Hi Martin,<br>Thanks for your reply.Everything you mentioned is configured in eap.conf file.Still i am facing the problem.<br>Plz let me know how to proceed to fix it.<br><br>With thanks...<br>Apangshu<br><br><div><span class="gmail_quote">
On 6/11/07, <b class="gmail_sendername"><a href="mailto:freeradius-users-request@lists.freeradius.org">freeradius-users-request@lists.freeradius.org</a></b> <<a href="mailto:freeradius-users-request@lists.freeradius.org">
freeradius-users-request@lists.freeradius.org</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Send Freeradius-Users mailing list submissions to
<br> <a href="mailto:freeradius-users@lists.freeradius.org">freeradius-users@lists.freeradius.org</a><br><br>To subscribe or unsubscribe via the World Wide Web, visit<br> <a href="http://lists.freeradius.org/mailman/listinfo/freeradius-users">
http://lists.freeradius.org/mailman/listinfo/freeradius-users</a><br>or, via email, send a message with subject or body 'help' to<br> <a href="mailto:freeradius-users-request@lists.freeradius.org">freeradius-users-request@lists.freeradius.org
</a><br><br>You can reach the person managing the list at<br> <a href="mailto:freeradius-users-owner@lists.freeradius.org">freeradius-users-owner@lists.freeradius.org</a><br><br>When replying, please edit your Subject line so it is more specific
<br>than "Re: Contents of Freeradius-Users digest..."<br><br><br>Today's Topics:<br><br> 1. Re: help in setting up PEAP in freeRADIUS with winXp<br> supplicant (Martin Gadbois)<br> 2. Re: Freeradius as a secondary (Jeff)
<br> 3. Re: Big "VSA + Proxy" problem (Guilherme Franco)<br><br><br>----------------------------------------------------------------------<br><br>Message: 1<br>Date: Mon, 11 Jun 2007 09:28:27 -0400<br>From: Martin Gadbois <
<a href="mailto:martin.gadbois@colubris.com">martin.gadbois@colubris.com</a>><br>Subject: Re: help in setting up PEAP in freeRADIUS with winXp<br> supplicant<br>To: FreeRadius users mailing list<br> <<a href="mailto:freeradius-users@lists.freeradius.org">
freeradius-users@lists.freeradius.org</a>><br>Message-ID: <<a href="mailto:466D4DFB.1020704@colubris.com">466D4DFB.1020704@colubris.com</a>><br>Content-Type: text/plain; charset=UTF-8<br><br>-----BEGIN PGP SIGNED MESSAGE-----
<br>Hash: SHA1<br><br>Apangshu Saha wrote:<br><br>> rad_check_password: Found Auth-Type EAP<br>> auth: type "EAP"<br>> Processing the authenticate section of radiusd.conf<br>> modcall: entering group authenticate for request 5
<br>> rlm_eap: EAP Identity<br>> rlm_eap: No such EAP type mschapv2<br>> rlm_eap: Failed in EAP select<br>> modcall[authenticate]: module "eap" returns invalid for request 5<br>> modcall: leaving group authenticate (returns invalid) for request 5
<br>> auth: Failed to validate the user.<br>> PEAP: Tunneled authentication was rejected.<br>> rlm_eap_peap: FAILURE<br><br>Do you have mschap enabled in your eap.conf?<br><br> eap {<br> default_eap_type = peap
<br> timer_expire = 60<br> ignore_unknown_eap_types = no<br> cisco_accounting_username_bug = no<br><br> md5 {<br> }<br><br> tls {
<br>...<br> }<br><br> ttls {<br>...<br> }<br> peap {<br>...<br> }<br>>>> mschapv2 {<br>>>> }<br> }
<br><br><br>- --<br>============== +---------------------------------------------+<br>Martin Gadbois | "Please answer by yes or no. |<br>Sr. SW Designer | Uncooperative user waste precious CPU time" |
<br>Colubris Networks Inc. | -- The Andromeda Strain, M. Crichton, 1969 |<br>-----BEGIN PGP SIGNATURE-----<br>Version: GnuPG v1.4.5 (GNU/Linux)<br>Comment: Using GnuPG with Mozilla - <a href="http://enigmail.mozdev.org">
http://enigmail.mozdev.org</a><br><br>iD8DBQFGbU379Y3/iTTCEDkRAhz+AJkBQD2iH/pJHGSFwVdBnNcFAMdILACgomOf<br>vZhC4ftJ7IjYZXP+1oTcjQI=<br>=YvGQ<br>-----END PGP SIGNATURE-----<br><br><br>------------------------------<br><br>Message: 2
<br>Date: Mon, 11 Jun 2007 10:28:37 -0400<br>From: Jeff <<a href="mailto:jeffa@jahelpdesk.com">jeffa@jahelpdesk.com</a>><br>Subject: Re: Freeradius as a secondary<br>To: "FreeRadius users mailing list"<br>
