mpd5.3+freeradius+abills проблема MS-CHAP

Проблемы установки, настройки и работы Правильной Операционной Системы

Модератор: terminus

Правила форума
Убедительная просьба юзать теги [cоde] при оформлении листингов.
Сообщения не оформленные должным образом имеют все шансы быть незамеченными.
Ответить
kolovrat
рядовой
Сообщения: 20
Зарегистрирован: 2009-11-13 3:09:40

mpd5.3+freeradius+abills проблема MS-CHAP

Непрочитанное сообщение kolovrat » 2009-11-13 3:31:55

Доброй ночи!
В общем ситуация такая, стояли несколько mikrotik-ов прикрученных к биллингу abills 0.50, функционал микротиков не позволял реализовать некоторые функции, поэтому решил перейти на mpd и freebsd, с фряхой в первый раз работал, поставил чистую версию FREEBSD-8.0-RC3-AMD64 с netgraph, на нее mpd 5.3, больше ничего не ставил в общем порылся по гуглу настроил mpd, прикрутил его к биллингу(видно не до конца), все ок настроилось за исключением того что авторизация проходит только по CHAP протоколу, MS-CHAP 1 и 2 не хочет проходить, на биллинге. Хотя до этого с микротика проходила... Искал решение вопроса в гугле, многие пишут проверить библиотеки майкрософт фрирадиуса, проверил словари подключены на биллинге..
в общем вот конф mpd

Код: Выделить всё

startup:
        set user kolovrat 123456 admin
        set console self 127.0.0.1 5005
        set console open
        set web self 0.0.0.0 5006
        set web open
        set netflow peer 172.21.5.22 9995
        set netflow self 127.0.0.1 9991
        set netflow timeouts 15 15
        set netflow hook 9000
default:
        load pptp_server

pptp_server:
        set ippool add poolsat 10.87.1.2 10.87.253.253
        create bundle template B
        set iface enable proxy-arp
        set iface idle 0
        set iface enable tcpmssfix
        set iface enable netflow-in netflow-out
        set ipcp yes vjcomp
        set ipcp ranges 10.87.0.1/32 ippool poolsat
        set ipcp dns 212.98.160.65
        set bundle enable compression
        set ccp yes mppc
        set mppc yes e40
        set mppc yes e128
        set mppc yes stareless
#       set mppc yes compress e40 e56 e128 stateless
        create link template L pptp
        set link enable multilink
        set link yes acfcomp protocomp
        set link action bundle B
        set link no pap chap
        set link enable chap
        set link enable chap-msv1
        set link enable chap-msv2
        set link mtu 1460
        set link keep-alive 10 75
        set pptp self 0.0.0.0
        set link enable incoming
        load server_common
server_common:
        set link no pap eap
        set link yes chap-md5
        set link keep-alive 20 60
        set link enable incoming
        set link no acfcomp protocomp
        load radius
radius:
        set radius server 172.21.5.22 123456 1812 1813
#      set radius config /etc/radius.conf
        set radius retries 3
        set auth acct-update 300
        set auth enable radius-auth
        set auth enable radius-acct
        set auth disable internal
        set radius enable message-authentic
Лог того что пишет мпд

