an intermittant PAP auth problem
Alan DeKok
aland at deployingradius.com
Wed Nov 7 23:15:24 CET 2007
A.L.M.Buxey at lboro.ac.uk wrote:
> we use nagios to monitor our freeradius install. this is using
> the adv_radius_check plugin to check from the nagios servers a
> user on the freeradius server (in the users file), the following
> are the succinct details
...
> okay. so the user authentication tests fine with radtest on the radius server....and it works fine
> from the 2 nagios boxes...almost always. occasionally we see the following error come through during
> the 5-minute interval tests.......
>
> Wed Nov 7 11:21:40 2007 : Auth: Login OK: [nagios-user] (from client 10.1.1.2 port 0)
> Wed Nov 7 11:26:40 2007 : Auth: Login incorrect: [nagios-user] (from client 10.1.1.2 port 0)
I'd suggest logging the nagios packets to a file. You can then see if
anything in the nagios packets change. If so, that's a problem. If
not, there's something going on with the server.
> now, the check method is the same, the password is the same, the IP is the same, in essence
> nothing changes at all between each 5-minute test (the last entry 11:29:40 is quicker
> than a 5 minute interval as nagios catches up with failed events within a following window)
> and this is just plain PAP check in users file.
>
> so why is it occasionally failing? has anyone else seen this sort of activity?
I've run 100's of 1000's of PAP requests through CVS head. I haven't
seen this.
Alan DeKok.
More information about the Freeradius-Users
mailing list