utm5 5.3 радиус не авторизует
-
- Сообщения: 57
- Зарегистрирован: Чт авг 03, 2006 09:36
utm5 5.3 радиус не авторизует
Добрый день.
Поставил на тестовый сервер версию 5.3, настроил тестовый NAC cisco 2811.
radius не авторизует, причем если эту же кошку перенастраиваю на старый радиус, то все в норме.
пользователи и баланс в базах одинаковые
В чем может быть проблема?
вот лог радиуса
?Debug : Sep 10 16:53:56 288aa140 AuthQueue: New request from 10.3.4.70:1645
--- RADIUS Pkt ---
Code: [1] ID: [-18]
Auth: Size 16; Data [0xa93505a1dd4892119cd72ef08aeffa16]
Attr: [1] Vendor: [9] Size 33; Data [0x636c69656e742d6d61632d616464726573733d303030642e353666622e30626330]
(Cisco:Cisco-AVPair=STRING:client-mac-address=000d.56fb.0bc0)
Attr: [7] Vendor: [0] Size 4; Data [0x00000001]
(Framed-Protocol=INT:1)
Attr: [1] Vendor: [0] Size 2; Data [0x7073]
(User-Name=STRING:ps)
Attr: [3] Vendor: [0] Size 17; Data [0x01f74ba84762fb137074d6a3e88b477f32]
(CHAP-Password=HEX:...)
Attr: [61] Vendor: [0] Size 4; Data [0x00000005]
(NAS-Port-Type=INT:5)
Attr: [5] Vendor: [0] Size 4; Data [0x00000000]
(NAS-Port=INT:0)
Attr: [87] Vendor: [0] Size 7; Data [0x302f302f302f30]
(NAS-Port-Id=STRING:0/0/0/0)
Attr: [6] Vendor: [0] Size 4; Data [0x00000002]
(Service-Type=INT:2)
Attr: [4] Vendor: [0] Size 4; Data [0x0a030446]
(NAS-IP-Address=IP:10.3.4.70)
?Debug : Sep 10 16:53:56 288aa140 AuthQueue: Login 'ps'
?Debug : Sep 10 16:53:56 288aa140 AuthQueue: Using CHAP authentication method
?Debug : Sep 10 16:53:56 288aa140 UserRegistrationManager: Card user registration is not enabled
ERROR : Sep 10 16:53:56 288aa140 AuthMethodCHAP: Login not found, rejecting
?Debug : Sep 10 16:53:56 288aa140 AuthQueue: Guest authorization is not enabled
ERROR : Sep 10 16:53:56 288aa140 AuthQueue: CHAP authentication failed
?Debug : Sep 10 16:53:56 288aa140 AcctQueue: lookup: session ID 3 closed
?Debug : Sep 10 16:53:56 288aa140 SessionManager: put: sessiond ID 3 from NAS 66 is closed
?Debug : Sep 10 16:53:56 288aa140 AuthQueue: Reply
--- RADIUS Pkt ---
Code: [3] ID: [-18]
Auth: Size 16; Data [0xa93505a1dd4892119cd72ef08aeffa16]
Поставил на тестовый сервер версию 5.3, настроил тестовый NAC cisco 2811.
radius не авторизует, причем если эту же кошку перенастраиваю на старый радиус, то все в норме.
пользователи и баланс в базах одинаковые
В чем может быть проблема?
вот лог радиуса
?Debug : Sep 10 16:53:56 288aa140 AuthQueue: New request from 10.3.4.70:1645
--- RADIUS Pkt ---
Code: [1] ID: [-18]
Auth: Size 16; Data [0xa93505a1dd4892119cd72ef08aeffa16]
Attr: [1] Vendor: [9] Size 33; Data [0x636c69656e742d6d61632d616464726573733d303030642e353666622e30626330]
(Cisco:Cisco-AVPair=STRING:client-mac-address=000d.56fb.0bc0)
Attr: [7] Vendor: [0] Size 4; Data [0x00000001]
(Framed-Protocol=INT:1)
Attr: [1] Vendor: [0] Size 2; Data [0x7073]
(User-Name=STRING:ps)
Attr: [3] Vendor: [0] Size 17; Data [0x01f74ba84762fb137074d6a3e88b477f32]
(CHAP-Password=HEX:...)
