Помогите.Mikrotik+UTM по радиусу, как соединить?

[parazit]

Всем приветы, пробую настраивать УТМ в связке с Микротиком, по нетфлоу вроде все нормально... и данные отсылаються и в отчетах все видно, но вот с радиусом эту парочку никак не могу подружить...
Прошу помощи у форумчан!
Спасибо, за ранее...

[MiO]

а в логах что пишет микротик и билинг?

[parazit]

биллинг выдал такое

Код: Выделить всё

?Debug &#58; Jul 08 11&#58;12&#58;58 AcctServer&#58; Acct-Start&#58; User <driver>
?Debug &#58; Jul 08 11&#58;12&#58;58 AcctServer&#58; Acct-Session-Time &#40;46&#41; not present in accounting packet.
?Debug &#58; Jul 08 11&#58;12&#58;58 AcctServer&#58; No h323-setup-time &#40;9, 25&#41; attribute in accountig start packet. Setting to NOW <1247029978>!
?Debug &#58; Jul 08 11&#58;12&#58;58 RADIUS DBA&#58; Info for login <driver> found. type <1>
?Debug &#58; Jul 08 11&#58;12&#58;58 RADIUS DBA&#58; info for user found. type <1> info addr <-1242554912>
?Debug &#58; Jul 08 11&#58;12&#58;58 RADIUS DBA&#58; search_user_info return info <-1242554912>
?Debug &#58; Jul 08 11&#58;12&#58;58 RADIUS DBA&#58; search_user_info return valid info
?Debug &#58; Jul 08 11&#58;12&#58;58 RADIUS DBA&#58; session_log_insert&#58; service_type <2>, setting default session timeout value
?Debug &#58; Jul 08 11&#58;12&#58;58 RADIUS IPPool&#58; Bind <c0a80002> &#58; <c0a80000>
?Debug &#58; Jul 08 11&#58;12&#58;58 RADIUS DBA&#58; Setting interim interval <0> for session id <8140004e>
?Debug &#58; Jul 08 11&#58;12&#58;58 RADIUS DBA&#58; Calling send_session_log_init_sync ...
?Debug &#58; Jul 08 11&#58;12&#58;58 RADIUS Stream&#91;plugin&#93;&#58; send_session_log_init_sync
?Debug &#58; Jul 08 11&#58;12&#58;58 RADIUS Stream&#91;plugin&#93;&#58; init log id <9>
?Debug &#58; Jul 08 11&#58;12&#58;58 AcctServer&#58; Reply packet dump&#58; RPacket&#58;
Code&#58; 5; ID&#58; 30

