возникла необходимость поднять на ацеле сервер pptp с авторизацией в радиусе, и столкнулся со сложностями, в решении которых прошу вашей помощи
ОС Debian 8.2
Ядро
Code: Select all
Linux accel1 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt20-1+deb8u3 (2016-01-17) x86_64 GNU/Linux
собирал так
Code: Select all
cmake -DKDIR=/usr/src/linux-headers-3.16.0-4-amd64 -DBUILD_PPTP_DRIVER=FALSE -DBUILD_IPOE_DRIVER=TRUE -DLOG_PGSQL=FALSE -DRADIUS=TRUE -DNETSNMP=FALSE -DLUA=TRUE -DCMAKE_BUILD_TYPE=Debug -DMEMDEBUG=TRUE /root/accel/accel-ppp-code/
собралось без ошибок и предупреждений
конфиг ацеля
Code: Select all
[modules]
log_file
#ipoe
pptp
radius
pppd_compat
ippool
#client-ip-range
#net-snmp
#shaper
#sigchld
[core]
log-error=/var/log/accel-ppp/core.log
thread-count=8
verbose=1
[ppp]
verbose=1
min-mtu=1400
mtu=1500
mru=1500
mss=1440
ccp=0
check-ip=1
mppe=deny
ipv4=require
#ipv6=deny
#ipv6-intf-id=0:0:0:1
#ipv6-peer-intf-id=0:0:0:2
#ipv6-accept-peer-intf-id=1
lcp-echo-interval=10
lcp-echo-failure=3
lcp-echo-timeout=3
unit-cache=1000
[pptp]
verbose=1
bind=10.184.0.10
echo-interval=1
#ip-pool=pptp
[client-ip-range]
disable
[radius]
verbose=5
interim-verbose=5
dictionary=/usr/local/share/accel-ppp/radius/dictionary
nas-identifier=accel-pppd
nas-ip-address=10.184.0.10
server=10.184.0.20,test,auth-port=1812,acct-port=1813,req-limit=0,fail-time=0,weight=1
dae-server=10.184.0.10:3799,test
acct-interim-interval=600
timeout=3
max-try=3
acct-timeout=0
[ip-pool]
attr=Framed-Pool
gw=10.10.0.1/24,name=test
gw=10.0.0.1/24
10.10.0.1-255,name=test
10.0.0.2/24
[log]
log-file=/var/log/accel-ppp/accel-ppp.log
log-emerg=/var/log/accel-ppp/emerg.log
log-fail-file=/var/log/accel-ppp/auth-fail.log
log-debug=/var/log/accel-ppp/debug.log
copy=1
level=5
Code: Select all
[2016-01-28 13:25:23.369] accel-ppp version 5b44e480d387916fe19f93caa45faac954444f9c
[2016-01-28 13:25:30.377] pptp: new connection from 10.184.0.201
[2016-01-28 13:25:30.379] : : recv [PPTP Start-Ctrl-Conn-Request <Version 1> <Framing 1> <Bearer 1> <Max-Chan 0>]
[2016-01-28 13:25:30.379] : : send [PPTP Start-Ctrl-Conn-Reply <Version 1> <Result 1> <Error 0> <Framing 3> <Bearer 3> <Max-Chan 1>]
[2016-01-28 13:25:30.379] : : recv [PPTP Outgoing-Call-Request <Call-ID d3bc> <Call-Serial 29> <Min-BPS 300> <Max-BPS 100000000> <Bearer 3> <Framing 3> <Window-Size 64> <Delay 0>]
[2016-01-28 13:25:30.379] : : send [PPTP Outgoing-Call-Reply <Call-ID 1e> <Peer-Call-ID d3bc> <Result 1> <Error 0> <Cause 0> <Speed 100000000> <Window-Size 64> <Delay 0> <Channel 0>]
[2016-01-28 13:25:30.380] : : lcp_layer_init
[2016-01-28 13:25:30.380] : : auth_layer_init
[2016-01-28 13:25:30.380] : : ccp_layer_init