Код: Выделить всё

Nov 13 01:00:38 freevpn mpd: [L-1] LCP: rec'd Terminate Request #10 (Opened)
Nov 13 01:00:38 freevpn mpd: [L-1] LCP: state change Opened --> Stopping
Nov 13 01:00:38 freevpn mpd: [L-1] Link: Leave bundle "B-1"
Nov 13 01:00:38 freevpn mpd: [L-1] RADIUS: Accounting user 'kolovrat' (Type: 2)
Nov 13 01:00:38 freevpn mpd: [B-1] Bundle: Status update: up 0 links, total bandwidth 9600 bps
Nov 13 01:00:38 freevpn mpd: [B-1] IPCP: Close event
Nov 13 01:00:38 freevpn mpd: [B-1] IPCP: state change Opened --> Closing
Nov 13 01:00:38 freevpn mpd: [B-1] IPCP: SendTerminateReq #3
Nov 13 01:00:38 freevpn mpd: [B-1] IPCP: LayerDown
Nov 13 01:00:38 freevpn mpd: [B-1] IFACE: Down event
Nov 13 01:00:38 freevpn mpd: [B-1] CCP: Close event
Nov 13 01:00:38 freevpn mpd: [B-1] CCP: state change Stopped --> Closed
Nov 13 01:00:38 freevpn mpd: [B-1] IPCP: Down event
Nov 13 01:00:38 freevpn mpd: [B-1] IPCP: LayerFinish
Nov 13 01:00:38 freevpn mpd: [B-1] Bundle: No NCPs left. Closing links...
Nov 13 01:00:38 freevpn mpd: [B-1] IPCP: state change Closing --> Initial
Nov 13 01:00:38 freevpn mpd: [B-1] CCP: Down event
Nov 13 01:00:38 freevpn mpd: [B-1] CCP: state change Closed --> Initial
Nov 13 01:00:38 freevpn mpd: [B-1] Bundle: Shutdown
Nov 13 01:00:38 freevpn mpd: [L-1] LCP: SendTerminateAck #5
Nov 13 01:00:38 freevpn mpd: [L-1] LCP: LayerDown
Nov 13 01:00:38 freevpn mpd: [L-1] RADIUS: Rec'd RAD_ACCOUNTING_RESPONSE for user 'kolovrat'
Nov 13 01:00:39 freevpn mpd: [L-1] rec'd proto IP during terminate phase
Nov 13 01:00:40 freevpn mpd: [L-1] rec'd proto IP during terminate phase
Nov 13 01:00:40 freevpn mpd: [L-1] LCP: rec'd Terminate Request #11 (Stopping)
Nov 13 01:00:40 freevpn mpd: [L-1] LCP: SendTerminateAck #6
Nov 13 01:00:40 freevpn mpd: [L-1] LCP: state change Stopping --> Stopped
Nov 13 01:00:40 freevpn mpd: [L-1] LCP: LayerFinish
Nov 13 01:00:40 freevpn mpd: [L-1] PPTP call terminated
Nov 13 01:00:40 freevpn mpd: [L-1] Link: DOWN event
Nov 13 01:00:40 freevpn mpd: [L-1] LCP: Close event
Nov 13 01:00:40 freevpn mpd: [L-1] LCP: state change Stopped --> Closed
Nov 13 01:00:40 freevpn mpd: [L-1] LCP: Down event
Nov 13 01:00:40 freevpn mpd: [L-1] LCP: state change Closed --> Initial
Nov 13 01:00:40 freevpn mpd: [L-1] Link: SHUTDOWN event
Nov 13 01:00:40 freevpn mpd: [L-1] Link: Shutdown
Nov 13 01:00:47 freevpn mpd: [L-1] Accepting PPTP connection
Nov 13 01:00:47 freevpn mpd: [L-1] Link: OPEN event
Nov 13 01:00:47 freevpn mpd: [L-1] LCP: Open event
Nov 13 01:00:47 freevpn mpd: [L-1] LCP: state change Initial --> Starting
