Page 1 of 1

IP-POOL STATIC RADIUS

Posted: 18 Jul 2017, 18:16
by mmateuslima
Hi, I'm using IP-POOL via accel with client authenticating via RADIUS, but when I put a fixed ip on the client to receive via radius it does not authenticate.
Any way to work?
Customers without fixed ip receive pool via accel, and fixed ip clients receive ip through RADIUS.
Thanks.

Re: IP-POOL STATIC RADIUS

Posted: 18 Jul 2017, 18:47
by Dmitry
hi
attach connection log

Re: IP-POOL STATIC RADIUS

Posted: 20 Jul 2017, 15:51
by mmateuslima
accel-ppp.log

[2017-07-20 10:23:11]: warn: eth4: radius:packet: vendor 26 not found
[2017-07-20 10:23:11]: warn: eth4: radius:packet: vendor 26 not found
[2017-07-20 10:23:11]: info: ppp1: connect: ppp1 <--> pppoe(4C:5E:0C:D9:46:48)
[2017-07-20 10:23:11]: info: ppp1: mmateuslima: authentication succeeded
[2017-07-20 10:23:11]: info: ppp1: pppd_compat: ip-pre-up started (pid 9367)
[2017-07-20 10:23:11]: info: ppp1: pppd_compat: ip-pre-up finished (0)
[2017-07-20 10:23:11]: info: ppp1: pppd_compat: ip-up started (pid 9401)
[2017-07-20 10:23:12]: info: ppp1: pppd_compat: ip-up finished (0)

LOG RADIUS SERVER -- ACCEL
Info: Existing IP :192.168.100.2 (did 84:44:64:2F:07:13 cli 4C:5E:0C:D9:46:48 port user mmateuslima)

LOG RADIUS SERVER -- MIKROTIK
Info: Released IP 192.168.100.2 (did SERVICEPPP cli 64:3B:6B:7B:0B:7E user mmateuslima)

MY ACCEL-PPP.CONF

[modules]
ippool
log_file
log_syslog
pppoe
auth_chap_md5
auth_pap
radius
pppd_compat
shaper

[common]
#single-session=replace
sid-case=upper

[pppoe]
ac-name=NET
verbose=0
sid-uppercase=1
pado-delay=0,10:10,50:50,100:100,-1:500
mppe=deny
interface=eth0

[dns]
dns1=186.232.16.18
dns2=186.232.16.20

[radius]
gw-ip-address=172.16.16.198
server=X.X.X.X,SECRET,auth-port=1812,acct-port=1813,req-limit=50,fail-timeout=0,max-fail=10,weight=1
acct-timeout=1500
verbose=0

[log]
log-file=/var/log/accel-ppp/accel-ppp.log
log-emerg=/var/log/accel-ppp/emerg.log
log-fail-file=/var/log/accel-ppp/auth-fail.log
log-debug=/dev/stdout
copy=1
level=4

[log-pgsql]
conninfo=user=log
log-table=log

[ip-pool]
gw-ip-address=172.16.16.198
#vendor=Mikrotik
attr=Framed-Pool
#attr=Framed-IP-Address
10.0.10.1-8
10.0.11.1-23

[pppd-compat]
#ip-pre-up=/etc/ppp/ip-pre-up
ip-up=/etc/ppp/ip-up
ip-down=/etc/ppp/ip-down
ip-change=/etc/ppp/ip-change
radattr-prefix=/var/run/radattr
verbose=1

[shaper]
vendor=Mikrotik
attr=Mikrotik-Rate-Limit
rate-multiplier=0.001

[cli]
verbose=1
telnet=127.0.0.1:2000
tcp=127.0.0.1:2001


[accel-dp]
socket=/var/run/accel-dp.sock


Thanks.

Re: IP-POOL STATIC RADIUS

Posted: 20 Jul 2017, 18:24
by Dmitry
this log is very quiet
please set:
[ppp]
verbose=1
[radius]
verbose=1
[pppoe]
verbose=1
[log]
level=5

