Sorry I didn't understand. I executed freeradius on debug mode, then I used the radtest command.
The message is almost the same, but the proxy (@dialup,usp.br - another radius server in another city) returns OK. Why using radtest it returns OK and using monowall it retorns Reject? Thanks, sorry about my english. Daniel 2009/2/3 SDamron <sdam...@gmail.com> Looks like some kind of problem with your database. It clears when > you auth against the radtest, but when you try to use a user in the > database, it fails. > > On Tue, Feb 3, 2009 at 6:45 PM, Daniel Bojczuk <dan...@cirp.usp.br> wrote: > > Hi!! > > > > I have a Monowall athorizing and accounting on a Freeradius 2.1.1 > > > > When I execute: > > radtest nbati...@dialup.usp.br ******* 123.123.123.123 0 's3mf!o/' > > I get the folowing answer: > > Sending Access-Request of id 177 to 123.123.123.123 port 1812 > > User-Name = "nbati...@dialup.usp.br" > > User-Password = "nat6672" > > NAS-IP-Address = 123.123.123.123 > > NAS-Port = 0 > > rad_recv: Access-Accept packet from host 123.123.123.123 port 1812, > > id=177, length=68 > > Framed-IP-Address = 255.255.255.254 > > Framed-MTU = 1500 > > Service-Type = Framed-User > > Framed-Protocol = PPP > > Framed-Compression = Van-Jacobson-TCP-IP > > Session-Timeout = 86400 > > Framed-IP-Netmask = 255.255.255.0 > > Idle-Timeout = 3600 > > > > Everything works fine. But when I try to login using Monowall login page > on > > debug mode I have this: > > > > > ___________________________________________________________________________________________________________________________ > > > > rad_recv: Access-Request packet from host 124.124.124.124 port 63026, > > id=166, length=150 > > NAS-IP-Address = 124.124.124.124 > > NAS-Identifier = "gwrp.semfio.usp.br" > > User-Name = "nbati...@dialup.usp.br" > > User-Password = "*******" > > Service-Type = Login-User > > NAS-Port-Type = Ethernet > > NAS-Port = 83 > > Framed-IP-Address = 125.125.125.125 > > Called-Station-Id = "00:11:2f:75:81:7c" > > Calling-Station-Id = "00:1b:77:b5:34:9d" > > +- entering group authorize {...} > > ++[preprocess] returns ok > > [auth_log] expand: > > /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d > -> > > /usr/local/var/log/radius/radacct/143.107.192.54/auth-detail-20090203 > > [auth_log] > > /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d > > expands to > > /usr/local/var/log/radius/radacct/143.107.192.54/auth-detail-20090203 > > [auth_log] expand: %t -> Tue Feb 3 17:30:54 2009 > > ++[auth_log] returns ok > > [suffix] Looking up realm "dialup.usp.br" for User-Name = > > "nbati...@dialup.usp.br" > > [suffix] Found realm "dialup.usp.br" > > [suffix] Adding Realm = "dialup.usp.br" > > [suffix] Proxying request from user nbatista to realm dialup.usp.br > > [suffix] Preparing to proxy authentication request to realm " > dialup.usp.br" > > ++[suffix] returns updated > > [sql] expand: %{User-Name} -> nbati...@dialup.usp.br > > [sql] sql_set_user escaped user --> 'nbati...@dialup.usp.br' > > rlm_sql (sql): Reserving sql socket id: 6 > > [sql] expand: SELECT id, UserName, Attribute, Value, Op FROM radcheck > > WHERE Username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, UserName, > > Attribute, Value, Op FROM radcheck WHERE Username = > > 'nbati...@dialup.usp.br' ORDER BY id > > rlm_sql_postgresql: Status: PGRES_TUPLES_OK > > rlm_sql_postgresql: query affected rows = 0 , fields = 5 > > [sql] expand: SELECT GroupName FROM radusergroup WHERE > > UserName='%{SQL-User-Name}' ORDER BY priority -> SELECT GroupName FROM > > radusergroup WHERE UserName='nbati...@dialup.usp.br' ORDER BY priority > > rlm_sql_postgresql: Status: PGRES_TUPLES_OK > > rlm_sql_postgresql: query affected rows = 0 , fields = 1 > > rlm_sql (sql): Released sql socket id: 6 > > [sql] User nbati...@dialup.usp.br not found > > ++[sql] returns notfound > > ++[pap] returns noop > > Sending Access-Request of id 239 to 126.126.126.126 port 1812 > > NAS-IP-Address = 124.124.124.124 > > NAS-Identifier = "gwrp.semfio.usp.br" > > User-Name = "nbati...@dialup.usp.br" > > User-Password = "*******" > > Service-Type = Login-User > > NAS-Port-Type = Ethernet > > NAS-Port = 83 > > Framed-IP-Address = 125.125.125.125 > > Called-Station-Id = "00:11:2f:75:81:7c" > > Calling-Station-Id = "00:1b:77:b5:34:Sending Access-Request of id > > 239 to 143.107.253.10 port 1812 > > NAS-IP-Address = 124.124.124.124 > > NAS-Identifier = "gwrp.semfio.usp.br" > > User-Name = "nbati...@dialup.usp.br" > > User-Password = "*******" > > Service-Type = Login-User > > NAS-Port-Type = Ethernet > > NAS-Port = 83 > > Framed-IP-Address = 125.125.125.125 > > Called-Station-Id = "00:11:2f:75:81:7c" > > Calling-Station-Id = "00:1b:77:b5:34:9d" > > Proxy-State = 0x313636 > > Going to the next request > > Waking up in 0.8 seconds. > > Cleaning up request 5 ID 194 with timestamp +9 > > Waking up in 0.1 seconds. > > Waking up in 13.0 seconds. > > rad_recv: Access-Reject packet from host 126.126.126.126 port 1812, > id=239, > > length=82 > > Reply-Message = "\r\nYou are already logged in 2 times - access > > denied\r\n\n" > > Proxy-State = 0x313636 > > +- entering group post-proxy {...} > > [eap] No pre-existing handler found > > ++[eap] returns noop > > Login incorrect (Home Server says so): [nbati...@dialup.usp.br] (from > client > > gwrp port 83 cli 00:1b:77:b5:34:9d) > > Using Post-Auth-Type Reject > > WARNING: Unknown value specified for Post-Auth-Type. Cannot perform > > requested action. > > Sending Access-Reject of id 166 to 123.123.123.123 port 63026 > > Reply-Message = "\r\nYou are already logged in 2 times - access > > denied\r\n\n" > > Finished request 6. > > Going to the next request > > Waking up in 4.9 seconds. > > > ____________________________________________________________________________________________________________________ > > > > I understood that there are 2 sessions opened. am I correct? If I am how > can > > I close these sessions? > > And why does radtest work? > > > > > > Thanks! > > > > Sorry about my English. > > > > Daniel Bojczuk > > > > > > - > > List info/subscribe/unsubscribe? See > > http://www.freeradius.org/list/users.html > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > >
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html