<<a href="mailto:freeradius-users@lists.freeradius.org">freeradius-users@lists.freeradius.org</a>><br>Message-ID: <<a href="mailto:20070611142837.c0c38dfd@ns1.jahelpdesk.com">20070611142837.c0c38dfd@ns1.jahelpdesk.com
</a>><br>Content-Type: text/plain; charset="us-ascii"<br><br>Ok new issue thats eluding me<br>I uninstalled version 1. then installed version 2<br><br>anyway. i resetup the configs and made sure my services file is 1645 radius and 1646 for acct as before
<br>anyway<br>when i do a auth with ntradping all connects aok<br>when i do anykind of an accouting request, stop start update i get error 10054<br>which i read may mean check the port which it apperas i am set aok unless i am missing something
<br><br>NEXT<br>Nothing is going into the radacct dir for detail file either or is it being created<br><br>Also when i do a /etc/init.d/freeradius start or restart everything is aok<br>when i do a /etc/init.d/freeradius reload I see in the radius log that its saying there is errors in the radius config
<br><br>Anyway anyone have any ideas?<br> _____<br><br> From: Peter Nixon [mailto:<a href="mailto:listuser@peternixon.net">listuser@peternixon.net</a>]<br>To: FreeRadius users mailing list [mailto:<a href="mailto:freeradius-users@lists.freeradius.org">
freeradius-users@lists.freeradius.org</a>]<br>Sent: Sun, 10 Jun 2007 19:43:58 -0400<br>Subject: Re: Freeradius as a secondary<br><br>On Sun 10 Jun 2007, Jeff wrote:<br>> I am using the version installed through software update on opensuse
<br><br>You may wish to use my updated packages at:<br><a href="http://software.opensuse.org/download/network:/aaa/">http://software.opensuse.org/download/network:/aaa/</a><br><br>Just add is as a software repository in YaST. (ie.
<br><a href="http://software.opensuse.org/download/network:/aaa/openSUSE_10.2/">http://software.opensuse.org/download/network:/aaa/openSUSE_10.2/</a>)<br><br>Cheers<br><br>--<br><br>Peter Nixon<br><a href="http://www.peternixon.net/">
http://www.peternixon.net/</a><br>PGP Key: <a href="http://www.peternixon.net/public.asc">http://www.peternixon.net/public.asc</a><br>-<br>List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html">
http://www.freeradius.org/list/users.html</a><br><br><br><br>-------------- next part --------------<br>An HTML attachment was scrubbed...<br>URL: <a href="https://lists.freeradius.org/pipermail/freeradius-users/attachments/20070611/ba461c21/attachment-0001.html">
https://lists.freeradius.org/pipermail/freeradius-users/attachments/20070611/ba461c21/attachment-0001.html</a><br><br>------------------------------<br><br>Message: 3<br>Date: Mon, 11 Jun 2007 11:50:26 -0300<br>From: "Guilherme Franco" <
<a href="mailto:guilhermefranco@gmail.com">guilhermefranco@gmail.com</a>><br>Subject: Re: Big "VSA + Proxy" problem<br>To: "FreeRadius users mailing list"<br> <<a href="mailto:freeradius-users@lists.freeradius.org">
freeradius-users@lists.freeradius.org</a>><br>Message-ID:<br> <<a href="mailto:5e239f520706110750me7fca81weab5378ca94d39ea@mail.gmail.com">5e239f520706110750me7fca81weab5378ca94d39ea@mail.gmail.com</a>><br>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed<br><br>Hello Mr. Alan,<br><br>Thank you for answering.<br><br>Below, you will find a working local authentication, user<br><a href="mailto:steve@local.com">steve@local.com
</a> (without proxy), where the VSA "ERX-Service-Bundle" is<br>found in radreply (although the debug doesn't says that) and sent back<br>to the B-RAS:<br><br>rad_recv: Access-Request packet from host <a href="http://192.168.1.1:50000">
192.168.1.1:50000</a>, id=29, length=238<br>Mon Jun 11 11:18:18 2007 : Debug: --- Walking the entire request list ---<br>Mon Jun 11 11:18:18 2007 : Debug: Waking up in 31 seconds...<br>Mon Jun 11 11:18:18 2007 : Debug: Thread 2 got semaphore
<br>Mon Jun 11 11:18:18 2007 : Debug: Thread 2 handling request 1, (1<br>handled so far)<br> User-Password = "testing"<br> User-Name = "<a href="mailto:steve@local.com">steve@local.com</a>"
<br> Acct-Session-Id = "erx atm 3/2.42:100.132:0002097381"<br> Service-Type = Framed-User<br> Framed-Protocol = PPP<br> ERX-Pppoe-Description = "pppoe 12:34:56:78:9a:bc"<br>