[2016-01-28 13:25:30.380] : : ipcp_layer_init
[2016-01-28 13:25:30.380] : : ipv6cp_layer_init
[2016-01-28 13:25:30.380] : : ppp establishing
[2016-01-28 13:25:30.380] : 2e91bfa274a4d26c: lcp_layer_start
[2016-01-28 13:25:30.380] : 2e91bfa274a4d26c: send [LCP ConfReq id=1 <mru 1436> <magic 3a86d445>]
[2016-01-28 13:25:30.703] : 2e91bfa274a4d26c: recv [PPTP Set-Link-Info]
[2016-01-28 13:25:30.727] : 2e91bfa274a4d26c: recv [LCP ConfReq id=0 <mru 1400> <magic 155c40ec> <pcomp> <accomp> < d 3 6 >]
[2016-01-28 13:25:30.727] : 2e91bfa274a4d26c: send [LCP ConfRej id=0 <pcomp> <accomp> < d 3 6 >]
[2016-01-28 13:25:30.728] : 2e91bfa274a4d26c: recv [LCP ConfReq id=1 <mru 1400> <magic 155c40ec>]
[2016-01-28 13:25:30.728] : 2e91bfa274a4d26c: send [LCP ConfAck id=1 ]
[2016-01-28 13:25:31.380] : 2e91bfa274a4d26c: send [PPTP Echo-Request <Identifier 4fe12f61>]
[2016-01-28 13:25:31.381] : 2e91bfa274a4d26c: recv [PPTP Echo-Reply <Identifier 4fe12f61>]
[2016-01-28 13:25:32.380] : 2e91bfa274a4d26c: send [PPTP Echo-Request <Identifier 23502a61>]
[2016-01-28 13:25:32.381] : 2e91bfa274a4d26c: recv [PPTP Echo-Reply <Identifier 23502a61>]
[2016-01-28 13:25:33.380] : 2e91bfa274a4d26c: fsm timeout 9
[2016-01-28 13:25:33.380] : 2e91bfa274a4d26c: send [LCP ConfReq id=1 <mru 1436> <magic 3a86d445>]
[2016-01-28 13:25:33.380] : 2e91bfa274a4d26c: send [PPTP Echo-Request <Identifier 128d98b7>]
[2016-01-28 13:25:33.381] : 2e91bfa274a4d26c: recv [PPTP Echo-Reply <Identifier 128d98b7>]
[2016-01-28 13:25:33.382] : 2e91bfa274a4d26c: recv [LCP ConfAck id=1 <mru 1436> <magic 3a86d445>]
[2016-01-28 13:25:33.382] : 2e91bfa274a4d26c: lcp_layer_started
[2016-01-28 13:25:33.382] : 2e91bfa274a4d26c: auth_layer_start
[2016-01-28 13:25:33.382] : 2e91bfa274a4d26c: auth_layer_started
[2016-01-28 13:25:33.382] : 2e91bfa274a4d26c: ccp_layer_start
[2016-01-28 13:25:33.382] : 2e91bfa274a4d26c: ccp: failed to get flags: Bad file descriptor
[2016-01-28 13:25:33.382] : 2e91bfa274a4d26c: ipcp_layer_start
[2016-01-28 13:25:33.382] : 2e91bfa274a4d26c: send [IPCP ConfReq id=1 <addr 0.0.0.0>]
[2016-01-28 13:25:33.382] : 2e91bfa274a4d26c: ppp_unit_send: short write -1, excpected 12
[2016-01-28 13:25:33.382] : 2e91bfa274a4d26c: ipv6cp_layer_start
[2016-01-28 13:25:33.382] : 2e91bfa274a4d26c: recv [PPTP Set-Link-Info]
[2016-01-28 13:25:33.383] : 2e91bfa274a4d26c: recv [LCP Ident id=2 <MSRASV5.20>]
[2016-01-28 13:25:33.383] : 2e91bfa274a4d26c: recv [LCP Ident id=3 <MSRAS-0-NB-PC>]
[2016-01-28 13:25:33.383] : 2e91bfa274a4d26c: recv [LCP Ident id=4 <▒'_Y▒▒A▒▒▒K1$s&>]
[2016-01-28 13:25:33.387] : 2e91bfa274a4d26c: send [LCP ProtoRej id=3 <8021>]
[2016-01-28 13:25:33.588] : 2e91bfa274a4d26c: recv [PPTP Set-Link-Info]
