FreeRADIUS as dhcp

Urazaev Vadim demiurg at tica.com.ua
Fri Jul 30 06:47:43 CEST 2010


Hello all.
I tried to configure freeradius to operate as dhcp server and reach the
point from where I can`t proceed.
the version of freeradius is 2.1.9
I have two situation
1. DHCP Discover packet comes from client who directly connected to
network which freerasdius listen on.
2. DHCP Discover packet comes from relaying agent (Switch Linksys SPS224G4)
Then I see in debug (radiusd -xxX) something like that
In first case :
----------------
Received DHCP-Discover of id 359f8b7a from 0.0.0.0:68 to 0.0.0.0:6701 01
06 00 35 9f 8b 7a 00 09 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 10 7f 5f
ff bf 00 00 00 00 00 00 ff ff 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 63 82 53 63
35 01 01 37 0f 01 02 03 06 0c 0f 1c 1d 1f 21 28
29 2a 2c 2d ff 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
Sending DHCP-Offer of id 359f8b7a from 0.0.0.0:67 to
255.255.255.255:680: 02 01 06 00 35 9f 8b 7a 00 00 00 00 00 00 00 00
16: 00 00 00 00 c0 a8 28 05 00 00 00 00 00 10 7f 5f
32: ff bf 00 00 00 00 00 00 ff ff 00 00 00 00 00 00
48: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
64: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
96: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
112: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
128: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
144: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
176: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
192: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
208: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
224: 00 00 00 00 00 00 00 00 00 00 00 00 63 82 53 63
240: 35 01 02 01 04 ff ff ff 00 03 04 c0 a8 28 05 06
256: 08 c2 40 94 02 c3 40 94 01 33 04 00 01 51 80 36
272: 04 c0 a8 28 05 ff 00 00 00 00 00 00 00 00 00 00
288: 00 00 00 00 00 00 00 00 00 00 00 00

=================================================================
In second case I can see only DHCP Discover
It seems like freeradius just ignores the packets that was relayed
=================================================================
Received DHCP-Discover of id 12019719 from 192.168.40.17:68 to
0.0.0.0:6701 01 06 01 12 01 97 19 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 c0 a8 28 11 00 19 db ee
ce a6 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 63 82 53 63
35 01 01 3d 07 01 00 19 db ee ce a6 52 12 01 06
00 04 00 01 01 01 02 08 00 06 00 1e e5 d0 9d 87
ff
=================================================
Please give me a kick in right direction.
=================================================
Full Output radiusd -X
Thu Jul 29 16:24:58 2010 : Info: FreeRADIUS Version 2.1.9, for host
i386-portbld-freebsd7.2, built on Jul 27 2010 at 08:03:44
Thu Jul 29 16:24:58 2010 : Info: Copyright (C) 1999-2009 The FreeRADIUS
server project and contributors.
Thu Jul 29 16:24:58 2010 : Info: There is NO warranty; not even for
MERCHANTABILITY or FITNESS FOR A
Thu Jul 29 16:24:58 2010 : Info: PARTICULAR PURPOSE.
Thu Jul 29 16:24:58 2010 : Info: You may redistribute copies of
FreeRADIUS under the terms of the
Thu Jul 29 16:24:58 2010 : Info: GNU General Public License v2.
Thu Jul 29 16:24:58 2010 : Info: Starting - reading configuration files ...
