cannot return access accept from proxy to client

Paolo Rotela paolo.rotela at bluetelecom.com
Wed Sep 21 14:28:22 CEST 2005


Seeing your output, it says that it's failing because "post-auth" module is failing due to the fail of the "sql" module invoked. Lookup your radiusd.conf file, and see why you are using sql in post-auth, and see if this setup is correct.
  ----- Original Message ----- 
  From: Wilson Lie 
  To: freeradius-users at lists.freeradius.org 
  Sent: Wednesday, September 21, 2005 5:58 AM
  Subject: cannot return access accept from proxy to client


  Hi all,

  I encountered a problem during authentication request. Would you give me a hand ?
  Many thanks!

  Configuration:
  Host A   ( Radius server)
  Host B   ( proxy all requests to host A )


  Problem:
  1) Access-Request  is sent to  Host B from client
  2) Host B proxy request to Host A
  3) Host A sends Access-Accept  to Host B
  4) Host B receive Access-Accept from Host A
  5)   Host B sends Access-Reject   to  client    ( log message comes below)

  *My question is how can I set radius such that it can send the access-accept to client ?
  ================================================================
  rad_recv: Access-Accept packet from host xxx.xxx.xxx.xxx:1812, id=3, length=156

  Processing the authorize section of radiusd.conf
  modcall: entering group authorize for request 3
    hints: Matched DEFAULT at 81
    modcall[authorize]: module "preprocess" returns ok for request 3
  radius_xlat:  '/usr/local/var/log/radius/radacct/xxx.xxx.xxx.xxx/auth-detail-20050921'
  rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/xxx.xxx.xxx.xxx/auth-detail-20050921
    modcall[authorize]: module "auth_log" returns ok for request 3
      rlm_realm: Proxy reply, or no User-Name.  Ignoring.
    modcall[authorize]: module "suffix" returns noop for request 3
      users: Matched entry DEFAULT at line 168
    modcall[authorize]: module "files" returns ok for request 3
  modcall: group authorize returns ok for request 3
    rad_check_password:  Found Auth-Type SQL
    rad_check_password: Auth-Type = Accept, accepting the user
  Login OK: [99009900 at realm/8F4Lf0T] (from client ivrs port 0 cli 00-0C-41-2F-00-71)
    Processing the post-auth section of radiusd.conf
  modcall: entering group post-auth for request 3
  radius_xlat:  '/usr/local/var/log/radius/radacct/xxx.xxx.xxx.xxx/reply-detail-20050921'
  rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/xxx.xxx.xxx.xxx/reply-detail-20050921
    modcall[post-auth]: module "reply_log" returns ok for request 3
  rlm_sql (sql): Processing sql_postauth
  radius_xlat:  ''
    modcall[post-auth]: module "sql" returns fail for request 3
  modcall: group post-auth returns fail for request 3
  Delaying request 3 for 1 seconds
  Finished request 3
  =======================================================================




   
   
  ___________________________________________________
  (c) 2005 Interactive Technology Holdings Limited Group.
  All rights reserved.

  CONFIDENTIALITY: This communication and any attachment(s)
  is intended solely for the person or organisation to which
  it is addressed and it may be confidential. This
  communication may contain confidential or legally privileged
  material and may not be copied, redistributed or published
  (in whole or in part) without our prior written consent.
  This communication may have been intercepted, partially
  destroyed, arrive late, incomplete or contain viruses and no
  liability is accepted by any member of the Interactive
  Technology Holdings Limited Group as a result. If you are
  not the intended recipient, employee or agent responsible
  for delivering the message to the intended recipient you
  must not copy, disclose, distribute or take any action in
  reliance on it. If you have received this communication in
  error, please immediately reply and highlight the error to
  the sender immediately and destroy the original from your
  computer.



------------------------------------------------------------------------------


  - 
  List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20050921/c31195f2/attachment.html>


More information about the Freeradius-Users mailing list