[2016-01-28 13:25:33.589] : 2e91bfa274a4d26c: recv [LCP TermReq id=6]
[2016-01-28 13:25:33.589] : 2e91bfa274a4d26c: send [LCP TermAck id=6]
[2016-01-28 13:25:33.589] : 2e91bfa274a4d26c: terminate
[2016-01-28 13:25:33.589] : 2e91bfa274a4d26c: lcp_layer_finish
[2016-01-28 13:25:33.589] : 2e91bfa274a4d26c: auth_layer_finish
[2016-01-28 13:25:33.589] : 2e91bfa274a4d26c: auth_layer_finished
[2016-01-28 13:25:33.589] : 2e91bfa274a4d26c: ccp_layer_finish
[2016-01-28 13:25:33.589] : 2e91bfa274a4d26c: ccp: failed to get flags: Bad file descriptor
[2016-01-28 13:25:33.589] : 2e91bfa274a4d26c: ccp_layer_finished
[2016-01-28 13:25:33.589] : 2e91bfa274a4d26c: ipcp_layer_finish
[2016-01-28 13:25:33.589] : 2e91bfa274a4d26c: ipcp_layer_finished
[2016-01-28 13:25:33.589] : 2e91bfa274a4d26c: ipv6cp_layer_finish
[2016-01-28 13:25:33.589] : 2e91bfa274a4d26c: ipv6cp_layer_finished
[2016-01-28 13:25:33.605] : 2e91bfa274a4d26c: recv [PPTP Call-Clear-Request <Call-ID d3bc>]
[2016-01-28 13:25:33.654] : 2e91bfa274a4d26c: lcp_layer_free
[2016-01-28 13:25:33.655] : 2e91bfa274a4d26c: auth_layer_free
[2016-01-28 13:25:33.655] : 2e91bfa274a4d26c: ccp_layer_free
[2016-01-28 13:25:33.655] : 2e91bfa274a4d26c: ipcp_layer_free
[2016-01-28 13:25:33.655] : 2e91bfa274a4d26c: ipv6cp_layer_free
[2016-01-28 13:25:33.655] : 2e91bfa274a4d26c: send [PPTP Call-Disconnect-Notify <Call-ID bcd3> <Result 4> <Error 0> <Cause 0>]
[2016-01-28 13:25:34.696] : 2e91bfa274a4d26c: recv [PPTP Stop-Ctrl-Conn-Request <Reason 1>]
[2016-01-28 13:25:34.696] : 2e91bfa274a4d26c: send [PPTP Stop-Ctrl-Conn-Reply <Result 1> <Error 0>]
[2016-01-28 13:25:34.696] : 2e91bfa274a4d26c: pptp: disconnect
[2016-01-28 13:25:34.696] : 2e91bfa274a4d26c: disconnected
попробовал версию 1.9.0 ацеля, клиент также не подключаеться, в логах следующее
Code: Select all
[2016-01-28 13:19:27.073] accel-ppp version 1.9.0
[2016-01-28 13:19:30.999] pptp: new connection from 10.184.0.201
[2016-01-28 13:19:31.002] : : recv [PPTP Start-Ctrl-Conn-Request <Version 1> <Framing 1> <Bearer 1> <Max-Chan 0>]
[2016-01-28 13:19:31.002] : : send [PPTP Start-Ctrl-Conn-Reply <Version 1> <Result 1> <Error 0> <Framing 3> <Bearer 3> <Max-Chan 1>]
[2016-01-28 13:19:31.003] : : recv [PPTP Outgoing-Call-Request <Call-ID caac> <Call-Serial 28> <Min-BPS 300> <Max-BPS 100000000> <Bearer 3> <Framing 3> <Window-Size 64> <Delay 0>]
[2016-01-28 13:19:31.003] : : send [PPTP Outgoing-Call-Reply <Call-ID 1d> <Peer-Call-ID caac> <Result 1> <Error 0> <Cause 0> <Speed 100000000> <Window-Size 64> <Delay 0> <Channel 0>]
[2016-01-28 13:19:31.003] ppp0: : connect: ppp0 <--> pptp(10.184.0.201)
