PPTP does not ask Radius

PPTP related questions
Post Reply
rip
Posts: 3
Joined: 22 Apr 2015, 10:17

PPTP does not ask Radius

Post by rip »

Доброго времени суток!
Столкнулся с такой проблемой. У меня настроен accel-ppp в виде связки ipoe + radius. Хочу сделать так, чтобы отдельным абонентам, которые получили IP-адрес от ipoe, также выдавались, например, публичные адреса при подключении по vpn. И здесь появляется проблема....

Code: Select all

[2015-04-22 12:58:32]:  info: pptp: new connection from 10.240.10.2
[2015-04-22 12:58:32]:  info: : recv [PPTP Start-Ctrl-Conn-Request <Version 1> <Framing 1> <Bearer 1> <Max-Chan 0>]
[2015-04-22 12:58:32]:  info: : send [PPTP Start-Ctrl-Conn-Reply <Version 1> <Result 1> <Error 0> <Framing 3> <Bearer 3> <Max-Chan 1>]
[2015-04-22 12:58:32]:  info: : recv [PPTP Outgoing-Call-Request <Call-ID c000> <Call-Serial 791f> <Min-BPS 300> <Max-BPS 100000000> <Bearer 3> <Framing 3> <Window-Size 64> <Delay 0>]
[2015-04-22 12:58:32]:  info: : send [PPTP Outgoing-Call-Reply <Call-ID b> <Peer-Call-ID c000> <Result 1> <Error 0> <Cause 0> <Speed 100000000> <Window-Size 64> <Delay 0> <Channel 0>]
[2015-04-22 12:58:32]: debug: : lcp_layer_init
[2015-04-22 12:58:32]: debug: : auth_layer_init
[2015-04-22 12:58:32]: debug: : ccp_layer_init
[2015-04-22 12:58:32]: debug: : ipcp_layer_init
[2015-04-22 12:58:32]: debug: : ipv6cp_layer_init
[2015-04-22 12:58:32]: debug: : ppp establishing
[2015-04-22 12:58:32]: debug: : lcp_layer_start
[2015-04-22 12:58:32]:  info: : recv [PPTP Set-Link-Info]
[2015-04-22 12:58:35]: debug: : fsm timeout 9
[2015-04-22 12:58:38]: debug: : fsm timeout 8
[2015-04-22 12:58:41]: debug: : fsm timeout 7
[2015-04-22 12:58:44]: debug: : fsm timeout 6
[2015-04-22 12:58:47]: debug: : fsm timeout 5
[2015-04-22 12:58:50]: debug: : fsm timeout 4
[2015-04-22 12:58:53]: debug: : fsm timeout 3
[2015-04-22 12:58:56]: debug: : fsm timeout 2
[2015-04-22 12:58:59]: debug: : fsm timeout 1
[2015-04-22 12:59:02]: debug: : fsm timeout 0
[2015-04-22 12:59:02]: debug: : lcp_layer_finished
[2015-04-22 12:59:02]: debug: : terminate
[2015-04-22 12:59:02]: debug: : lcp_layer_finish
[2015-04-22 12:59:02]: debug: : send [PPTP Echo-Request <Identifier 66334873>]
[2015-04-22 12:59:02]: debug: : lcp_layer_free
[2015-04-22 12:59:02]: debug: : auth_layer_free
[2015-04-22 12:59:02]: debug: : ccp_layer_free
[2015-04-22 12:59:02]: debug: : ipcp_layer_free
[2015-04-22 12:59:02]: debug: : ipv6cp_layer_free
[2015-04-22 12:59:02]: debug: : pptp: ppp finished
[2015-04-22 12:59:02]:  info: : send [PPTP Call-Disconnect-Notify <Call-ID c0> <Result 3> <Error 0> <Cause 0>]
[2015-04-22 12:59:02]:  info: : send [PPTP Stop-Ctrl-Conn-Request <Reason 0>]
[2015-04-22 12:59:02]: debug: : recv [PPTP Echo-Reply <Identifier 66334873>]
[2015-04-22 12:59:03]:  info: : recv [PPTP Stop-Ctrl-Conn-Reply <Result 1> <Error 0>]
[2015-04-22 12:59:03]: debug: : pptp: disconnect
[2015-04-22 12:59:03]:  info: : disconnected
Для полноты информации выкладываю конфиг accel'я:

