Пытаюсь заставить работать связку Centos6(3.16.74)+LanBilling(2.0.24)+des3200. Но не выходит, биллинг через свой радиус 'отвергает'...
Прошу помощи, ткните, куда копать ?
Биллинг авторизовывает на основании mac+opt82. Где username=mac клиента.
Что есть:
accel-ppp.conf
Спойлер
[modules]
log_file
log_tcp
ipoe
radius
shaper
[ipoe]
mode=L2
shared=1
ipv6=0
gw-ip-address=10.11.0.1/24
start=dhcpv4
ifcfg=1
interface=eth0.111,username=lua:u1
lease-time=300
renew-time=150
max-lease-time=600
password=username
lua-file=/etc/accel-ppp.lua
verbose=10
attr-dhcp-client-ip=Framed-IP-Address
attr-dhcp-router-ip=DHCP-Router-IP-Address
attr-dhcp-mask=Framed-IP-Netmask
attr-dhcp-opt82=DHCP-Option82
attr-dhcp-opt82-remote-id=DHCP-Agent-Remote-Id
attr-dhcp-opt82-circuit-id=DHCP-Agent-Circuit-Id
#l4-redirect-ipset=l4-redirect
#vlan-mon=eth0.111
[ip-pool]
10.11.0.0/24,name=ipoet
[radius]
dictionary=/usr/share/accel-ppp/radius/dictionary
nas-identifier=192.168.200.200
nas-ip-address=192.168.200.200
gw-ip-address=10.11.0.1
server=192.168.200.200,lbtest,auth-port=1812,acct-port=1813,req-limit=0,fail-time=0
dae-server=192.168.200.200:3799,lbtest
verbose=100
timeout=3
max-try=3
acct-timeout=0
acct-on=1
acct-interim-interval=60
acct-delay-time=0
sid-in-auth=1
log_file
log_tcp
ipoe
radius
shaper
[ipoe]
mode=L2
shared=1
ipv6=0
gw-ip-address=10.11.0.1/24
start=dhcpv4
ifcfg=1
interface=eth0.111,username=lua:u1
lease-time=300
renew-time=150
max-lease-time=600
password=username
lua-file=/etc/accel-ppp.lua
verbose=10
attr-dhcp-client-ip=Framed-IP-Address
attr-dhcp-router-ip=DHCP-Router-IP-Address
attr-dhcp-mask=Framed-IP-Netmask
attr-dhcp-opt82=DHCP-Option82
attr-dhcp-opt82-remote-id=DHCP-Agent-Remote-Id
attr-dhcp-opt82-circuit-id=DHCP-Agent-Circuit-Id
#l4-redirect-ipset=l4-redirect
#vlan-mon=eth0.111
[ip-pool]
10.11.0.0/24,name=ipoet
[radius]
dictionary=/usr/share/accel-ppp/radius/dictionary
nas-identifier=192.168.200.200
nas-ip-address=192.168.200.200
gw-ip-address=10.11.0.1
server=192.168.200.200,lbtest,auth-port=1812,acct-port=1813,req-limit=0,fail-time=0
dae-server=192.168.200.200:3799,lbtest
verbose=100
timeout=3
max-try=3
acct-timeout=0
acct-on=1
acct-interim-interval=60
acct-delay-time=0
sid-in-auth=1
Спойлер
.[1;32m[2019-09-26 22:07:49]: info: eth0.111: .[0;39mrecv [DHCPv4 Discover xid=6fd59582 chaddr=18:a9:05:cb:c3:0a <Message-Type Discover> <Client-ID 0118a905cbc30a> <Host-Name Administrator> <Vendor-Class 4d53465420352e30> <Request-List
Subnet,Domain-Name,Router,DNS,44,46,47,31,Route,Classless-Route,249,Vendor-Specific> <Relay-Agent {Agent-Circuit-ID _0004006f0003} {Agent-Remote-ID _0006340804644984}>]
.[1;32m[2019-09-26 22:07:49]: info: ipoe0: .[0;39mcreate interface ipoe0 parent eth0.111
