Re: How to stop radiusd
Hi, type the following commands: 1. netstat -ap -udp this command show you the process name and their id 2. check the radius process id then type the command kill process id Thanks Regards Amritap Sinha On 11/6/09, Peter Carlstedt pc_...@hotmail.com wrote: Hello all. Me and my friend is sitting at the computer trying to get Freeradius to work. After testing Ubuntus own release of FreeRadius which is verison 2.1.0 we decided to download 2.1.7 from the freeradius site. We downloaded the freeradius into the Desktop of the user and then followed theinstructions for compiling. (sudo ./configure sudo make sudo make install) Now when we want to stop radiusd we cant find the folder which it has installed freeradius into. If you know how if works and where we could find the installed freeradius folder it would be much appreciated. Best regards/ Peter Carlstedt _ Windows Live Hotmail: Your friends can get your Facebook updates, right from Hotmail®. http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_4:092009 -- ** Amritap Sinha ** - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Could not find Pool-Name attribute.
Dear Freeradius-user, I have faceing some problemCould not find Pool-Name attribute. have any solution. Starting - reading configuration files ... reread_config: reading radiusd.conf Config: including file: /etc/raddb/proxy.conf Config: including file: /etc/raddb/clients.conf Config: including file: /etc/raddb/snmp.conf Config: including file: /etc/raddb/eap.conf Config: including file: /etc/raddb/sql.conf main: prefix = /usr main: localstatedir = /var main: logdir = /var/log/radius main: libdir = /usr/lib/freeradius main: radacctdir = /var/log/radius/radacct main: hostname_lookups = no main: max_request_time = 30 main: cleanup_delay = 5 main: max_requests = 1024 main: delete_blocked_requests = 0 main: port = 0 main: allow_core_dumps = no main: log_stripped_names = no main: log_file = /var/log/radius/radius.log main: log_auth = no main: log_auth_badpass = no main: log_auth_goodpass = no main: pidfile = /var/run/radiusd/radiusd.pid main: user = radiusd main: group = radiusd main: usercollide = no main: lower_user = no main: lower_pass = no main: nospace_user = no main: nospace_pass = no main: checkrad = /usr/sbin/checkrad main: proxy_requests = yes proxy: retry_delay = 5 proxy: retry_count = 3 proxy: synchronous = no proxy: default_fallback = yes proxy: dead_time = 120 proxy: post_proxy_authorize = yes proxy: wake_all_if_all_dead = no security: max_attributes = 200 security: reject_delay = 1 security: status_server = no main: debug_level = 0 read_config_files: reading dictionary read_config_files: reading naslist read_config_files: reading clients read_config_files: reading realms radiusd: entering modules setup Module: Library search path is /usr/lib/freeradius Module: Loaded exec exec: wait = yes exec: program = (null) exec: input_pairs = request exec: output_pairs = (null) exec: packet_type = (null) rlm_exec: Wait=yes but no output defined. Did you mean output=none? Module: Instantiated exec (exec) Module: Loaded expr Module: Instantiated expr (expr) Module: Loaded PAP pap: encryption_scheme = crypt Module: Instantiated pap (pap) Module: Loaded CHAP Module: Instantiated chap (chap) Module: Loaded MS-CHAP mschap: use_mppe = yes mschap: require_encryption = no mschap: require_strong = no mschap: with_ntdomain_hack = no mschap: passwd = (null) mschap: authtype = MS-CHAP mschap: ntlm_auth = (null) Module: Instantiated mschap (mschap) Module: Loaded System unix: cache = no unix: passwd = (null) unix: shadow = (null) unix: group = (null) unix: radwtmp = /var/log/radius/radwtmp unix: usegroup = no unix: cache_reload = 600 Module: Instantiated unix (unix) Module: Loaded eap eap: default_eap_type = ttls eap: timer_expire = 60 eap: ignore_unknown_eap_types = no eap: cisco_accounting_username_bug = no rlm_eap: Loaded and initialized type md5 rlm_eap: Loaded and initialized type leap gtc: challenge = Password: gtc: auth_type = System rlm_eap: Loaded and initialized type gtc rlm_eap: Unable to load EAP-Type/ttls, as EAP-Type/TLS