sqlippool issue
hadi golestani
hadi.golestani at gmail.com
Thu Dec 13 10:57:52 CET 2007
Hi,
I'm using freeradius to assign ip to my vpn clients.
so I've configured sqlippool to bind ips to my users and groups.
and in pptpd.conf I choose not to assign ip in pptpd.
but connections to pptpd fails ( from win xp ) with error: no assigned ip.
what's wrong in my configurations?
my DB state:
insert into radcheck ( username , attribute , op , value ) values (
'newuser3' , 'Cleartext-Password' , ':=' , 'newpass3');
insert into usergroup (username , groupname ) values ( 'newuser3' ,
'offpart1');
insert into radgroupcheck ( groupname , attribute , op , value ) values
('offpart1' , 'Pool-Name' , ':=' , '1515');
insert into radippool ( 'pool_name' , 'framedipaddress' ) values ('1515','
10.15.15.3');
it's the output of debug mod:
rad_recv: Access-Request packet from host 127.0.0.1:34045, id=149,
length=148
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = "newuser3"
MS-CHAP-Challenge = 0xc2af22b4941ad3a9f8ffba6ca9793eea
MS-CHAP2-Response =
0x220069907d4b717d6e15a59053bead0f51900000000000000000283b13c9c3bd7f543ae7385f6b5749cb18330955aade9ea7
Calling-Station-Id = "xx.xx.xx.xx"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 8
modcall[authorize]: module "preprocess" returns ok for request 8
modcall[authorize]: module "chap" returns noop for request 8
rlm_mschap: Found MS-CHAP attributes. Setting 'Auth-Type = mschap'
modcall[authorize]: module "mschap" returns ok for request 8
rlm_realm: No '@' in User-Name = "newuser3", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 8
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 8
users: Matched entry DEFAULT at line 173
users: Matched entry DEFAULT at line 185
modcall[authorize]: module "files" returns ok for request 8
radius_xlat: 'newuser3'
rlm_sql (sql): sql_set_user escaped user --> 'newuser3'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM
radcheck WHERE Username = 'newuser3' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 0
radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,
radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM
radgroupcheck,usergroup WHERE usergroup.Username = 'newuser3' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM
radreply WHERE Username = 'newuser3' ORDER BY id'
radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,
radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM
radgroupreply,usergroup WHERE usergroup.Username = 'newuser3' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql (sql): Released sql socket id: 0
modcall[authorize]: module "sql" returns ok for request 8
rlm_pap: Found existing Auth-Type, not changing it.
modcall[authorize]: module "pap" returns noop for request 8
modcall: leaving group authorize (returns ok) for request 8
rad_check_password: Found Auth-Type MS-CHAP
auth: type "MS-CHAP"
Processing the authenticate section of radiusd.conf
modcall: entering group MS-CHAP for request 8
rlm_mschap: Told to do MS-CHAPv2 for newuser3 with NT-Password
rlm_mschap: adding MS-CHAPv2 MPPE keys
modcall[authenticate]: module "mschap" returns ok for request 8
modcall: leaving group MS-CHAP (returns ok) for request 8
Processing the post-auth section of radiusd.conf
modcall: entering group post-auth for request 8
rlm_sqlippool: Framed-IP-Address already exists
modcall[post-auth]: module "sqlippool" returns noop for request 8
rlm_sql (sql): Processing sql_postauth
radius_xlat: 'newuser3'
rlm_sql (sql): sql_set_user escaped user --> 'newuser3'
radius_xlat: 'INSERT into radpostauth (user, pass, reply, date) values
('newuser3', 'Chap-Password', 'Access-Accept', NOW())'
rlm_sql (sql) in sql_postauth: query is INSERT into radpostauth (user, pass,
reply, date) values ('newuser3', 'Chap-Password', 'Access-Accept', NOW())
rlm_sql (sql): Reserving sql socket id: 3
rlm_sql (sql): Released sql socket id: 3
modcall[post-auth]: module "sql" returns ok for request 8
modcall: leaving group post-auth (returns ok) for request 8
Sending Access-Accept of id 149 to 127.0.0.1 port 34045
Framed-IP-Address = 255.255.255.254
Framed-MTU = 576
Service-Type = Framed-User
Framed-Protocol = PPP
Framed-Compression = Van-Jacobson-TCP-IP
MS-CHAP2-Success =
0x22533d36413732333834453141433843323544364432373245454244333734303038463238363630453439
MS-MPPE-Recv-Key = 0x0d42ffa8adfe8471a692876c86a6b26d
MS-MPPE-Send-Key = 0x5110ed91d6d36bb4c9d44e2a0f6367e1
MS-MPPE-Encryption-Policy = 0x00000001
MS-MPPE-Encryption-Types = 0x00000006
Finished request 8
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 8 ID 149 with timestamp 4760fe8f
Nothing to do. Sleeping until we see a request.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20071213/b28823cc/attachment.html>
More information about the Freeradius-Users
mailing list