Attr: [61] Vendor: [0] Size 4; Data [0x00000005]
(NAS-Port-Type=INT:5)
Attr: [5] Vendor: [0] Size 4; Data [0x00000000]
(NAS-Port=INT:0)
Attr: [87] Vendor: [0] Size 7; Data [0x302f302f302f30]
(NAS-Port-Id=STRING:0/0/0/0)
Attr: [6] Vendor: [0] Size 4; Data [0x00000002]
(Service-Type=INT:2)
Attr: [4] Vendor: [0] Size 4; Data [0x0a030446]
(NAS-IP-Address=IP:10.3.4.70)
?Debug : Sep 10 16:53:56 288aa140 AuthQueue: Login 'ps'
?Debug : Sep 10 16:53:56 288aa140 AuthQueue: Using CHAP authentication method
?Debug : Sep 10 16:53:56 288aa140 UserRegistrationManager: Card user registration is not enabled
ERROR : Sep 10 16:53:56 288aa140 AuthMethodCHAP: Login not found, rejecting
?Debug : Sep 10 16:53:56 288aa140 AuthQueue: Guest authorization is not enabled
ERROR : Sep 10 16:53:56 288aa140 AuthQueue: CHAP authentication failed
?Debug : Sep 10 16:53:56 288aa140 AcctQueue: lookup: session ID 3 closed
?Debug : Sep 10 16:53:56 288aa140 SessionManager: put: sessiond ID 3 from NAS 66 is closed
?Debug : Sep 10 16:53:56 288aa140 AuthQueue: Reply
--- RADIUS Pkt ---
Code: [3] ID: [-18]
Auth: Size 16; Data [0xa93505a1dd4892119cd72ef08aeffa16]
-
- Сообщения: 57
- Зарегистрирован: Чт авг 03, 2006 09:36
-
- Сообщения: 57
- Зарегистрирован: Чт авг 03, 2006 09:36
проблема исправлена?
Version:5.3-004-update3-centos7_x64 Rev #16134
а то у меня вылезла такая картина
Dec 22 17:51:33 ?Debug : 9eece700 AuthQueue: New request from 31.148.6.2:34882
--- RADIUS Pkt ---
Code: [1] ID: [-58]
Auth: Size 16; Data [0xec9e3d601ffc018e6e2727e2dea25214]
Attr: [6] Vendor: [0] Size 4; Data [0x00000002]
(Service-Type=INT:2)
Attr: [7] Vendor: [0] Size 4; Data [0x00000001]
(Framed-Protocol=INT:1)
Attr: [5] Vendor: [0] Size 4; Data [0x00f1e286]
(NAS-Port=INT:15852166)
Attr: [61] Vendor: [0] Size 4; Data [0x00000005]
(NAS-Port-Type=INT:5)
Attr: [1] Vendor: [0] Size 8; Data [0x737461726368696b]
(User-Name=STRING:starchik)
Attr: [31] Vendor: [0] Size 12; Data [0x33312e3134382e362e313330]
(Calling-Station-Id=STRING:31.148.6.130)
Attr: [30] Vendor: [0] Size 10; Data [0x33312e3134382e362e32]
(Called-Station-Id=STRING:31.148.6.2)
Attr: [60] Vendor: [0] Size 16; Data [0x3f3c747ecd1342b75e2888de6b05bd10]
(CHAP-Challenge=HEX:...)
Attr: [3] Vendor: [0] Size 17; Data [0x01644be521c08a328d18bce0b7ee75f362]
(CHAP-Password=HEX:...)