is required first. radiusd.conf[9]: eap: Module instantiation failed. hotradius:~ # radiusd -X Starting - reading configuration files ... reread_config: reading radiusd.conf Config: including file: /etc/raddb/proxy.conf Config: including file: /etc/raddb/clients.conf Config: including file: /etc/raddb/snmp.conf Config: including file: /etc/raddb/eap.conf Config: including file: /etc/raddb/sql.conf main: prefix = /usr main: localstatedir = /var main: logdir = /var/log/radius main: libdir = /usr/lib/freeradius main: radacctdir = /var/log/radius/radacct main: hostname_lookups = no main: max_request_time = 30 main: cleanup_delay = 5 main: max_requests = 1024 main: delete_blocked_requests = 0 main: port = 0 main: allow_core_dumps = no main: log_stripped_names = no main: log_file = /var/log/radius/radius.log main: log_auth = no main: log_auth_badpass = no main: log_auth_goodpass = no main: pidfile = /var/run/radiusd/radiusd.pid main: user = radiusd main: group = radiusd main: usercollide = no main: lower_user = no main: lower_pass = no main: nospace_user = no main: nospace_pass = no main: checkrad = /usr/sbin/checkrad main: proxy_requests = yes proxy: retry_delay = 5 proxy: retry_count = 3 proxy: synchronous = no proxy: default_fallback = yes proxy: dead_time = 120 proxy: post_proxy_authorize = yes proxy: wake_all_if_all_dead = no security: max_attributes = 200 security: reject_delay = 1 security: status_server = no main: debug_level = 0 read_config_files: reading dictionary read_config_files: reading naslist read_config_files: reading clients read_config_files: reading realms radiusd: entering modules setup Module: Library search path is /usr/lib/freeradius Module: Loaded exec exec: wait = yes exec: program = (null) exec: input_pairs = request exec: output_pairs = (null) exec: packet_type = (null)
Re: Could not find Pool-Name attribute.
my user file look like:-- # # Please read the documentation file ../doc/processing_users_file, # or 'man 5 users' (after installing the server) for more information. # # This file contains authentication security and configuration # information for each user. Accounting requests are NOT processed # through this file. Instead, see 'acct_users', in this directory. # # The first field is the user's name and can be up to # 253 characters in length. This is followed (on the same line) with # the list of authentication requirements for that user. This can # include password, comm server name, comm server port number, protocol # type (perhaps set by the hints file), and huntgroup name (set by # the huntgroups file). # # If you are not sure why a particular reply is being sent by the # server, then run the server in debugging mode (radiusd -X), and # you will see which entries in this file are matched. # # When an authentication request is received from the comm server, # these values are tested. Only the first match is used unless the # Fall-Through variable is set to Yes. # # A special user named DEFAULT matches on all usernames. # You can have several DEFAULT entries. All entries are processed # in the order they appear in this file. The first entry that # matches the login-request will stop processing unless you use # the Fall-Through variable. # # If you use the database support to turn this file into a .db or .dbm # file, the DEFAULT entries _have_ to be at the end of this file and # you can't have multiple entries for one username. # # You don't need to specify a password if you set Auth-Type += System # on the list of authentication requirements. The RADIUS server # will then check the system password file. # # Indented (with the tab character) lines following the first # line indicate the configuration values to be passed back to # the comm server to allow the initiation of a user session. # This can include things like the PPP configuration values # or the host to log the user onto. # # You can include another `users' file with `$INCLUDE users.other' # # # For a list of RADIUS attributes, and links to their definitions, # see: # # http://www.freeradius.org/rfc/attributes.html # # # Deny access for a specific user. Note