FreeRadius - Cisco 7204 - L2TP Tunnel
Phil Mayers
p.mayers at imperial.ac.uk
Sat Apr 8 14:17:28 CEST 2006
Ok, I see the problem:
> users: Matched DEFAULT at 171
> users: Matched DEFAULT at 183
> modcall[authorize]: module "files" returns ok for request 6
>
> My users file (without all the commented out lines)
>
>
> DEFAULT Service-Type == Framed-User
> Framed-IP-Address = 255.255.255.254,
> Framed-MTU = 576,
> Service-Type = Framed-User,
> Fall-Through = Yes
>
>
> DEFAULT Framed-Protocol == PPP
> Framed-Protocol = PPP,
> Framed-Compression = Van-Jacobson-TCP-IP
There's no "Fall-Through = Yes" on this entry (the default entries in
the users file in current release are a bit historic and not especially
helpful to be in there uncommented by default, but compatibility
concerns I imagine block their removal). So processing stops here, and
never reaches the desired entry:
> 23877 at local.realm.com Auth-Type = Local, User-Password == "mysecret"
> Service-Type = Framed-User,
> Framed-Protocol = PPP,
> Framed-Address = 10.0.0.1,
> Framed-Netmask = 255.255.255.255,
> Framed-Compression = Van-Jacobsen-TCP-IP
So, you can either add a Fall-Though = Yes to the PPP entry, or delete
it (since you've got the attributes defined on the users entry anyway
you don't need it, or the Framed-Protocol match further up).
Personally I tend to do:
cp users users.example
>users
...and start with a clean slate, reading the examples from the old file.
FYI the users file in CVS has by default none of these semi-historic
uncommented examples.
More information about the Freeradius-Users
mailing list