PPTP - Radius connection failure

John Kane john.kane at prodeasystems.com
Tue Jun 16 18:59:32 CEST 2009 

Forgive me if this is not the correct mailing list for this question
(and if not, point me to the correct one, if possible).

I am running PPTP (poptop w/radiusclient) on the same RHEL Linux box as
the freeradius server.  Initially, all works well.  But after some time
(30-45 min?), the radius server quits responding, and I see this in the
pptpd.log:

	Jun 16 14:32:35 time3 pppd[29588]: rc_send_server: no reply from
RADIUS server localhost.localdomain:1812


Running radiusd in debug mode shows nothing coming in for this query,
although the server shows to be listening:

	[root at time3 raddb]# netstat -ua | grep rad
	udp    19260      0 *:radius                    *:*
	udp        0      0 *:radius-acct               *:*


When this is occurring, radtest also fails, as it never gets a response
(just keep resending).


I am running (sorry, I realize that is no longer supported, but that's
RH's latest Freeradius RPM, thus what I am required to use):

freeradius 1.1.3
freeradius-client 1.1.6
ppp 2.2.4
pptpd 1.3.4



My configs:

# cat /etc/radiusclient/radiusclient.conf | grep -v '#' | grep -v '^$'
auth_order      radius
login_tries     4
login_timeout   60
nologin         /etc/nologin
issue           /etc/radiusclient/issue
authserver      localhost
acctserver      localhost
servers         /etc/radiusclient/servers
dictionary      /etc/radiusclient/dictionary
login_radius    /usr/sbin/login.radius
seqfile         /var/run/radius.seq
mapfile         /etc/radiusclient/port-id-map
default_realm
radius_timeout  10
radius_retries  3
login_local     /bin/login



# cat /etc/radiusclient/servers | grep -v '#' | grep -v '^$'
localhost/localhost                             testing123



# cat /etc/pptpd.conf | grep -v '#' | grep -v '^$'
ppp /usr/sbin/pppd
option /etc/ppp/options.pptpd
debug
stimeout 5
logwtmp
connections 63
localip 172.20.1.143
remoteip 172.20.2.128-191




# cat /etc/ppp/options.pptpd | grep -v '#' | grep -v '^$'
name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
ms-dns 172.24.2.197
ms-dns 172.24.2.196
proxyarp
debug
dump
lock
nobsdcomp
novj
novjccomp
nologfd
plugin radius.so
plugin radattr.so


Thanks for any help or suggestions,
John




This message is confidential to Prodea Systems, Inc unless otherwise indicated 
or apparent from its nature. This message is directed to the intended recipient 
only, who may be readily determined by the sender of this message and its 
contents. If the reader of this message is not the intended recipient, or an 
employee or agent responsible for delivering this message to the intended 
recipient:(a)any dissemination or copying of this message is strictly 
prohibited; and(b)immediately notify the sender by return message and destroy 
any copies of this message in any form(electronic, paper or otherwise) that you 
have.The delivery of this message and its information is neither intended to be 
nor constitutes a disclosure or waiver of any trade secrets, intellectual 
property, attorney work product, or attorney-client communications. The 
authority of the individual sending this message to legally bind Prodea Systems  
is neither apparent nor implied,and must be independently verified.

More information about the Freeradius-Users mailing list