Calling-Station-Id = "#BRAS-03#this is a description#100#132"<br> Connect-Info = "speed:UBR:12000"<br> NAS-Port-Type = xDSL<br> NAS-Port = 845414532<br> NAS-Port-Id = "atm 3/2.42:
100.132"<br> NAS-IP-Address = <a href="http://192.168.1.1">192.168.1.1</a><br> NAS-Identifier = "BRAS-03"<br>Mon Jun 11 11:18:18 2007 : Debug: Processing the authorize section<br>of radiusd.conf
<br>Mon Jun 11 11:18:18 2007 : Debug: modcall: entering group authorize<br>for request 1<br>Mon Jun 11 11:18:18 2007 : Debug: modsingle[authorize]: calling<br>preprocess (rlm_preprocess) for request 1<br>Mon Jun 11 11:18:18 2007 : Debug: modsingle[authorize]: returned
<br>from preprocess (rlm_preprocess) for request 1<br>Mon Jun 11 11:18:18 2007 : Debug: modcall[authorize]: module<br>"preprocess" returns ok for request 1<br>Mon Jun 11 11:18:18 2007 : Debug: modsingle[authorize]: calling
<br>auth_log (rlm_detail) for request 1<br>Mon Jun 11 11:18:18 2007 : Debug: radius_xlat:<br>'/usr/local/var/log/radius/radacct/192.168.1.1/auth-detail-20070611'<br>Mon Jun 11 11:18:18 2007 : Debug: rlm_detail:<br>
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d<br>expands to /usr/local/var/log/radius/radacct/192.168.1.1/auth-detail-20070611<br>Mon Jun 11 11:18:18 2007 : Debug: modsingle[authorize]: returned
<br>from auth_log (rlm_detail) for request 1<br>Mon Jun 11 11:18:18 2007 : Debug: modcall[authorize]: module<br>"auth_log" returns ok for request 1<br>Mon Jun 11 11:18:18 2007 : Debug: modsingle[authorize]: calling chap
<br>(rlm_chap) for request 1<br>Mon Jun 11 11:18:18 2007 : Debug: modsingle[authorize]: returned<br>from chap (rlm_chap) for request 1<br>Mon Jun 11 11:18:18 2007 : Debug: modcall[authorize]: module "chap"<br>
returns noop for request 1<br>Mon Jun 11 11:18:18 2007 : Debug: modsingle[authorize]: calling<br>suffix (rlm_realm) for request 1<br>Mon Jun 11 11:18:18 2007 : Debug: rlm_realm: Looking up realm<br>"<a href="http://local.com">
local.com</a>" for User-Name = "<a href="mailto:steve@local.com">steve@local.com</a>"<br>Mon Jun 11 11:18:18 2007 : Debug: rlm_realm: No such realm "<a href="http://local.com">local.com</a>"<br>
Mon Jun 11 11:18:18 2007 : Debug: modsingle[authorize]: returned<br>from suffix (rlm_realm) for request 1<br>Mon Jun 11 11:18:18 2007 : Debug: modcall[authorize]: module<br>"suffix" returns noop for request 1
<br>Mon Jun 11 11:18:18 2007 : Debug: modsingle[authorize]: calling<br>files (rlm_files) for request 1<br>Mon Jun 11 11:18:18 2007 : Debug: users: Matched entry DEFAULT at line 171<br>Mon Jun 11 11:18:18 2007 : Debug: users: Matched entry DEFAULT at line 183
<br>Mon Jun 11 11:18:18 2007 : Debug: modsingle[authorize]: returned<br>from files (rlm_files) for request 1<br>Mon Jun 11 11:18:18 2007 : Debug: modcall[authorize]: module "files"<br>returns ok for request 1
<br>Mon Jun 11 11:18:18 2007 : Debug: modsingle[authorize]: calling sql<br>(rlm_sql) for request 1<br>Mon Jun 11 11:18:18 2007 : Debug: radius_xlat: '<a href="mailto:steve@local.com">steve@local.com</a>'<br>Mon Jun 11 11:18:18 2007 : Debug: rlm_sql (sql): sql_set_user escaped
<br>user --> '<a href="mailto:steve@local.com">steve@local.com</a>'<br>Mon Jun 11 11:18:18 2007 : Debug: radius_xlat: 'SELECT<br>id,UserName,Attribute,Value,op FROM radcheck WHERE Username =<br>'<a href="mailto:steve@local.com">
steve@local.com</a>' ORDER BY id'<br>Mon Jun 11 11:18:18 2007 : Debug: rlm_sql (sql): Reserving sql socket id: 30<br>Mon Jun 11 11:18:18 2007 : Debug: radius_xlat: 'SELECT<br><a href="http://radgroupcheck.id">
radgroupcheck.id</a>,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op<br> FROM radgroupcheck,usergroup WHERE usergroup.Username =<br>'<a href="mailto:steve@local.com">steve@local.com
</a>' AND usergroup.GroupName = radgroupcheck.GroupName<br>ORDER BY <a href="http://radgroupcheck.id">radgroupcheck.id</a>'<br>Mon Jun 11 11:18:18 2007 : Debug: radius_xlat: 'SELECT<br>id,UserName,Attribute,Value,op FROM radreply WHERE Username =
<br>'<a href="mailto:steve@local.com">steve@local.com</a>' ORDER BY id'<br>Mon Jun 11 11:18:18 2007 : Debug: radius_xlat: 'SELECT<br><a href="http://radgroupreply.id">radgroupreply.id</a>,radgroupreply.GroupName
