Простой пример испоьзования radius

Radius related questions
Dmitry
Администратор
Posts: 954
Joined: 09 Oct 2014, 10:06

Re: Простой пример испоьзования radius

Post by Dmitry »

да, странно, в логе подключения нет запроса к радиусу
приложи полностью конфиг
kerby
Posts: 44
Joined: 16 Jan 2017, 09:17

Re: Простой пример испоьзования radius

Post by kerby »

Dmitry wrote:да, странно, в логе подключения нет запроса к радиусу
приложи полностью конфиг

Code: Select all

[modules]
log_file
log_syslog
log_tcp
#log_pgsql


pptp
#l2tp
#pppoe
#ipoe

#auth_mschap_v2
#auth_mschap_v1
auth_chap_md5
auth_pap

radius
#chap-secrets

ippool

pppd_compat

#shaper
#net-snmp
#logwtmp
#connlimit

#ipv6_nd
#ipv6_dhcp
#ipv6pool

#net-accel-dp

[core]
log-error=/var/log/accel-ppp/core.log
thread-count=4

[common]
#single-session=replace
#sid-case=upper
#sid-source=seq

[ppp]
verbose=0
#min-mtu=1280
#mtu=1400
#mru=1400
#accomp=deny
#pcomp=deny
ccp=0
#check-ip=0
#mppe=require
ipv4=require
#ipv6=deny
#ipv6-intf-id=0:0:0:1
#ipv6-peer-intf-id=0:0:0:2
#ipv6-accept-peer-intf-id=1
#lcp-echo-interval=20
#lcp-echo-failure=3
#lcp-echo-timeout=120
unit-cache=1
#unit-preallocate=1

[auth]
#any-login=0
#noauth=0

[pptp]
verbose=1
#echo-interval=30
[pppoe]
verbose=1
#ac-name=xxx
#service-name=yyy
#pado-delay=0
#pado-delay=0,100:100,200:200,-1:500
called-sid=mac
#tr101=1
#padi-limit=0
#ip-pool=pppoe
#sid-uppercase=0
#vlan-mon=eth0,10-200
#vlan-timeout=60
#vlan-name=%I.%N
#interface=eth1,padi-limit=1000,net=accel-dp
interface=eth0

[l2tp]
verbose=1
#dictionary=/usr/local/share/accel-ppp/l2tp/dictionary
#hello-interval=60
#timeout=60
#rtimeout=1
#rtimeout-cap=16
#retransmit=5
#recv-window=16
#host-name=accel-ppp
#dir300_quirk=0
#secret=
#dataseq=allow
#reorder-timeout=0
#ip-pool=l2tp

[ipoe]
verbose=1
username=ifname
#password=username
lease-time=600
renew-time=600
max-lease-time=3600
#unit-cache=1000
#l4-redirect-table=4
#l4-redirect-ipset=l4
#l4-redirect-on-reject=300
#l4-redirect-ip-pool=pool1
shared=0
ifcfg=1
mode=L2
start=dhcpv4
#start=UP
#ip-unnumbered=1
#proxy-arp=0
#nat=0
#proto=100
#relay=10.10.10.10
#attr-dhcp-client-ip=DHCP-Client-IP-Address
#attr-dhcp-router-ip=DHCP-Router-IP-Address
#attr-dhcp-mask=DHCP-Mask
#attr-dhcp-lease-time=DHCP-Lease-Time
#attr-dhcp-opt82=DHCP-Option82
#attr-dhcp-opt82-remote-id=DHCP-Agent-Remote-Id
#attr-dhcp-opt82-circuit-id=DHCP-Agent-Circuit-Id
#attr-l4-redirect=L4-Redirect
#attr-l4-redirect-table=4
#attr-l4-redirect-ipset=l4-redirect
#lua-file=/etc/accel-ppp.lua
#offer-delay=0,100:100,200:200,-1:1000
#vlan-mon=eth0,10-200
#vlan-timeout=60
#vlan-name=%I.%N
#ip-pool=ipoe
#idle-timeout=0
#session-timeout=0
#soft-terminate=0
#check-mac-change=1
#calling-sid=mac
#local-net=192.168.0.0/16
interface=eth0

[dns]
#dns1=172.16.0.1
#dns2=172.16.1.1

[wins]
#wins1=172.16.0.1
#wins2=172.16.1.1

[radius]
dictionary=/usr/local/share/freeradius
#nas-identifier=accel-ppp
nas-ip-address=127.0.0.1
#gw-ip-address=10.10.3.0
server=127.0.0.1,blabla,auth-port=1812,acct-port=1813,req-limit=50,fail-timeout=0,max-fail=10,weight=1
dae-server=127.0.0.1:3799,blabla
verbose=1
#timeout=3
#max-try=3
#acct-timeout=120
#acct-delay-time=0
#acct-on=0
#attr-tunnel-type=My-Tunnel-Type

[client-ip-range]
#192.0.0.0/8
#217.0.0.0/8
disable

[ip-pool]
gw-ip-address=10.10.3.1
#vendor=Cisco
#attr=Cisco-AVPair
#attr=Framed-Pool
10.10.3.2-200

[log]
log-file=/var/log/accel-ppp/accel-ppp.log
log-emerg=/var/log/accel-ppp/emerg.log
log-fail-file=/var/log/accel-ppp/auth-fail.log
#log-debug=/dev/stdout
#syslog=accel-pppd,daemon
#log-tcp=127.0.0.1:3000
copy=1
#color=1
#per-user-dir=per_user
#per-session-dir=per_session
#per-session=1
level=5