Nov 13 01:00:47 freevpn mpd: [L-1] LCP: LayerStart
Nov 13 01:00:47 freevpn mpd: [L-1] PPTP: attaching to peer's outgoing call
Nov 13 01:00:47 freevpn mpd: [L-1] Link: UP event
Nov 13 01:00:47 freevpn mpd: [L-1] LCP: Up event
Nov 13 01:00:47 freevpn mpd: [L-1] LCP: state change Starting --> Req-Sent
Nov 13 01:00:47 freevpn mpd: [L-1] LCP: SendConfigReq #1
Nov 13 01:00:47 freevpn mpd: [L-1]   MRU 1500
Nov 13 01:00:47 freevpn mpd: [L-1]   MAGICNUM ba9e9b42
Nov 13 01:00:47 freevpn mpd: [L-1]   AUTHPROTO CHAP MSOFTv2
Nov 13 01:00:47 freevpn mpd: [L-1]   MP MRRU 2048
Nov 13 01:00:47 freevpn mpd: [L-1]   MP SHORTSEQ
Nov 13 01:00:47 freevpn mpd: [L-1]   ENDPOINTDISC [802.1] 00 21 91 19 80 6b
Nov 13 01:00:47 freevpn mpd: [L-1] LCP: rec'd Configure Request #0 (Req-Sent)
Nov 13 01:00:47 freevpn mpd: [L-1]   MRU 1400
Nov 13 01:00:47 freevpn mpd: [L-1]   MAGICNUM 70377f21
Nov 13 01:00:47 freevpn mpd: [L-1]   PROTOCOMP
Nov 13 01:00:47 freevpn mpd: [L-1]   ACFCOMP
Nov 13 01:00:47 freevpn mpd: [L-1]   CALLBACK 6
Nov 13 01:00:47 freevpn mpd: [L-1] LCP: SendConfigRej #0
Nov 13 01:00:47 freevpn mpd: [L-1]   PROTOCOMP
Nov 13 01:00:47 freevpn mpd: [L-1]   ACFCOMP
Nov 13 01:00:47 freevpn mpd: [L-1]   CALLBACK 6
Nov 13 01:00:47 freevpn mpd: [L-1] LCP: rec'd Configure Request #1 (Req-Sent)
Nov 13 01:00:47 freevpn mpd: [L-1]   MRU 1400
Nov 13 01:00:47 freevpn mpd: [L-1]   MAGICNUM 70377f21
Nov 13 01:00:47 freevpn mpd: [L-1] LCP: SendConfigAck #1
Nov 13 01:00:47 freevpn mpd: [L-1]   MRU 1400
Nov 13 01:00:47 freevpn mpd: [L-1]   MAGICNUM 70377f21
Nov 13 01:00:47 freevpn mpd: [L-1] LCP: state change Req-Sent --> Ack-Sent
Nov 13 01:00:49 freevpn mpd: [L-1] LCP: SendConfigReq #2
Nov 13 01:00:49 freevpn mpd: [L-1]   MRU 1500
Nov 13 01:00:49 freevpn mpd: [L-1]   MAGICNUM ba9e9b42
Nov 13 01:00:49 freevpn mpd: [L-1]   AUTHPROTO CHAP MSOFTv2
Nov 13 01:00:49 freevpn mpd: [L-1]   MP MRRU 2048
Nov 13 01:00:49 freevpn mpd: [L-1]   MP SHORTSEQ
Nov 13 01:00:49 freevpn mpd: [L-1]   ENDPOINTDISC [802.1] 00 21 91 19 80 6b
Nov 13 01:00:49 freevpn mpd: [L-1] LCP: rec'd Configure Reject #2 (Ack-Sent)
Nov 13 01:00:49 freevpn mpd: [L-1]   MP MRRU 2048
Nov 13 01:00:49 freevpn mpd: [L-1]   MP SHORTSEQ
Nov 13 01:00:49 freevpn mpd: [L-1]   ENDPOINTDISC [802.1] 00 21 91 19 80 6b
Nov 13 01:00:49 freevpn mpd: [L-1] LCP: SendConfigReq #3
Nov 13 01:00:49 freevpn mpd: [L-1]   MRU 1500
Nov 13 01:00:49 freevpn mpd: [L-1]   MAGICNUM ba9e9b42
Nov 13 01:00:49 freevpn mpd: [L-1]   AUTHPROTO CHAP MSOFTv2
Nov 13 01:00:49 freevpn mpd: [L-1] LCP: rec'd Configure Ack #3 (Ack-Sent)
Nov 13 01:00:49 freevpn mpd: [L-1]   MRU 1500