[2016-01-28 13:19:31.003] ppp0: : lcp_layer_init
[2016-01-28 13:19:31.003] ppp0: : auth_layer_init
[2016-01-28 13:19:31.003] ppp0: : ccp_layer_init
[2016-01-28 13:19:31.003] ppp0: : ipcp_layer_init
[2016-01-28 13:19:31.003] ppp0: : ipv6cp_layer_init
[2016-01-28 13:19:31.003] ppp0: : ppp established
[2016-01-28 13:19:31.004] ppp0: 2e91bfa274a4ce83: lcp_layer_start
[2016-01-28 13:19:31.004] ppp0: 2e91bfa274a4ce83: send [LCP ConfReq id=1 <mru 1436> <magic 2bf876ee>]
[2016-01-28 13:19:31.275] ppp0: 2e91bfa274a4ce83: recv [PPTP Set-Link-Info]
[2016-01-28 13:19:31.299] ppp0: 2e91bfa274a4ce83: recv [LCP ConfReq id=0 <mru 1400> <magic 2c737865> <pcomp> <accomp> < d 3 6 >]
[2016-01-28 13:19:31.300] ppp0: 2e91bfa274a4ce83: send [LCP ConfRej id=0 <pcomp> <accomp> < d 3 6 >]
[2016-01-28 13:19:31.303] ppp0: 2e91bfa274a4ce83: recv [LCP ConfReq id=1 <mru 1400> <magic 2c737865>]
[2016-01-28 13:19:31.303] ppp0: 2e91bfa274a4ce83: send [LCP ConfAck id=1 ]
[2016-01-28 13:19:32.004] ppp0: 2e91bfa274a4ce83: send [PPTP Echo-Request <Identifier 71db7e02>]
[2016-01-28 13:19:32.005] ppp0: 2e91bfa274a4ce83: recv [PPTP Echo-Reply <Identifier 71db7e02>]
[2016-01-28 13:19:33.004] ppp0: 2e91bfa274a4ce83: send [PPTP Echo-Request <Identifier 1fa33267>]
[2016-01-28 13:19:33.005] ppp0: 2e91bfa274a4ce83: recv [PPTP Echo-Reply <Identifier 1fa33267>]
[2016-01-28 13:19:34.004] ppp0: 2e91bfa274a4ce83: send [PPTP Echo-Request <Identifier 174bde99>]
[2016-01-28 13:19:34.004] ppp0: 2e91bfa274a4ce83: fsm timeout 9
[2016-01-28 13:19:34.004] ppp0: 2e91bfa274a4ce83: send [LCP ConfReq id=1 <mru 1436> <magic 2bf876ee>]
[2016-01-28 13:19:34.005] ppp0: 2e91bfa274a4ce83: recv [PPTP Echo-Reply <Identifier 174bde99>]
[2016-01-28 13:19:34.006] ppp0: 2e91bfa274a4ce83: recv [LCP ConfAck id=1 <mru 1436> <magic 2bf876ee>]
[2016-01-28 13:19:34.006] ppp0: 2e91bfa274a4ce83: lcp_layer_started
[2016-01-28 13:19:34.006] ppp0: 2e91bfa274a4ce83: auth_layer_start
[2016-01-28 13:19:34.006] ppp0: 2e91bfa274a4ce83: auth_layer_started
[2016-01-28 13:19:34.006] ppp0: 2e91bfa274a4ce83: ccp_layer_start
[2016-01-28 13:19:34.006] ppp0: 2e91bfa274a4ce83: ipcp_layer_start
[2016-01-28 13:19:34.006] ppp0: 2e91bfa274a4ce83: send [IPCP ConfReq id=1 <addr 0.0.0.0>]
[2016-01-28 13:19:34.006] ppp0: 2e91bfa274a4ce83: ipv6cp_layer_start
[2016-01-28 13:19:34.006] ppp0: 2e91bfa274a4ce83: recv [PPTP Set-Link-Info]
[2016-01-28 13:19:34.006] ppp0: 2e91bfa274a4ce83: recv [LCP Ident id=2 <MSRASV5.20>]
[2016-01-28 13:19:34.007] ppp0: 2e91bfa274a4ce83: recv [LCP Ident id=3 <MSRAS-0-NB-PC>]
[2016-01-28 13:19:34.007] ppp0: 2e91bfa274a4ce83: recv [LCP Ident id=4 <K▒=▒=▒C▒▒▒>▒RE>]