,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op<br> FROM radgroupreply,usergroup WHERE usergroup.Username =<br>'<a href="mailto:steve@local.com">steve@local.com</a>' AND usergroup.GroupName = radgroupreply.GroupName
<br>ORDER BY <a href="http://radgroupreply.id">radgroupreply.id</a>'<br>Mon Jun 11 11:18:18 2007 : Debug: rlm_sql (sql): Released sql socket id: 30<br>Mon Jun 11 11:18:18 2007 : Debug: modsingle[authorize]: returned
<br>from sql (rlm_sql) for request 1<br>Mon Jun 11 11:18:18 2007 : Debug: modcall[authorize]: module "sql"<br>returns ok for request 1<br>Mon Jun 11 11:18:18 2007 : Debug: modsingle[authorize]: calling pap<br>
(rlm_pap) for request 1<br>Mon Jun 11 11:18:18 2007 : Debug: modsingle[authorize]: returned<br>from pap (rlm_pap) for request 1<br>Mon Jun 11 11:18:18 2007 : Debug: modcall[authorize]: module "pap"<br>returns updated for request 1
<br>Mon Jun 11 11:18:18 2007 : Debug: modcall: leaving group authorize<br>(returns updated) for request 1<br>Mon Jun 11 11:18:18 2007 : Debug: rad_check_password: Found Auth-Type pap<br>Mon Jun 11 11:18:18 2007 : Debug: auth: type "PAP"
<br>Mon Jun 11 11:18:18 2007 : Debug: Processing the authenticate<br>section of radiusd.conf<br>Mon Jun 11 11:18:18 2007 : Debug: modcall: entering group PAP for request 1<br>Mon Jun 11 11:18:18 2007 : Debug: modsingle[authenticate]: calling
<br>pap (rlm_pap) for request 1<br>Mon Jun 11 11:18:18 2007 : Debug: rlm_pap: login attempt with password testing<br>Mon Jun 11 11:18:18 2007 : Debug: rlm_pap: Using clear text password.<br>Mon Jun 11 11:18:18 2007 : Debug: rlm_pap: User authenticated succesfully
<br>Mon Jun 11 11:18:18 2007 : Debug: modsingle[authenticate]: returned<br>from pap (rlm_pap) for request 1<br>Mon Jun 11 11:18:18 2007 : Debug: modcall[authenticate]: module<br>"pap" returns ok for request 1
<br>Mon Jun 11 11:18:18 2007 : Debug: modcall: leaving group PAP (returns<br>ok) for request 1<br>Mon Jun 11 11:18:18 2007 : Auth: Login OK: [<a href="mailto:steve@local.com">steve@local.com</a>] (from<br>client ERX-3 port 845414532 cli #BRAS-03#this is a
<br>description#100#132)<br>Mon Jun 11 11:18:18 2007 : Debug: Processing the post-auth section<br>of radiusd.conf<br>Mon Jun 11 11:18:18 2007 : Debug: modcall: entering group post-auth<br>for request 1<br>Mon Jun 11 11:18:18 2007 : Debug: modsingle[post-auth]: calling pool
<br>(rlm_sqlippool) for request 0<br>Mon Jun 11 11:18:18 2007 : Debug: Value Of the Pool-Name is [FIX] and<br>its [3] Chars<br>Mon Jun 11 11:18:18 2007 : Debug: rlm_sql (sql_postgresql): Reserving<br>sql socket id: 30<br>
Mon Jun 11 11:18:18 2007 : Debug: radius_xlat: 'BEGIN'<br>Mon Jun 11 11:18:18 2007 : Debug: rlm_sql_postgresql: Status: PGRES_COMMAND_OK<br>Mon Jun 11 11:18:18 2007 : Debug: rlm_sql_postgresql: affected rows =<br>
Mon Jun 11 11:18:18 2007 : Debug: radius_xlat: 'UPDATE radippool<br>SET nasipaddress = '', pool_key = 0, callingstationid = '',<br>expiry_time = 'now'::timestamp(0) - '1 second'::interval WHERE
<br>nasipaddress = '<a href="http://192.168.1.1">192.168.1.1</a>' and pool_key = 'pppoe 12:34:56:78:9a:bc''<br>Mon Jun 11 11:18:18 2007 : Debug: rlm_sql_postgresql: Status: PGRES_COMMAND_OK<br>Mon Jun 11 11:18:18 2007 : Debug: rlm_sql_postgresql: affected rows = 0
<br>Mon Jun 11 11:18:18 2007 : Debug: radius_xlat: 'select<br>pool('<a href="mailto:steve@local.com">steve@local.com</a>','FIX','#BRAS-03#this is a<br>description#100#134')'<br>Mon Jun 11 11:18:19 2007 : Debug: rlm_sql_postgresql: Status: PGRES_TUPLES_OK
<br>Mon Jun 11 11:18:19 2007 : Debug: rlm_sql_postgresql: affected rows =<br>Mon Jun 11 11:18:19 2007 : Info: rlm_sqlippool: ip=[<a href="http://10.10.10.1">10.10.10.1</a>] len=14<br>Mon Jun 11 11:18:19 2007 : Debug: radius_xlat: 'UPDATE radippool
<br>SET nasipaddress = '<a href="http://192.168.1.1">192.168.1.1</a>', pool_key = 'pppoe<br>12:34:56:78:9a:bc', callingstationid = '#BRAS-03#this is a<br>description#100#134', username = '<a href="mailto:steve@local.com">
steve@local.com</a>', expiry_time =<br>'now'::timestamp(0) + '3600 second'::interval WHERE framedipaddress<br>= '<a href="http://10.10.10.1">10.10.10.1</a>''<br>Mon Jun 11 11:18:19 2007 : Debug: rlm_sql_postgresql: Status: PGRES_COMMAND_OK