Nov 13 01:00:49 freevpn mpd: [L-1]   MAGICNUM ba9e9b42
Nov 13 01:00:49 freevpn mpd: [L-1]   AUTHPROTO CHAP MSOFTv2
Nov 13 01:00:49 freevpn mpd: [L-1] LCP: state change Ack-Sent --> Opened
Nov 13 01:00:49 freevpn mpd: [L-1] LCP: auth: peer wants nothing, I want CHAP
Nov 13 01:00:49 freevpn mpd: [L-1] CHAP: sending CHALLENGE #1 len: 21
Nov 13 01:00:49 freevpn mpd: [L-1] LCP: LayerUp
Nov 13 01:00:49 freevpn mpd: [L-1] LCP: rec'd Ident #2 (Opened)
Nov 13 01:00:49 freevpn mpd: [L-1]   MESG: MSRASV5.10
Nov 13 01:00:49 freevpn mpd: [L-1] LCP: rec'd Ident #3 (Opened)
Nov 13 01:00:49 freevpn mpd: [L-1]   MESG: MSRAS-0-XXX-75C15EFC3F8
Nov 13 01:00:49 freevpn mpd: [L-1] CHAP: rec'd RESPONSE #1 len: 62
Nov 13 01:00:49 freevpn mpd: [L-1]   Name: "kolovrat"
Nov 13 01:00:49 freevpn mpd: [L-1] AUTH: Trying RADIUS
Nov 13 01:00:49 freevpn mpd: [L-1] RADIUS: Authenticating user 'kolovrat'
Nov 13 01:00:50 freevpn mpd: [L-1] CHAP: rec'd RESPONSE #1 len: 62
Nov 13 01:00:50 freevpn mpd: [L-1]   Name: "kolovrat"
Nov 13 01:00:50 freevpn mpd: [L-1] CHAP: Auth return status: busy
Nov 13 01:00:51 freevpn mpd: [L-1] RADIUS: Rec'd RAD_ACCESS_REJECT for user 'kolovrat'
Nov 13 01:00:51 freevpn mpd: [L-1] AUTH: RADIUS returned: failed
Nov 13 01:00:51 freevpn mpd: [L-1] AUTH: ran out of backends
Nov 13 01:00:51 freevpn mpd: [L-1] CHAP: Auth return status: failed
Nov 13 01:00:51 freevpn mpd: [L-1] CHAP: Reply message: E=691 R=0 M=Login incorrect
Nov 13 01:00:51 freevpn mpd: [L-1] CHAP: sending FAILURE #1 len: 31
Nov 13 01:00:51 freevpn mpd: [L-1] LCP: authorization failed
Nov 13 01:00:51 freevpn mpd: [L-1] LCP: parameter negotiation failed
Nov 13 01:00:51 freevpn mpd: [L-1] LCP: state change Opened --> Stopping
Nov 13 01:00:51 freevpn mpd: [L-1] LCP: SendTerminateReq #4
Nov 13 01:00:51 freevpn mpd: [L-1] LCP: LayerDown
Nov 13 01:00:51 freevpn mpd: [L-1] LCP: rec'd Terminate Ack #4 (Stopping)
Nov 13 01:00:51 freevpn mpd: [L-1] LCP: state change Stopping --> Stopped
Nov 13 01:00:51 freevpn mpd: [L-1] LCP: LayerFinish
Nov 13 01:00:51 freevpn mpd: [L-1] PPTP call terminated
Nov 13 01:00:51 freevpn mpd: [L-1] Link: DOWN event
Nov 13 01:00:51 freevpn mpd: [L-1] LCP: Close event
Nov 13 01:00:51 freevpn mpd: [L-1] LCP: state change Stopped --> Closed
Nov 13 01:00:51 freevpn mpd: [L-1] LCP: Down event
Nov 13 01:00:51 freevpn mpd: [L-1] LCP: state change Closed --> Initial
Nov 13 01:00:51 freevpn mpd: [L-1] Link: SHUTDOWN event
Nov 13 01:00:51 freevpn mpd: [L-1] Link: Shutdown
Nov 13 01:00:52 freevpn mpd: [L-1] Accepting PPTP connection