[2016-01-28 13:19:34.011] ppp0: 2e91bfa274a4ce83: recv [IPCP ConfReq id=5 <addr 0.0.0.0> <dns1 0.0.0.0> <wins1 0.0.0.0> <dns2 0.0.0.0> <wins2 0.0.0.0>]
[2016-01-28 13:19:34.011] ppp0: 2e91bfa274a4ce83: send [IPCP ConfNak id=5 <addr 10.0.0.2>]
[2016-01-28 13:19:34.011] ppp0: 2e91bfa274a4ce83: recv [IPCP ConfRej id=1]
[2016-01-28 13:19:34.011] ppp0: 2e91bfa274a4ce83: terminate
[2016-01-28 13:19:34.011] ppp0: 2e91bfa274a4ce83: lcp_layer_finish
[2016-01-28 13:19:34.011] ppp0: 2e91bfa274a4ce83: send [LCP TermReq id=3]
[2016-01-28 13:19:34.011] ppp0: 2e91bfa274a4ce83: auth_layer_finish
[2016-01-28 13:19:34.011] ppp0: 2e91bfa274a4ce83: auth_layer_finished
[2016-01-28 13:19:34.011] ppp0: 2e91bfa274a4ce83: ccp_layer_finish
[2016-01-28 13:19:34.011] ppp0: 2e91bfa274a4ce83: ccp_layer_finished
[2016-01-28 13:19:34.011] ppp0: 2e91bfa274a4ce83: ipcp_layer_finish
[2016-01-28 13:19:34.011] ppp0: 2e91bfa274a4ce83: ipcp_layer_finished
[2016-01-28 13:19:34.011] ppp0: 2e91bfa274a4ce83: ipv6cp_layer_finish
[2016-01-28 13:19:34.011] ppp0: 2e91bfa274a4ce83: ipv6cp_layer_finished
[2016-01-28 13:19:34.013] ppp0: 2e91bfa274a4ce83: IPCP: discarding packet
[2016-01-28 13:19:34.013] ppp0: 2e91bfa274a4ce83: recv [PPTP Set-Link-Info]
[2016-01-28 13:19:34.014] ppp0: 2e91bfa274a4ce83: recv [LCP TermAck id=3]
[2016-01-28 13:19:34.014] ppp0: 2e91bfa274a4ce83: lcp_layer_finished
[2016-01-28 13:19:34.055] ppp0: 2e91bfa274a4ce83: lcp_layer_free
[2016-01-28 13:19:34.055] ppp0: 2e91bfa274a4ce83: auth_layer_free
[2016-01-28 13:19:34.055] ppp0: 2e91bfa274a4ce83: ccp_layer_free
[2016-01-28 13:19:34.055] ppp0: 2e91bfa274a4ce83: ipcp_layer_free
[2016-01-28 13:19:34.055] ppp0: 2e91bfa274a4ce83: ipv6cp_layer_free
[2016-01-28 13:19:34.055] ppp0: 2e91bfa274a4ce83: ppp destablished
[2016-01-28 13:19:34.055] ppp0: 2e91bfa274a4ce83: pptp: ppp finished
[2016-01-28 13:19:34.055] ppp0: 2e91bfa274a4ce83: send [PPTP Call-Disconnect-Notify <Call-ID acca> <Result 3> <Error 0> <Cause 0>]
[2016-01-28 13:19:34.055] ppp0: 2e91bfa274a4ce83: send [PPTP Stop-Ctrl-Conn-Request <Reason 0>]
[2016-01-28 13:19:34.223] ppp0: 2e91bfa274a4ce83: recv [PPTP Call-Clear-Request <Call-ID caac>]
[2016-01-28 13:19:34.223] ppp0: 2e91bfa274a4ce83: send [PPTP Call-Disconnect-Notify <Call-ID acca> <Result 4> <Error 0> <Cause 0>]
[2016-01-28 13:19:34.223] ppp0: 2e91bfa274a4ce83: recv [PPTP Stop-Ctrl-Conn-Reply <Result 1> <Error 0>]
[2016-01-28 13:19:34.223] ppp0: 2e91bfa274a4ce83: pptp: disconnect
[2016-01-28 13:19:34.223] ppp0: 2e91bfa274a4ce83: disconnected
Code: Select all
lsmod | grep pp
pptp 20986 0
gre 12777 1 pptp
pppox 12594 1 pptp
ppp_generic 30387 2 pptp,pppox
slhc 12531 1 ppp_generic
iTCO_vendor_support 12649 1 iTCO_wdt
pps_core 17225 1 ptp