modcall[authorize]: module "auth_log" returns ok for request 3 modcall[authorize]: module "chap" returns noop for request 3 rlm_realm: Looking up realm "voip.domain.br" for User-Name = "[EMAIL PROTECTED]" rlm_realm: Found realm "DEFAULT" rlm_realm: Proxying request from user teste to realm DEFAULT rlm_realm: Adding Realm = "DEFAULT" rlm_realm: Preparing to proxy authentication request to realm "DEFAULT" modcall[authorize]: module "suffix" returns updated for request 3 rlm_digest: Adding Auth-Type = DIGEST modcall[authorize]: module "digest" returns ok for request 3 rlm_ldap: - authorize rlm_ldap: performing user authorization for [EMAIL PROTECTED] radius_xlat: '([EMAIL PROTECTED])' radius_xlat: 'ou=users,dc=voip,dc=domain,dc=br' rlm_ldap: ldap_get_conn: Checking Id:
0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: performing search in ou=users,dc=voip,dc=domain,dc=br, with filter ([EMAIL PROTECTED]) rlm_ldap: object not found or got ambiguous search result rlm_ldap: search failed rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns notfound for request 3 modcall: leaving group authorize (returns notfound) for request 3 Sending Access-Request of id 3 to 10.2.1.XY port 1600 User-Name = "[EMAIL PROTECTED]" Digest-Attributes = 0x0a077465737465 Digest-Attributes = 0x010e766f69702e756662612e6272 Digest-Attributes = 0x022a34353039343233343264313165616336306262366262633263373539643630666362383939656131 Digest-Attributes =
0x04127369703a766f69702e756662612e6272 Digest-Attributes = 0x030a5245474953544552 Digest-Response = "4283445dcb36643dab5f437e10f692bf" Service-Type = IAPP-Register X-Ascend-PW-Lifetime = 0x7465737465 NAS-IP-Address = 10.2.1.XX NAS-Port = 5060 Proxy-State = 0x323038 Re-sending Access-Request of id 0 to 10.2.1.XX port 1600 User-Name = "[EMAIL PROTECTED]" Digest-Attributes = 0x0a077465737465 Digest-Attributes = 0x010e766f69702e756662612e6272 Digest-Attributes =
0x022a34353039343233343264313165616336306262366262633263373539643630666362383939656131 Digest-Attributes = 0x04127369703a766f69702e756662612e6272 Digest-Attributes = 0x030a5245474953544552 Digest-Response = "4283445dcb36643dab5f437e10f692bf" Service-Type = IAPP-Register X-Ascend-PW-Lifetime = 0x7465737465 NAS-IP-Address = 10.2.1.XX NAS-Port = 5060 Client-IP-Address = 10.2.1.XX Realm = "DEFAULT" Module-Failure-Message = "rlm_ldap: User not found" Realm =
"DEFAULT" Proxy-State = 0x323035 Waking up in 1 seconds... rad_recv: Access-Request packet from host 10.2.1.XX:33634, id=206, length=200 Ignoring duplicate packet from client OpenSER:33634 - ID: 206, due to outstanding proxied request 1. Its seems the proxy is working, but it dont communicate with the IAS. -- Module-Failure-Message = "rlm_ldap: User not found" -- I dont know what meanig, but the sound is not good. The command ldasearch return a rigth answer, I dont know what happended. The problem is in IAS? How can I test it? Any ideia? Merci. [EMAIL PROTECTED] escreveu:Hi,> How can I transform freeradius server in a proxy?> I configured the proxy.conf, but seems dont work>> And I uncommnet the line in radiusd.conf:>> proxy_requests = yes> $INCLUDE ${confdir}/proxy.conf>> I wanna do this:> |Openser| -> |Radiusclient| -> |Freeradius| -> |IAS| -> |AD|>> Its work?>> And in IAS should I configured anything?Configure the NULL realm with the same settings as DEFAULT. Other than that, the config sounds good to me. Did you change anything apart from that in the default config file? In particular, you need to have at least one instance of the "realm" module in authorize { }. The default config has "suffix" in there, that should be fine. You need to be sure then that your user names don't contain the @ character - otherwise they won't match the DEFAULT realm you set up
in proxy.conf.If you are positive that an instance of realm is in authorize and NULL is configured, but it still doesn't work then please post the debug output (radiusd -X) of a packet that arrived and was supposed to be proxied, but wasn't.> Sorry for the portuguese e-mail.When I read it, I wondered what strange dialect of Spanish this is. :-) Portuguese and Spanish aren't that far apart after all, it seems.Greetings,Stefan Winter
Yahoo! Acesso Grátis - Internet rápida e grátis. Instale o discador agora!
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html