Attr: [32] Vendor: [0] Size 12; Data [0x76706e2e666f6b6b732e7275]
(NAS-Identifier=STRING:vpn.fokks.ru)
Attr: [4] Vendor: [0] Size 4; Data [0x1f940602]
(NAS-IP-Address=IP:31.148.6.2)
Dec 22 17:51:33 ?Debug : 9eece700 AuthQueue: Login 'starchik'
Dec 22 17:51:33 ?Debug : 9eece700 AuthQueue: Using CHAP authentication method
Dec 22 17:51:33 ERROR : 9eece700 AuthMethodCHAP: Login not found, rejecting
Dec 22 17:51:33 ERROR : 9eece700 AuthQueue: CHAP authentication failed
Dec 22 17:51:33 ?Debug : 9eece700 AcctQueue: lookup: session ID 18920 closed
Dec 22 17:51:33 ?Debug : 9eece700 SessionManager: put: sessiond ID 18920 from NAS 9 is closed
Dec 22 17:51:33 Info : 9eece700 AuthQueue: authorization request from 31.148.6.2:34882 failed
Dec 22 17:51:33 ?Debug : 9eece700 AuthQueue: Reply
--- RADIUS Pkt ---
Code: [3] ID: [-58]
Auth: Size 16; Data [0xec9e3d601ffc018e6e2727e2dea25214]
Attr: [103] Vendor: [9] Size 19; Data [0x683332332d72657475726e2d636f64653d2d31]
(Cisco:h323-return-code=STRING:h323-return-code=-1)
после ребутая ядра. авторизация vpn пользователей не проходит. баланс положительный, логин и пароль правильные.
что может быть?
Version:5.3-004-update3-centos7_x64 Rev #16134
а то у меня вылезла такая картина
Dec 22 17:51:33 ?Debug : 9eece700 AuthQueue: New request from 31.148.6.2:34882
--- RADIUS Pkt ---
Code: [1] ID: [-58]
Auth: Size 16; Data [0xec9e3d601ffc018e6e2727e2dea25214]
Attr: [6] Vendor: [0] Size 4; Data [0x00000002]
(Service-Type=INT:2)
Attr: [7] Vendor: [0] Size 4; Data [0x00000001]
(Framed-Protocol=INT:1)
Attr: [5] Vendor: [0] Size 4; Data [0x00f1e286]
(NAS-Port=INT:15852166)
Attr: [61] Vendor: [0] Size 4; Data [0x00000005]
(NAS-Port-Type=INT:5)
Attr: [1] Vendor: [0] Size 8; Data [0x737461726368696b]
(User-Name=STRING:starchik)
Attr: [31] Vendor: [0] Size 12; Data [0x33312e3134382e362e313330]
(Calling-Station-Id=STRING:31.148.6.130)
Attr: [30] Vendor: [0] Size 10; Data [0x33312e3134382e362e32]
(Called-Station-Id=STRING:31.148.6.2)
Attr: [60] Vendor: [0] Size 16; Data [0x3f3c747ecd1342b75e2888de6b05bd10]
(CHAP-Challenge=HEX:...)
Attr: [3] Vendor: [0] Size 17; Data [0x01644be521c08a328d18bce0b7ee75f362]
(CHAP-Password=HEX:...)
Attr: [32] Vendor: [0] Size 12; Data [0x76706e2e666f6b6b732e7275]
(NAS-Identifier=STRING:vpn.fokks.ru)
Attr: [4] Vendor: [0] Size 4; Data [0x1f940602]
(NAS-IP-Address=IP:31.148.6.2)
Dec 22 17:51:33 ?Debug : 9eece700 AuthQueue: Login 'starchik'
Dec 22 17:51:33 ?Debug : 9eece700 AuthQueue: Using CHAP authentication method
Dec 22 17:51:33 ERROR : 9eece700 AuthMethodCHAP: Login not found, rejecting
Dec 22 17:51:33 ERROR : 9eece700 AuthQueue: CHAP authentication failed
Dec 22 17:51:33 ?Debug : 9eece700 AcctQueue: lookup: session ID 18920 closed
Dec 22 17:51:33 ?Debug : 9eece700 SessionManager: put: sessiond ID 18920 from NAS 9 is closed
Dec 22 17:51:33 Info : 9eece700 AuthQueue: authorization request from 31.148.6.2:34882 failed
Dec 22 17:51:33 ?Debug : 9eece700 AuthQueue: Reply
--- RADIUS Pkt ---
Code: [3] ID: [-58]
Auth: Size 16; Data [0xec9e3d601ffc018e6e2727e2dea25214]
Attr: [103] Vendor: [9] Size 19; Data [0x683332332d72657475726e2d636f64653d2d31]
(Cisco:h323-return-code=STRING:h323-return-code=-1)
после ребутая ядра. авторизация vpn пользователей не проходит. баланс положительный, логин и пароль правильные.
что может быть?