that this entry MUST # be before any other 'Auth-Type' attribute which results in the user # being authenticated. # # Note that there is NO 'Fall-Through' attribute, so the user will not # be given any additional resources. # #lameuser Auth-Type := Reject # Reply-Message = Your account has been disabled. # # Deny access for a group of users. # # Note that there is NO 'Fall-Through' attribute, so the user will not # be given any additional resources. # #DEFAULTGroup == disabled, Auth-Type := Reject # Reply-Message = Your account has been disabled. # # # This is a complete entry for steve. Note that there is no Fall-Through # entry so that no DEFAULT entry will be used, and the user will NOT # get any attributes in addition to the ones listed here. # #steve Auth-Type := Local, User-Password == testing # Service-Type = Framed-User, # Framed-Protocol = PPP, # Framed-IP-Address = 172.16.3.33, # Framed-IP-Netmask = 255.255.255.0, # Framed-Routing = Broadcast-Listen, # Framed-Filter-Id = std.ppp, # Framed-MTU = 1500, # Framed-Compression = Van-Jacobsen-TCP-IP # # This is an entry for a user with a space in their name. # Note the double quotes surrounding the name. # #John Doe Auth-Type := Local, User-Password == hello # Reply-Message = Hello, %u # # Dial user back and telnet to the default host for that port # amritap Auth-Type := Local, User-Password == amritap Service-Type = Callback-Login-User, # Login-IP-Host = 0.0.0.0, # Callback-Number = 9,5551212, # Login-Service = Telnet, # Login-TCP-Port = Telnet # # Another complete entry. After the user dialbk has logged in, the # connection will be broken and the user will be dialed back after which # he will get a connection to the host timeshare1. # #dialbk Auth-Type := Local, User-Password == callme # Service-Type = Callback-Login-User, # Login-IP-Host = timeshare1, # Login-Service = PortMaster, # Callback-Number = 9,1-800-555-1212 # # user swilson will only get a static IP number if he logs in with # a framed protocol on a terminal server in Alphen (see the huntgroups file). # # Note that by setting Fall-Through, other attributes will be added from # the following DEFAULT entries # #swilsonService-Type == Framed-User, Huntgroup-Name == alphen # Framed-IP-Address = 192.168.1.65, # Fall-Through = Yes # # If the
Radius Server Authenticate the user but Windows XP generate a error 691
Dear freeradius-users,
I have implemented Free Radius Server
SUSE 9.3 Prof and using mysql database with Perle JETSTREAM 4000 RAS
device. My problem is that when I try to connect a user through modem
in windows XP client machine its occure a error 691 but radius log
authenticate the user.
The Radius Server Log:
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /etc/raddb/proxy.conf
Config: including file: /etc/raddb/clients.conf
Config: including file: /etc/raddb/snmp.conf
Config: including file: /etc/raddb/sql.conf
main: prefix = /usr
main: localstatedir = /var
main: logdir = /var/log/radius
main: libdir = /usr/lib/freeradius
main: radacctdir = /var/log/radius/radacct
main: hostname_lookups = yes
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 1812
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_file = /var/log/radius/radius.log
main: log_auth = no
main: log_auth_badpass = no
main: log_auth_goodpass = no
main: pidfile = /var/run/radiusd/radiusd.pid
main: bind_address = 192.168.1.78 IP address [192.168.1.78]
main: user = radiusd
main: group = radiusd
main: usercollide = no
main: lower_user = no
main: lower_pass = no
main: nospace_user = no
main: nospace_pass = no
main: checkrad = /usr/sbin/checkrad
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
proxy: post_proxy_authorize = yes
proxy: wake_all_if_all_dead = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = yes
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
read_config_files: reading clients
read_config_files: reading realms
radiusd: entering modules setup
Module: Library search path is /usr/lib/freeradius
Module: Loaded exec
exec: wait = yes
exec: program = (null)
exec: input_pairs = request
exec: output_pairs = (null)
exec: packet_type = (null)
