Ok, I am updating my question. I tried to make vpn work with inner-tunnel and it works via mysql without any problems. As i understand ms-chap asks the username to mysql.
So, how can i use perl script instead of using mysql to authenticate??? > Hello, I am using a perl script to authenticate my users for hotspots with > freeradius. > I got no problem regarding to it. > Now i planned to move my existing vpn server to freeradius also.. > Read some howtos about it (with poptop mostly) > Here is how my perl script works.. When it gets a username/pass it checks > it via an xml page and if it is correct it adds the username to mysql > table with auth-type == local parameter. When second time this user tries > to login it just checks the password.. So I got Auth-Type parameter for > users in mysql. > > And.. here is debug of my freeradius, pptp daemon,mysql query.. and my > site config on freeradius > > > freeradius: > rad_recv: Access-Request packet from host 127.0.0.1 port 33646, id=29, > length=138 > Service-Type = Framed-User > Framed-Protocol = PPP > User-Name = "7798" > MS-CHAP-Challenge = 0xf42766132ee2e3d828c770c460e8588e > MS-CHAP2-Response = > 0x44006948a59f2dbc8c838083bdea3e846fc300000000000000003f4aeadca9c80f730fd668686d8eac96570d941da2b4c2fd > Calling-Station-Id = ".931" > NAS-IP-Address = 192.168.10.213 > NAS-Port = 0 > auth: No authenticate method (Auth-Type) configuration found for the > request: Rejecting the user > auth: Failed to validate the user. > Login incorrect: [7798/<no User-Password attribute>] (from client > localhost port 0 cli .931) > Found Post-Auth-Type Reject > WARNING: Unknown value specified for Post-Auth-Type. Cannot perform > requested action. > > > > > pptp: > > Client 192.168.16.243 control connection started > Nov 18 12:49:30 pptp pptpd[4898]: CTRL: Starting call (launching pppd, > opening GRE) > Nov 18 12:49:30 pptp pppd[4900]: Plugin radius.so loaded. > Nov 18 12:49:30 pptp pppd[4900]: RADIUS plugin initialized. > Nov 18 12:49:30 pptp pppd[4900]: Plugin radattr.so loaded. > Nov 18 12:49:30 pptp pppd[4900]: RADATTR plugin initialized. > Nov 18 12:49:30 pptp pppd[4900]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so > loaded. > Nov 18 12:49:30 pptp pppd[4900]: pppd 2.4.4 started by root, uid 0 > Nov 18 12:49:30 pptp pppd[4900]: Using interface ppp0 > Nov 18 12:49:30 pptp pppd[4900]: Connect: ppp0 <--> /dev/pts/1 > Nov 18 12:49:30 pptp pptpd[4898]: GRE: Bad checksum from pppd. > Nov 18 12:49:33 pptp pptpd[4898]: CTRL: Ignored a SET LINK INFO packet > with real ACCMs! > Nov 18 12:49:34 pptp pppd[4900]: Peer 7798 failed CHAP authentication > Nov 18 12:49:34 pptp pppd[4900]: Connection terminated. > Nov 18 12:49:34 pptp pppd[4900]: Exit. > > > Mysql Query > mysql> select * from radcheck where Username = '7798'; > +-------+----------+------------------+----+-------------------------+ > | id | UserName | Attribute | op | Value | > +-------+----------+------------------+----+-------------------------+ > | 48225 | 7798 | UserType | := | B | > | 48224 | 7798 | email | := | a...@b.com | > | 48223 | 7798 | NameSurname | := | Test | > | 49754 | 7798 | Auth-Type | == | Local | > | 76810 | 7798 | Simultaneous-Use | := | 4 | > +-------+----------+------------------+----+-------------------------+ > 5 rows in set (0.00 sec) > > > freeradius config > server vpn { > authorize { > preprocess > files > mschap > update control { > Auth-Type := perl > } > perl > } > > authenticate { > > > Auth-Type MS-CHAP { > mschap > } > Auth-Type Perl { > perl > } > } > ................ > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html