UpDate: IP Problems with Simultanaous Logins across 2 NAS - Cisco VPN3000

Lucio Godoy luciocfgodoy at hotmail.com
Fri Mar 12 10:55:36 CET 2010


Hi all;

 

On the cisco VPN logs i am getting:

 

1259 03/12/2010 09:52:50.500 SEV=5 PPP/2 RPT=54 90.12.02.113 
Group [00-16-55-01-b0-a7] User [federal]
disconnected. Cannot resolve an IP address for remote peer.

 

THanks

 

Lucio
 


From: luciocfgodoy at hotmail.com
To: freeradius-users at lists.freeradius.org
Subject: IP Problems with Simultanaous Logins across 2 NAS - Cisco VPN3000
Date: Thu, 11 Mar 2010 18:55:49 +0000



Hi All;
 
I have Freeradius 2 setup with the MySQL database back-end and it is working really well with one Cisco VPN 3060, I also allow multiple logins from the same user.
 
But yesterday i have added a second VPN server and whole thing stop working, user gets authenticated across the 2 NAS, but i belive the freeradius is getting confused with the 2 NAS.
 
As a test I have edited the:  ippool.conf
 
FROM: 
 
## The ORDER BY clause of this query tries to allocate the same IP-address
## which user had last session...
#####allocate-find = "SELECT framedipaddress FROM ${ippool_table} \
##### WHERE pool_name = '%{control:Pool-Name}' AND (expiry_time < NOW() OR expiry_time IS NULL) \
##### ORDER BY (username <> '%{User-Name}'), \
##### (callingstationid <> '%{Calling-Station-Id}'), \
##### expiry_time \
##### LIMIT 1 \
##### FOR UPDATE"
 
TO: 
 
# ## If you prefer to allocate a random IP address every time, i
# ## use this query instead
 allocate-find = "SELECT framedipaddress FROM ${ippool_table} \
  WHERE pool_name = '%{control:Pool-Name}' \
  AND expiry_time = NULL \
  ORDER BY RAND() \
  LIMIT 1 \
  FOR UPDATE"

All worked well and then it stopped. 
 
Is there any other place i have to change to allow simultaneus logins across 2 NAS, pls?
 
 
Many thanks
 
Lucio



Not got a Hotmail account? Sign-up now - Free 		 	   		  
_________________________________________________________________
Got a cool Hotmail story? Tell us now
http://clk.atdmt.com/UKM/go/195013117/direct/01/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100312/9dbcde12/attachment.html>


More information about the Freeradius-Users mailing list