freeRADIUS for switch authentication
Gab Quidilla
gbquidilla21 at gmail.com
Mon Jul 8 08:38:43 CEST 2013
Good day, I've had a freeradius + daloradius + mysql setup to be used for
the authentication of our Allied Telesis switches at our different branches.
I configured the switch to use radius authentication at Login, could
someone check whether the output if radius works on the switch? As there is
no access-accept message I received on radiusd -X
Password is MD5 encrypted, if that helps.
Thanks!
-----
Ready to process requests.
rad_recv: Accounting-Request packet from host 10.141.1.129 port 49154,
id=0, length=84
User-Name = "netops"
NAS-IP-Address = 10.141.1.129
Called-Station-Id = "10.141.1.129"
Calling-Station-Id = "10.96.100.72"
Acct-Status-Type = Start
Acct-Session-Id = "0500001F"
Acct-Authentic = Local
# Executing section preacct from file /etc/raddb/sites-enabled/default
+- entering group preacct {...}
++[preprocess] returns ok
[acct_unique] WARNING: Attribute NAS-Port was not found in request, unique
ID MAY be inconsistent
[acct_unique] Hashing ',Client-IP-Address = 10.141.1.129,NAS-IP-Address =
10.141.1.129,Acct-Session-Id = "0500001F",User-Name = "netops"'
[acct_unique] Acct-Unique-Session-ID = "b320652fa80c290b".
++[acct_unique] returns ok
[suffix] No '@' in User-Name = "netops", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
++[files] returns noop
# Executing section accounting from file /etc/raddb/sites-enabled/default
+- entering group accounting {...}
[detail] expand: %{Packet-Src-IP-Address} -> 10.141.1.129
[detail] expand:
/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d
-> /var/log/radius/radacct/10.141.1.129/detail-20130708
[detail]
/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d
expands to /var/log/radius/radacct/10.141.1.129/detail-20130708
[detail] expand: %t -> Mon Jul 8 14:12:31 2013
++[detail] returns ok
++[unix] returns noop
[radutmp] expand: /var/log/radius/radutmp -> /var/log/radius/radutmp
[radutmp] expand: %{User-Name} -> netops
rlm_radutmp: No NAS-Port seen. Cannot do anything.
rlm_radumtp: WARNING: checkrad will probably not work!
++[radutmp] returns noop
[sql] expand: %{User-Name} -> netops
[sql] sql_set_user escaped user --> 'netops'
[sql] expand: %{Acct-Delay-Time} ->
[sql] ... expanding second conditional
[sql] expand: INSERT INTO radacct
(acctsessionid, acctuniqueid, username,
realm, nasipaddress, nasportid,
nasporttype, acctstarttime, acctstoptime,
acctsessiontime, acctauthentic, connectinfo_start,
connectinfo_stop, acctinputoctets, acctoutputoctets,
calledstationid, callingstationid, acctterminatecause,
servicetype, framedprotocol, framedipaddress,
acctstartdelay, acctstopdelay, xascendsessionsvrkey)
VALUES ('%{Acct-Session-Id}',
'%{Acct-Unique-Session-Id}', '%{SQL-User-Name}',
'%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}',
'%{NAS-Port-Type}', '%S', NULL, '0', '%{Acct-Authentic}',
'%{Connect-Info}', '', '0', '0',
'%{Called-Station-Id}', '%{Calling-Station-Id}', '',
'%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}',
rlm_sql (sql): Reserving sql socket id: 3
rlm_sql (sql): Released sql socket id: 3
++[sql] returns ok
++[exec] returns noop
[attr_filter.accounting_response] expand: %{User-Name} -> netops
attr_filter: Matched entry DEFAULT at line 12
++[attr_filter.accounting_response] returns updated
Sending Accounting-Response of id 0 to 10.141.1.129 port 49154
Finished request 0.
Cleaning up request 0 ID 0 with timestamp +72
Going to the next request
Ready to process requests.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20130708/bfa87bad/attachment.html>
More information about the Freeradius-Users
mailing list