PATCH: fixing log messages in rlm_sqlippool
rlm_sqlippool.c if ((data->allocate_find == NULL) ||. (strlen(data->allocate_find) == 0)) { -radlog(L_ERR, "rlm_sqlippool: the 'allocate_find' statement must be set."); +radlog(L_ERR, "rlm_sqlippool: the 'allocate-find' statement must be set."); sqlippool_detach(data); return -1; } if ((data->allocate_update == NULL) || (strlen(data->allocate_update) == 0)) { -radlog(L_ERR, "rlm_sqlippool: the 'allocate_update' statement must be set."); +radlog(L_ERR, "rlm_sqlippool: the 'allocate-update' statement must be set."); sqlippool_detach(data); return -1; } - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Merging authentication log messages
Hi, > Right now both the outer (anonymous) identity and the inner (real) > identity are logged: > > Oct 14 09:35:14 siteone.some.edu: radiusd[28928]: Login OK: [hhoffman] > (from client wifi-ap port 0 via TLS tunnel) > Oct 14 09:35:15 siteone.some.edu: radiusd[28928]: Login OK: [anonymous] > (from client wifi-ap port 0 cli 02-00-00-00-00-01) those logs are from the log successful auth part of radiusd.conf what you probably want is the log module - just take the current default log config and make you own - and then log what you want into whatever file you want. if you care about real user etc then just call that logging module in the inner-tunnel virtual server. alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Merging authentication log messages
Hi, I'm trying to figure out how to merge log messages when T(T)LS is in use. Right now both the outer (anonymous) identity and the inner (real) identity are logged: Oct 14 09:35:14 siteone.some.edu: radiusd[28928]: Login OK: [hhoffman] (from client wifi-ap port 0 via TLS tunnel) Oct 14 09:35:15 siteone.some.edu: radiusd[28928]: Login OK: [anonymous] (from client wifi-ap port 0 cli 02-00-00-00-00-01) So, the hhoffman is the actual user name and the 02-00-00-00-00-01 is the mac address that is passed along from the ap. I'd like to be able to combine this as I don't need to know the outer (anonymous) id. I'm looking at modules/{linelog,detail.lgo} but neither look like they produce what is being logging via syslog to the file. radiusd.conf contains a logging section that point to log_* but I don't see how to configure the auth messages in a different way. Cheers, Harry - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: 2 server radius (same configuration), different log messages
But with same configuration files (radius.conf, eap.conf) , I have this differences. This messages: *Mon May 19 08:51:20 2008 : Error: TLS_accept:error in SSLv3 read client certificate A Mon May 19 08:51:20 2008 : Info: rlm_eap_tls: Received EAP-TLS ACK message Mon May 19 08:51:20 2008 : Info: rlm_eap_tls: Received EAP-TLS ACK message Mon May 19 08:51:20 2008 : Info: (other): SSL negotiation finished successfully Mon May 19 08:51:20 2008 : Info: rlm_eap_tls: Received EAP-TLS ACK message *are visible only in 1 server radius. (tìmy linux client can authenticate using all my 2 server radius) Thank enrico [EMAIL PROTECTED] ha scritto: hi, 2 different logs - can only be achieved by 1) you are running different builds of FreeRADIUS or 2) the config files really are different alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: 2 server radius (same configuration), different log messages
hi, 2 different logs - can only be achieved by 1) you are running different builds of FreeRADIUS or 2) the config files really are different alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
2 server radius (same configuration), different log messages
Hi all. I have 2 server radius and 1 "AP Cisco" configured to use EAP Authentication. I have 2 server radius with freeradius 1.1.7 (fedora 8), configured in the same way (PEAP) (I haad configured my first server radius and then I copied my configuration files , and the certificates in second server radius) Then by my linux laptop, with wpa_supplicant I try to connect to my wireless ntwork. 1) If my AP is configured to require the authentication on first server radius 1, I obtain this log messages: *Mon May 19 08:51:20 2008 : Error: TLS_accept:error in SSLv3 read client certificate A Mon May 19 08:51:20 2008 : Info: rlm_eap_tls: Received EAP-TLS ACK message Mon May 19 08:51:20 2008 : Info: rlm_eap_tls: Received EAP-TLS ACK message Mon May 19 08:51:20 2008 : Info: (other): SSL negotiation finished successfully Mon May 19 08:51:20 2008 : Info: rlm_eap_tls: Received EAP-TLS ACK message* Mon May 19 08:51:20 2008 : Info: rlm_eap_mschapv2: Issuing Challenge *Mon May 19 08:51:20 2008 : Auth: Login OK: [fanti/attribute>] (from client localhost port 3686 cli 001e.4c00.dade) Mon May 19 08:51:20 2008 : Auth: Login OK: [fanti/attribute>] (from client ap-alternet port 3686 cli 001e.4c00.dade)* ## If I start with radius -X: rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 9 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS eaptls_verify returned 7 rlm_eap_tls: Done initial handshake eaptls_process returned 7 rlm_eap_peap: EAPTLS_OK rlm_eap_peap: Session established. Decoding tunneled attributes. rlm_eap_peap: Received EAP-TLV response. rlm_eap_peap: Tunneled data is valid. rlm_eap_peap: Success rlm_eap: Freeing handler modcall[authenticate]: module "eap" returns ok for request 9 modcall: group authenticate returns ok for request 9 *Login OK: [fanti/] (from client ap-alternet port 3687 cli 001e.4c00.dade)* ## 2) In my second server radius I obtain: Mon May 19 08:50:38 2008 : Info: rlm_eap_mschapv2: Issuing Challenge *Mon May 19 08:50:38 2008 : Auth: Login OK: [fanti] (from client localhost port 3689 cli 001e.4c00.dade) Mon May 19 08:50:38 2008 : Auth: Login OK: [fanti] (from client ap-alternet port 3689 cli 001e.4c00.dade)* # If I start with radius -X: rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 9 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS eaptls_verify returned 7 rlm_eap_tls: Done initial handshake eaptls_process returned 7 rlm_eap_peap: EAPTLS_OK rlm_eap_peap: Session established. Decoding tunneled attributes. rlm_eap_peap: Received EAP-TLV response. rlm_eap_peap: Tunneled data is valid. rlm_eap_peap: Success rlm_eap: Freeing handler modcall[authenticate]: module "eap" returns ok for request 9 modcall: leaving group authenticate (returns ok) for request 9 *Login OK: [fanti] (from client ap-alternet port 3690 cli 001e.4c00.dade *I don't understand why I have differences in this 2 logs (In rows where I have Login OK). Can you help me please ? Thank you enrico - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Log messages
Hi Good Morning. I updated the openser server in US server. When I making a calls from here(India). Its gives the log messages, which are mentioned below and its say " logining Time out ! contact Network Admin ". Its means its not register and server is not responded. __ © 2004 Xten Networks, Inc. All rights reserved. X-Lite release 1105d build stamp 9 License key: 6FCCC0CC7D9B0017E322142CCDFC1071 Attempting SIP protocol listen on: 192.168.2.55:5060 Attempting SIP protocol listen on: 192.168.2.55:5060 Attempting SIP protocol listen on: 192.168.2.55:5060 Attempting SIP protocol listen on: 192.168.2.55:5060 Attempting SIP protocol listen on: 192.168.2.55:5060 Attempting SIP protocol listen on: 192.168.2.55:5060 Attempting SIP protocol listen on: 192.168.2.55:5060 Attempting SIP protocol listen on: 192.168.2.55:5061 Established SIP protocol listen on: 192.168.2.55:5061 NAT firewall type discovered is forced. SIP: 192.168.2.55:5061 RTP: 192.168.2.55:8000 NAT: 61.17.248.68 PROXY#0: 24.98.157.209:5060 (inbound proxy server) OUTBOUND-PROXY#0: 24.98.157.209:5060 (outbound proxy server) SEND TIME: 1619765420 SEND >> 24.98.157.209:5060 REGISTER sip:24.98.157.209 SIP/2.0 Via: SIP/2.0/UDP 192.168.2.55:5061;rport;branch=z9hG4bK7A9AF049E03A84E1671601A7F2B7900C From: sam [EMAIL PROTECTED] >;tag=1069014297 To: sam [EMAIL PROTECTED] > Contact: "sam" [EMAIL PROTECTED]:5061> Call-ID: [EMAIL PROTECTED] CSeq: 27109 REGISTER Expires: 1800 Max-Forwards: 70 User-Agent: X-Lite release 1105d Content-Length: 0 SEND TIME: 1619766930 SEND >> 24.98.157.209:5060 REGISTER sip:24.98.157.209 SIP/2.0 Via: SIP/2.0/UDP 192.168.2.55:5061;rport;branch=z9hG4bK7A9AF049E03A84E1671601A7F2B7900C From: sam [EMAIL PROTECTED] >;tag=1069014297 To: sam [EMAIL PROTECTED] > Contact: "sam" [EMAIL PROTECTED]:5061> Call-ID: [EMAIL PROTECTED] CSeq: 27109 REGISTER Expires: 1800 Max-Forwards: 70 User-Agent: X-Lite release 1105d Content-Length: 0 SEND TIME: 1619769953 SEND >> 24.98.157.209:5060 REGISTER sip:24.98.157.209 SIP/2.0 Via: SIP/2.0/UDP 192.168.2.55:5061;rport;branch=z9hG4bK7A9AF049E03A84E1671601A7F2B7900C From: sam [EMAIL PROTECTED] >;tag=1069014297 To: sam [EMAIL PROTECTED] > Contact: "sam" [EMAIL PROTECTED]:5061> Call-ID: [EMAIL PROTECTED] CSeq: 27109 REGISTER Expires: 1800 Max-Forwards: 70 User-Agent: X-Lite release 1105d Content-Length: 0 SEND TIME: 1619776003 SEND >> 24.98.157.209:5060 REGISTER sip:24.98.157.209 SIP/2.0 Via: SIP/2.0/UDP 192.168.2.55:5061;rport;branch=z9hG4bK7A9AF049E03A84E1671601A7F2B7900C From: sam [EMAIL PROTECTED] >;tag=1069014297 To: sam [EMAIL PROTECTED] > Contact: "sam" [EMAIL PROTECTED]:5061> Call-ID: [EMAIL PROTECTED] CSeq: 27109 REGISTER Expires: 1800 Max-Forwards: 70 User-Agent: X-Lite release 1105d Content-Length: 0 __ Here, in Local Network working fine with My openser server. What is nat traversal, outbound proxy server , inbound proxy server , is it need in openser and softphone ... Please help me.-- Thanks and Regards with cheersSunkara Ravi Prakash (Voip Developer)Hyperion Technologywww.hyperion-tech.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html