<br>Mon Jun 11 11:18:19 2007 : Debug: rlm_sql_postgresql: affected rows = 1<br>Mon Jun 11 11:18:19 2007 : Debug: rlm_sqlippool: Allocated IP<br><a href="http://10.10.10.1">10.10.10.1</a> [8ec25ec9]<br>Mon Jun 11 11:18:19 2007 : Debug: radius_xlat: 'COMMIT'
<br>Mon Jun 11 11:18:19 2007 : Debug: rlm_sql_postgresql: Status: PGRES_COMMAND_OK<br>Mon Jun 11 11:18:19 2007 : Debug: rlm_sql_postgresql: affected rows =<br>Mon Jun 11 11:18:19 2007 : Debug: rlm_sql (sql_postgresql): Released
<br>sql socket id: 30<br>Mon Jun 11 11:18:19 2007 : Debug: modsingle[post-auth]: returned<br>from pool (rlm_sqlippool) for request 0<br>Mon Jun 11 11:18:19 2007 : Debug: modcall[post-auth]: module "pool"<br>
returns ok for request 0<br>Mon Jun 11 11:18:19 2007 : Debug: modsingle[post-auth]: calling<br>sql_log (rlm_sql_log) for request 0<br>Mon Jun 11 11:18:19 2007 : Debug: rlm_sql_log (sql_log): Processing<br>sql_log_postauth
<br>Mon Jun 11 11:18:19 2007 : Debug: radius_xlat: 'INSERT INTO<br>radpostauth ?? (username, pass, reply, authdate)<br>VALUES ?? ('<a href="mailto:steve@local.com">steve@local.com
</a>', 'testing',<br> ?? 'Access-Accept', TO_DATE('2007-06-11 11:18:18','yyyy-mm-dd<br>hh24:mi:ss'))'<br>Mon Jun 11 11:18:19 2007 : Debug: radius_xlat:<br>'/usr/local/var/log/radius/radacct/sql-relay'
<br>Mon Jun 11 11:18:19 2007 : Debug: modsingle[post-auth]: returned<br>from sql_log (rlm_sql_log) for request 0<br>Mon Jun 11 11:18:19 2007 : Debug: modcall[post-auth]: module<br>"sql_log" returns ok for request 0
<br>Mon Jun 11 11:18:19 2007 : Debug: modcall: leaving group post-auth<br>(returns ok) for request 0<br>Sending Access-Accept of id 30 to <a href="http://192.168.1.1">192.168.1.1</a> port 50000<br> X-Ascend-Client-Primary-DNS :=
<a href="http://172.16.1.1">172.16.1.1</a><br> X-Ascend-Client-Secondary-DNS := <a href="http://172.16.1.2">172.16.1.2</a><br> X-Ascend-Client-Assign-DNS := DNS-Assign-Yes<br> ERX-Virtual-Router-Name := "default"
<br> ERX-Service-Bundle := "test1"<br> Framed-IP-Address = <a href="http://10.10.10.1">10.10.10.1</a><br>Mon Jun 11 11:18:19 2007 : Debug: Finished request 0<br><br>---------------<br><br>Now, <a href="mailto:steve@proxy.com">
steve@proxy.com</a> gets authenticated, but in a proxied realm (this<br>user is also in radreply):<br><br>rad_recv: Access-Request packet from host <a href="http://192.168.1.1:50000">192.168.1.1:50000</a>, id=30, length=250
<br>Mon Jun 11 11:02:10 2007 : Debug: --- Walking the entire request list ---<br>Mon Jun 11 11:02:10 2007 : Debug: Thread 1 got semaphore<br>Mon Jun 11 11:02:10 2007 : Debug: Thread 1 handling request 0, (1<br>handled so far)
<br> User-Password = "testing"<br> User-Name = "<a href="mailto:steve@proxy.com">steve@proxy.com</a>"<br> Acct-Session-Id = "erx atm 3/2.42:100.133:0002097382"<br> Service-Type = Framed-User
<br> Framed-Protocol = PPP<br> ERX-Pppoe-Description = "pppoe 12:34:56:78:9a:bc"<br> Calling-Station-Id = "#BRAS-03#this is a description#100#133"<br> Connect-Info = "speed:UBR:12000"
<br> NAS-Port-Type = xDSL<br> NAS-Port = 845414533<br> NAS-Port-Id = "atm 3/2.42:100.133"<br> NAS-IP-Address = <a href="http://192.168.1.1">192.168.1.1</a><br> NAS-Identifier = "BRAS-03"
<br>Mon Jun 11 11:02:10 2007 : Debug: Processing the authorize section<br>of radiusd.conf<br>Mon Jun 11 11:02:10 2007 : Debug: Waking up in 31 seconds...<br>Mon Jun 11 11:02:10 2007 : Debug: modcall: entering group authorize
<br>for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: modsingle[authorize]: calling<br>preprocess (rlm_preprocess) for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: Threads: total/active/spare threads = 5/1/4<br>Mon Jun 11 11:02:10 2007 : Debug: modsingle[authorize]: returned
<br>from preprocess (rlm_preprocess) for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: modcall[authorize]: module<br>"preprocess" returns ok for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: modsingle[authorize]: calling
<br>auth_log (rlm_detail) for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: radius_xlat:<br>'/usr/local/var/log/radius/radacct/192.168.1.1/auth-detail-20070611'<br>Mon Jun 11 11:02:10 2007 : Debug: rlm_detail:<br>
