We are running freeradius on Centos and the most supported package that gets installed by "yum update" is freeradius-1.0.1-3.RHEL4.5, which I now have installed.
I've tried to upgrade by downloading the latest version, 2.0.1. Although it builds and installs it doesn't seem to try to connect to my SQL database. When I start the old version with -X I see a lot of mention of sql. But version 2.0.1 started with -X doesn't seem to say anything apart from its loading the sql.conf file. Am I missing something here? That said I do have some debug for the version I am using for trying to assign a different IP pool per realm. Here is the section that shows that radius is loading the IP pool: ############ Module: Loaded IPPOOL ippool: session-db = "/etc/raddb/db.ippool" ippool: ip-index = "/etc/raddb/db.ipindex" ippool: range-start = 85.92.168.1 IP address [85.92.168.1] ippool: range-stop = 85.92.168.254 IP address [85.92.168.254] ippool: netmask = 255.255.255.0 IP address [255.255.255.0] ippool: cache-size = 800 ippool: override = no ippool: maximum-timeout = 0 Module: Instantiated ippool (main_pool) ############# This is the users entry: ############ DEFAULT Realm == "dsl.realm.co.uk", Pool-Name := "main_ip_realm1" ############ And here is the debug from a user using the realm logging in: ########### rad_recv: Access-Request packet from host 192.168.1.88:1645, id=245, length=127 Framed-Protocol = PPP User-Name = "[EMAIL PROTECTED]" CHAP-Password = 0xb2cd36a39f414e084ae6ab6da5719886f7 NAS-Port-Type = Virtual NAS-Port = 2548 NAS-Port-Id = "Uniq-Sess-ID2548" Connect-Info = "4522000/1000" Service-Type = Framed-User NAS-IP-Address = 192.168.1.88 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 14 modcall[authorize]: module "preprocess" returns ok for request 14 rlm_chap: Setting 'Auth-Type := CHAP' modcall[authorize]: module "chap" returns ok for request 14 modcall[authorize]: module "mschap" returns noop for request 14 rlm_realm: Looking up realm "dsl.realm.co.uk" for User-Name = "[EMAIL PROTECTED]" rlm_realm: Found realm "dsl.realm.co.uk" rlm_realm: Proxying request from user leekane to realm dsl.realm.co.uk rlm_realm: Adding Realm = "dsl.realm.co.uk" rlm_realm: Preparing to proxy authentication request to realm "dsl.realm.co.uk" modcall[authorize]: module "suffix" returns updated for request 14 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 14 users: Matched DEFAULT at 1 modcall[authorize]: module "files" returns ok for request 14 radius_xlat: '[EMAIL PROTECTED]' rlm_sql (sql): sql_set_user escaped user --> '[EMAIL PROTECTED]' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = '[EMAIL PROTECTED]' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 21 rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = '[EMAIL PROTECTED]' ORDER BY id rlm_sql (sql): User [EMAIL PROTECTED] not found in radcheck radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche ck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = '[EMAIL PROTECTED]' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' rlm_sql_mysql: query: SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche ck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = '[EMAIL PROTECTED]' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep ly.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = '[EMAIL PROTECTED]' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql_mysql: query: SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep ly.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = '[EMAIL PROTECTED]' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id rlm_sql (sql): User [EMAIL PROTECTED] not found in radgroupcheck rlm_sql (sql): User not found rlm_sql (sql): Released sql socket id: 21 modcall[authorize]: module "sql" returns notfound for request 14 modcall: group authorize returns updated for request 14 Processing the pre-proxy section of radiusd.conf modcall: entering group pre-proxy for request 14 radius_xlat: '/var/log/radius/radacct/192.168.1.88/pre-proxy-detail-20080211' rlm_detail: /var/log/radius/radacct/%{Client-IP-Address}/pre-proxy-detail-%Y%m%d expands to /var/log/radius/radacct/192.168.1.88/pre-proxy-detail-20080211 modcall[pre-proxy]: module "pre_proxy_log" returns ok for request 14 modcall: group pre-proxy returns ok for request 14 Sending Access-Request of id 1 to 88.20.106.18:1645 Framed-Protocol = PPP User-Name = "[EMAIL PROTECTED]" CHAP-Password = 0xb2cd36a39f414e084ae6ab6da5719886f7 NAS-Port-Type = Virtual