connection to netowrk problem

debik debik at vp.pl
Sun Dec 4 10:19:43 CET 2005


Hello !
I have configured the freeradius with peap authentication.
Then when i try connect to the NAS with username and password the raidus server allow me to log and the connection seems to be ok.
Bu when I try to ping some host on my network, theres no response.
I am connected but i dont se any network. I could't even ping the NAS who says that I'am connetcetd to him.

My configs are:
 /usr/local/radius/sbin/radiusd -X -A 
Starting - reading configuration files ... 
reread_config: reading radiusd.conf 
Config: including file: /usr/local/radius/etc/raddb/proxy.conf 
Config: including file: /usr/local/radius/etc/raddb/clients.conf 
Config: including file: /usr/local/radius/etc/raddb/snmp.conf 
Config: including file: /usr/local/radius/etc/raddb/eap.conf 
Config: including file: /usr/local/radius/etc/raddb/sql.conf 
main: prefix = "/usr/local/radius" 
main: localstatedir = "/usr/local/radius/var" 
main: logdir = "/usr/local/radius/var/log/radius" 
main: libdir = "/usr/local/radius/lib" 
main: radacctdir = "/usr/local/radius/var/log/radius/radacct" 
main: hostname_lookups = no 
main: max_request_time = 30 
main: cleanup_delay = 5 
main: max_requests = 1024 
main: delete_blocked_requests = 0 
main: port = 0 
main: allow_core_dumps = no 
main: log_stripped_names = no 
main: log_file = "/usr/local/radius/var/log/radius/radius.log" 
main: log_auth = no 
main: log_auth_badpass = no 
main: log_auth_goodpass = no 
main: pidfile = "/usr/local/radius/var/run/radiusd/radiusd.pid" 
main: user = "(null)" 
main: group = "(null)" 
main: usercollide = no 
main: lower_user = "no" 
main: lower_pass = "no" 
main: nospace_user = "no" 
main: nospace_pass = "no" 
main: checkrad = "/usr/local/radius/sbin/checkrad" 
main: proxy_requests = yes 
proxy: retry_delay = 5 
proxy: retry_count = 3 
proxy: synchronous = no 
proxy: default_fallback = yes 
proxy: dead_time = 120 
proxy: post_proxy_authorize = yes 
proxy: wake_all_if_all_dead = no 
security: max_attributes = 200 
security: reject_delay = 1 
security: status_server = no 
main: debug_level = 0 
read_config_files: reading dictionary 
read_config_files: reading naslist 
Using deprecated naslist file. Support for this will go away soon. 
read_config_files: reading clients 
read_config_files: reading realms 
radiusd: entering modules setup 
Module: Library search path is /usr/local/radius/lib 
Module: Loaded exec 
exec: wait = yes 
exec: program = "(null)" 
exec: input_pairs = "request" 
exec: output_pairs = "(null)" 
exec: packet_type = "(null)" 
rlm_exec: Wait=yes but no output defined. Did you mean output=none? 
Module: Instantiated exec (exec) 
Module: Loaded expr 
Module: Instantiated expr (expr) 
Module: Loaded PAP 
pap: encryption_scheme = "crypt" 
Module: Instantiated pap (pap) 
Module: Loaded CHAP 
Module: Instantiated chap (chap) 
Module: Loaded MS-CHAP 
mschap: use_mppe = yes 
mschap: require_encryption = yes 
mschap: require_strong = yes 
mschap: with_ntdomain_hack = no 
mschap: passwd = "(null)" 
mschap: authtype = "MS-CHAP" 
mschap: ntlm_auth = "(null)" 
Module: Instantiated mschap (mschap) 
Module: Loaded System 
unix: cache = no 
unix: passwd = "(null)" 
unix: shadow = "(null)" 
unix: group = "(null)" 
unix: radwtmp = "/usr/local/radius/var/log/radius/radwtmp" 
unix: usegroup = no 
unix: cache_reload = 600 
Module: Instantiated unix (unix) 
Module: Loaded eap 