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d<br>expands to /usr/local/var/log/radius/radacct/192.168.1.1/auth-detail-20070611<br>Mon Jun 11 11:02:10 2007 : Debug: modsingle[authorize]: returned
<br>from auth_log (rlm_detail) for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: modcall[authorize]: module<br>"auth_log" returns ok for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: modsingle[authorize]: calling chap
<br>(rlm_chap) for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: modsingle[authorize]: returned<br>from chap (rlm_chap) for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: modcall[authorize]: module "chap"<br>
returns noop for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: modsingle[authorize]: calling<br>suffix (rlm_realm) for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: rlm_realm: Looking up realm<br>"<a href="http://proxy.com">
proxy.com</a>" for User-Name = "<a href="mailto:steve@proxy.com">steve@proxy.com</a>"<br>Mon Jun 11 11:02:10 2007 : Debug: rlm_realm: Found realm "<a href="http://proxy.com">proxy.com</a>"<br>
Mon Jun 11 11:02:10 2007 : Debug: rlm_realm: Adding<br>Stripped-User-Name = "steve"<br>Mon Jun 11 11:02:10 2007 : Debug: rlm_realm: Proxying request from<br>user steve to realm <a href="http://proxy.com">
proxy.com</a><br>Mon Jun 11 11:02:10 2007 : Debug: rlm_realm: Adding Realm = "<a href="http://proxy.com">proxy.com</a>"<br>Mon Jun 11 11:02:10 2007 : Debug: rlm_realm: Preparing to proxy<br>authentication request to realm "
<a href="http://proxy.com">proxy.com</a>"<br>Mon Jun 11 11:02:10 2007 : Debug: modsingle[authorize]: returned<br>from suffix (rlm_realm) for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: modcall[authorize]: module
<br>"suffix" returns updated for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: modsingle[authorize]: calling<br>files (rlm_files) for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: users: Matched entry DEFAULT at line 171
<br>Mon Jun 11 11:02:10 2007 : Debug: users: Matched entry DEFAULT at line 183<br>Mon Jun 11 11:02:10 2007 : Debug: modsingle[authorize]: returned<br>from files (rlm_files) for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: modcall[authorize]: module "files"
<br>returns ok for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: modsingle[authorize]: calling sql<br>(rlm_sql) for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: radius_xlat: '<a href="mailto:steve@proxy.com">steve@proxy.com
</a>'<br>Mon Jun 11 11:02:10 2007 : Debug: rlm_sql (sql): sql_set_user escaped<br>user --> '<a href="mailto:steve@proxy.com">steve@proxy.com</a>' ORDER BY id'<br>Mon Jun 11 11:02:10 2007 : Debug: rlm_sql (sql): Reserving sql socket id: 31
<br>Mon Jun 11 11:02:10 2007 : Debug: radius_xlat: 'SELECT<br><a href="http://radgroupcheck.id">radgroupcheck.id</a>,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op<br> FROM radgroupcheck,usergroup WHERE
usergroup.Username =<br>'<a href="mailto:steve@proxy.com">steve@proxy.com</a>' AND usergroup.GroupName = radgroupcheck.GroupName<br>ORDER BY <a href="http://radgroupcheck.id">radgroupcheck.id</a>'<br>Mon Jun 11 11:02:10 2007 : Debug: radius_xlat: 'SELECT
<br>id,UserName,Attribute,Value,op FROM radreply WHERE Username =<br>'<a href="mailto:steve@proxy.com">steve@proxy.com</a>' ORDER BY id'<br>Mon Jun 11 11:02:10 2007 : Debug: radius_xlat: 'SELECT<br><a href="http://radgroupreply.id">
radgroupreply.id</a>,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op<br> FROM radgroupreply,usergroup WHERE usergroup.Username =<br>'<a href="mailto:steve@proxy.com">steve@proxy.com
</a>' AND usergroup.GroupName = radgroupreply.GroupName<br>ORDER BY <a href="http://radgroupreply.id">radgroupreply.id</a>'<br>Mon Jun 11 11:02:10 2007 : Debug: rlm_sql (sql): Released sql socket id: 31<br>Mon Jun 11 11:02:10 2007 : Debug: modsingle[authorize]: returned
<br>from sql (rlm_sql) for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: modcall[authorize]: module "sql"<br>returns ok for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: modsingle[authorize]: calling pap<br>