Re: IP-POOL STATIC RADIUS

Posted: 27 Jul 2017, 12:04
by mmateuslima
[2017-07-27 08:56:25]: debug: eth4: fsm timeout 9
[2017-07-27 08:56:25]: info: eth4: send [LCP ConfReq id=1 <auth CHAP-md5> <magic 327b23c6> <mru 1492>]
[2017-07-27 08:56:25]: info: eth4: recv [LCP ConfAck id=1 <auth CHAP-md5> <magic 327b23c6> <mru 1492>]
[2017-07-27 08:56:25]: debug: eth4: lcp_layer_started
[2017-07-27 08:56:25]: debug: eth4: auth_layer_start
[2017-07-27 08:56:25]: info: eth4: send [CHAP Challenge id=1 <d4eb364c4f3f24c7aaf54e3bc777cd54>]
[2017-07-27 08:56:25]: info: eth4: recv [CHAP Response id=1 <f0679ffabc029b17dbf05a5c6cfcc6>, name="mmateuslima"]
[2017-07-27 08:56:25]: debug: eth4: radius(1): req_enter 1
[2017-07-27 08:56:25]: info: eth4: send [RADIUS(1) Access-Request id=1 <User-Name "mmateuslima"> <NAS-Port-Type Virtual> <Service-Type Framed-User> <Framed-Protocol PPP> <Calling-Station-Id "4C:5E:0C:D9:46:48"> <Called-Station-Id "84:44:64:2F:07:13"> <CHAP-Challenge > <CHAP-Password >]
[2017-07-27 08:56:25]: debug: ppp0: recv [LCP EchoReq id=7 <magic 07f29456>]
[2017-07-27 08:56:25]: debug: ppp0: send [LCP EchoRep id=7 <magic 6b8b4567>]
[2017-07-27 08:56:25]: warn: eth4: radius:packet: vendor 26 not found
[2017-07-27 08:56:25]: warn: eth4: radius:packet: vendor 26 not found
[2017-07-27 08:56:25]: debug: eth4: radius(1): req_exit 0
[2017-07-27 08:56:25]: info: eth4: recv [RADIUS(1) Access-Accept id=1 <Framed-IP-Address 192.168.100.2> <Framed-Compression Van-Jacobson-TCP-IP> <Framed-Protocol PPP> <Service-Type Framed-User><Mikrotik Mikrotik-Rate-Limit "4000000/40000000 0/0 0/0 0/0 8 4000000/40000000"> <Vendor-Specific > <Vendor-Specific > <Acct-Interim-Interval 180>]
[2017-07-27 08:56:25]: info: ppp1: connect: ppp1 <--> pppoe(4C:5E:0C:D9:46:48)
[2017-07-27 08:56:25]: debug: ppp1: ppp connected
[2017-07-27 08:56:25]: info: ppp1: send [CHAP Success id=1 "Authentication succeeded"]
[2017-07-27 08:56:25]: debug: ppp1: auth_layer_started
[2017-07-27 08:56:25]: debug: ppp1: ccp_layer_start
[2017-07-27 08:56:25]: debug: ppp1: ipcp_layer_start
[2017-07-27 08:56:25]: debug: ppp1: ipv6cp_layer_start
[2017-07-27 08:56:25]: info: ppp1: mmateuslima: authentication succeeded
[2017-07-27 08:56:25]: info: ppp1: recv [IPCP ConfReq id=1f <addr 0.0.0.0> <dns1 0.0.0.0> <dns2 0.0.0.0>]
[2017-07-27 08:56:25]: info: ppp1: send [IPCP ConfReq id=1 <addr 172.16.16.198>]
[2017-07-27 08:56:25]: info: ppp1: send [IPCP ConfNak id=1f <addr 10.0.10.2> <dns1 8.8.8.8> <dns2 8.8.4.4>]
[2017-07-27 08:56:25]: info: ppp1: send [LCP ProtoRej id=3 <8281>]
[2017-07-27 08:56:25]: info: ppp1: recv [IPCP ConfAck id=1 <addr 172.16.16.198>]
[2017-07-27 08:56:25]: info: ppp1: recv [IPCP ConfReq id=20 <addr 10.0.10.2> <dns1 8.8.8.8> <dns2 8.8.4.4>]
[2017-07-27 08:56:25]: info: ppp1: send [IPCP ConfAck id=20]
[2017-07-27 08:56:25]: debug: ppp1: ipcp_layer_started
[2017-07-27 08:56:25]: debug: ppp1: radius(1): req_enter 1
[2017-07-27 08:56:25]: info: ppp1: send [RADIUS(1) Accounting-Request id=1 <User-Name "mmateuslima"> <NAS-Port 1> <NAS-Port-Id "ppp1"> <NAS-Port-Type Virtual> <Service-Type Framed-User> <Framed-Protocol PPP> <Calling-Station-Id "4C:5E:0C:D9:46:48"> <Called-Station-Id "84:44:64:2F:07:13"> <Acct-Status-Type Start> <Acct-Authentic RADIUS> <Acct-Session-Id "34D1887B213291B1"> <Acct-Session-Time 0> <Acct-Input-Octets 0> <Acct-Output-Octets 0> <Acct-Input-Packets 0> <Acct-Output-Packets 0> <Acct-Input-Gigawords 0> <Acct-Output-Gigawords 0> <Framed-IP-Address 10.0.10.2>]
[2017-07-27 08:56:25]: debug: ppp1: radius(1): req_exit 0
[2017-07-27 08:56:25]: info: ppp1: recv [RADIUS(1) Accounting-Response id=1]
[2017-07-27 08:56:25]: info: ppp1: pppd_compat: ip-pre-up started (pid 31419)
[2017-07-27 08:56:25]: info: ppp1: pppd_compat: ip-pre-up finished (0)
[2017-07-27 08:56:25]: debug: ppp1: pppoe: ppp started
[2017-07-27 08:56:25]: info: ppp1: pppd_compat: ip-up started (pid 31448)
[2017-07-27 08:56:26]: info: ppp1: pppd_compat: ip-up finished (0)


Thanks.

Re: IP-POOL STATIC RADIUS

Posted: 27 Jul 2017, 13:27
by mmateuslima
In RADATTR.PPP1

Framed-IP-Address 192.168.100.2
Framed-Compression Van-Jacobson-TCP-IP
Framed-Protocol PPP
Service-Type Framed-User
Mikrotik-Rate-Limit 4000000/40000000 0/0 0/0 0/0 8 4000000/40000000
Vendor-Specific 0000372A0706003D0900
Vendor-Specific 0000372A080602625A00
Acct-Interim-Interval 180

Re: IP-POOL STATIC RADIUS

Posted: 01 Aug 2017, 13:33
by Dmitry
move ippool module below radius like this:
[modules]
log_file
log_syslog
pppoe
auth_chap_md5
auth_pap
radius
pppd_compat
shaper
ippool

Re: IP-POOL STATIC RADIUS

Posted: 02 Aug 2017, 13:46
by mmateuslima
My God, sometimes we worry about things so complex that we forget the simple ones, I did not pay attention to the module queue.

Thank you so much.