eap: default_eap_type = "peap" 
eap: timer_expire = 60 
eap: ignore_unknown_eap_types = no 
eap: cisco_accounting_username_bug = no 
rlm_eap: Loaded and initialized type md5 
rlm_eap: Loaded and initialized type leap 
gtc: challenge = "Password: " 
gtc: auth_type = "PAP" 
rlm_eap: Loaded and initialized type gtc 
tls: rsa_key_exchange = no 
tls: dh_key_exchange = yes 
tls: rsa_key_length = 512 
tls: dh_key_length = 512 
tls: verify_depth = 0 
tls: CA_path = "(null)" 
tls: pem_file_type = yes 
tls: private_key_file = "/usr/local/radius/etc/raddb/certs/cert-srv.pem" 
tls: certificate_file = "/usr/local/radius/etc/raddb/certs/cert-srv.pem" 
tls: CA_file = "/usr/local/radius/etc/raddb/certs/demoCA/cacert.pem" 
tls: private_key_password = "whatever" 
tls: dh_file = "/usr/local/radius/etc/raddb/certs/dh" 
tls: random_file = "/usr/local/radius/etc/raddb/certs/random" 
tls: fragment_size = 1024 
tls: include_length = yes 
tls: check_crl = no 
tls: check_cert_cn = "(null)" 
rlm_eap: Loaded and initialized type tls 
peap: default_eap_type = "mschapv2" 
peap: copy_request_to_tunnel = no 
peap: use_tunneled_reply = no 
peap: proxy_tunneled_request_as_eap = yes 
rlm_eap: Loaded and initialized type peap 
mschapv2: with_ntdomain_hack = no 
rlm_eap: Loaded and initialized type mschapv2 
Module: Instantiated eap (eap) 
Module: Loaded preprocess 
preprocess: huntgroups = "/usr/local/radius/etc/raddb/huntgroups" 
preprocess: hints = "/usr/local/radius/etc/raddb/hints" 
preprocess: with_ascend_hack = no 
preprocess: ascend_channels_per_line = 23 
preprocess: with_ntdomain_hack = no 
preprocess: with_specialix_jetstream_hack = no 
preprocess: with_cisco_vsa_hack = no 
Module: Instantiated preprocess (preprocess) 
Module: Loaded realm 
realm: format = "suffix" 
realm: delimiter = "@" 
realm: ignore_default = no 
realm: ignore_null = no 
Module: Instantiated realm (suffix) 
Module: Loaded files 
files: usersfile = "/usr/local/radius/etc/raddb/users" 
files: acctusersfile = "/usr/local/radius/etc/raddb/acct_users" 
files: preproxy_usersfile = "/usr/local/radius/etc/raddb/preproxy_users" 
files: compat = "no" 
Module: Instantiated files (files) 
Module: Loaded Acct-Unique-Session-Id 
acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port" 
Module: Instantiated acct_unique (acct_unique) 
Module: Loaded detail 
detail: detailfile = "/usr/local/radius/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d" 
detail: detailperm = 384 
detail: dirperm = 493 
detail: locking = no 
Module: Instantiated detail (detail) 
Module: Loaded radutmp 
radutmp: filename = "/usr/local/radius/var/log/radius/radutmp" 
radutmp: username = "%{User-Name}" 
radutmp: case_sensitive = yes 
radutmp: check_with_nas = yes 
radutmp: perm = 384 
radutmp: callerid = yes 
Module: Instantiated radutmp (radutmp) 
Listening on authentication *:1812 
Listening on accounting *:1813 
Listening on proxy *:1814 
Ready to process requests. 

 clients.conf mam nastepujacy: 
client 192.168.0.0/24 { 
secret = test 
shortname = Dlink 
}


 users Auth-Type :=EAP, User-Password == "password" 
Service-Type = Frames-User, 
Framed-Protocol = PPP, 
Framed-IP-Address = 192.168.0.21, 
Framed-IP-Netmask = 255.255.255.0, 
Framed-Routing = Broadcast-Listen, 
Framed-MTU = 1500, 
Framed-Compression = Van-Jacobsen-TCP-IP 
 
Any suggestions ???
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20051204/3c998556/attachment.html>


More information about the Freeradius-Users mailing list