Hi, I wana use freeradius to dynamically assign ip to my vpn clients. so I defined an ip pool with the range of 10.3.3.1 to 10.3.3.255, with the radtest command , I'm getting the the ip in answer but while trying to connect from vpn client and at the same time looking the debug mod output there's no ip returned in answer.
radtest: radtest new3 new3 localhost 1685 testing123 Sending Access-Request of id 8 to 127.0.0.1 port 1812 User-Name = "new3" User-Password = "new3" NAS-IP-Address = 255.255.255.255 NAS-Port = 1685 rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=8, length=32 Framed-IP-Address = 10.3.3.91 Framed-IP-Netmask = 255.255.255.255 debug mod: rad_recv: Access-Request packet from host 127.0.0.1:33802, id=99, length=146 Service-Type = Framed-User Framed-Protocol = PPP User-Name = "new3" MS-CHAP-Challenge = 0x9dbdf0a41b6c569d8565b6813f9ae9e2 MS-CHAP2-Response = 0xbf00403c6176c9e7b825fc6332f4ecbb5c8a00000000000000000a65a6f35ab28326cf016a4c0636a167d0213b2d4d161cf9 Calling-Station-Id = "85.15.42.219" NAS-IP-Address = 127.0.0.1 NAS-Port = 1 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 1 modcall[authorize]: module "preprocess" returns ok for request 1 modcall[authorize]: module "chap" returns noop for request 1 rlm_mschap: Found MS-CHAP attributes. Setting 'Auth-Type = mschap' modcall[authorize]: module "mschap" returns ok for request 1 rlm_realm: No '@' in User-Name = "new3", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 1 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 1 users: Matched entry DEFAULT at line 173 users: Matched entry DEFAULT at line 185 modcall[authorize]: module "files" returns ok for request 1 radius_xlat: 'new3' rlm_sql (sql): sql_set_user escaped user --> 'new3' radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radcheck WHERE Username = 'new3' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 3 radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName, radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'new3' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radreply WHERE Username = 'new3' ORDER BY id' radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName, radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'new3' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql (sql): Released sql socket id: 3 modcall[authorize]: module "sql" returns ok for request 1 rlm_pap: Found existing Auth-Type, not changing it. modcall[authorize]: module "pap" returns noop for request 1 modcall: leaving group authorize (returns ok) for request 1 rad_check_password: Found Auth-Type MS-CHAP auth: type "MS-CHAP" Processing the authenticate section of radiusd.conf modcall: entering group MS-CHAP for request 1 rlm_mschap: Told to do MS-CHAPv2 for new3 with NT-Password rlm_mschap: adding MS-CHAPv2 MPPE keys modcall[authenticate]: module "mschap" returns ok for request 1 modcall: leaving group MS-CHAP (returns ok) for request 1 Processing the post-auth section of radiusd.conf modcall: entering group post-auth for request 1 rlm_ippool: Searching for an entry for nas/port: 127.0.0.1/1 rlm_ippool: Found Framed-IP-Address attribute in reply attribute list. rlm_ippool: override is set to no. Return NOOP. modcall[post-auth]: module "main_pool" returns noop for request 1 rlm_sql (sql): Processing sql_postauth radius_xlat: 'new3' rlm_sql (sql): sql_set_user escaped user --> 'new3' radius_xlat: 'INSERT into radpostauth (user, pass, reply, date) values ('new3', 'Chap-Password', 'Access-Accept', NOW())' rlm_sql (sql) in sql_postauth: query is INSERT into radpostauth (user, pass, reply, date) values ('new3', 'Chap-Password', 'Access-Accept', NOW()) rlm_sql (sql): Reserving sql socket id: 2 rlm_sql (sql): Released sql socket id: 2 modcall[post-auth]: module "sql" returns ok for request 1 modcall: leaving group post-auth (returns ok) for request 1 Sending Access-Accept of id 99 to 127.0.0.1 port 33802 Framed-IP-Address = 255.255.255.254 Framed-MTU = 576 Service-Type = Framed-User Framed-Protocol = PPP Framed-Compression = Van-Jacobson-TCP-IP MS-CHAP2-Success = 0xbf533d39463644384641333530454543384532453141324231444532453443333036333538323435303646 MS-MPPE-Recv-Key = 0x6bf743cc4d6fcdfe9ca3db2ffa091f2d MS-MPPE-Send-Key = 0xf7c1c3f1197d3b3637982d14423a98de MS-MPPE-Encryption-Policy = 0x00000001 MS-MPPE-Encryption-Types = 0x00000006 Finished request 1 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 1 ID 99 with timestamp 475e1954 Nothing to do. Sleeping until we see a request.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html