NAS ignoring Access-Accept

tnt at kalik.co.yu tnt at kalik.co.yu
Mon May 21 23:30:30 CEST 2007 

You are not sending any reply attributes to the NAS. Your client probably
needs things like Framed-IP-Address etc. from it. Or do you have DHCP on
the NAS? But I would expect Framed-IP-Address to be in the request then.

Ivan Kalik
Kalik Informatika ISP


Dana 21/5/2007, "Wolfgang Rosenauer" <wolfgang at rosenauer.org> piše:

>Hugh Messenger wrote:
>> Wolfgang Rosenauer <wolfgang at rosenauer.org> said:
>>> I ran radiusd -X and saw that freeradius sent an Access-Accept reply to
>>> the NAS' ip address and source port.
>>
>> Could you post the entire -X log for an example request?
>
>rad_recv: Access-Request packet from host 1.1.1.7:1645, id=166, length=97
>        NAS-IP-Address = 1.1.1.1
>        NAS-Port = 20010
>        NAS-Port-Type = ISDN
>        User-Name = "XXXXX"
>        Called-Station-Id = "48793"
>        Calling-Station-Id = "123456"
>        User-Password = "XXXXX"
>        Service-Type = Framed-User
>        Framed-Protocol = PPP
>
>  Processing the authorize section of radiusd.conf
>modcall: entering group authorize for request 0
>  modcall[authorize]: module "preprocess" returns ok for request 0
>  modcall[authorize]: module "chap" returns noop for request 0
>  modcall[authorize]: module "mschap" returns noop for request 0
>    rlm_realm: No '@' in User-Name = "XXXXX", looking up realm NULL
>    rlm_realm: No such realm "NULL"
>  modcall[authorize]: module "suffix" returns noop for request 0
>radius_xlat:  'XXXXX'
>rlm_sql (sql): sql_set_user escaped user --> 'XXXXX'
>radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM
>radcheck           WHERE Username = 'XXXXX'           ORDER BY id'
>rlm_sql (sql): Reserving sql socket id: 4
>radius_xlat:  'SELECT
>radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Val
>ue,radgroupcheck.op  FROM radgroupcheck,usergroup WHERE
>usergroup.Username = 'XXXXX' AND usergroup.Gr
>oupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
>radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM
>radreply           WHERE Usernam
>e = 'XXXXX'           ORDER BY id'
>radius_xlat:  'SELECT
>radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Val
>ue,radgroupreply.op  FROM radgroupreply,usergroup WHERE
>usergroup.Username = 'XXXXX' AND usergroup.Gr
>oupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
>rlm_sql (sql): Released sql socket id: 4
>  modcall[authorize]: module "sql" returns ok for request 0
>  modcall[authorize]: module "pap" returns updated for request 0
>modcall: leaving group authorize (returns updated) for request 0
>  rad_check_password:  Found Auth-Type pap
>auth: type "PAP"
>  Processing the authenticate section of radiusd.conf
>modcall: entering group PAP for request 0
>rlm_pap: login attempt with password XXXXX
>rlm_pap: Using CRYPT encryption.
>rlm_pap: User authenticated successfully
>  modcall[authenticate]: module "pap" returns ok for request 0
>modcall: leaving group PAP (returns ok) for request 0
>Sending Access-Accept of id 166 to 1.1.1.7 port 1645
>Finished request 0
>
>
>
>Wolfgang
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>

More information about the Freeradius-Users mailing list