[log-pgsql]
conninfo=user=log
log-table=log

[pppd-compat]
#ip-pre-up=/etc/ppp/ip-pre-up
ip-up=/etc/ppp/ip-up
ip-down=/etc/ppp/ip-down
ip-change=/etc/ppp/ip-change
radattr-prefix=/var/run/radattr
verbose=1

[chap-secrets]
#gw-ip-address=10.10.3.1
#chap-secrets=/etc/ppp/chap-secrets
#encrypted=0
#username-hash=md5

[shaper]
#attr=Filter-Id
#down-burst-factor=0.1
#up-burst-factor=1.0
#latency=50
#mpu=0
#mtu=0
#r2q=10
#quantum=1500
#moderate-quantum=1
#cburst=1534
#ifb=ifb0
up-limiter=police
down-limiter=tbf
#leaf-qdisc=sfq perturb 10
#leaf-qdisc=fq_codel [limit PACKETS] [flows NUMBER] [target TIME] [interval TIME] [quantum BYTES] [[no]ecn]
#rate-multiplier=1
#fwmark=1
verbose=1

[cli]
verbose=1
telnet=127.0.0.1:2000
tcp=127.0.0.1:2001
#password=123

[snmp]
master=0
agent-name=accel-ppp

[connlimit]
limit=10/min
burst=3
timeout=60

[ipv6-pool]
fc00:0:1::/48,64
delegate=fc00:1::/36,48

[ipv6-dns]
#fc00:1::1
#fc00:1::2
#fc00:1::3
#dnssl=suffix1.local.net
#dnssl=suffix2.local.net.

[ipv6-dhcp]
verbose=1
pref-lifetime=604800
valid-lifetime=2592000
route-via-gw=1

[accel-dp]
socket=/var/run/accel-dp.sock
Dmitry
Администратор
Posts: 954
Joined: 09 Oct 2014, 10:06

Re: Простой пример испоьзования radius

Post by Dmitry »

в конфиге вро-де всё норм
посмотри через телнет или accel-cmd show stat, есть ли там информация по радиусу
kerby
Posts: 44
Joined: 16 Jan 2017, 09:17

Re: Простой пример испоьзования radius

Post by kerby »

Dmitry wrote:в конфиге вро-де всё норм
посмотри через телнет или accel-cmd show stat, есть ли там информация по радиусу
accel-cmd show stat

Code: Select all

uptime: 0.00:00:37
cpu: 0%
memory:
  rss/virt: 4308/284548 kB
  arena: 672 kB
  mmaped: 0 kB
  uordblks: 230 kB
  fordblks: 441 kB
core:
  mempool_allocated: 131072
  mempool_available: 131072
  thread_count: 4
  thread_active: 1
  context_count: 8
  context_sleeping: 0
  context_pending: 0
  md_handler_count: 5
  md_handler_pending: 0
  timer_count: 0
  timer_pending: 0
sessions:
  starting: 0
  active: 0
  finishing: 0
pptp:
  starting: 0
  active: 0
radius(1, 127.0.0.1):
  state: active
  fail count: 0
  request count: 0
  queue length: 0
  auth sent: 0
  auth lost(total/5m/1m): 0/0/0
  auth avg query time(5m/1m): 0/0 ms
  acct sent: 0
  acct lost(total/5m/1m): 0/0/0
  acct avg query time(5m/1m): 0/0 ms
  interim sent: 0
  interim lost(total/5m/1m): 0/0/0
  interim avg query time(5m/1m): 0/0 ms

Dmitry
Администратор
Posts: 954
Joined: 09 Oct 2014, 10:06

Re: Простой пример испоьзования radius

Post by Dmitry »

тоже всё нормально
не знаю тогда, я не вижу проблем, должно всё работать
kerby
Posts: 44
Joined: 16 Jan 2017, 09:17

Re: Простой пример испоьзования radius

Post by kerby »

Dmitry wrote:тоже всё нормально
не знаю тогда, я не вижу проблем, должно всё работать
Я ради интереса решил попробовать версию accel старее поставить. Была актуальная. И, о чудо! В логах есть обращение к радиусу.

Code: Select all

/var/log/accel-ppp/accel-ppp.log
[2017-01-25 10:42:46]:   msg: accel-ppp version 1.9.0
[2017-01-25 10:46:12]:  info: terminate, sig = 15
[2017-01-25 10:46:13]:   msg: accel-ppp version 1.9.0
[2017-01-25 10:48:30]:  info: ppp1: connect: ppp1 <--> pptp(127.0.0.1)
[2017-01-25 10:48:49]:   msg: accel-ppp version 1.9.0
[2017-01-25 10:49:38]:  info: ppp1: connect: ppp1 <--> pptp(192.168.0.140)
[2017-01-25 10:49:38]: error: ppp1: radius:connect: Invalid argument
[2017-01-25 10:49:38]:  warn: ppp1: radius: no available servers
[2017-01-25 10:49:44]:   msg: accel-ppp version 1.9.0
[2017-01-25 10:51:49]:  info: ppp0: connect: ppp0 <--> pptp(192.168.0.156)
[2017-01-25 10:51:52]: error: ppp0: radius:connect: Invalid argument
Post Reply