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/radiusd.conf
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/proxy.conf
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/clients.conf
Thu Jul 29 16:24:58 2010 : Debug: including files in directory
/usr/local/etc/raddb/modules/
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/wimax
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/always
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/attr_filter
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/attr_rewrite
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/chap
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/checkval
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/counter
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/cui
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/detail
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/detail.example.com
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/detail.log
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/digest
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/echo
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/etc_group
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/exec
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/expiration
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/expr
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/files
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/inner-eap
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/ippool
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/krb5
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/ldap
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/linelog
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/logintime
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/mac2ip
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/mschap
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/mac2vlan
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/ntlm_auth
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/otp
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/pam
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/pap
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/passwd
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/perl
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/policy
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/preprocess
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/radutmp
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/realm
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/smbpasswd
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/smsotp
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/sql_log
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/sqlcounter_expire_on_login
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/sradutmp
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/unix
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/modules/acct_unique
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/eap.conf
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/policy.conf
Thu Jul 29 16:24:58 2010 : Debug: including files in directory
/usr/local/etc/raddb/sites-enabled/
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/sites-enabled/default
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/sites-enabled/inner-tunnel
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/sites-enabled/control-socket
Thu Jul 29 16:24:58 2010 : Debug: including configuration file
/usr/local/etc/raddb/sites-enabled/dhcp
Thu Jul 29 16:24:58 2010 : Debug: main {
Thu Jul 29 16:24:58 2010 : Debug:       user = "freeradius"
Thu Jul 29 16:24:58 2010 : Debug:       group = "freeradius"
Thu Jul 29 16:24:58 2010 : Debug:       allow_core_dumps = no
Thu Jul 29 16:24:58 2010 : Debug: }
Thu Jul 29 16:24:58 2010 : Debug: including dictionary file
/usr/local/etc/raddb/dictionary
Thu Jul 29 16:24:58 2010 : Debug: main {
Thu Jul 29 16:24:58 2010 : Debug:       prefix = "/usr/local"
Thu Jul 29 16:24:58 2010 : Debug:       localstatedir = "/var"
Thu Jul 29 16:24:58 2010 : Debug:       logdir = "/var/log"
Thu Jul 29 16:24:58 2010 : Debug:       libdir =
"/usr/local/lib/freeradius-2.1.9"
Thu Jul 29 16:24:58 2010 : Debug:       radacctdir = "/var/log/radacct"
Thu Jul 29 16:24:58 2010 : Debug:       hostname_lookups = no
Thu Jul 29 16:24:58 2010 : Debug:       max_request_time = 30
Thu Jul 29 16:24:58 2010 : Debug:       cleanup_delay = 5
Thu Jul 29 16:24:58 2010 : Debug:       max_requests = 1024
Thu Jul 29 16:24:58 2010 : Debug:       pidfile =
"/var/run/radiusd/radiusd.pid"
Thu Jul 29 16:24:58 2010 : Debug:       checkrad =
"/usr/local/sbin/checkrad"
Thu Jul 29 16:24:58 2010 : Debug:       debug_level = 0
Thu Jul 29 16:24:58 2010 : Debug:       proxy_requests = yes
Thu Jul 29 16:24:58 2010 : Debug:  log {
Thu Jul 29 16:24:58 2010 : Debug:       stripped_names = no
Thu Jul 29 16:24:58 2010 : Debug:       auth = yes
Thu Jul 29 16:24:58 2010 : Debug:       auth_badpass = no
Thu Jul 29 16:24:58 2010 : Debug:       auth_goodpass = no
Thu Jul 29 16:24:58 2010 : Debug:  }
Thu Jul 29 16:24:58 2010 : Debug:  security {
Thu Jul 29 16:24:58 2010 : Debug:       max_attributes = 200
Thu Jul 29 16:24:58 2010 : Debug:       reject_delay = 1
Thu Jul 29 16:24:58 2010 : Debug:       status_server = yes
Thu Jul 29 16:24:58 2010 : Debug:  }
Thu Jul 29 16:24:58 2010 : Debug: }
Thu Jul 29 16:24:58 2010 : Debug: radiusd: #### Loading Realms and Home
Servers ####
Thu Jul 29 16:24:58 2010 : Debug:  proxy server {
Thu Jul 29 16:24:58 2010 : Debug:       retry_delay = 5
Thu Jul 29 16:24:58 2010 : Debug:       retry_count = 3
Thu Jul 29 16:24:58 2010 : Debug:       default_fallback = no
Thu Jul 29 16:24:58 2010 : Debug:       dead_time = 120
Thu Jul 29 16:24:58 2010 : Debug:       wake_all_if_all_dead = no
Thu Jul 29 16:24:58 2010 : Debug:  }
Thu Jul 29 16:24:58 2010 : Debug:  home_server localhost {
Thu Jul 29 16:24:58 2010 : Debug:       ipaddr = 127.0.0.1
Thu Jul 29 16:24:58 2010 : Debug:       port = 1812
Thu Jul 29 16:24:58 2010 : Debug:       type = "auth"
Thu Jul 29 16:24:58 2010 : Debug:       secret = "testing123"
Thu Jul 29 16:24:58 2010 : Debug:       response_window = 20
Thu Jul 29 16:24:58 2010 : Debug:       max_outstanding = 65536
Thu Jul 29 16:24:58 2010 : Debug:       require_message_authenticator = no
Thu Jul 29 16:24:58 2010 : Debug:       zombie_period = 40
Thu Jul 29 16:24:58 2010 : Debug:       status_check = "status-server"
Thu Jul 29 16:24:58 2010 : Debug:       ping_interval = 30
Thu Jul 29 16:24:58 2010 : Debug:       check_interval = 30
Thu Jul 29 16:24:58 2010 : Debug:       num_answers_to_alive = 3
Thu Jul 29 16:24:58 2010 : Debug:       num_pings_to_alive = 3
Thu Jul 29 16:24:58 2010 : Debug:       revive_interval = 120
Thu Jul 29 16:24:58 2010 : Debug:       status_check_timeout = 4
Thu Jul 29 16:24:58 2010 : Debug:       irt = 2
Thu Jul 29 16:24:58 2010 : Debug:       mrt = 16
Thu Jul 29 16:24:58 2010 : Debug:       mrc = 5
Thu Jul 29 16:24:58 2010 : Debug:       mrd = 30
