3610fd EAP-Message = 0x020300061900 Message-Authenticator = 0xb2c20697f1b00778ece132668b102f09 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 2 modcall[authorize]: module "preprocess" returns ok for request 2 rlm_eap: EAP packet type response id 3 length 6 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 2 users: Matched entry DEFAULT at line 155 users: Matched entry apolyxrono at line 220 modcall[authorize]: module "files" returns ok for request 2 modcall: leaving group authorize (returns updated) for request 2 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 2 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Received EAP-TLS ACK message rlm_eap_tls: ack handshake fragment handler eaptls_verify returned 1 eaptls_process returned 13 rlm_eap_peap: EAPTLS_HANDLED modcall[authenticate]: module "eap" returns handled for request 2 modcall: leaving group authenticate (returns handled) for request 2 Sending Access-Challenge of id 200 to 10.0.0.10 port 1410 Reply-Message = "Welcome , %u" EAP-Message = 0x0104022a19000c300a060355040a130365636531123010060355040b13096563652e63736c6162311f301d0603550403131661706f6c7978726f6e6f322e64796e646e732e6f72673125302306092a864886f70d010901161661706f6c7978726f6e6f407961686f6f2e636f2e756b30819f300d06092a864886f70d010101050003818d0030818902818100a63567b72d02611f373233857b4561496815aa6e31d7cf2d099e29d2c68c9e92cee0b7fc7331795f934a2c84bb9242cee22f679dd5cf0830c6449497df7bb061e6822c44afb11db5f4861f1aac0508fac51b4369da77792d7c84c778f2f8afc5e2a7a1d7852db126675d374c0bfed9e7b1 EAP-Message = 0x021f97eaf20a07d1ee691bca6f9edf0203010001a37b307930090603551d1304023000302c06096086480186f842010d041f161d4f70656e53534c2047656e657261746564204365727469666963617465301d0603551d0e04160414236e092428b6279db0902d93c661ec1869435d6d301f0603551d23041830168014236e092428b6279db0902d93c661ec1869435d6d300d06092a864886f70d0101050500038181000e9b9e19e3b949849577302b8c3480ecf0784ed7c4344d544f489f2f99e3cd3e37ce4a2b46e01fec33f424993ecfe11e03a62304fccc3b8540330e5bb10da0dc5beb49dde87a92caec3464d33c2d28dd4722e107985d8fa736 EAP-Message = 0x552ebd7278944fa0618f2f18622a0961279cce8b46d7def9fe29728f1abcacb913c9d0fba7f5f416030100040e000000 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xe5971a6cf703ba3d34e50a5601826968 Finished request 2 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 10.0.0.10:1411, id=201, length=333 NAS-IP-Address = 10.0.0.10 NAS-Port-Type = Wireless-802.11 NAS-Port = 1 Framed-MTU = 1400 User-Name = "apolyxrono" Calling-Station-Id = "00166f122595" Called-Station-Id = "000d545c4190" NAS-Identifier = "3Com Access Point" State = 0xe5971a6cf703ba3d34e50a5601826968 EAP-Message = 0x020400c01980000000b61603010086100000820080940d782ad49cef7da548211b2c6775484f6be3b48f45bc5c2bde617b77263903ceec02088ff173c3f35faa83d3df22947969a7744b08374c00f453ac0d3c3e355416136ab709d25db736b0ab88d57f98ced91b799a1f86fe29c00d5efc2339946745d8ae5bcf52d46f28ac95b7085e20ffc3406d2e7cd460c727eb99806f472b1403010001011603010020aa06319174db144f78daf52ca226c3812f18c1c8e066e6880307700708bf4508 Message-Authenticator = 0x73d01bd8b079e8bc0d49909e2cb39700 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 3 modcall[authorize]: module "preprocess" returns ok for request 3 rlm_eap: EAP packet type response id 4 length 192 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 3 users: Matched entry DEFAULT at line 155 users: Matched entry apolyxrono at line 220 modcall[authorize]: module "files" returns ok for request 3 modcall: leaving group authorize (returns updated) for request 3 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 3 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange TLS_accept: SSLv3 read client key exchange A rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001] rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished TLS_accept: SSLv3 read finished A rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001] TLS_accept: SSLv3 write change cipher spec A rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished TLS_accept: SSLv3 write finished A TLS_accept: SSLv3 flush data (other): SSL negotiation finished successfully rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0) SSL Connection Established eaptls_process returned 13 rlm_eap_peap: EAPTLS_HANDLED modcall[authenticate]: module "eap" returns handled for request 3 modcall: leaving group authenticate (returns handled) for request 3 Sending Access-Challenge of id 201 to 10.0.0.10 port 1411 Reply-Message = "Welcome , %u" EAP-Message = 0x010500311900140301000101160301002092640e9bc3fcce865c35b8528a7f206a309454b72226f26d8d107e3a0cb7a755 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xa5a5d4a87f265e058a85b60ce58a7cb6 Finished request 3 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 10.0.0.10:1412, id=202, length=147 NAS-IP-Address = 10.0.0.10 NAS-Port-Type = Wireless-802.11 NAS-Port = 1 Framed-MTU = 1400 User-Name = "apolyxrono" Calling-Station-Id = "00166f122595" Called-Station-Id = "000d545c4190" NAS-Identifier = "3Com Access Point" State = 0xa5a5d4a87f265e058a85b60ce58a7cb6 EAP-Message = 0x020500061900 Message-Authenticator = 0x1e3917b24041754e476563660eb4c159 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 4 modcall[authorize]: module "preprocess" returns ok for request 4 rlm_eap: EAP packet type response id 5 length 6 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 4 users: Matched entry DEFAULT at line 155 users: Matched entry apolyxrono at line 220 modcall[authorize]: module "files" returns ok for request 4 modcall: leaving group authorize (returns updated) for request 4 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 4 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Received EAP-TLS ACK message rlm_eap_tls: ack handshake is finished eaptls_verify returned 3 eaptls_process returned 3 rlm_eap_peap: EAPTLS_SUCCESS modcall[authenticate]: module "eap" returns handled for request 4 modcall: leaving group authenticate (returns handled) for request 4 Sending Access-Challenge of id 202 to 10.0.0.10 port 1412 Reply-Message = "Welcome , %u" EAP-Message = 0x0106002019001703010015a5e4c6ef8df54c0af887510e0c454fc9c925240453 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x6f3444032f54184c98c36e48843a19fb Finished request 4 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 10.0.0.10:1413, id=203, length=179 NAS-IP-Address = 10.0.0.10 NAS-Port-Type = Wireless-802.11 NAS-Port = 1 Framed-MTU = 1400 User-Name = "apolyxrono" Calling-Station-Id = "00166f122595" Called-Station-Id = "000d545c4190" NAS-Identifier = "3Com Access Point" State = 0x6f3444032f54184c98c36e48843a19fb EAP-Message = 0x020600261900170301001b1ac5bbbeeaf972dfe254c4d9d8994af2df354179c44d399937a9a8 Message-Authenticator = 0xe9929230d068c0cfb686d1edc0254c24 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 5 modcall[authorize]: module "preprocess" returns ok for request 5 rlm_eap: EAP packet type response id 6 length 38 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 5 users: Matched entry DEFAULT at line 155 users: Matched entry apolyxrono at line 220 modcall[authorize]: module "files" returns ok for request 5 modcall: leaving group authorize (returns updated) for request 5 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 5 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS eaptls_verify returned 7 rlm_eap_tls: Done initial handshake eaptls_process returned 7 rlm_eap_peap: EAPTLS_OK rlm_eap_peap: Session established. Decoding tunneled attributes. rlm_eap_peap: Identity - apolyxrono rlm_eap_peap: Tunneled data is valid. PEAP: Got tunneled identity of apolyxrono PEAP: Setting default EAP type for tunneled EAP session. PEAP: Setting User-Name to apolyxrono Processing the authorize section of radiusd.conf modcall: entering group authorize for request 5 modcall[authorize]: module "preprocess" returns ok for request 5 rlm_eap: EAP packet type response id 6 length 15 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 5 users: Matched entry DEFAULT at line 155 users: Matched entry apolyxrono at line 220 modcall[authorize]: module "files" returns ok for request 5 modcall: leaving group authorize (returns updated) for request 5 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 5 rlm_eap: EAP Identity rlm_eap: processing type mschapv2 rlm_eap_mschapv2: Issuing Challenge modcall[authenticate]: module "eap" returns handled for request 5 modcall: leaving group authenticate (returns handled) for request 5 PEAP: Got tunneled Access-Challenge modcall[authenticate]: module "eap" returns handled for request 5 modcall: leaving group authenticate (returns handled) for request 5 Sending Access-Challenge of id 203 to 10.0.0.10 port 1413 Reply-Message = "Welcome , %u" EAP-Message = 0x0107003b19001703010030bf95008eecd47ff31262d612d1974351e866dc9784d2bf0c90ee40b9878d1a2d53f184267dee7c301bcf369f5290042e Message-Authenticator = 0x00000000000000000000000000000000 State = 0x217d9fd513bdaefaf143de9dd53e661c Finished request 5 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 10.0.0.10:1414, id=204, length=233 NAS-IP-Address = 10.0.0.10 NAS-Port-Type = Wireless-802.11 NAS-Port = 1 Framed-MTU = 1400 User-Name = "apolyxrono" Calling-Station-Id = "00166f122595" Called-Station-Id = "000d545c4190" NAS-Identifier = "3Com Access Point" State = 0x217d9fd513bdaefaf143de9dd53e661c EAP-Message = 0x0207005c1900170301005142250a1eb7f636498a5f6402e9d43b70c634ef5ece8bd44c67dd9b0b3b5d300d5571bb362d4629003f5eee3bb00bb17ea98d3706a7016e0956a9964f1abf1166fca19ff1bff4073b5ba57e164c054902ca Message-Authenticator = 0x3c8d531291a8cce0e8cd9cbd6483281e Processing the authorize section of radiusd.conf modcall: entering group authorize for request 6 modcall[authorize]: module "preprocess" returns ok for request 6 rlm_eap: EAP packet type response id 7 length 92 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 6 users: Matched entry DEFAULT at line 155 users: Matched entry apolyxrono at line 220 modcall[authorize]: module "files" returns ok for request 6 modcall: leaving group authorize (returns updated) for request 6 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 6 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS eaptls_verify returned 7 rlm_eap_tls: Done initial handshake eaptls_process returned 7 rlm_eap_peap: EAPTLS_OK rlm_eap_peap: Session established. Decoding tunneled attributes. rlm_eap_peap: EAP type mschapv2 rlm_eap_peap: Tunneled data is valid. PEAP: Setting User-Name to apolyxrono PEAP: Adding old state with 97 52 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 6 modcall[authorize]: module "preprocess" returns ok for request 6 rlm_eap: EAP packet type response id 7 length 69 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 6 users: Matched entry DEFAULT at line 155 users: Matched entry apolyxrono at line 220 modcall[authorize]: module "files" returns ok for request 6 modcall: leaving group authorize (returns updated) for request 6 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 6 rlm_eap: Request found, released from the list rlm_eap: EAP/mschapv2 rlm_eap: processing type mschapv2 Processing the authenticate section of radiusd.conf modcall: entering group MS-CHAP for request 6 rlm_mschap: Told to do MS-CHAPv2 for apolyxrono with NT-Password modcall[authenticate]: module "mschap" returns ok for request 6 modcall: leaving group MS-CHAP (returns ok) for request 6 MSCHAP Success modcall[authenticate]: module "eap" returns handled for request 6 modcall: leaving group authenticate (returns handled) for request 6 PEAP: Got tunneled Access-Challenge modcall[authenticate]: module "eap" returns handled for request 6 modcall: leaving group authenticate (returns handled) for request 6 Sending Access-Challenge of id 204 to 10.0.0.10 port 1414 Reply-Message = "Welcome , %u" EAP-Message = 0x0108004a1900170301003f2f9e49443ff7ee46c8e5ffe8a2e92ef9306fdae10f5465276e42faa291bdc286c3b07291242c2c79dac47c1cefaf93b4e2595e87dd9604d6b97e3df8e789f9 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x3199fe744bdd4d6520d40c3aa9d0b14f Finished request 6 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 10.0.0.10:1415, id=205, length=170 NAS-IP-Address = 10.0.0.10 NAS-Port-Type = Wireless-802.11 NAS-Port = 1 Framed-MTU = 1400 User-Name = "apolyxrono" Calling-Station-Id = "00166f122595" Called-Station-Id = "000d545c4190" NAS-Identifier = "3Com Access Point" State = 0x3199fe744bdd4d6520d40c3aa9d0b14f EAP-Message = 0x0208001d1900170301001205ab33d832d8bc53b98060e66dc86305eb2d Message-Authenticator = 0xcbc6bab94afd70655df82f4376410ccc Processing the authorize section of radiusd.conf modcall: entering group authorize for request 7 modcall[authorize]: module "preprocess" returns ok for request 7 rlm_eap: EAP packet type response id 8 length 29 