Use FreeRadius as Proxy for Cisco ACS
Maz17
guillaume.danobrega at gmail.com
Tue Feb 28 11:11:30 CET 2012
When i do radiusd -X, i have this :
rad_recv: Access-Request packet from host 10.215.30.81 port 1645, id=165,
length=88
User-Name = "gdanobrega"
User-Password = "Gdanobreg at 1"
NAS-Port = 1
NAS-Port-Id = "tty1"
NAS-Port-Type = Virtual
Calling-Station-Id = "10.215.25.80"
NAS-IP-Address = 10.215.30.81
# Executing section authorize from file /etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "gdanobrega", looking up realm NULL
[suffix] Found realm "NULL"
[suffix] Adding Stripped-User-Name = "gdanobrega"
[suffix] Adding Realm = "NULL"
[suffix] Proxying request from user gdanobrega to realm NULL
[suffix] Preparing to proxy authentication request to realm "NULL"
++[suffix] returns updated
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[files] users: Matched entry gdanobrega at line 3
++[files] returns ok
++[smsotp] returns ok
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
# Executing section pre-proxy from file /etc/raddb/sites-enabled/default
+- entering group pre-proxy {...}
[pre_proxy_log] expand:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/pre-proxy-detail-%Y%m%d
-> /usr/local/var/log/radius/radacct/10.215.30.81/pre-proxy-detail-20120228
[pre_proxy_log]
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/pre-proxy-detail-%Y%m%d
expands to
/usr/local/var/log/radius/radacct/10.215.30.81/pre-proxy-detail-20120228
[pre_proxy_log] expand: %t -> Tue Feb 28 11:10:14 2012
++[pre_proxy_log] returns ok
Sending Access-Request of id 226 to 10.215.25.100 port 1812
User-Name = "gdanobrega"
User-Password = "Gdanobreg at 1"
NAS-Port = 1
NAS-Port-Id = "tty1"
NAS-Port-Type = Virtual
Calling-Station-Id = "10.215.25.80"
NAS-IP-Address = 10.215.30.81
Proxy-State = 0x313635
Proxying request 0 to home server 10.215.25.100 port 1812
Sending Access-Request of id 226 to 10.215.25.100 port 1812
User-Name = "gdanobrega"
User-Password = "Gdanobreg at 1"
NAS-Port = 1
NAS-Port-Id = "tty1"
NAS-Port-Type = Virtual
Calling-Station-Id = "10.215.25.80"
NAS-IP-Address = 10.215.30.81
Proxy-State = 0x313635
Going to the next request
Waking up in 0.9 seconds.
rad_recv: Access-Accept packet from host 10.215.25.100 port 1812, id=226,
length=75
User-Name = "gdanobrega"
Class =
0x434143533a454d45412d5041522d41435330312f3131383630363934322f333537373035
Proxy-State = 0x313635
# Executing section post-proxy from file /etc/raddb/sites-enabled/default
+- entering group post-proxy {...}
[post_proxy_log] expand:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d
-> /usr/local/var/log/radius/radacct/10.215.30.81/post-proxy-detail-20120228
[post_proxy_log]
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d
expands to
/usr/local/var/log/radius/radacct/10.215.30.81/post-proxy-detail-20120228
[post_proxy_log] expand: %t -> Tue Feb 28 11:10:14 2012
++[post_proxy_log] returns ok
[eap] No pre-existing handler found
++[eap] returns noop
Found Auth-Type = smsotp
Found Auth-Type = Accept
Warning: Found 2 auth-types on request for user 'gdanobrega'
Auth-Type = Accept, accepting the user
Login OK: [gdanobrega] (from client swcisco port 1 cli 10.215.25.80)
# Executing section post-auth from file /etc/raddb/sites-enabled/default
+- entering group post-auth {...}
++[exec] returns noop
Sending Access-Accept of id 165 to 10.215.30.81 port 1645
User-Name = "gdanobrega"
Class =
0x434143533a454d45412d5041522d41435330312f3131383630363934322f333537373035
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
Can you help me to know what kind of Authentification type is used ?
Thanks everyone
--
View this message in context: http://freeradius.1045715.n5.nabble.com/Use-FreeRadius-as-Proxy-for-Cisco-ACS-tp5518831p5521378.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
More information about the Freeradius-Users
mailing list