Thu Jul 29 16:24:58 2010 : Debug:  }
Thu Jul 29 16:24:58 2010 : Debug:  home_server_pool my_auth_failover {
Thu Jul 29 16:24:58 2010 : Debug:       type = fail-over
Thu Jul 29 16:24:58 2010 : Debug:       home_server = localhost
Thu Jul 29 16:24:58 2010 : Debug:  }
Thu Jul 29 16:24:58 2010 : Debug:  realm example.com {
Thu Jul 29 16:24:58 2010 : Debug:       auth_pool = my_auth_failover
Thu Jul 29 16:24:58 2010 : Debug:  }
Thu Jul 29 16:24:58 2010 : Debug:  realm LOCAL {
Thu Jul 29 16:24:58 2010 : Debug:  }
Thu Jul 29 16:24:58 2010 : Debug: radiusd: #### Loading Clients ####
Thu Jul 29 16:24:58 2010 : Debug:  client localhost {
Thu Jul 29 16:24:58 2010 : Debug:       ipaddr = 127.0.0.1
Thu Jul 29 16:24:58 2010 : Debug:       require_message_authenticator = no
Thu Jul 29 16:24:58 2010 : Debug:       secret = "testing123"
Thu Jul 29 16:24:58 2010 : Debug:       nastype = "other"
Thu Jul 29 16:24:58 2010 : Debug:  }
Thu Jul 29 16:24:58 2010 : Debug: radiusd: #### Instantiating modules ####
Thu Jul 29 16:24:58 2010 : Debug:  instantiate {
Thu Jul 29 16:24:58 2010 : Debug:     (Loaded rlm_exec, checking if it's
valid)
Thu Jul 29 16:24:58 2010 : Debug:  Module: Linked to module rlm_exec
Thu Jul 29 16:24:58 2010 : Debug:  Module: Instantiating exec
Thu Jul 29 16:24:58 2010 : Debug:   exec {
Thu Jul 29 16:24:58 2010 : Debug:       wait = no
Thu Jul 29 16:24:58 2010 : Debug:       input_pairs = "request"
Thu Jul 29 16:24:58 2010 : Debug:       shell_escape = yes
Thu Jul 29 16:24:58 2010 : Debug:   }
Thu Jul 29 16:24:58 2010 : Debug:     (Loaded rlm_expr, checking if it's
valid)
Thu Jul 29 16:24:58 2010 : Debug:  Module: Linked to module rlm_expr
Thu Jul 29 16:24:58 2010 : Debug:  Module: Instantiating expr
Thu Jul 29 16:24:58 2010 : Debug:     (Loaded rlm_expiration, checking
if it's valid)
Thu Jul 29 16:24:58 2010 : Debug:  Module: Linked to module rlm_expiration
Thu Jul 29 16:24:58 2010 : Debug:  Module: Instantiating expiration
Thu Jul 29 16:24:58 2010 : Debug:   expiration {
Thu Jul 29 16:24:58 2010 : Debug:       reply-message = "Password Has
Expired  "
Thu Jul 29 16:24:58 2010 : Debug:   }
Thu Jul 29 16:24:58 2010 : Debug:     (Loaded rlm_logintime, checking if
it's valid)
Thu Jul 29 16:24:58 2010 : Debug:  Module: Linked to module rlm_logintime
Thu Jul 29 16:24:58 2010 : Debug:  Module: Instantiating logintime
Thu Jul 29 16:24:58 2010 : Debug:   logintime {
Thu Jul 29 16:24:58 2010 : Debug:       reply-message = "You are calling
outside your allowed timespan  "
Thu Jul 29 16:24:58 2010 : Debug:       minimum-timeout = 60
Thu Jul 29 16:24:58 2010 : Debug:   }
Thu Jul 29 16:24:58 2010 : Debug:  }
Thu Jul 29 16:24:58 2010 : Debug: radiusd: #### Loading Virtual Servers ####
Thu Jul 29 16:24:58 2010 : Debug: server inner-tunnel {
Thu Jul 29 16:24:58 2010 : Debug:  modules {
Thu Jul 29 16:24:58 2010 : Debug:  Module: Checking authenticate {...}
for more modules to load
Thu Jul 29 16:24:58 2010 : Debug:     (Loaded rlm_pap, checking if it's
valid)
Thu Jul 29 16:24:58 2010 : Debug:  Module: Linked to module rlm_pap
Thu Jul 29 16:24:58 2010 : Debug:  Module: Instantiating pap
Thu Jul 29 16:24:58 2010 : Debug:   pap {
Thu Jul 29 16:24:58 2010 : Debug:       encryption_scheme = "auto"
Thu Jul 29 16:24:58 2010 : Debug:       auto_header = no
Thu Jul 29 16:24:58 2010 : Debug:   }
Thu Jul 29 16:24:58 2010 : Debug:     (Loaded rlm_chap, checking if it's
valid)
Thu Jul 29 16:24:58 2010 : Debug:  Module: Linked to module rlm_chap
Thu Jul 29 16:24:58 2010 : Debug:  Module: Instantiating chap
Thu Jul 29 16:24:58 2010 : Debug:     (Loaded rlm_mschap, checking if