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 7 users: Matched entry DEFAULT at line 155 users: Matched entry apolyxrono at line 220 modcall[authorize]: module "files" returns ok for request 7 modcall: leaving group authorize (returns updated) for request 7 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 7 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS eaptls_verify returned 7 rlm_eap_tls: Done initial handshake eaptls_process returned 7 rlm_eap_peap: EAPTLS_OK rlm_eap_peap: Session established. Decoding tunneled attributes. rlm_eap_peap: EAP type mschapv2 rlm_eap_peap: Tunneled data is valid. PEAP: Setting User-Name to apolyxrono PEAP: Adding old state with 91 96 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 7 modcall[authorize]: module "preprocess" returns ok for request 7 rlm_eap: EAP packet type response id 8 length 6 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 7 users: Matched entry DEFAULT at line 155 users: Matched entry apolyxrono at line 220 modcall[authorize]: module "files" returns ok for request 7 modcall: leaving group authorize (returns updated) for request 7 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 7 rlm_eap: Request found, released from the list rlm_eap: EAP/mschapv2 rlm_eap: processing type mschapv2 rlm_eap: Freeing handler modcall[authenticate]: module "eap" returns ok for request 7 modcall: leaving group authenticate (returns ok) for request 7 radius_xlat: 'Welcome , apolyxrono' PEAP: Tunneled authentication was successful. rlm_eap_peap: SUCCESS modcall[authenticate]: module "eap" returns handled for request 7 modcall: leaving group authenticate (returns handled) for request 7 Sending Access-Challenge of id 205 to 10.0.0.10 port 1415 Reply-Message = "Welcome , %u" EAP-Message = 0x010900261900170301001bc78ceb72a50f9f225f6367014d4d16aa2decfbd89251db50f6911c Message-Authenticator = 0x00000000000000000000000000000000 State = 0x2dbeeebf66adfa7162cb48fcca366dc8 Finished request 7 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 10.0.0.10:1416, id=206, length=179 NAS-IP-Address = 10.0.0.10 NAS-Port-Type = Wireless-802.11 NAS-Port = 1 Framed-MTU = 1400 User-Name = "apolyxrono" Calling-Station-Id = "00166f122595" Called-Station-Id = "000d545c4190" NAS-Identifier = "3Com Access Point" State = 0x2dbeeebf66adfa7162cb48fcca366dc8 EAP-Message = 0x020900261900170301001bb2aa704bedf0387c6419429b7adae92b476fc1df7c8cf339d09ed1 Message-Authenticator = 0xb006210dadcffc92b4807279b50f58f1 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 8 modcall[authorize]: module "preprocess" returns ok for request 8 rlm_eap: EAP packet type response id 9 length 38 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 8 users: Matched entry DEFAULT at line 155 users: Matched entry apolyxrono at line 220 modcall[authorize]: module "files" returns ok for request 8 modcall: leaving group authorize (returns updated) for request 8 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 8 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS eaptls_verify returned 7 rlm_eap_tls: Done initial handshake eaptls_process returned 7 rlm_eap_peap: EAPTLS_OK rlm_eap_peap: Session established. Decoding tunneled attributes. rlm_eap_peap: Received EAP-TLV response. rlm_eap_peap: Tunneled data is valid. rlm_eap_peap: Success rlm_eap: Freeing handler modcall[authenticate]: module "eap" returns ok for request 8 modcall: leaving group authenticate (returns ok) for request 8 radius_xlat: 'Welcome , apolyxrono' Sending Access-Accept of id 206 to 10.0.0.10 port 1416 Reply-Message = "Welcome , apolyxrono" MS-MPPE-Recv-Key = 0x4f07bfd7b31f4bcf95c4537ee9dd4054b6ed23c353b8dfa380a1bee24b059371 MS-MPPE-Send-Key = 0x9b6219695728c1cf01e13abd0e73b2e08b52e5ceeaec910669d8cac5a5100657 EAP-Message = 0x03090004 Message-Authenticator = 0x00000000000000000000000000000000 User-Name = "apolyxrono" Finished request 8 Going to the next request Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 198 with timestamp 459c110c Cleaning up request 1 ID 199 with timestamp 459c110c Cleaning up request 2 ID 200 with timestamp 459c110c Cleaning up request 3 ID 201 with timestamp 459c110c Cleaning up request 4 ID 202 with timestamp 459c110c Cleaning up request 5 ID 203 with timestamp 459c110c