pptp + perl + freeradius???
Oguzhan Kayhan
oguzhank at bilkent.edu.tr
Wed Nov 18 11:58:27 CET 2009
Hello, I am using a perl script to authenticate my users for hotspots with
freeradius.
I got no problem regarding to it.
Now i planned to move my existing vpn server to freeradius also..
Read some howtos about it (with poptop mostly)
Here is how my perl script works.. When it gets a username/pass it checks
it via an xml page and if it is correct it adds the username to mysql
table with auth-type == local parameter. When second time this user tries
to login it just checks the password.. So I got Auth-Type parameter for
users in mysql.
And.. here is debug of my freeradius, pptp daemon,mysql query.. and my
site config on freeradius
freeradius:
rad_recv: Access-Request packet from host 127.0.0.1 port 33646, id=29,
length=138
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = "7798"
MS-CHAP-Challenge = 0xf42766132ee2e3d828c770c460e8588e
MS-CHAP2-Response =
0x44006948a59f2dbc8c838083bdea3e846fc300000000000000003f4aeadca9c80f730fd668686d8eac96570d941da2b4c2fd
Calling-Station-Id = ".931"
NAS-IP-Address = 192.168.10.213
NAS-Port = 0
auth: No authenticate method (Auth-Type) configuration found for the
request: Rejecting the user
auth: Failed to validate the user.
Login incorrect: [7798/<no User-Password attribute>] (from client
localhost port 0 cli .931)
Found Post-Auth-Type Reject
WARNING: Unknown value specified for Post-Auth-Type. Cannot perform
requested action.
pptp:
Client 192.168.16.243 control connection started
Nov 18 12:49:30 pptp pptpd[4898]: CTRL: Starting call (launching pppd,
opening GRE)
Nov 18 12:49:30 pptp pppd[4900]: Plugin radius.so loaded.
Nov 18 12:49:30 pptp pppd[4900]: RADIUS plugin initialized.
Nov 18 12:49:30 pptp pppd[4900]: Plugin radattr.so loaded.
Nov 18 12:49:30 pptp pppd[4900]: RADATTR plugin initialized.
Nov 18 12:49:30 pptp pppd[4900]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so
loaded.
Nov 18 12:49:30 pptp pppd[4900]: pppd 2.4.4 started by root, uid 0
Nov 18 12:49:30 pptp pppd[4900]: Using interface ppp0
Nov 18 12:49:30 pptp pppd[4900]: Connect: ppp0 <--> /dev/pts/1
Nov 18 12:49:30 pptp pptpd[4898]: GRE: Bad checksum from pppd.
Nov 18 12:49:33 pptp pptpd[4898]: CTRL: Ignored a SET LINK INFO packet
with real ACCMs!
Nov 18 12:49:34 pptp pppd[4900]: Peer 7798 failed CHAP authentication
Nov 18 12:49:34 pptp pppd[4900]: Connection terminated.
Nov 18 12:49:34 pptp pppd[4900]: Exit.
Mysql Query
mysql> select * from radcheck where Username = '7798';
+-------+----------+------------------+----+-------------------------+
| id | UserName | Attribute | op | Value |
+-------+----------+------------------+----+-------------------------+
| 48225 | 7798 | UserType | := | B |
| 48224 | 7798 | email | := | a at b.com |
| 48223 | 7798 | NameSurname | := | Test |
| 49754 | 7798 | Auth-Type | == | Local |
| 76810 | 7798 | Simultaneous-Use | := | 4 |
+-------+----------+------------------+----+-------------------------+
5 rows in set (0.00 sec)
freeradius config
server vpn {
authorize {
preprocess
files
mschap
update control {
Auth-Type := perl
}
perl
}
authenticate {
Auth-Type MS-CHAP {
mschap
}
Auth-Type Perl {
perl
}
}
................
More information about the Freeradius-Users
mailing list