it's valid)
Thu Jul 29 16:24:58 2010 : Debug:  Module: Linked to module rlm_mschap
Thu Jul 29 16:24:58 2010 : Debug:  Module: Instantiating mschap
Thu Jul 29 16:24:58 2010 : Debug:   mschap {
Thu Jul 29 16:24:58 2010 : Debug:       use_mppe = yes
Thu Jul 29 16:24:58 2010 : Debug:       require_encryption = no
Thu Jul 29 16:24:58 2010 : Debug:       require_strong = no
Thu Jul 29 16:24:58 2010 : Debug:       with_ntdomain_hack = no
Thu Jul 29 16:24:58 2010 : Debug:   }
Thu Jul 29 16:24:58 2010 : Debug:     (Loaded rlm_unix, checking if it's
valid)
Thu Jul 29 16:24:58 2010 : Debug:  Module: Linked to module rlm_unix
Thu Jul 29 16:24:58 2010 : Debug:  Module: Instantiating unix
Thu Jul 29 16:24:58 2010 : Debug:   unix {
Thu Jul 29 16:24:58 2010 : Debug:       radwtmp = "/var/log/radwtmp"
Thu Jul 29 16:24:58 2010 : Debug:   }
Thu Jul 29 16:24:58 2010 : Debug:     (Loaded rlm_eap, checking if it's
valid)
Thu Jul 29 16:24:58 2010 : Debug:  Module: Linked to module rlm_eap
Thu Jul 29 16:24:58 2010 : Debug:  Module: Instantiating eap
Thu Jul 29 16:24:58 2010 : Debug:   eap {
Thu Jul 29 16:24:58 2010 : Debug:       default_eap_type = "md5"
Thu Jul 29 16:24:58 2010 : Debug:       timer_expire = 60
Thu Jul 29 16:24:58 2010 : Debug:       ignore_unknown_eap_types = no
Thu Jul 29 16:24:58 2010 : Debug:       cisco_accounting_username_bug = no
Thu Jul 29 16:24:58 2010 : Debug:       max_sessions = 4096
Thu Jul 29 16:24:58 2010 : Debug:   }
Thu Jul 29 16:24:58 2010 : Debug:  Module: Linked to sub-module rlm_eap_md5
Thu Jul 29 16:24:58 2010 : Debug:  Module: Instantiating eap-md5
Thu Jul 29 16:24:58 2010 : Debug:  Module: Linked to sub-module rlm_eap_leap
Thu Jul 29 16:24:58 2010 : Debug:  Module: Instantiating eap-leap
Thu Jul 29 16:24:58 2010 : Debug:  Module: Linked to sub-module rlm_eap_gtc
Thu Jul 29 16:24:58 2010 : Debug:  Module: Instantiating eap-gtc
Thu Jul 29 16:24:58 2010 : Debug:    gtc {
Thu Jul 29 16:24:58 2010 : Debug:       challenge = "Password: "
Thu Jul 29 16:24:58 2010 : Debug:       auth_type = "PAP"
Thu Jul 29 16:24:58 2010 : Debug:    }
Thu Jul 29 16:24:58 2010 : Debug:  Module: Linked to sub-module rlm_eap_tls
Thu Jul 29 16:24:58 2010 : Debug:  Module: Instantiating eap-tls
Thu Jul 29 16:24:58 2010 : Debug:    tls {
Thu Jul 29 16:24:58 2010 : Debug:       rsa_key_exchange = no
Thu Jul 29 16:24:58 2010 : Debug:       dh_key_exchange = yes
Thu Jul 29 16:24:58 2010 : Debug:       rsa_key_length = 512
Thu Jul 29 16:24:58 2010 : Debug:       dh_key_length = 512
Thu Jul 29 16:24:58 2010 : Debug:       verify_depth = 0
Thu Jul 29 16:24:58 2010 : Debug:       pem_file_type = yes
Thu Jul 29 16:24:58 2010 : Debug:       private_key_file =
"/usr/local/etc/raddb/certs/server.pem"
Thu Jul 29 16:24:58 2010 : Debug:       certificate_file =
"/usr/local/etc/raddb/certs/server.pem"
Thu Jul 29 16:24:58 2010 : Debug:       CA_file =
"/usr/local/etc/raddb/certs/ca.pem"
Thu Jul 29 16:24:58 2010 : Debug:       private_key_password = "whatever"
Thu Jul 29 16:24:58 2010 : Debug:       dh_file =
"/usr/local/etc/raddb/certs/dh"
Thu Jul 29 16:24:58 2010 : Debug:       random_file =
"/usr/local/etc/raddb/certs/random"
Thu Jul 29 16:24:58 2010 : Debug:       fragment_size = 1024
Thu Jul 29 16:24:58 2010 : Debug:       include_length = yes
Thu Jul 29 16:24:58 2010 : Debug:       check_crl = no
Thu Jul 29 16:24:58 2010 : Debug:       cipher_list = "DEFAULT"
Thu Jul 29 16:24:58 2010 : Debug:       make_cert_command =
"/usr/local/etc/raddb/certs/bootstrap"
Thu Jul 29 16:24:58 2010 : Debug:     cache {
