Проблемы такие:
Через некоторое время работы радиус перестает авторизовывать новых пользователей, те, которые уже законнектились - работают нормально.
В логах такие сообщения:
radius_main.log:
mpd.log:?Debug : Nov 16 14:06:19 RADIUS Auth: Packet from <host.domain.ru>
?Debug : Nov 16 14:06:19 RADIUS Auth: User <test3> connecting
?Debug : Nov 16 14:06:19 RADIUS DBA: NAS found. Data size <0>
?Debug : Nov 16 14:06:19 RADIUS DBA: Info for login <test3> found. type <1>
?Debug : Nov 16 14:06:19 RADIUS Auth: Auth scheme: MS-CHAPv2
?Debug : Nov 16 14:06:19 RADIUS Auth: MS-CHAPv2: Rejected user <test3>
Notice: Nov 16 14:06:19 RADIUS Auth: Authorization failed for user <test3>
Notice: Nov 16 14:06:19 RADIUS Auth: Authorization failed for user <test3>
Nov 16 14:09:49 stat mpd: Name: "test3"
Nov 16 14:09:49 stat mpd: [pptp8] AUTH: Auth-Thread started
Nov 16 14:09:49 stat mpd: [pptp8] AUTH: Trying RADIUS
Nov 16 14:09:49 stat mpd: [pptp8] RADIUS: using /etc/radius.conf
Nov 16 14:09:49 stat mpd: [pptp8] RADIUS: RadiusAddServer Adding 127.0.0.1
Nov 16 14:09:49 stat mpd: [pptp8] RADIUS: RadiusPutAuth: RADIUS_CHAP (MSOFTv2) peer name: test3
Nov 16 14:09:49 stat mpd: [pptp8] RADIUS: rec'd RAD_ACCESS_REJECT for user test3
Nov 16 14:09:49 stat mpd: [pptp8] RADIUS: RadiusGetParams: RAD_REPLY_MESSAGE: (null)
Nov 16 14:09:49 stat mpd: [pptp8] RADIUS: RadiusGetParams: PANIC no MS-CHAPv2 response received
Nov 16 14:09:49 stat mpd: [pptp8] AUTH: RADIUS returned failed
Nov 16 14:09:49 stat mpd: [pptp8] AUTH: Trying secret file: mpd.secret
Nov 16 14:09:49 stat mpd: Peer name: "test3"
Nov 16 14:09:49 stat mpd: User "test3" not found in secret file
Nov 16 14:09:49 stat mpd: [pptp8] AUTH: Auth-Thread finished normally
Nov 16 14:09:49 stat mpd: [pptp8] CHAP: ChapInputFinish: status failed
Nov 16 14:09:49 stat mpd: [pptp8] CHAP: sending FAILURE len:29
Nov 16 14:09:49 stat mpd: [pptp8] LCP: authorization failed
Nov 16 14:09:49 stat mpd: [pptp8] device: CLOSE event in state UP
Nov 16 14:09:49 stat mpd: pptp8-0: clearing call
Nov 16 14:09:49 stat mpd: pptp8-0: killing channel
Nov 16 14:09:49 stat mpd: [pptp8] PPTP call terminated
Nov 16 14:09:49 stat mpd: [pptp8] IFACE: Close event
Nov 16 14:09:49 stat mpd: [pptp8] IPCP: Close event
Nov 16 14:09:49 stat mpd: [pptp8] IPCP: state change Starting --> Initial
Nov 16 14:09:49 stat mpd: [pptp8] IPCP: LayerFinish
Nov 16 14:09:49 stat mpd: [pptp8] IFACE: Close event
Причем, если прописать в mpd.secret любого пользователя и любой пароль и законнектится им, то после этого остальные пользователи уже могут нормально авторизоваться через радиус.
По видимому глюк возникает после отключения пользователя по таймауту (т.е. если соединение не было закрыто нормальным образом)
Настройки радиуса:
radius_auth_mppe=enable
radius_auth_vap=1
radius_auth_null=0
radius_ippool_timeout=5
radius_ippool_acct_timeout=5
radius_max_session_age=0
mpd.conf:
10.10.10.1 - адрес, на котором слушает MPD, радиус и биллинг находятся на этом же хостеpptp1:
new -i ng1 pptp1 pptp1
load pptp_standart
pptp2:
new -i ng2 pptp2 pptp2
load pptp_standart
pptp3:
new -i ng3 pptp3 pptp3
load pptp_standart
pptp_standart:
set iface disable on-demand
set bundle disable multilink
set link yes acfcomp protocomp
set iface enable tcpmssfix
set link no pap chap
set link enable chap-msv2
set link keep-alive 60 180
set ipcp yes vjcomp
set ipcp dns 10.10.10.1
set iface enable proxy-arp
set bundle enable compression
set ccp yes mppc
set ccp yes mpp-e40
set ccp yes mpp-e128
set ccp yes mpp-stateless
set pptp self 10.10.10.1 1723
set pptp enable always-ack
set pptp disable delayed-ack
set pptp disable windowing
set pptp enable incoming
set pptp disable originate
set iface mtu 1500
set link mtu 1500
load radius
radius:
set radius config /etc/radius.conf
set radius me 10.10.10.1
set radius retries 1
set radius timeout 5
set radius server 127.0.0.1 secret 1812 1813
set auth acct-update 300
set auth enable radius-auth
set auth enable radius-acct
Что делать?