.[1;32m[2019-09-26 22:07:49]: info: ipoe0: .[0;39msend [RADIUS(1) Access-Request id=1 <User-Name "18:a9:05:cb:c3:0a"> <NAS-Identifier "192.168.200.200"> <NAS-IP-Address 192.168.200.200> <NAS-Port 165> <NAS-Port-Id "ipoe0"> <NAS-Port-Typ
e Ethernet> <Calling-Station-Id "18:a9:05:cb:c3:0a"> <Called-Station-Id "eth0.111"> <DHCP-Option82 0x01060004006f000302080006340804644984> <DHCP-Agent-Remote-Id 0x0006340804644984> <DHCP-Agent-Circuit-Id 0x0004006f0003> <Acct-Session-Id
"774dcff2ac49293a"> <User-Password 0xe4a79bd676cf872ae85a2fab049618878287b1631efbe13c4b9e78529db5bdd0>]
.[1;32m[2019-09-26 22:07:49]: info: ipoe0: .[0;39mrecv [RADIUS(1) Access-Reject id=1]
.[1;34m[2019-09-26 22:07:49]: debug: ipoe0: .[0;39mterminate
.[1;32m[2019-09-26 22:07:49]: info: ipoe0: .[0;39mipoe: session finished
Subnet,Domain-Name,Router,DNS,44,46,47,31,Route,Classless-Route,249,Vendor-Specific> <Relay-Agent {Agent-Circuit-ID _0004006f0003} {Agent-Remote-ID _0006340804644984}>]
.[1;32m[2019-09-26 22:07:49]: info: ipoe0: .[0;39mcreate interface ipoe0 parent eth0.111
.[1;32m[2019-09-26 22:07:49]: info: ipoe0: .[0;39msend [RADIUS(1) Access-Request id=1 <User-Name "18:a9:05:cb:c3:0a"> <NAS-Identifier "192.168.200.200"> <NAS-IP-Address 192.168.200.200> <NAS-Port 165> <NAS-Port-Id "ipoe0"> <NAS-Port-Typ
e Ethernet> <Calling-Station-Id "18:a9:05:cb:c3:0a"> <Called-Station-Id "eth0.111"> <DHCP-Option82 0x01060004006f000302080006340804644984> <DHCP-Agent-Remote-Id 0x0006340804644984> <DHCP-Agent-Circuit-Id 0x0004006f0003> <Acct-Session-Id
"774dcff2ac49293a"> <User-Password 0xe4a79bd676cf872ae85a2fab049618878287b1631efbe13c4b9e78529db5bdd0>]
.[1;32m[2019-09-26 22:07:49]: info: ipoe0: .[0;39mrecv [RADIUS(1) Access-Reject id=1]
.[1;34m[2019-09-26 22:07:49]: debug: ipoe0: .[0;39mterminate
.[1;32m[2019-09-26 22:07:49]: info: ipoe0: .[0;39mipoe: session finished
Радиус биллинга:
Спойлер
26.09.2019 22:08:42.112326 VERBOSE LWP3958 [src/radius_base.cpp:56] ============== Authorization packet #186 received from 192.168.200.200, size: 200 ==============
26.09.2019 22:08:42.112360 VERBOSE LWP3958 [src/radius_record.cpp:90] Access-Request (1), id: 0x1, length: 200
26.09.2019 22:08:42.112374 VERBOSE LWP3958 [src/radius_record.cpp:108] Authenticator: 75bceec08ccad80a03015c51528e5976
26.09.2019 22:08:42.112386 VERBOSE LWP3958 [src/radius_record.cpp:113] Attribute "User-Name", value: "18:a9:05:cb:c3:0a"
26.09.2019 22:08:42.112395 VERBOSE LWP3958 [src/radius_record.cpp:113] Attribute "NAS-Identifier", value: "192.168.200.200"
26.09.2019 22:08:42.112404 VERBOSE LWP3958 [src/radius_record.cpp:113] Attribute "NAS-IP-Address", value: "192.168.200.200"
26.09.2019 22:08:42.112412 VERBOSE LWP3958 [src/radius_record.cpp:113] Attribute "NAS-Port", value: "168"
26.09.2019 22:08:42.112419 VERBOSE LWP3958 [src/radius_record.cpp:113] Attribute "NAS-Port-Id", value: "ipoe0"