(rlm_pap) for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: modsingle[authorize]: returned<br>from pap (rlm_pap) for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: modcall[authorize]: module "pap"<br>returns noop for request 0
<br>Mon Jun 11 11:02:10 2007 : Debug: modcall: leaving group authorize<br>(returns updated) for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: proxy: creating fc229bc8:1812<br>Mon Jun 11 11:02:10 2007 : Debug: proxy: allocating fc229bc8:1812 0
<br>Sending Access-Request of id 0 to <a href="http://192.168.1.2">192.168.1.2</a> port 1812<br> User-Password = "testing"<br> User-Name = "steve"<br> Acct-Session-Id = "erx atm 3/2.42:
100.133:0002097382"<br> Service-Type = Framed-User<br> Framed-Protocol = PPP<br> ERX-Pppoe-Description = "pppoe 12:34:56:78:9a:bc"<br> Calling-Station-Id = "#BRAS-03#this is a description#100#133"
<br> Connect-Info = "speed:UBR:12000"<br> NAS-Port-Type = xDSL<br> NAS-Port = 845414533<br> NAS-Port-Id = "atm 3/2.42:100.133"<br> NAS-IP-Address = <a href="http://192.168.1.1">
192.168.1.1</a><br> NAS-Identifier = "BRAS-03"<br> Proxy-State = 0x3330<br>Mon Jun 11 11:02:10 2007 : Debug: Thread 1 waiting to be assigned a request<br>rad_recv: Access-Accept packet from host <a href="http://192.168.1.2:1812">
192.168.1.2:1812</a>, id=0, length=24<br>Mon Jun 11 11:02:10 2007 : Debug: proxy: de-allocating fc229bc8:1812 0<br>Mon Jun 11 11:02:10 2007 : Debug: rl_next: returning NULL<br>Mon Jun 11 11:02:10 2007 : Debug: Waking up in 31 seconds...
<br>Mon Jun 11 11:02:10 2007 : Debug: Threads: total/active/spare threads = 5/0/5<br>Mon Jun 11 11:02:10 2007 : Debug: Thread 2 got semaphore<br>Mon Jun 11 11:02:10 2007 : Debug: Thread 2 handling request 0, (1<br>handled so far)
<br> Proxy-State = 0x3330<br>Mon Jun 11 11:02:10 2007 : Debug: Processing the post-proxy section<br>of radiusd.conf<br>Mon Jun 11 11:02:10 2007 : Debug: modcall: entering group post-proxy<br>for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: modsingle[post-proxy]: calling
<br>attr_filter (rlm_attr_filter) for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: attr_filter: Matched entry<br><a href="http://proxy.com">proxy.com</a> at line 84<br>Mon Jun 11 11:02:10 2007 : Debug: modsingle[post-proxy]: returned
<br>from attr_filter (rlm_attr_filter) for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: modcall[post-proxy]: module<br>"attr_filter" returns updated for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: modcall: leaving group post-proxy
<br>(returns updated) for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: authorize: Skipping authorize in<br>post-proxy stage<br>Mon Jun 11 11:02:10 2007 : Debug: rad_check_password: Found Auth-Type<br>Mon Jun 11 11:02:10 2007 : Debug: rad_check_password: Auth-Type =
<br>Accept, accepting the user<br>Mon Jun 11 11:02:10 2007 : Auth: Login OK: [<a href="mailto:steve@proxy.com">steve@proxy.com</a>] (from<br>client ERX-3 port 845414533 cli #BRAS-03#this is a<br>description#100#133)<br>Mon Jun 11 11:02:10 2007 : Debug: Processing the post-auth section
<br>of radiusd.conf<br>Mon Jun 11 11:02:10 2007 : Debug: modcall: entering group post-auth<br>for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: modsingle[post-auth]: calling pool<br>(rlm_sqlippool) for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: Value Of the Pool-Name is [FIX] and
<br>its [3] Chars<br>Mon Jun 11 11:02:10 2007 : Debug: rlm_sql (sql_postgresql): Reserving<br>sql socket id: 30<br>Mon Jun 11 11:02:10 2007 : Debug: radius_xlat: 'BEGIN'<br>Mon Jun 11 11:02:10 2007 : Debug: rlm_sql_postgresql: Status: PGRES_COMMAND_OK
<br>Mon Jun 11 11:02:10 2007 : Debug: rlm_sql_postgresql: affected rows =<br>Mon Jun 11 11:02:10 2007 : Debug: radius_xlat: 'UPDATE radippool<br>SET nasipaddress = '', pool_key = 0, callingstationid = '',
<br>expiry_time = 'now'::timestamp(0) - '1 second'::interval WHERE<br>nasipaddress = '<a href="http://192.168.1.1">192.168.1.1</a>' and pool_key = 'pppoe 12:34:56:78:9a:bc''<br>Mon Jun 11 11:02:10 2007 : Debug: rlm_sql_postgresql: Status: PGRES_COMMAND_OK
