Framed-IP-Address Issue
Tevfik Ceydeliler
tevfik.ceydeliler at astron.yasar.com.tr
Tue Feb 2 15:03:56 CET 2010
Now i try to test with my freeradius. There are two tests:
1. User try to get IP from pool
2. Users try to get IP as Framed-IP-Address
There is two log i deleted same lines. I send only differences
################################################################
##Log for IP pool:
...
...
[files] users: Matched entry tevfikceydeliler at line 98
...
Sending Access-Request of id 153 to 10.1.1.51 port 1812
User-Name = "tevfikceydeliler"
User-Password = "172938111645"
NAS-Identifier = "GGFILE02"
Called-Station-Id = "yasarapn"
Framed-Protocol = 0
Service-Type = 0
NAS-Port-Type = Virtual
Calling-Station-Id = "905308507313"
NAS-IP-Address = 10.65.5.80
Proxy-State = 0x32
...
Sending Access-Request of id 153 to 10.1.1.51 port 1812
User-Name = "tevfikceydeliler"
User-Password = "172938111645"
NAS-Identifier = "GGFILE02"
Called-Station-Id = "yasarapn"
Framed-Protocol = 0
Service-Type = 0
NAS-Port-Type = Virtual
Calling-Station-Id = "905308507313"
NAS-IP-Address = 10.65.5.80
Proxy-State = 0x32
...
rad_recv: Access-Accept packet from host 10.1.1.51 port 1812, id=153,
length=23
Proxy-State = 0x32
...
Found Auth-Type = Accept
Auth-Type = Accept, accepting the user
+- entering group post-auth {...}
expand: %{NAS-IP-Address} %{NAS-Port} -> 10.65.5.80
[TESTPOOL] MD5 on 'key' directive maps to:
5d6bfe9b8c4b166a1386c56a8286087e
[TESTPOOL] Searching for an entry for key:
'5d6bfe9b8c4b166a1386c56a8286087e'
rlm_ippool: Allocating ip to key: '5d6bfe9b8c4b166a1386c56a8286087e'
[TESTPOOL] num: 1
[TESTPOOL] Allocated ip 172.30.64.12 to client key:
5d6bfe9b8c4b166a1386c56a8286087e
++[TESTPOOL] returns ok
...
Sending Access-Accept of id 2 to 10.65.5.80 port 57928
Framed-IP-Address = 172.30.64.12
Framed-IP-Netmask = 255.255.240.0
...
##Log For Framed-IP-Address:
...
...
[files] users: Matched entry tevfikceydeliler at line 114
...
Sending Access-Request of id 129 to 10.1.1.51 port 1812
User-Name = "tevfikceydeliler"
User-Password = "172915933501"
NAS-Identifier = "GGFILE02"
Called-Station-Id = "yasarapn"
Framed-Protocol = 0
Service-Type = 0
NAS-Port-Type = Virtual
Calling-Station-Id = "905308507313"
NAS-IP-Address = 10.65.5.80
Proxy-State = 0x31
...
Sending Access-Request of id 129 to 10.1.1.51 port 1812
User-Name = "tevfikceydeliler"
User-Password = "172915933501"
NAS-Identifier = "GGFILE02"
Called-Station-Id = "yasarapn"
Framed-Protocol = 0
Service-Type = 0
NAS-Port-Type = Virtual
Calling-Station-Id = "905308507313"
NAS-IP-Address = 10.65.5.80
Proxy-State = 0x31
...
rad_recv: Access-Accept packet from host 10.1.1.51 port 1812, id=129,
length=23
Proxy-State = 0x31
...
Found Auth-Type = Local
Found Auth-Type = Accept
Warning: Found 2 auth-types on request for user 'tevfikceydeliler'
Auth-Type = Accept, accepting the user
+- entering group post-auth {...}
[TESTPOOL] Could not find Pool-Name attribute.
++[TESTPOOL] returns noop
[STATICPOOL] Could not find Pool-Name attribute.
...
Sending Access-Accept of id 1 to 10.65.5.80 port 57927
...
################################################################
1.) I realized that for IP pool test there is only one Auth-Type. In
Framed-IP-Address test there is two!
2.) IP pool Test has 0x32 as Proxy-State, Framed-IP-Address test has
0x31
3.) User can get Ip from pool, cant get ip as static.
Again my question is... what change if a user gets ip from pool or use
static ip? I try to solve this problem. I am newbie. Thanks for your
assistance already..
Bu elektronik postada bulunan tum fikir ve gorusler ve ekindeki dosyalar sadece adres sahip/sahiplerine ait olup, Yasar Toplulugu Sirketleri bu mesajin icerigi ile ilgili olarak hic bir hukuksal sorumlulugu kabul etmez. Eger gonderilmesi dusunulen kisi veya kurulus degilseniz, lutfen gonderen kisiyi derhal haberdar ediniz ve mesaji sisteminizden siliniz.The information contained in this e-mail and any files transmitted with it are intended solely for the use of the individual or entity to whom they are addressed and Yasar Group Companies do not accept legal responsibility for the contents. If you are not the intended recipient, please immediately notify the sender and delete it from your system.
More information about the Freeradius-Users
mailing list