Code: Select all

[modules]
log_file
radius
ipoe
ippool
shaper
pptp
auth_mschap_v2
auth_pap
auth_chap_md5
auth_mschap_v1
chap-secrets
sigchld

[radius]
dictionary=/usr/local/share/accel-ppp/radius/dictionary
nas-identifier=accel-ipoe
nas-ip-address=127.0.0.1
server=127.0.0.1,testing123,auth-port=1812,acct-port=1813,req-limit=50,fail-timeout=0,max-fail=10,we
ight=1
verbose=100

[ipoe]
verbose=100
interface=eth1,mode=L2,start=dhcpv4,shared=1,ifcfg=1
gw-ip-address=10.240.10.1/24
attr-dhcp-lease-time=Acct-Interim-Interval
lease-time=600
max-lease-time=86400
proxy-arp=1
soft-terminate=1
username=lua:username
lua-file=/etc/accel-ppp.lua

[lcp]
echo-interval=30
echo-failure=3

[pptp]
verbose=1
echo-interval=30

[client-ip-range]
10.0.0.0/8

[cli]
verbose=100
telnet=127.0.0.1:2000
tcp=127.0.0.1:2001

Список подгруженых модулей:

Code: Select all

Module                  Size  Used by
pptp                   13066  0 
gre                     2857  1 pptp
pppoe                   8248  0 
pppox                   1238  2 pptp,pppoe
ppp_generic            19558  3 pptp,pppoe,pppox
ipoe                   19712  0 
nfnetlink_queue         8184  0 
slhc                    4271  1 ppp_generic
xt_nat                  1357  1 
iptable_nat             2162  1 
nf_nat_ipv4             2840  1 iptable_nat
nf_nat                  9570  3 nf_nat_ipv4,xt_nat,iptable_nat
ip_set_hash_ip         14418  1 
ip_set                 20797  1 ip_set_hash_ip
cls_fw                  3358  0 
act_mirred              2399  0 
act_skbedit             1789  0 
cls_u32                 5516  0 
sch_ingress             1308  0 
cls_flow                5344  1 
sch_htb                13160  1 
ifb                     2753  0 
8021q                  14687  0 
igb                   120490  0 
e1000e                171061  0
Проблем еще заключается в том, что модуль pptp не обращается к radius, в отличие от ipoe.
Подскажите пожалуйста в чем может быть проблема? Может я чего-то упустил?
Dmitry
Администратор
Posts: 954
Joined: 09 Oct 2014, 10:06

Re: PPTP does not ask Radius

Post by Dmitry »

rip wrote:[2015-04-22 12:58:35]: debug: : fsm timeout 9
[2015-04-22 12:58:38]: debug: : fsm timeout 8
явный признак того, что не ходят gre пакеты
rip
Posts: 3
Joined: 22 Apr 2015, 10:17

Re: PPTP does not ask Radius

Post by rip »

Странно, но судя по списку загруженных модулей lsmod.... модуль ядра gre загружен и используется:

Code: Select all

pptp                   13066  0 
gre                     2857  1 pptp
Или я что-то не так понял?
Dmitry
Администратор
Posts: 954
Joined: 09 Oct 2014, 10:06

Re: PPTP does not ask Radius

Post by Dmitry »

дело не в модулях
фаервол есть ?
если есть попробуй отключить
rip
Posts: 3
Joined: 22 Apr 2015, 10:17

Re: PPTP does not ask Radius

Post by rip »

На данный момент в логах появилась дополнительная информация (это произошло после того, как я в секцию pptp внес параметр bind):

