Concurrent Sessions per user
Dear, Is there is a way to control the concurrent sessions per user? Regards, - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Error in Freeradius Log
Dear, I found this error in radius log file: rlm_sql (sql_wimax): There are no DB handles to use! skipped 0, tried to connect 0 Then too many CPE's disconnected then reauthenticated again after 1 minute. Kindly note that we are in testing phase and the maximum No. of connected CPE not more than 200 sessions. What's happened? Regards, - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
insert wrong record
Dears, I noticed wrong record inserted to radacct table with as below: RadAcctId = 5653 AcctSessionId = 2000D19 AcctUniqueId = 3a4ec8ee9b364898 .. .. AcctStartTime = 2010-12-30 12:24:59 AcctStopTime = 2010-11-24 04:10:55 AcctSessionTime = 10800 AccStatusType = Interim-Update ... ... The AcctStopTime value older than AcctStartTime value, and the new session overwriting on the old record. I just found this problem in 1 record from all our records. AcctSessionId values are repeated on my freeradius, is it normal? Regards, Moayad - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
rlm_radutmp Error
Dears, I am using freeradius2-2.1.7-7.el5, I got the following error in radius.log file Error: rlm_radutmp: Logout entry for NAS ASN port 5 has wrong ID As I noticed, this error appears only when NAS send stop record to radius server. What's the problem? And how can I solve it? Regards, Moayad - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Error: TLS Alert
Dears, I am using freeradius2-2.1.7-7.el5 with mysql backend and openssl-0.9.8e-12.el5_5.7. And using EAP-TTLS, default_eap_type = mschapv2 I got the below error: Error: TLS Alert write:fatal:protocol version Error: rlm_eap: SSL error error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number Error: SSL: SSL_read failed in a system call (-1), TLS session fails. Error: TLS Alert write:fatal:bad record mac What's the problem? And how can I solve it? Regards, Moayad - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Calling-Station-Id Empty value
Dears, I am using freeradius with wichorus ASN-GW (WiMAX), I have problem with Calling-Station-Id value The ASN-GW sent Calling-Station-Id in binary format like this \000\031\001\000K I checked the debug radius -X result and I found the AAA got the correct value for Calling-Station-Id but when insert it to database it's will be empty value like Calling-Station-Id='' (Empty Value) What's the problem? And how can insert the Calling-Station-Id value to radacct table? The SQL statement for accounting_start_query for example is: accounting_start_query = INSERT into ${acct_table1} (AccStatusType, AcctSessionId, AcctUniqueId, UserName, \ NASIPAddress, NASPortId, NASPortType, WiMAXGMTTimezoneoffset, WiMAXBSId, EventTimestamp, CallingStationId, \ AcctStartTime, AcctStopTime, AcctSessionTime, AcctInputOctets, \ AcctOutputOctets, AcctTerminateCause, FramedIPAddress ) \ select '%{Acct-Status-Type}', '%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', \ '%{SQL-User-Name}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', '%{WiMAX-GMT-Timezone-offset}', \ '%{WiMAX-BS-Id}', '%{Event-Timestamp}', '%{Calling-Station-Id}', '%S', '0', '0', '0', '0','', \ '%{Framed-IP-Address}' from dual where not exists (select * from ${acct_table1} where UserName='%{SQL-User-Name}' and AcctSessionId='%{Acct-Session-Id}' \ and AcctStartTime='%S') Regards, Moayad - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Disconnect-Request
Dears, Can I disconnect connected user or session form freeradius and Wichorus ASN-GW (WIMAX)? If yes how? Am trying to send disconnect request as follow: (Note: I changed all the following values as needed) # echo Acct-Session-Id=D91FE8E51802097 packet.txt # echo User-Name=somebody packet.txt # echo NAS-IP-Address=10.0.0.1 packet.txt # cat packet.txt | radclient -x 10.0.0.1:3799 disconnect secret Sending Disconnect-Request of id 116 to 10.0.0.1 port 3799 Acct-Session-Id = D91FE8E51802097 User-Name = somebody NAS-IP-Address = 10.0.0.1 rad_recv: Disconnect-NAK packet from host 10.0.0.1 port 3799, id=116, length=32 Event-Timestamp = Oct 12 2010 16:08:21 EEST Error-Cause = Session-Context-Not-Found When I changed the port to 1813 I got the following error: Sending Disconnect-Request of id 26 to 10.0.0.1 port 1812 Acct-Session-Id = D91FE8E51802097 User-Name = somebody NAS-IP-Address = 10.0.0.1 Sending Disconnect-Request of id 26 to 10.0.0.1 port 1812 Acct-Session-Id = D91FE8E51802097 User-Name = somebody NAS-IP-Address = 10.0.0.1 Sending Disconnect-Request of id 26 to 10.0.0.1 port 1812 Acct-Session-Id = D91FE8E51802097 User-Name = somebody NAS-IP-Address = 10.0.0.1 radclient: no response from server for ID 26 socket 3 Regards, Moayad - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Invalid Attributes