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
pap: encryption_scheme = crypt
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
mschap: use_mppe = yes
mschap: require_encryption = no
mschap: require_strong = no
mschap: with_ntdomain_hack = no
mschap: passwd = (null)
mschap: authtype = MS-CHAP
mschap: ntlm_auth = (null)
Module: Instantiated mschap (mschap)
Module: Loaded preprocess
preprocess: huntgroups = /etc/raddb/huntgroups
preprocess: hints = /etc/raddb/hints
preprocess: with_ascend_hack = yes
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded files
files: usersfile = /etc/raddb/users
files: acctusersfile = /etc/raddb/acct_users
files: preproxy_usersfile = /etc/raddb/preproxy_users
files: compat = no
Module: Instantiated files (files)
Module: Loaded SQL
sql: driver = rlm_sql_mysql
sql: server = localhost
sql: port =
sql: login = root
sql: password = root
sql: radius_db = radius
sql: acct_table = radacct
sql: acct_table2 = radacct
sql: authcheck_table = radcheck
sql: authreply_table = radreply
sql: groupcheck_table = radgroupcheck
sql: groupreply_table = radgroupreply
sql: usergroup_table = usergroup
sql: nas_table = nas
sql: dict_table = dictionary
sql: sqltrace = no
sql: sqltracefile = /var/log/radius/sqltrace.sql
sql: readclients = no
sql: deletestalesessions = yes
sql: num_sql_socks = 5
sql: sql_user_name = %{User-Name}
sql: default_user_profile =
sql: query_on_not_found = no
sql: authorize_check_query = SELECT id,UserName,Attribute,Value,op
FROM radcheck WHERE Username = '%{SQL-User-Name}' ORDER BY id
sql: authorize_reply_query = SELECT id,UserName,Attribute,Value,op
FROM radreply WHERE Username = '%{SQL-User-Name}' ORDER BY id
sql: authorize_group_check_query = SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username =
'%{SQL-User-Name}' AND usergroup.GroupName = radgroupcheck.GroupName
ORDER BY radgroupcheck.id
sql: authorize_group_reply_query = SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username =
'%{SQL-User-Name}' AND usergroup.GroupName = radgroupreply.GroupName
ORDER BY radgroupreply.id
sql: accounting_onoff_query = UPDATE radacct SET AcctStopTime='%S',
AcctSessionTime=unix_timestamp('%S') - unix_timestamp(AcctStartTime),
RE: Radius Log authenticate the user but error 691
: Instantiating noresetcounter
sqlcounter noresetcounter {
counter-name = Max-All-Session-Time
check-name = Max-All-Session
key = User-Name
sqlmod-inst = sql
query = SELECT SUM(AcctSessionTime) FROM radacct WHERE
UserName='%{%k}'
reset = never
safe-characters =
@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ 0123456789.-_:
/
}
rlm_sqlcounter: Reply attribute set to Session-Timeout.
rlm_sqlcounter: Counter attribute Max-All-Session-Time is number 11273
rlm_sqlcounter: Check attribute Max-All-Session is number 11274
rlm_sqlcounter: Current Time: 1248265519 [2009-07-22 17:55:19], Next
reset 0 [20 09-07-22 17:00:00]
rlm_sqlcounter: Current Time: 1248265519 [2009-07-22 17:55:19], Prev
reset 0 [20 09-07-22 17:00:00]
Module: Checking preacct {...} for more modules to load
Module: Checking accounting {...} for more modules to load
Module: Linked to module rlm_acct_unique
Module: Instantiating acct_unique
acct_unique {
key = User-Name, Acct-Session-Id, NAS-IP-Address,
Client-IP-Address, NA S-Port
}
Module: Linked to module rlm_detail
Module: Instantiating detail
detail {
detailfile =
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/det
ail-%Y%m%d
header = %t
detailperm = 384
dirperm = 493
locking = no
log_packet_header = no
}
Module: Linked to module rlm_radutmp
Module: Instantiating radutmp
radutmp {
filename = /usr/local/var/log/radius/radutmp
username = %{User-Name}
case_sensitive = yes
check_with_nas = yes
perm = 384
callerid = yes
}
Module: Checking session {...} for more modules to load
}
radiusd: Opening IP addresses and Ports
listen {
type = auth
ipaddr = 192.168.1.78
port = 1812
}
listen {
type = acct
ipaddr = 192.168.1.78
port = 1813
}
Listening on authentication address 192.168.1.78 port 1812
Listening on accounting address 192.168.1.78 port 1813
Listening on proxy address 192.168.1.78 port 1814
Ready to process requests.