NAS-Port = 2548 NAS-Port-Id = "Uniq-Sess-ID2548" Connect-Info = "4522000/1000" Service-Type = Framed-User NAS-IP-Address = 192.168.1.88 CHAP-Challenge = 0x0119ec26782b0c7dd878fb54c30f5859 Proxy-State = 0x323435 Waking up in 5 seconds... rad_recv: Access-Accept packet from host 88.20.106.18:1645, id=1, length=107 Class = 0x5342522d434c20444e3d22323032343331222041543d22323030222055533d22222053493d 22323839302200 Session-Timeout = 0 Framed-IP-Address = 255.255.255.254 Framed-IP-Netmask = 255.255.255.255 Acct-Interim-Interval = 7200 Framed-Protocol = PPP Service-Type = Framed-User Proxy-State = 0x323435 Processing the post-proxy section of radiusd.conf modcall: entering group post-proxy for request 14 radius_xlat: '/var/log/radius/radacct/192.168.1.88/post-proxy-detail-20080211' rlm_detail: /var/log/radius/radacct/%{Client-IP-Address}/post-proxy-detail-%Y%m%d expands to /var/log/radius/radacct/192.168.1.88/post-proxy-detail-20080211 modcall[post-proxy]: module "post_proxy_log" returns ok for request 14 modcall: group post-proxy returns ok for request 14 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 14 modcall[authorize]: module "preprocess" returns ok for request 14 rlm_chap: WARNING: Auth-Type already set. Not setting to CHAP modcall[authorize]: module "chap" returns noop for request 14 modcall[authorize]: module "mschap" returns noop for request 14 rlm_realm: Proxy reply, or no User-Name. Ignoring. modcall[authorize]: module "suffix" returns noop for request 14 modcall[authorize]: module "eap" returns noop for request 14 users: Matched DEFAULT at 1 modcall[authorize]: module "files" returns ok for request 14 radius_xlat: '[EMAIL PROTECTED]' rlm_sql (sql): sql_set_user escaped user --> '[EMAIL PROTECTED]' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = '[EMAIL PROTECTED]' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 20 rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = '[EMAIL PROTECTED]' ORDER BY id rlm_sql (sql): User [EMAIL PROTECTED] not found in radcheck radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche ck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = '[EMAIL PROTECTED]' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' rlm_sql_mysql: query: SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche ck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = '[EMAIL PROTECTED]' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep ly.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = '[EMAIL PROTECTED]' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql_mysql: query: SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep ly.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = '[EMAIL PROTECTED]' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id rlm_sql (sql): User [EMAIL PROTECTED] not found in radgroupcheck rlm_sql (sql): User not found rlm_sql (sql): Released sql socket id: 20 modcall[authorize]: module "sql" returns notfound for request 14 modcall: group authorize returns ok for request 14 rad_check_password: Found Auth-Type rad_check_password: Auth-Type = Accept, accepting the user Login OK: [EMAIL PROTECTED]/<CHAP-Password>] (from client 7304 port 2548) Sending Access-Accept of id 245 to 192.168.1.88:1645 Class = 0x5342522d434c20444e3d22323032343331222041543d22323030222055533d22222053493d 22323839302200 Session-Timeout = 0 Framed-IP-Address = 255.255.255.254 Framed-IP-Netmask = 255.255.255.255 Acct-Interim-Interval = 7200 Framed-Protocol = PPP Service-Type = Framed-User Finished request 14 ######## Thanks in advance Tony -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: 09 February 2008 16:06 To: FreeRadius users mailing list Subject: Re: Different IP Pool per proxied realm Tony Spencer wrote: > We are using FreeRADIUS Version 1.0.1 Why? I would suggest upgrading. The newer versions have a LOT more features, and make this kind of configuration much easier. > But when the user logs in they get assigned an IP from the NAS and not from > the IP Pool. > Am I doing something wrong? The debug log should explain what the server is sending back. But if you're using 1.0.1, I would suggest upgrading before posting the debug log. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.516 / Virus Database: 269.20.2/1270 - Release Date: 10/02/2008 12:21 No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.5.516 / Virus Database: 269.20.2/1270 - Release Date: 10/02/2008 12:21 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html