Code: Select all

[2015-04-22 16:28:41]:  info: pptp: new connection from 10.240.10.2
[2015-04-22 16:28:41]:  info: : recv [PPTP Start-Ctrl-Conn-Request <Version 1> <Framing 1> <Bearer 1> <Max-Chan 0>]
[2015-04-22 16:28:41]:  info: : send [PPTP Start-Ctrl-Conn-Reply <Version 1> <Result 1> <Error 0> <Framing 3> <Bearer 3> <Max-Chan 1>]
[2015-04-22 16:28:41]:  info: : recv [PPTP Outgoing-Call-Request <Call-ID c000> <Call-Serial 7943> <Min-BPS 300> <Max-BPS 100000000> <Bearer 3> <Framing 3> <Window-Size 64> <Delay 0>]
[2015-04-22 16:28:41]:  info: : send [PPTP Outgoing-Call-Reply <Call-ID 19> <Peer-Call-ID c000> <Result 1> <Error 0> <Cause 0> <Speed 100000000> <Window-Size 64> <Delay 0> <Channel 0>]
[2015-04-22 16:28:41]: debug: : lcp_layer_init
[2015-04-22 16:28:41]: debug: : auth_layer_init
[2015-04-22 16:28:41]: debug: : ccp_layer_init
[2015-04-22 16:28:41]: debug: : ipcp_layer_init
[2015-04-22 16:28:41]: debug: : ipv6cp_layer_init
[2015-04-22 16:28:41]: debug: : ppp establishing
[2015-04-22 16:28:41]: debug: : lcp_layer_start
[2015-04-22 16:28:41]:  info: : send [LCP ConfReq id=1 <auth MSCHAP-v2> <mru 1436> <magic 6b8b4567>]
[2015-04-22 16:28:41]:  info: : recv [PPTP Set-Link-Info]
[2015-04-22 16:28:41]:  info: : recv [LCP ConfReq id=0 <mru 1400> <magic 2f0e651b> <pcomp> <accomp> < d 3 6 >]
[2015-04-22 16:28:41]:  info: : send [LCP ConfRej id=0  <pcomp> <accomp> < d 3 6 >]
[2015-04-22 16:28:43]:  info: : recv [LCP ConfReq id=1 <mru 1400> <magic 2f0e651b> <pcomp> <accomp> < d 3 6 >]
[2015-04-22 16:28:43]:  info: : send [LCP ConfRej id=1  <pcomp> <accomp> < d 3 6 >]
[2015-04-22 16:28:44]: debug: : fsm timeout 9
[2015-04-22 16:28:44]:  info: : send [LCP ConfReq id=1 <auth MSCHAP-v2> <mru 1436> <magic 6b8b4567>]
[2015-04-22 16:28:46]:  info: : recv [LCP ConfReq id=2 <mru 1400> <magic 2f0e651b> <pcomp> <accomp> < d 3 6 >]
[2015-04-22 16:28:46]:  info: : send [LCP ConfRej id=2  <pcomp> <accomp> < d 3 6 >]
[2015-04-22 16:28:47]: debug: : fsm timeout 8
[2015-04-22 16:28:47]:  info: : send [LCP ConfReq id=1 <auth MSCHAP-v2> <mru 1436> <magic 6b8b4567>]
[2015-04-22 16:28:50]: debug: : fsm timeout 7
[2015-04-22 16:28:50]:  info: : send [LCP ConfReq id=1 <auth MSCHAP-v2> <mru 1436> <magic 6b8b4567>]
[2015-04-22 16:28:50]:  info: : recv [LCP ConfReq id=3 <mru 1400> <magic 2f0e651b> <pcomp> <accomp> < d 3 6 >]
[2015-04-22 16:28:50]:  info: : send [LCP ConfRej id=3  <pcomp> <accomp> < d 3 6 >]
[2015-04-22 16:28:53]: debug: : fsm timeout 6
[2015-04-22 16:28:53]:  info: : send [LCP ConfReq id=1 <auth MSCHAP-v2> <mru 1436> <magic 6b8b4567>]
[2015-04-22 16:28:54]:  info: : recv [LCP ConfReq id=4 <mru 1400> <magic 2f0e651b> <pcomp> <accomp> < d 3 6 >]
[2015-04-22 16:28:54]:  info: : send [LCP ConfRej id=4  <pcomp> <accomp> < d 3 6 >]
[2015-04-22 16:28:56]: debug: : fsm timeout 5
[2015-04-22 16:28:56]:  info: : send [LCP ConfReq id=1 <auth MSCHAP-v2> <mru 1436> <magic 6b8b4567>]
[2015-04-22 16:28:58]:  info: : recv [LCP ConfReq id=5 <mru 1400> <magic 2f0e651b> <pcomp> <accomp> < d 3 6 >]
[2015-04-22 16:28:58]:  info: : send [LCP ConfRej id=5  <pcomp> <accomp> < d 3 6 >]
[2015-04-22 16:28:59]: debug: : fsm timeout 4
[2015-04-22 16:28:59]:  info: : send [LCP ConfReq id=1 <auth MSCHAP-v2> <mru 1436> <magic 6b8b4567>]
[2015-04-22 16:29:02]: debug: : fsm timeout 3
[2015-04-22 16:29:02]:  info: : send [LCP ConfReq id=1 <auth MSCHAP-v2> <mru 1436> <magic 6b8b4567>]
[2015-04-22 16:29:02]:  info: : recv [LCP ConfReq id=6 <mru 1400> <magic 2f0e651b> <pcomp> <accomp> < d 3 6 >]
[2015-04-22 16:29:02]:  info: : send [LCP ConfRej id=6  <pcomp> <accomp> < d 3 6 >]
[2015-04-22 16:29:05]: debug: : fsm timeout 2
[2015-04-22 16:29:05]:  info: : send [LCP ConfReq id=1 <auth MSCHAP-v2> <mru 1436> <magic 6b8b4567>]
[2015-04-22 16:29:06]:  info: : recv [LCP ConfReq id=7 <mru 1400> <magic 2f0e651b> <pcomp> <accomp> < d 3 6 >]
[2015-04-22 16:29:06]:  info: : send [LCP ConfRej id=7  <pcomp> <accomp> < d 3 6 >]
[2015-04-22 16:29:08]: debug: : fsm timeout 1
[2015-04-22 16:29:08]:  info: : send [LCP ConfReq id=1 <auth MSCHAP-v2> <mru 1436> <magic 6b8b4567>]
[2015-04-22 16:29:10]:  info: : recv [LCP ConfReq id=8 <mru 1400> <magic 2f0e651b> <pcomp> <accomp> < d 3 6 >]
[2015-04-22 16:29:10]:  info: : send [LCP ConfRej id=8  <pcomp> <accomp> < d 3 6 >]
[2015-04-22 16:29:11]: debug: : send [PPTP Echo-Request <Identifier 327b23c6>]
[2015-04-22 16:29:11]: debug: : fsm timeout 0
[2015-04-22 16:29:11]: debug: : lcp_layer_finished
[2015-04-22 16:29:11]: debug: : terminate
[2015-04-22 16:29:11]: debug: : lcp_layer_finish
[2015-04-22 16:29:11]: debug: : lcp_layer_free
[2015-04-22 16:29:11]: debug: : auth_layer_free
[2015-04-22 16:29:11]: debug: : ccp_layer_free
[2015-04-22 16:29:11]: debug: : ipcp_layer_free
[2015-04-22 16:29:11]: debug: : ipv6cp_layer_free
[2015-04-22 16:29:11]: debug: : pptp: ppp finished
[2015-04-22 16:29:11]:  info: : send [PPTP Call-Disconnect-Notify <Call-ID c0> <Result 3> <Error 0> <Cause 0>]
[2015-04-22 16:29:11]:  info: : send [PPTP Stop-Ctrl-Conn-Request <Reason 0>]
[2015-04-22 16:29:11]: debug: : recv [PPTP Echo-Reply <Identifier 327b23c6>]
[2015-04-22 16:29:11]:  info: : recv [PPTP Stop-Ctrl-Conn-Reply <Result 1> <Error 0>]
[2015-04-22 16:29:11]: debug: : pptp: disconnect
[2015-04-22 16:29:11]:  info: : disconnected
Dmitry
Администратор
Posts: 954
Joined: 09 Oct 2014, 10:06

Re: PPTP does not ask Radius

Post by Dmitry »

в сторону сервера gre пакеты пошли, в сторону клиента нет
и bind тут врядли причём
Post Reply