[Fwd: Re: [Fwd: I need some help with freeradius 2.0.4]]

Wagner Pereira wpereira at pop-sp.rnp.br
Thu Nov 12 12:55:20 CET 2009


Hi, Ivan.

Yes, my output now is showing:

Sending Access-Accept of id 128 to 200.133.204.64 port 21645
        Service-Type := NAS-Prompt-User

And how should I "debug ip ssh". I've used the tcpdump to catch the 
traffic through eth0. Did you mean that? If it's affirmative, see the 
tcpdump output below:

Service Type Attribute (6), length: 6, Value: NAS Prompt
09:42:48.269012 IP (tos 0x0, ttl 254, id 23346, offset 0, flags [none], 
proto UDP (17), length 110) 10.0.0.1.21645 > 10.0.0.2.1812: RADIUS, 
length: 82
        Access Request (1), id: 0x80, Authenticator: 
7957e94b669004f47762c0741ac808af
          NAS IP Address Attribute (4), length: 6, Value: 200.133.204.64
          NAS Port Attribute (5), length: 6, Value: 1
          NAS Port Type Attribute (61), length: 6, Value: Virtual
          Username Attribute (1), length: 10, Value: user
          Calling Station Attribute (31), length: 16, Value: 200.133.192.22
          Password Attribute (2), length: 18, Value:
09:42:48.269728 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto 
UDP (17), length 54) 10.0.0.2.1812 > 10.0.0.1.21645: RADIUS, length: 26
        Access Accept (2), id: 0x80, Authenticator: 
743ceb248afa2d6eba3062a357d6fcac
      


-- 

Wagner Pereira

PoP-SP/RNP - Ponto de Presença da RNP em São Paulo
CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo
http://www.pop-sp.rnp.br
(11) 3091-8902



tnt at kalik.net escreveu:
>> I already read the Cisco wiki page and I implemented what they
>> recommend, but it's not working yet.
>>     
>
> Does the debug now show Nas-Prompt-User in Access-Accept packet? If it
> does - it's some problem on the router - debug ip ssh.
>
>
> Ivan Kalik
> Kalik Informatika ISP
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>   



More information about the Freeradius-Users mailing list