rad_recv: Access-Request packet from host 192.168.1.80 port 8504,
id=65, length= 69
User-Name = test
CHAP-Password = 0x021457cf2419b9ff168b9d6460759a7f8b
Service-Type = Framed-User
Framed-Protocol = PPP
NAS-IP-Address = 192.168.1.80
NAS-Port = 4
+- entering group authorize {...}
++[preprocess] returns ok
[chap] Setting 'Auth-Type := CHAP'
++[chap] returns ok
++[mschap] returns noop
[suffix] No '@' in User-Name = test, looking up realm NULL
[suffix] No such realm NULL
++[suffix] returns noop
++[unix] returns notfound
[files] users: Matched entry DEFAULT at line 160
[files] users: Matched entry DEFAULT at line 172
++[files] returns ok
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[sql] expand: %{User-Name} - test
[sql] sql_set_user escaped user -- 'test'
rlm_sql (sql): Reserving sql socket id: 3
[sql] expand: SELECT id, username, attribute, value, op
FROM radchec k WHERE username = '%{SQL-User-Name}'
ORDER BY id - SELECT id, username, attribute, value, op
FROM radcheck WHERE usern ame = 'test' ORDER BY id
[sql] User found in radcheck table
[sql] expand: SELECT id, username, attribute, value, op
FROM radrepl y WHERE username = '%{SQL-User-Name}'
ORDER BY id - SELECT id, username, attribute, value, op
FROM radreply WHERE usern ame = 'test' ORDER BY id
[sql] expand: SELECT groupname FROM radusergroup
WHERE use rname = '%{SQL-User-Name}' ORDER BY priority -
SELECT groupname FROM radusergroup WHERE username =
'test' ORDER BY prio rity
rlm_sql (sql): Released sql socket id: 3
++[sql] returns ok
++[expiration] returns noop
++[logintime] returns noop
rlm_sqlcounter: Entering module authorize code
rlm_sqlcounter: Could not find Check item value pair
++[noresetcounter] returns noop
[pap] Found existing Auth-Type, not changing it.
++[pap] returns noop
Found Auth-Type = CHAP
+- entering group authenticate {...}
[chap] login attempt by test with CHAP password
[chap] Using clear text password test for user test authentication.
[chap] chap user test authenticated succesfully
++[chap] returns ok
Login OK: [test/CHAP-Password] (from client iacsras.com port 4)
Sending Access-Accept of id 65 to 192.168.1.80 port 8504
Framed-IP-Address = 255.255.255.254
Framed-MTU = 576
Service-Type = Framed-User
Framed-Protocol = PPP
Framed-Compression = Van-Jacobson-TCP-IP
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 0 ID 65 with timestamp +66
Ready to process requests.
Thanks Regards
Amritap Sinha
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Server Log say user authenticate but modem shows error 691
Dear All, I have try to implement freeradius in RHCL 4 with my sql. My data base connected to the radius server properly and my radius server authenticate the user properly inside the network and outside the network. My problem is that when I try to connect any user through dial up connection my NAS and radius response and password authenticate(basically I using CHAP password for authentication) but modem shows error 691 in Windows XP O.S. Please any one help me with providing a suitable solution. Thanks Regards Amritap Sinha - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Server Log say user authenticate but modem shows error 691
On 7/21/09, Nicolas Goutte nicolas.gou...@extragroup.de wrote: Am 21.07.2009 um 14:28 schrieb amritap sinha: Dear All, I have try to implement freeradius in RHCL 4 with my sql. My data base connected to the radius server properly and my radius server authenticate the user properly inside the network and outside the network. My problem is that when I try to connect any user through dial up connection my NAS and radius response and password authenticate(basically I using CHAP password for authentication) but modem shows error 691 in Windows XP O.S. Please any one help me with providing a suitable solution. Ok, I am sure that you will be asked the classical questions, so I can ask them: What is in the log of radiusd -X? What is your configuration? Thanks Regards Amritap Sinha - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Nicolas Goutte extragroup GmbH - Karlsruhe Waldstr. 49 76133 Karlsruhe Germany Geschäftsführer: Stephan Mönninghoff, Hans Martin Kern, Tilman Haerdle Registergericht: Amtsgericht Münster / HRB: 5624 Steuer Nr.: 337/5903/0421 / UstID: DE 204607841 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Hi, I sent you all the the radiusd -x output and configuration file in zip format. rad-mail.rar Description: application/force-download - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Radius Log authencate but error 691
Dear All, I have try to implement freeradius in RHCL 4 with my sql. My data base connected to the radius server properly and my radius server authenticate the user properly inside the network and outside the network. My problem is that when I try to connect any user through dial up connection my NAS and radius response and password authenticate(basically I using CHAP password for authentication) but modem shows error 691 in Windows XP O.S. Please any one help me with providing a suitable solution. I sent all the configuration file and radiusd –X out put in zip format. Thanks Regards Amritap Sinha rad-mail.rar Description: application/force-download - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