26.09.2019 22:08:42.112427 VERBOSE LWP3958 [src/radius_record.cpp:113] Attribute "NAS-Port-Type", value: "15"
26.09.2019 22:08:42.112434 VERBOSE LWP3958 [src/radius_record.cpp:113] Attribute "Calling-Station-Id", value: "18:a9:05:cb:c3:0a"
26.09.2019 22:08:42.112441 VERBOSE LWP3958 [src/radius_record.cpp:113] Attribute "Called-Station-Id", value: "eth0.111"
26.09.2019 22:08:42.112452 VERBOSE LWP3958 [src/radius_record.cpp:113] Attribute "DHCP-Option82", value: "01060004006f000302080006340804644984"
26.09.2019 22:08:42.112461 VERBOSE LWP3958 [src/radius_record.cpp:113] Attribute "DHCP-Agent-Remote-Id", value: "0006340804644984"
26.09.2019 22:08:42.112469 VERBOSE LWP3958 [src/radius_record.cpp:113] Attribute "DHCP-Agent-Circuit-Id", value: "0004006f0003"
26.09.2019 22:08:42.112476 VERBOSE LWP3958 [src/radius_record.cpp:113] Attribute "Acct-Session-Id", value: "774dcff2ac49293d"
26.09.2019 22:08:42.112488 VERBOSE LWP3958 [src/radius_record.cpp:113] Attribute "Password", value: "38be93c587bbb5264ce60cfde3e99fc238f5da623ff2d7de1974e20bb7d95afe"
26.09.2019 22:08:42.112498 VERBOSE LWP3958 [src/radius_record.cpp:186] User-Password = "18:a9:05:cb:c3:0a"
26.09.2019 22:08:42.112508 VERBOSE LWP3958 [src/radius_packet.cpp:75] NAS IP replaced to 192.168.200.200 from NAS-Ip-Address
26.09.2019 22:08:42.112561 INFO LWP3958 [src/radius_packet.cpp:914] All auth tries failed: methods='opt82', Session-Id 774dcff2ac49293d
26.09.2019 22:08:42.113365 INFO LWP3958 [src/radius.cpp:591] Access-Reject, <18:a9:05:cb:c3:0a>, Session-Id 774dcff2ac49293d
26.09.2019 22:08:42.113395 VERBOSE LWP3958 [src/radius_record.cpp:90] Access-Reject (3), id: 0x1, length: 20
26.09.2019 22:08:42.113433 VERBOSE LWP3958 [src/radius_base.cpp:92] <=<=<=<=<=<=<=< Authentication answer sent successfully, time: 1 <=<=<=<=<=<=<=<
26.09.2019 22:08:42.112360 VERBOSE LWP3958 [src/radius_record.cpp:90] Access-Request (1), id: 0x1, length: 200
26.09.2019 22:08:42.112374 VERBOSE LWP3958 [src/radius_record.cpp:108] Authenticator: 75bceec08ccad80a03015c51528e5976
26.09.2019 22:08:42.112386 VERBOSE LWP3958 [src/radius_record.cpp:113] Attribute "User-Name", value: "18:a9:05:cb:c3:0a"
26.09.2019 22:08:42.112395 VERBOSE LWP3958 [src/radius_record.cpp:113] Attribute "NAS-Identifier", value: "192.168.200.200"
26.09.2019 22:08:42.112404 VERBOSE LWP3958 [src/radius_record.cpp:113] Attribute "NAS-IP-Address", value: "192.168.200.200"
26.09.2019 22:08:42.112412 VERBOSE LWP3958 [src/radius_record.cpp:113] Attribute "NAS-Port", value: "168"
26.09.2019 22:08:42.112419 VERBOSE LWP3958 [src/radius_record.cpp:113] Attribute "NAS-Port-Id", value: "ipoe0"
26.09.2019 22:08:42.112427 VERBOSE LWP3958 [src/radius_record.cpp:113] Attribute "NAS-Port-Type", value: "15"