Nov 13 01:00:52 freevpn mpd: [L-1] Link: OPEN event
Nov 13 01:00:52 freevpn mpd: [L-1] LCP: Open event
Nov 13 01:00:52 freevpn mpd: [L-1] LCP: state change Initial --> Starting
Nov 13 01:00:52 freevpn mpd: [L-1] LCP: LayerStart
Nov 13 01:00:52 freevpn mpd: [L-1] PPTP: attaching to peer's outgoing call
Nov 13 01:00:52 freevpn mpd: [L-1] Link: UP event
Nov 13 01:00:52 freevpn mpd: [L-1] LCP: Up event
Nov 13 01:00:52 freevpn mpd: [L-1] LCP: state change Starting --> Req-Sent
Nov 13 01:00:52 freevpn mpd: [L-1] LCP: SendConfigReq #1
Nov 13 01:00:52 freevpn mpd: [L-1]   MRU 1500
Nov 13 01:00:52 freevpn mpd: [L-1]   MAGICNUM 26aa3494
Nov 13 01:00:52 freevpn mpd: [L-1]   AUTHPROTO CHAP MSOFTv2
Nov 13 01:00:52 freevpn mpd: [L-1]   MP MRRU 2048
Nov 13 01:00:52 freevpn mpd: [L-1]   MP SHORTSEQ
Nov 13 01:00:52 freevpn mpd: [L-1]   ENDPOINTDISC [802.1] 00 21 91 19 80 6b
Nov 13 01:00:52 freevpn mpd: [L-1] LCP: rec'd Configure Request #0 (Req-Sent)
Nov 13 01:00:52 freevpn mpd: [L-1]   MRU 1400
Nov 13 01:00:52 freevpn mpd: [L-1]   MAGICNUM 36c84979
Nov 13 01:00:52 freevpn mpd: [L-1]   PROTOCOMP
Nov 13 01:00:52 freevpn mpd: [L-1]   ACFCOMP
Nov 13 01:00:52 freevpn mpd: [L-1]   CALLBACK 6
Nov 13 01:00:52 freevpn mpd: [L-1] LCP: SendConfigRej #0
Nov 13 01:00:52 freevpn mpd: [L-1]   PROTOCOMP
Nov 13 01:00:52 freevpn mpd: [L-1]   ACFCOMP
Nov 13 01:00:52 freevpn mpd: [L-1]   CALLBACK 6
Nov 13 01:00:52 freevpn mpd: [L-1] LCP: rec'd Configure Request #1 (Req-Sent)
Nov 13 01:00:52 freevpn mpd: [L-1]   MRU 1400
Nov 13 01:00:52 freevpn mpd: [L-1]   MAGICNUM 36c84979
Nov 13 01:00:52 freevpn mpd: [L-1] LCP: SendConfigAck #1
Nov 13 01:00:52 freevpn mpd: [L-1]   MRU 1400
Nov 13 01:00:52 freevpn mpd: [L-1]   MAGICNUM 36c84979
Nov 13 01:00:52 freevpn mpd: [L-1] LCP: state change Req-Sent --> Ack-Sent
Nov 13 01:00:54 freevpn mpd: [L-1] LCP: SendConfigReq #2
Nov 13 01:00:54 freevpn mpd: [L-1]   MRU 1500
Nov 13 01:00:54 freevpn mpd: [L-1]   MAGICNUM 26aa3494
Nov 13 01:00:54 freevpn mpd: [L-1]   AUTHPROTO CHAP MSOFTv2
Nov 13 01:00:54 freevpn mpd: [L-1]   MP MRRU 2048
Nov 13 01:00:54 freevpn mpd: [L-1]   MP SHORTSEQ
Nov 13 01:00:54 freevpn mpd: [L-1]   ENDPOINTDISC [802.1] 00 21 91 19 80 6b
Nov 13 01:00:54 freevpn mpd: [L-1] LCP: rec'd Configure Reject #2 (Ack-Sent)
Nov 13 01:00:54 freevpn mpd: [L-1]   MP MRRU 2048
Nov 13 01:00:54 freevpn mpd: [L-1]   MP SHORTSEQ
Nov 13 01:00:54 freevpn mpd: [L-1]   ENDPOINTDISC [802.1] 00 21 91 19 80 6b
Nov 13 01:00:54 freevpn mpd: [L-1] LCP: SendConfigReq #3
Nov 13 01:00:54 freevpn mpd: [L-1]   MRU 1500
Nov 13 01:00:54 freevpn mpd: [L-1]   MAGICNUM 26aa3494