Cleaning up request 6 ID 204 with timestamp 459c110c Cleaning up request 7 ID 205 with timestamp 459c110c Cleaning up request 8 ID 206 with timestamp 459c110c Nothing to do. Sleeping until we see a request. rad_recv: Accounting-Request packet from host 10.0.0.10:1406, id=2, length=158 Acct-Status-Type = Start Acct-Session-Id = "00166f122595-000d54fdb5ea-4d5e" NAS-IP-Address = 10.0.0.10 Acct-Input-Octets = 37687 Acct-Output-Octets = 21336 Acct-Input-Packets = 124 Acct-Output-Packets = 152 User-Name = "apolyxrono" Vendor-Specific = 0x564c414e2049442069733a2030 Vendor-Specific = 0x4553534944203d206d794170 Vendor-Specific = 0x45415020547970652069733a204541502d50454150 Acct-Session-Time = 32 Processing the preacct section of radiusd.conf modcall: entering group preacct for request 9 modcall[preacct]: module "preprocess" returns noop for request 9 rlm_acct_unique: WARNING: Attribute NAS-Port was not found in request, unique ID MAY be inconsistent rlm_acct_unique: Hashing ',Client-IP-Address = 10.0.0.10,NAS-IP-Address = 10.0.0.10,Acct-Session-Id = "00166f122595-000d54fdb5ea-4d5e",User-Name = "apolyxrono"' rlm_acct_unique: Acct-Unique-Session-ID = "e27dcefb66f90e5e". modcall[preacct]: module "acct_unique" returns ok for request 9 rlm_realm: No '@' in User-Name = "apolyxrono", looking up realm NULL rlm_realm: No such realm "NULL" modcall[preacct]: module "suffix" returns noop for request 9 modcall[preacct]: module "files" returns noop for request 9 modcall: leaving group preacct (returns ok) for request 9 Processing the accounting section of radiusd.conf modcall: entering group accounting for request 9 radius_xlat: '/usr/local/var/log/radius/radacct/10.0.0.10/detail-20070103' rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/10.0.0.10/detail-20070103 modcall[accounting]: module "detail" returns ok for request 9 radius_xlat: '/usr/local/var/log/radius/radutmp' radius_xlat: 'apolyxrono' rlm_radutmp: No NAS-Port seen. Cannot do anything. rlm_radumtp: WARNING: checkrad will probably not work! modcall[accounting]: module "radutmp" returns noop for request 9 modcall: leaving group accounting (returns ok) for request 9 Sending Accounting-Response of id 2 to 10.0.0.10 port 1406 Finished request 9 Going to the next request --- Walking the entire request list --- Cleaning up request 9 ID 2 with timestamp 459c112d Nothing to do. Sleeping until we see a request. thanks Adreas Polyxronopoulos ----- Forwarded Message ---- From: adreas Polyxronopoulos <apolyxrono@yahoo.co.uk> To: freeradius users-list <freeradius-users@lists.freeradius.org> Sent: Wednesday, 3 January, 2007 3:03:23 PM Subject: My AP does accountig but radwho doesn't work.. Hi list, I am trying to work the radwho command but i get this error : radwho: Error reading /usr/local/var/log/radius/radutmp: No such file or directory My AccessPoint (3com 7250) has the accounting option i have set it enable and i have detail files in /usr/local/var/log/radius/radacct/10.0.0.10 . In my radiusd.conf : radutmp { filename = ${LOGDIR}/radutmp username = %{User-Name} case_sensitive = yes check_with_nas = yes perm = 0600 callerid = yes } accounting { detail radutmp } session { radutmp } ----- and when running radiusd -X : .............. Module: Loaded radutmp radutmp: filename = "/var/log/radius/radutmp" radutmp: username = "%{User-Name}" radutmp: case_sensitive = yes radutmp: check_with_nas = yes radutmp: perm = 384 radutmp: callerid = yes .... Module: Instantiated radutmp (radutmp) thanks Adreas Polyxronopoulos Send instant messages to your online friends http://uk.messenger.yahoo.com Send instant messages to your online friends http://uk.messenger.yahoo.com
adreas Polyxronopoulos wrote:
rlm_acct_unique: WARNING: Attribute NAS-Port was not found in request, unique ID MAY be inconsistent
radius_xlat: '/usr/local/var/log/radius/radutmp' radius_xlat: 'apolyxrono' rlm_radutmp: No NAS-Port seen. Cannot do anything. rlm_radumtp: WARNING: checkrad will probably not work! modcall[accounting]: module "radutmp" returns noop for request 9
You did read the entire output, right? It looks like it gave you your answer. -- Dennis Skinner Systems Administrator BlueFrog Internet http://www.bluefrog.com
participants (2)
-
adreas Polyxronopoulos -
Dennis Skinner