Thu Jul 29 16:24:58 2010 : Debug:       enable = no
Thu Jul 29 16:24:58 2010 : Debug:       lifetime = 24
Thu Jul 29 16:24:58 2010 : Debug:       max_entries = 255
Thu Jul 29 16:24:58 2010 : Debug:     }
Thu Jul 29 16:24:58 2010 : Debug:    }
Thu Jul 29 16:24:58 2010 : Debug:  Module: Linked to sub-module rlm_eap_ttls
Thu Jul 29 16:24:58 2010 : Debug:  Module: Instantiating eap-ttls
Thu Jul 29 16:24:58 2010 : Debug:    ttls {
Thu Jul 29 16:24:58 2010 : Debug:       default_eap_type = "md5"
Thu Jul 29 16:24:58 2010 : Debug:       copy_request_to_tunnel = no
Thu Jul 29 16:24:58 2010 : Debug:       use_tunneled_reply = no
Thu Jul 29 16:24:58 2010 : Debug:       virtual_server = "inner-tunnel"
Thu Jul 29 16:24:58 2010 : Debug:       include_length = yes
Thu Jul 29 16:24:58 2010 : Debug:    }
Thu Jul 29 16:24:58 2010 : Debug:  Module: Linked to sub-module rlm_eap_peap
Thu Jul 29 16:24:58 2010 : Debug:  Module: Instantiating eap-peap
Thu Jul 29 16:24:58 2010 : Debug:    peap {
Thu Jul 29 16:24:58 2010 : Debug:       default_eap_type = "mschapv2"
Thu Jul 29 16:24:58 2010 : Debug:       copy_request_to_tunnel = no
Thu Jul 29 16:24:58 2010 : Debug:       use_tunneled_reply = no
Thu Jul 29 16:24:58 2010 : Debug:       proxy_tunneled_request_as_eap = yes
Thu Jul 29 16:24:58 2010 : Debug:       virtual_server = "inner-tunnel"
Thu Jul 29 16:24:58 2010 : Debug:    }
Thu Jul 29 16:24:58 2010 : Debug:  Module: Linked to sub-module
rlm_eap_mschapv2
Thu Jul 29 16:24:58 2010 : Debug:  Module: Instantiating eap-mschapv2
Thu Jul 29 16:24:58 2010 : Debug:    mschapv2 {
Thu Jul 29 16:24:58 2010 : Debug:       with_ntdomain_hack = no
Thu Jul 29 16:24:58 2010 : Debug:    }
Thu Jul 29 16:24:58 2010 : Debug:  Module: Checking authorize {...} for
more modules to load
Thu Jul 29 16:24:58 2010 : Debug:     (Loaded rlm_realm, checking if
it's valid)
Thu Jul 29 16:24:58 2010 : Debug:  Module: Linked to module rlm_realm
Thu Jul 29 16:24:58 2010 : Debug:  Module: Instantiating suffix
Thu Jul 29 16:24:58 2010 : Debug:   realm suffix {
Thu Jul 29 16:24:58 2010 : Debug:       format = "suffix"
Thu Jul 29 16:24:58 2010 : Debug:       delimiter = "@"
Thu Jul 29 16:24:58 2010 : Debug:       ignore_default = no
Thu Jul 29 16:24:58 2010 : Debug:       ignore_null = no
Thu Jul 29 16:24:58 2010 : Debug:   }
Thu Jul 29 16:24:58 2010 : Debug:     (Loaded rlm_files, checking if
it's valid)
Thu Jul 29 16:24:58 2010 : Debug:  Module: Linked to module rlm_files
Thu Jul 29 16:24:58 2010 : Debug:  Module: Instantiating files
Thu Jul 29 16:24:58 2010 : Debug:   files {
Thu Jul 29 16:24:58 2010 : Debug:       usersfile =
"/usr/local/etc/raddb/users"
Thu Jul 29 16:24:58 2010 : Debug:       acctusersfile =
"/usr/local/etc/raddb/acct_users"
Thu Jul 29 16:24:58 2010 : Debug:       preproxy_usersfile =
"/usr/local/etc/raddb/preproxy_users"
Thu Jul 29 16:24:58 2010 : Debug:       compat = "no"
Thu Jul 29 16:24:58 2010 : Debug:   }
Thu Jul 29 16:24:58 2010 : Debug:  Module: Checking session {...} for
more modules to load
Thu Jul 29 16:24:58 2010 : Debug:     (Loaded rlm_radutmp, checking if
it's valid)
Thu Jul 29 16:24:58 2010 : Debug:  Module: Linked to module rlm_radutmp
Thu Jul 29 16:24:58 2010 : Debug:  Module: Instantiating radutmp
Thu Jul 29 16:24:58 2010 : Debug:   radutmp {
Thu Jul 29 16:24:58 2010 : Debug:       filename = "/var/log/radutmp"
Thu Jul 29 16:24:58 2010 : Debug:       username = "%{User-Name}"
Thu Jul 29 16:24:58 2010 : Debug:       case_sensitive = yes
Thu Jul 29 16:24:58 2010 : Debug:       check_with_nas = yes
Thu Jul 29 16:24:58 2010 : Debug:       perm = 384