Nov 13 01:00:54 freevpn mpd: [L-1]   AUTHPROTO CHAP MSOFTv2
Nov 13 01:00:54 freevpn mpd: [L-1] LCP: rec'd Configure Ack #3 (Ack-Sent)
Nov 13 01:00:54 freevpn mpd: [L-1]   MRU 1500
Nov 13 01:00:54 freevpn mpd: [L-1]   MAGICNUM 26aa3494
Nov 13 01:00:54 freevpn mpd: [L-1]   AUTHPROTO CHAP MSOFTv2
Nov 13 01:00:54 freevpn mpd: [L-1] LCP: state change Ack-Sent --> Opened
Nov 13 01:00:54 freevpn mpd: [L-1] LCP: auth: peer wants nothing, I want CHAP
Nov 13 01:00:54 freevpn mpd: [L-1] CHAP: sending CHALLENGE #1 len: 21
Nov 13 01:00:54 freevpn mpd: [L-1] LCP: LayerUp
Nov 13 01:00:54 freevpn mpd: [L-1] LCP: rec'd Ident #2 (Opened)
Nov 13 01:00:54 freevpn mpd: [L-1]   MESG: MSRASV5.10
Nov 13 01:00:54 freevpn mpd: [L-1] LCP: rec'd Ident #3 (Opened)
Nov 13 01:00:54 freevpn mpd: [L-1]   MESG: MSRAS-0-XXX-75C15EFC3F8
Nov 13 01:00:54 freevpn mpd: [L-1] CHAP: rec'd RESPONSE #1 len: 62
Nov 13 01:00:54 freevpn mpd: [L-1]   Name: "kolovrat"
Nov 13 01:00:54 freevpn mpd: [L-1] AUTH: Trying RADIUS
Nov 13 01:00:54 freevpn mpd: [L-1] RADIUS: Authenticating user 'kolovrat'
Nov 13 01:00:55 freevpn mpd: [L-1] RADIUS: Rec'd RAD_ACCESS_REJECT for user 'kolovrat'
Nov 13 01:00:55 freevpn mpd: [L-1] AUTH: RADIUS returned: failed
Nov 13 01:00:55 freevpn mpd: [L-1] AUTH: ran out of backends
Nov 13 01:00:55 freevpn mpd: [L-1] CHAP: Auth return status: failed
Nov 13 01:00:55 freevpn mpd: [L-1] CHAP: Reply message: E=691 R=0 M=Login incorrect
Nov 13 01:00:55 freevpn mpd: [L-1] CHAP: sending FAILURE #1 len: 31
Nov 13 01:00:55 freevpn mpd: [L-1] LCP: authorization failed
Nov 13 01:00:55 freevpn mpd: [L-1] LCP: parameter negotiation failed
Nov 13 01:00:55 freevpn mpd: [L-1] LCP: state change Opened --> Stopping
Nov 13 01:00:55 freevpn mpd: [L-1] LCP: SendTerminateReq #4
Nov 13 01:00:55 freevpn mpd: [L-1] LCP: LayerDown
Nov 13 01:00:55 freevpn mpd: [L-1] LCP: rec'd Terminate Ack #4 (Stopping)
Nov 13 01:00:55 freevpn mpd: [L-1] LCP: state change Stopping --> Stopped
Nov 13 01:00:55 freevpn mpd: [L-1] LCP: LayerFinish
Nov 13 01:00:55 freevpn mpd: [L-1] PPTP call terminated
Nov 13 01:00:55 freevpn mpd: [L-1] Link: DOWN event
Nov 13 01:00:55 freevpn mpd: [L-1] LCP: Close event
Nov 13 01:00:55 freevpn mpd: [L-1] LCP: state change Stopped --> Closed
Nov 13 01:00:55 freevpn mpd: [L-1] LCP: Down event
Nov 13 01:00:55 freevpn mpd: [L-1] LCP: state change Closed --> Initial
Nov 13 01:00:55 freevpn mpd: [L-1] Link: SHUTDOWN event
Nov 13 01:00:55 freevpn mpd: [L-1] Link: Shutdown
Подскажите куда копать...
Вернуться к началу
Хостинговая компания Host-Food.ru
Хостинг HostFood.ru
 