<br>Mon Jun 11 11:02:10 2007 : Debug: rlm_sql_postgresql: affected rows = 0<br>Mon Jun 11 11:02:10 2007 : Debug: radius_xlat: 'select<br>pool('<a href="mailto:steve@proxy.com">steve@proxy.com</a>','FIX','#BRAS-03#this is a
<br>description#100#133')'<br>Mon Jun 11 11:02:10 2007 : Debug: rlm_sql_postgresql: Status: PGRES_TUPLES_OK<br>Mon Jun 11 11:02:10 2007 : Debug: rlm_sql_postgresql: affected rows =<br>Mon Jun 11 11:02:10 2007 : Info: rlm_sqlippool: ip=[
<a href="http://10.10.10.1">10.10.10.1</a>] len=13<br>Mon Jun 11 11:02:10 2007 : Debug: radius_xlat: 'UPDATE radippool<br>SET nasipaddress = '<a href="http://192.168.1.1">192.168.1.1</a>', pool_key = 'pppoe
<br>12:34:56:78:9a:bc', callingstationid = '#BRAS-03#this is a<br>description#100#133', username = '<a href="mailto:steve@proxy.com">steve@proxy.com</a>', expiry_time =<br>'now'::timestamp(0) + '3600 second'::interval WHERE framedipaddress
<br>= '<a href="http://10.10.10.1">10.10.10.1</a>''<br>Mon Jun 11 11:02:10 2007 : Debug: rlm_sql_postgresql: Status: PGRES_COMMAND_OK<br>Mon Jun 11 11:02:10 2007 : Debug: rlm_sql_postgresql: affected rows = 1<br>
Mon Jun 11 11:02:10 2007 : Debug: rlm_sqlippool: Allocated IP<br><a href="http://10.10.10.1">10.10.10.1</a> [97310ebd]<br>Mon Jun 11 11:02:10 2007 : Debug: radius_xlat: 'COMMIT'<br>Mon Jun 11 11:02:10 2007 : Debug: rlm_sql_postgresql: Status: PGRES_COMMAND_OK
<br>Mon Jun 11 11:02:10 2007 : Debug: rlm_sql_postgresql: affected rows =<br>Mon Jun 11 11:02:10 2007 : Debug: rlm_sql (sql_postgresql): Released<br>sql socket id: 30<br>Mon Jun 11 11:02:10 2007 : Debug: modsingle[post-auth]: returned
<br>from pool (rlm_sqlippool) for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: modcall[post-auth]: module "pool"<br>returns ok for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: modsingle[post-auth]: calling
<br>sql_log (rlm_sql_log) for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: rlm_sql_log (sql_log): Processing<br>sql_log_postauth<br>Mon Jun 11 11:02:10 2007 : Debug: radius_xlat: 'INSERT INTO<br>radpostauth ?? (username, pass, reply, authdate)
<br>VALUES ?? ('<a href="mailto:steve@proxy.com">steve@proxy.com</a>', 'testing',<br> ?? 'Access-Accept', TO_DATE('2007-06-11 11:02:10','yyyy-mm-dd<br>hh24:mi:ss'))'
<br>Mon Jun 11 11:02:10 2007 : Debug: radius_xlat:<br>'/usr/local/var/log/radius/radacct/sql-relay'<br>Mon Jun 11 11:02:10 2007 : Debug: modsingle[post-auth]: returned<br>from sql_log (rlm_sql_log) for request 0
<br>Mon Jun 11 11:02:10 2007 : Debug: modcall[post-auth]: module<br>"sql_log" returns ok for request 0<br>Mon Jun 11 11:02:10 2007 : Debug: modcall: leaving group post-auth<br>(returns ok) for request 0<br>Sending Access-Accept of id 30 to
<a href="http://192.168.1.1">192.168.1.1</a> port 50000<br> X-Ascend-Client-Primary-DNS := <a href="http://172.16.1.1">172.16.1.1</a><br> X-Ascend-Client-Secondary-DNS := <a href="http://172.16.1.2">172.16.1.2
</a><br> X-Ascend-Client-Assign-DNS := DNS-Assign-Yes<br> ERX-Virtual-Router-Name := "default"<br> Framed-IP-Address = <a href="http://10.10.10.1">10.10.10.1</a><br>Mon Jun 11 11:02:10 2007 : Debug: Finished request 0
<br><br>-------------<br><br>> The debug logs will still tell you what modules are being executed,<br>> and when. That will give information as to *why* it's not being added.<br><br>*Sorry, but where is the VSA "ERX-Service-Bundle" here?
<br><br>> This is what the post-auth section is for: adding attributes to<br>> packets after a user has been authenticated.<br><br>*What config shall I put in post-auth to send this VSA back to the<br>B-RAS? Create a module and call it in post-auth?
<br><br>> This will be better supported in 2.0.0.<br><br>*Should I install 2.0.0 then? Is it the only way?<br><br>Thank you very much!<br><br>Guilherme<br><br><br>------------------------------<br><br>-<br>List info/subscribe/unsubscribe? See
<a href="http://www.freeradius.org/list/users.html">http://www.freeradius.org/list/users.html</a><br><br><br>End of Freeradius-Users Digest, Vol 26, Issue 33<br>************************************************<br></blockquote>
</div><br>