26.09.2019 22:08:42.112434 VERBOSE LWP3958 [src/radius_record.cpp:113] Attribute "Calling-Station-Id", value: "18:a9:05:cb:c3:0a"
26.09.2019 22:08:42.112441 VERBOSE LWP3958 [src/radius_record.cpp:113] Attribute "Called-Station-Id", value: "eth0.111"
26.09.2019 22:08:42.112452 VERBOSE LWP3958 [src/radius_record.cpp:113] Attribute "DHCP-Option82", value: "01060004006f000302080006340804644984"
26.09.2019 22:08:42.112461 VERBOSE LWP3958 [src/radius_record.cpp:113] Attribute "DHCP-Agent-Remote-Id", value: "0006340804644984"
26.09.2019 22:08:42.112469 VERBOSE LWP3958 [src/radius_record.cpp:113] Attribute "DHCP-Agent-Circuit-Id", value: "0004006f0003"
26.09.2019 22:08:42.112476 VERBOSE LWP3958 [src/radius_record.cpp:113] Attribute "Acct-Session-Id", value: "774dcff2ac49293d"
26.09.2019 22:08:42.112488 VERBOSE LWP3958 [src/radius_record.cpp:113] Attribute "Password", value: "38be93c587bbb5264ce60cfde3e99fc238f5da623ff2d7de1974e20bb7d95afe"
26.09.2019 22:08:42.112498 VERBOSE LWP3958 [src/radius_record.cpp:186] User-Password = "18:a9:05:cb:c3:0a"
26.09.2019 22:08:42.112508 VERBOSE LWP3958 [src/radius_packet.cpp:75] NAS IP replaced to 192.168.200.200 from NAS-Ip-Address
26.09.2019 22:08:42.112561 INFO LWP3958 [src/radius_packet.cpp:914] All auth tries failed: methods='opt82', Session-Id 774dcff2ac49293d
26.09.2019 22:08:42.113365 INFO LWP3958 [src/radius.cpp:591] Access-Reject, <18:a9:05:cb:c3:0a>, Session-Id 774dcff2ac49293d
26.09.2019 22:08:42.113395 VERBOSE LWP3958 [src/radius_record.cpp:90] Access-Reject (3), id: 0x1, length: 20
26.09.2019 22:08:42.113433 VERBOSE LWP3958 [src/radius_base.cpp:92] <=<=<=<=<=<=<=< Authentication answer sent successfully, time: 1 <=<=<=<=<=<=<=<
словарь:
Спойлер
ATTRIBUTE DHCP-Router-IP-Address 241 ipaddr
ATTRIBUTE DHCP-Mask 242 integer
ATTRIBUTE L4-Redirect 243 integer
ATTRIBUTE L4-Redirect-ipset 244 string
ATTRIBUTE DHCP-Option82 245 octets
ATTRIBUTE DHCP-Client-IP-Address 240 ipaddr
ATTRIBUTE DHCP-Router-IP-Address 241 ipaddr
ATTRIBUTE DHCP-Mask 242 ipaddr
ATTRIBUTE DHCP-Lease-Time 244 integer
ATTRIBUTE DHCP-Option82 245 octets
ATTRIBUTE DHCP-Agent-Remote-Id 246 octets
ATTRIBUTE DHCP-Agent-Circuit-Id 247 octets
ATTRIBUTE Acct-Interim-Interval 85 integer
ATTRIBUTE Acct-Input-Gigawords 52 integer
ATTRIBUTE Acct-Output-Gigawords 53 integer
ATTRIBUTE DHCP-Mask 242 integer
ATTRIBUTE L4-Redirect 243 integer
ATTRIBUTE L4-Redirect-ipset 244 string
ATTRIBUTE DHCP-Option82 245 octets
ATTRIBUTE DHCP-Client-IP-Address 240 ipaddr
ATTRIBUTE DHCP-Router-IP-Address 241 ipaddr
ATTRIBUTE DHCP-Mask 242 ipaddr
ATTRIBUTE DHCP-Lease-Time 244 integer
ATTRIBUTE DHCP-Option82 245 octets
ATTRIBUTE DHCP-Agent-Remote-Id 246 octets
ATTRIBUTE DHCP-Agent-Circuit-Id 247 octets
ATTRIBUTE Acct-Interim-Interval 85 integer
ATTRIBUTE Acct-Input-Gigawords 52 integer
ATTRIBUTE Acct-Output-Gigawords 53 integer