Услуги хостинговой компании Host-Food.ru

Хостинг HostFood.ru

Тарифы на хостинг в России, от 12 рублей: https://www.host-food.ru/tariffs/hosting/
Тарифы на виртуальные сервера (VPS/VDS/KVM) в РФ, от 189 руб.: https://www.host-food.ru/tariffs/virtualny-server-vps/
Выделенные сервера, Россия, Москва, от 2000 рублей (HP Proliant G5, Intel Xeon E5430 (2.66GHz, Quad-Core, 12Mb), 8Gb RAM, 2x300Gb SAS HDD, P400i, 512Mb, BBU):
https://www.host-food.ru/tariffs/vydelennyi-server-ds/
Недорогие домены в популярных зонах: https://www.host-food.ru/domains/
Вернуться к началу
Аватара пользователя
schizoid
подполковник
Сообщения: 3228
Зарегистрирован: 2007-03-03 17:32:31
Откуда: Украина, Чернигов
Контактная информация:
Контактная информация пользователя schizoid

Re: mpd5.3+freeradius+abills проблема MS-CHAP

Непрочитанное сообщение schizoid » 2009-11-13 18:40:51

http://www.lissyara.su/?id=1987
ядерный взрыв...смертельно красиво...жаль, что не вечно...
Вернуться к началу
kolovrat
рядовой
Сообщения: 20
Зарегистрирован: 2009-11-13 3:09:40

Re: mpd5.3+freeradius+abills проблема MS-CHAP

Непрочитанное сообщение kolovrat » 2009-11-13 19:53:37

перечитал все статьи в инете по поводу настройки, так что ссылки можете не давать, дайте лучше совет, проблема как я понимаю во freeradius, точнее в моих руках которые не могут настроить конфиг.
на данный момент во radiusd.conf
authorize {
pre_auth
preprocess
mschap
files
}

если поменять на то как написано в статье
authorize {
preprocess
# chap
# counter
# attr_filter
# eap
# suffix
files
# etc_smbpasswd
# sql
mschap
pre_auth
}

то тогда не проходит авторизация на микротике и пишет шибка 778 "Невозможно проверить идентичность сервера", а на mpd пишет туже 691 ошибку...


вот ещё часть кода из radiusd.conf

Код: Выделить всё

preprocess {
		huntgroups = ${confdir}/huntgroups
		hints = ${confdir}/hints
		with_ascend_hack = no
		ascend_channels_per_line = 23
		with_ntdomain_hack = no
		with_specialix_jetstream_hack = no
		with_cisco_vsa_hack = no
	}

files {
		usersfile = ${confdir}/users
		acctusersfile = ${confdir}/acct_users
		preproxy_usersfile = ${confdir}/preproxy_users
		compat = no
	}

	Auth-Type MS-CHAP {
		mschap
	}

mschap {
                #authtype = MS-CHAP
                #use_mppe = yes
         #      authtype= MS-CHAP
	#	use_mppe = no
		#require_encryption = yes
		#require_strong = yes
		#with_ntdomain_hack = no
		#ntlm_auth = "/path/to/ntlm_auth --request-nt-key --username=%{Stripped-User-Name:-%{User-Name:-None}} --challenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}"
	}

        exec pre_auth {
                wait = yes
                program = "/usr/abills/libexec/rauth.pl pre_auth"
                input_pairs = request
                output_pairs = config
        }
Вернуться к началу
Аватара пользователя
agat
мл. сержант
Сообщения: 138
Зарегистрирован: 2009-10-27 1:21:55
Откуда: Солнечная система, планета Земля, Россия
Контактная информация:
Контактная информация пользователя agat