Hi to all, I have to add wichorus dictionary for WiMAX, but in this dictionary some attributes are invalid to freeradius. for example: parent_attr and subtype values. In the below sample of the dictionary: VENDORWimax 24757 BEGIN-VENDOR Wimax ATTRIBUTE Wimax-Capability1 octets ATTRIBUTE Wimax-Capability-Release 1 string parent_attr=Wimax-Capability subtype=1 ATTRIBUTE Wimax-Capability-Accounting 1 octets parent_attr=Wimax-Capability subtype=2 ATTRIBUTE Wimax-Capability-Hotlining 1 octets parent_attr=Wimax-Capability subtype=3 ATTRIBUTE Wimax-Capability-Idle-Mode-Notification 1 octets parent_attr=Wimax-Capability subtype=4 What I should to do? Regards, - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Re: Invalid Attributes
Thanks for your response, I want to upload new dictionary for wichrous system, because wichorus has their own standard dictionary and wimax dictionary doesn't work with wichorus ASN-GW Regards, -Original Message- From: freeradius-users-bounces+mmohammad=thebluezone@lists.freeradius.org [mailto:freeradius-users-bounces+mmohammad=thebluezone@lists.freeradius. org] On Behalf Of freeradius-users-requ...@lists.freeradius.org Sent: Monday, June 21, 2010 3:42 PM To: freeradius-users@lists.freeradius.org Subject: Freeradius-Users Digest, Vol 62, Issue 87 Send Freeradius-Users mailing list submissions to freeradius-users@lists.freeradius.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.freeradius.org/mailman/listinfo/freeradius-users or, via email, send a message with subject or body 'help' to freeradius-users-requ...@lists.freeradius.org You can reach the person managing the list at freeradius-users-ow...@lists.freeradius.org When replying, please edit your Subject line so it is more specific than Re: Contents of Freeradius-Users digest... Today's Topics: 1. Invalid Attributes (Moayad Mohammad) 2. Re: Invalid Attributes (Alan DeKok) 3. Re: checkval and != op (Alan DeKok) 4. Re: checkval and != op (Christian Zoffoli) -- Message: 1 Date: Mon, 21 Jun 2010 14:35:13 +0300 From: Moayad Mohammad mmoham...@thebluezone.com Subject: Invalid Attributes To: freeradius-users@lists.freeradius.org Message-ID: 006b01cb1135$d228f6f0$767ae4...@com Content-Type: text/plain; charset=us-ascii Hi to all, I have to add wichorus dictionary for WiMAX, but in this dictionary some attributes are invalid to freeradius. for example: parent_attr and subtype values. In the below sample of the dictionary: VENDORWimax 24757 BEGIN-VENDOR Wimax ATTRIBUTE Wimax-Capability1 octets ATTRIBUTE Wimax-Capability-Release 1 string parent_attr=Wimax-Capability subtype=1 ATTRIBUTE Wimax-Capability-Accounting 1 octets parent_attr=Wimax-Capability subtype=2 ATTRIBUTE Wimax-Capability-Hotlining 1 octets parent_attr=Wimax-Capability subtype=3 ATTRIBUTE Wimax-Capability-Idle-Mode-Notification 1 octets parent_attr=Wimax-Capability subtype=4 What I should to do? Regards, -- next part -- An HTML attachment was scrubbed... URL: https://lists.freeradius.org/pipermail/freeradius-users/attachments/2010062 1/22722f74/attachment.html -- Message: 2 Date: Mon, 21 Jun 2010 13:46:05 +0200 From: Alan DeKok al...@deployingradius.com Subject: Re: Invalid Attributes To: FreeRadius users mailing list freeradius-users@lists.freeradius.org Message-ID: 4c1f50fd.4000...@deployingradius.com Content-Type: text/plain; charset=ISO-8859-1 Moayad Mohammad wrote: I have to add wichorus dictionary for WiMAX, but in this dictionary some attributes are invalid to freeradius. for example: parent_attr and subtype values. Yes... those are not part of FreeRADIUS. What I should to do? Read the documentation for how dictionaries are formatted, and create the dictionary using the correct format. Or, *read the dictionary that is included with FreeRADIUS*. The server ships with a WiMAX dictionary. It's beyond me why you're trying to replace it with one from another vendor. Alan DeKok. -- Message: 3 Date: Mon, 21 Jun 2010 13:50:08 +0200 From: Alan DeKok al...@deployingradius.com Subject: Re: checkval and != op To: FreeRadius users mailing list freeradius-users@lists.freeradius.org Message-ID: 4c1f51f0.6020...@deployingradius.com Content-Type: text/plain; charset=ISO-8859-1 Christian Zoffoli wrote: mysql SELECT * FROM radcheck WHERE username='bumlwdgx'; ... mysql SELECT * FROM radusergroup WHERE username='bumlwdgx'; sigh You asked about radgroupcheck. Why post this? SELECT * FROM radgroupcheck WHERE groupname='wireless'; ++---+++---+ | id | groupname | attribute | op | value | ++---+++---+ | 18 | wireless | Calling-Station-Id | != | 00-22-15-16-35-B0 | Which is OK, and should work. rad_recv: Access-Request packet from host 127.0.0.1 port 34220, id=1, length=298 ChilliSpot-Version = 1.2.2 User-Name = bumlwdgx CHAP-Challenge = 0x777d7fc0c28a480f750e1f5506c3ccd7 CHAP-Password = 0x008617e20f1fc66b2cacc4cbbe2255 NAS-IP-Address = 192.168.182.1 Service-Type = Login-User Framed-IP-Address = 192.168.182.2 Calling-Station-Id = 00-22-15-16-35-B0 Which shouldn't match the entry in radgroupcheck. expand: SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE