Hi
all,
I encountered a
problem during authentication request. Would you give me a hand
?
Many
thanks!
Configuration:
Host A
( Radius server)
Host
B ( proxy all requests to host A )
Problem:
1)
Access-Request is sent to Host B from client
2) Host B proxy
request to Host A
3) Host A sends
Access-Accept to Host B
4) Host B receive
Access-Accept from Host A
5)
Host B sends Access-Reject to client ( log
message comes below)
*My question is how can I set radius such that it can send
the access-accept to client ?
================================================================
rad_recv:
Access-Accept packet from host xxx.xxx.xxx.xxx:1812, id=3,
length=156
Processing the
authorize section of radiusd.conf
modcall: entering group authorize for request 3
hints: Matched DEFAULT at 81
modcall[authorize]: module "preprocess" returns ok for request 3
radius_xlat: '/usr/local/var/log/radius/radacct/xxx.xxx.xxx.xxx/auth-detail-20050921'
rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/xxx.xxx.xxx.xxx/auth-detail-20050921
modcall[authorize]: module "auth_log" returns ok for request 3
rlm_realm: Proxy reply, or no User-Name. Ignoring.
modcall[authorize]: module "suffix" returns noop for request 3
users: Matched entry DEFAULT at line 168
modcall[authorize]: module "files" returns ok for request 3
modcall: group authorize returns ok for request 3
rad_check_password: Found Auth-Type SQL
rad_check_password: Auth-Type = Accept, accepting the user
Login OK: [EMAIL PROTECTED]/8F4Lf0T] (from client ivrs port 0 cli 00-0C-41-2F-00-71)
Processing the post-auth section of radiusd.conf
modcall: entering group post-auth for request 3
radius_xlat: '/usr/local/var/log/radius/radacct/xxx.xxx.xxx.xxx/reply-detail-20050921'
rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/xxx.xxx.xxx.xxx/reply-detail-20050921
modcall[post-auth]: module "reply_log" returns ok for request 3
rlm_sql (sql): Processing sql_postauth
radius_xlat: ''
modcall[post-auth]: module "sql" returns fail for request 3
modcall: group post-auth returns fail for request 3
Delaying request 3 for 1 seconds
Finished request 3
=======================================================================
modcall: entering group authorize for request 3
hints: Matched DEFAULT at 81
modcall[authorize]: module "preprocess" returns ok for request 3
radius_xlat: '/usr/local/var/log/radius/radacct/xxx.xxx.xxx.xxx/auth-detail-20050921'
rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/xxx.xxx.xxx.xxx/auth-detail-20050921
modcall[authorize]: module "auth_log" returns ok for request 3
rlm_realm: Proxy reply, or no User-Name. Ignoring.
modcall[authorize]: module "suffix" returns noop for request 3
users: Matched entry DEFAULT at line 168
modcall[authorize]: module "files" returns ok for request 3
modcall: group authorize returns ok for request 3
rad_check_password: Found Auth-Type SQL
rad_check_password: Auth-Type = Accept, accepting the user
Login OK: [EMAIL PROTECTED]/8F4Lf0T] (from client ivrs port 0 cli 00-0C-41-2F-00-71)
Processing the post-auth section of radiusd.conf
modcall: entering group post-auth for request 3
radius_xlat: '/usr/local/var/log/radius/radacct/xxx.xxx.xxx.xxx/reply-detail-20050921'
rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/reply-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/xxx.xxx.xxx.xxx/reply-detail-20050921
modcall[post-auth]: module "reply_log" returns ok for request 3
rlm_sql (sql): Processing sql_postauth
radius_xlat: ''
modcall[post-auth]: module "sql" returns fail for request 3
modcall: group post-auth returns fail for request 3
Delaying request 3 for 1 seconds
Finished request 3
=======================================================================
___________________________________________________
(c) 2005 Interactive Technology Holdings Limited Group.
All rights reserved.
CONFIDENTIALITY: This communication and any attachment(s)
is intended solely for the person or organisation to which
it is addressed and it may be confidential. This
communication may contain confidential or legally privileged
material and may not be copied, redistributed or published
(in whole or in part) without our prior written consent.
This communication may have been intercepted, partially
destroyed, arrive late, incomplete or contain viruses and no
liability is accepted by any member of the Interactive
Technology Holdings Limited Group as a result. If you are
not the intended recipient, employee or agent responsible
for delivering the message to the intended recipient you
must not copy, disclose, distribute or take any action in
reliance on it. If you have received this communication in
error, please immediately reply and highlight the error to
the sender immediately and destroy the original from your
computer.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html