Re: mpd5.3+freeradius+abills проблема MS-CHAP

Непрочитанное сообщение agat » 2009-11-13 20:42:01

Вот мой конфиг mpd авторизация не только ms chap v2 но и c md5 проскакивает(нужно для тупых роутеров) + шифрование канала виндовые клиенты конектятся в ms chap v2 без снятия галки требовать шифрование данных иначе отключатся + можно посмотреть в веб интерфейсе кто там заподключен на текущий момент и что там у него происходит
доступ к веб h@@p://192.168.0.1:8080 login: user pass: pass , а так же можно посмотреть в telnet 127.0.0.1 на порту 232

Код: Выделить всё

startup:
    set user user pass admin.
    set console self 127.0.0.1 232.
    set console open
    set web self 192.168.0.1 8080
    set web open

    set netflow peer 192.168.0.2 9996 #нетфлоу v5 статистика с интерфейсов ng
    set netflow timeouts 15 15

default:
    load pptp_server

pptp_server:
    create bundle template P
    set ipcp ranges 10.10.0.1/32 10.10.0.0/24
    set iface enable proxy-arp
    set iface enable netflow-in
    set iface enable netflow-out
    set iface enable tcpmssfix
    set ipcp yes vjcomp
    set ipcp dns 192.168.0.2
    set bundle enable compression
    set ccp yes mppc
    set mppc yes e40
    set mppc yes e56
    set mppc yes e128
    set mppc yes stateless
    create link template L pptp
    set link action bundle P
    set link enable multilink
    set link yes acfcomp protocomp
    set link no pap chap eap
    set link enable chap
    load radius
    set link keep-alive 10 60
    set link mtu 1460
    set link enable peer-as-calling
    set link enable incoming

radius:
    set auth max-logins 1
    set auth disable internal
    set auth enable radius-auth
    set auth enable radius-acct
    set radius retries 3
    set radius timeout 5
    set radius config /etc/radius.conf
    set radius server 192.168.0.1  passwordsecretradius 1812 1813
    set radius me 192.168.0.1

работает уже больше года без каких либо изменений, а то что нагрузка видите ли на шифрование и на сжатие канала, так по другому нельзя, сеть полностью на wifi... сниферята мне ни к чему
Вернуться к началу
Гость
проходил мимо

Re: mpd5.3+freeradius+abills проблема MS-CHAP

Непрочитанное сообщение Гость » 2009-11-13 21:13:12

дебаг фрирадиуса вас всех спасет
Вернуться к началу
Аватара пользователя
schizoid
подполковник
Сообщения: 3228
Зарегистрирован: 2007-03-03 17:32:31
Откуда: Украина, Чернигов
Контактная информация:
Контактная информация пользователя schizoid

Re: mpd5.3+freeradius+abills проблема MS-CHAP

Непрочитанное сообщение schizoid » 2009-11-13 23:46:28

какая версия радиуса?
ядерный взрыв...смертельно красиво...жаль, что не вечно...
Вернуться к началу
kolovrat
рядовой
Сообщения: 20
Зарегистрирован: 2009-11-13 3:09:40

Re: mpd5.3+freeradius+abills проблема MS-CHAP

Непрочитанное сообщение kolovrat » 2009-11-14 2:29:47

freeradius 1.1.7-1build4
Вернуться к началу
kolovrat
рядовой
Сообщения: 20
Зарегистрирован: 2009-11-13 3:09:40

Re: mpd5.3+freeradius+abills проблема MS-CHAP

Непрочитанное сообщение kolovrat » 2009-11-15 15:26:31

подскажете чтонить?
Вернуться к началу
Аватара пользователя
schizoid
подполковник
Сообщения: 3228
Зарегистрирован: 2007-03-03 17:32:31
Откуда: Украина, Чернигов
Контактная информация:
Контактная информация пользователя schizoid

Re: mpd5.3+freeradius+abills проблема MS-CHAP

Непрочитанное сообщение schizoid » 2009-11-16 12:09:29

у меня такой же. все работает.
попробуйте таки конфиги со статьи. может заработает?
ядерный взрыв...смертельно красиво...жаль, что не вечно...
Вернуться к началу