Thu Jul 29 16:24:58 2010 : Debug:       callerid = yes
Thu Jul 29 16:24:58 2010 : Debug:   }
Thu Jul 29 16:24:58 2010 : Debug:  Module: Checking post-proxy {...} for
more modules to load
Thu Jul 29 16:24:58 2010 : Debug:  Module: Checking post-auth {...} for
more modules to load
Thu Jul 29 16:24:58 2010 : Debug:     (Loaded rlm_attr_filter, checking
if it's valid)
Thu Jul 29 16:24:58 2010 : Debug:  Module: Linked to module rlm_attr_filter
Thu Jul 29 16:24:58 2010 : Debug:  Module: Instantiating
attr_filter.access_reject
Thu Jul 29 16:24:58 2010 : Debug:   attr_filter attr_filter.access_reject {
Thu Jul 29 16:24:58 2010 : Debug:       attrsfile =
"/usr/local/etc/raddb/attrs.access_reject"
Thu Jul 29 16:24:58 2010 : Debug:       key = "%{User-Name}"
Thu Jul 29 16:24:58 2010 : Debug:   }
Thu Jul 29 16:24:58 2010 : Debug:  } # modules
Thu Jul 29 16:24:58 2010 : Debug: } # server
Thu Jul 29 16:24:58 2010 : Debug: server dhcp {
Thu Jul 29 16:24:58 2010 : Debug:  modules {
Thu Jul 29 16:24:58 2010 : Debug:  Module: Checking dhcp DHCP-Discover
{...} for more modules to load
Thu Jul 29 16:24:58 2010 : Debug:     (Loaded rlm_always, checking if
it's valid)
Thu Jul 29 16:24:58 2010 : Debug:  Module: Linked to module rlm_always
Thu Jul 29 16:24:58 2010 : Debug:  Module: Instantiating ok
Thu Jul 29 16:24:58 2010 : Debug:   always ok {
Thu Jul 29 16:24:58 2010 : Debug:       rcode = "ok"
Thu Jul 29 16:24:58 2010 : Debug:       simulcount = 0
Thu Jul 29 16:24:58 2010 : Debug:       mpp = no
Thu Jul 29 16:24:58 2010 : Debug:   }
Thu Jul 29 16:24:58 2010 : Debug:  Module: Checking dhcp DHCP-Request
{...} for more modules to load
Thu Jul 29 16:24:58 2010 : Debug:  Module: Checking dhcp (null) {...}
for more modules to load
Thu Jul 29 16:24:58 2010 : Error:
/usr/local/etc/raddb/sites-enabled/dhcp[156]: No name specified for
Post-Auth-Type block
Thu Jul 29 16:24:58 2010 : Debug:  } # modules
Thu Jul 29 16:24:58 2010 : Debug: } # server
Thu Jul 29 16:24:58 2010 : Debug: server {
Thu Jul 29 16:24:58 2010 : Debug:  modules {
Thu Jul 29 16:24:58 2010 : Debug:  Module: Checking authenticate {...}
for more modules to load
Thu Jul 29 16:24:58 2010 : Debug:  Module: Checking authorize {...} for
more modules to load
Thu Jul 29 16:24:58 2010 : Debug:     (Loaded rlm_preprocess, checking
if it's valid)
Thu Jul 29 16:24:58 2010 : Debug:  Module: Linked to module rlm_preprocess
Thu Jul 29 16:24:58 2010 : Debug:  Module: Instantiating preprocess
Thu Jul 29 16:24:58 2010 : Debug:   preprocess {
Thu Jul 29 16:24:58 2010 : Debug:       huntgroups =
"/usr/local/etc/raddb/huntgroups"
Thu Jul 29 16:24:58 2010 : Debug:       hints = "/usr/local/etc/raddb/hints"
Thu Jul 29 16:24:58 2010 : Debug:       with_ascend_hack = no
Thu Jul 29 16:24:58 2010 : Debug:       ascend_channels_per_line = 23
Thu Jul 29 16:24:58 2010 : Debug:       with_ntdomain_hack = no
Thu Jul 29 16:24:58 2010 : Debug:       with_specialix_jetstream_hack = no
Thu Jul 29 16:24:58 2010 : Debug:       with_cisco_vsa_hack = no
Thu Jul 29 16:24:58 2010 : Debug:       with_alvarion_vsa_hack = no
Thu Jul 29 16:24:58 2010 : Debug:   }
Thu Jul 29 16:24:58 2010 : Debug:  Module: Checking preacct {...} for
more modules to load
Thu Jul 29 16:24:58 2010 : Debug:     (Loaded rlm_acct_unique, checking
if it's valid)
Thu Jul 29 16:24:58 2010 : Debug:  Module: Linked to module rlm_acct_unique
Thu Jul 29 16:24:58 2010 : Debug:  Module: Instantiating acct_unique
Thu Jul 29 16:24:58 2010 : Debug:   acct_unique {
Thu Jul 29 16:24:58 2010 : Debug:       key = "User-Name,
Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
Thu Jul 29 16:24:58 2010 : Debug:   }
Thu Jul 29 16:24:58 2010 : Debug:  Module: Checking accounting {...} for
more modules to load
Thu Jul 29 16:24:58 2010 : Debug:     (Loaded rlm_detail, checking if
it's valid)
Thu Jul 29 16:24:58 2010 : Debug:  Module: Linked to module rlm_detail
Thu Jul 29 16:24:58 2010 : Debug:  Module: Instantiating detail
Thu Jul 29 16:24:58 2010 : Debug:   detail {
Thu Jul 29 16:24:58 2010 : Debug:       detailfile =
"/var/log/radacct/%{Client-IP-Address}/detail-%Y%m%d"
Thu Jul 29 16:24:58 2010 : Debug:       header = "%t"
Thu Jul 29 16:24:58 2010 : Debug:       detailperm = 384
Thu Jul 29 16:24:58 2010 : Debug:       dirperm = 493
Thu Jul 29 16:24:58 2010 : Debug:       locking = no
Thu Jul 29 16:24:58 2010 : Debug:       log_packet_header = no
Thu Jul 29 16:24:58 2010 : Debug:   }
Thu Jul 29 16:24:58 2010 : Debug:  Module: Instantiating
attr_filter.accounting_response
Thu Jul 29 16:24:58 2010 : Debug:   attr_filter
attr_filter.accounting_response {
Thu Jul 29 16:24:58 2010 : Debug:       attrsfile =
"/usr/local/etc/raddb/attrs.accounting_response"
Thu Jul 29 16:24:58 2010 : Debug:       key = "%{User-Name}"
Thu Jul 29 16:24:58 2010 : Debug:   }
Thu Jul 29 16:24:58 2010 : Debug:  Module: Checking session {...} for
more modules to load
Thu Jul 29 16:24:58 2010 : Debug:  Module: Checking post-proxy {...} for
more modules to load
Thu Jul 29 16:24:58 2010 : Debug:  Module: Checking post-auth {...} for
more modules to load
Thu Jul 29 16:24:58 2010 : Debug:  } # modules
Thu Jul 29 16:24:58 2010 : Debug: } # server
Thu Jul 29 16:24:58 2010 : Debug: radiusd: #### Opening IP addresses and
Ports ####
Thu Jul 29 16:24:58 2010 : Debug: listen {
Thu Jul 29 16:24:58 2010 : Debug:       type = "auth"
Thu Jul 29 16:24:58 2010 : Debug:       ipaddr = *
Thu Jul 29 16:24:58 2010 : Debug:       port = 0
Thu Jul 29 16:24:58 2010 : Debug: }
Thu Jul 29 16:24:58 2010 : Debug: listen {
Thu Jul 29 16:24:58 2010 : Debug:       type = "acct"
Thu Jul 29 16:24:58 2010 : Debug:       ipaddr = *
Thu Jul 29 16:24:58 2010 : Debug:       port = 0
Thu Jul 29 16:24:58 2010 : Debug: }
Thu Jul 29 16:24:58 2010 : Debug: listen {
Thu Jul 29 16:24:58 2010 : Debug:       type = "control"
Thu Jul 29 16:24:58 2010 : Debug:  listen {
Thu Jul 29 16:24:58 2010 : Debug:       socket =
"/var/run/radiusd/radiusd.sock"
Thu Jul 29 16:24:58 2010 : Debug:  }
Thu Jul 29 16:24:58 2010 : Debug: }
Thu Jul 29 16:24:58 2010 : Debug: listen {
Thu Jul 29 16:24:58 2010 : Debug:       type = "dhcp"
Thu Jul 29 16:24:58 2010 : Debug:       ipaddr = *
Thu Jul 29 16:24:58 2010 : Debug:       port = 67
Thu Jul 29 16:24:58 2010 : Debug: }
Thu Jul 29 16:24:58 2010 : Debug: Listening on authentication address *
port 1812
Thu Jul 29 16:24:58 2010 : Debug: Listening on accounting address * port
1813
Thu Jul 29 16:24:58 2010 : Debug: Listening on command file
/var/run/radiusd/radiusd.sock
Thu Jul 29 16:24:58 2010 : Debug: Listening on dhcp address * port 67 as
server dhcp
Thu Jul 29 16:24:58 2010 : Debug: Listening on proxy address * port 1814
Thu Jul 29 16:24:58 2010 : Info: Ready to process requests.
Received DHCP-Discover of id 12019719 from 192.168.40.17:68 to
0.0.0.0:6701 01 06 01 12 01 97 19 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 c0 a8 28 11 00 19 db ee
ce a6 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 63 82 53 63
35 01 01 3d 07 01 00 19 db ee ce a6 52 12 01 06
00 04 00 01 01 01 02 08 00 06 00 1e e5 d0 9d 87
ff



More information about the Freeradius-Users mailing list