?Debug &#58; Jul 08 11&#58;12&#58;58 RadiusSocket&#58; Moving RADIUS packet into send queue
?Debug &#58; Jul 08 11&#58;12&#58;58 RadiusSocket&#58; RADIUS raw data sent
?Debug &#58; Jul 08 11&#58;12&#58;58 AcctServer&#58; Next...
?Debug &#58; Jul 08 11&#58;12&#58;58 RadiusSocket&#58; Waiting for RADIUS raw data
?Debug &#58; Jul 08 11&#58;12&#58;58 RADIUS Stream&#91;plugin&#93;&#58; Ping reply received
?Debug &#58; Jul 08 11&#58;12&#58;59 RadiusSocket&#58; RADIUS packet successfully received
?Debug &#58; Jul 08 11&#58;12&#58;59 RadiusSocket&#58; RADIUS raw data obtained
?Debug &#58; Jul 08 11&#58;12&#58;59 RADIUS Packet&#58; Size <187>; HDR.Size <187>
?Debug &#58; Jul 08 11&#58;12&#58;59 AcctServer&#58; Recv...
?Debug &#58; Jul 08 11&#58;12&#58;59 AcctServer&#58; Packet from <192.168.20.1> packet dump&#58; RPacket&#58;
Code&#58; 4; ID&#58; 31
<Vendor&#58; 0; Attr&#58; 1>&#91;6&#93;&#58; 647269766572
<Vendor&#58; 0; Attr&#58; 4>&#91;4&#93;&#58; c0a81401
<Vendor&#58; 0; Attr&#58; 5>&#91;4&#93;&#58; 0000005d
<Vendor&#58; 0; Attr&#58; 6>&#91;4&#93;&#58; 00000002
<Vendor&#58; 0; Attr&#58; 7>&#91;4&#93;&#58; 00000001
<Vendor&#58; 0; Attr&#58; 8>&#91;4&#93;&#58; c0a80002
<Vendor&#58; 0; Attr&#58; 30>&#91;11&#93;&#58; 3139322e3136382e302e31
<Vendor&#58; 0; Attr&#58; 31>&#91;13&#93;&#58; 3139322e3136382e302e323533
<Vendor&#58; 0; Attr&#58; 32>&#91;11&#93;&#58; 746573745f726f75746572
<Vendor&#58; 0; Attr&#58; 40>&#91;4&#93;&#58; 00000002
<Vendor&#58; 0; Attr&#58; 41>&#91;4&#93;&#58; 00000000
<Vendor&#58; 0; Attr&#58; 42>&#91;4&#93;&#58; 00000201
<Vendor&#58; 0; Attr&#58; 43>&#91;4&#93;&#58; 00000093
<Vendor&#58; 0; Attr&#58; 44>&#91;8&#93;&#58; 3831343030303465
<Vendor&#58; 0; Attr&#58; 45>&#91;4&#93;&#58; 00000001
<Vendor&#58; 0; Attr&#58; 46>&#91;4&#93;&#58; 00000001
<Vendor&#58; 0; Attr&#58; 47>&#91;4&#93;&#58; 0000000a
<Vendor&#58; 0; Attr&#58; 48>&#91;4&#93;&#58; 0000000a
<Vendor&#58; 0; Attr&#58; 49>&#91;4&#93;&#58; 00000009
<Vendor&#58; 0; Attr&#58; 52>&#91;4&#93;&#58; 00000000
<Vendor&#58; 0; Attr&#58; 53>&#91;4&#93;&#58; 00000000
<Vendor&#58; 0; Attr&#58; 55>&#91;4&#93;&#58; 4a5438a7
<Vendor&#58; 0; Attr&#58; 61>&#91;4&#93;&#58; 00000005

?Debug &#58; Jul 08 11&#58;12&#58;59 RADIUS DBA&#58; NAS found. Data size <0>
?Debug &#58; Jul 08 11&#58;12&#58;59 AcctServer&#58; Acct packet with session ID&#58; 8140004e
?Debug &#58; Jul 08 11&#58;12&#58;59 RADIUS DBA&#58; NAS found. Data size <0>
?Debug &#58; Jul 08 11&#58;12&#58;59 AcctServer&#58; Acct-Stop packet
?Debug &#58; Jul 08 11&#58;12&#58;59 RADIUS DBA&#58; Session erase ... login type <1>
?Debug &#58; Jul 08 11&#58;12&#58;59 RADIUS DBA&#58; login type login_pool or login_named_pool
?Debug &#58; Jul 08 11&#58;12&#58;59 RADIUS IPPool&#58; Released <c0a80002>
?Debug &#58; Jul 08 11&#58;12&#58;59 RADIUS Stream&#91;plugin&#93;&#58; finish log id <9>
?Debug &#58; Jul 08 11&#58;12&#58;59 AcctServer&#58; Reply packet dump&#58; RPacket&#58;
Code&#58; 5; ID&#58; 31

?Debug &#58; Jul 08 11&#58;12&#58;59 RadiusSocket&#58; Moving RADIUS packet into send queue
?Debug &#58; Jul 08 11&#58;12&#58;59 RadiusSocket&#58; RADIUS raw data sent
?Debug &#58; Jul 08 11&#58;12&#58;59 AcctServer&#58; Next...
?Debug &#58; Jul 08 11&#58;12&#58;59 RadiusSocket&#58; Waiting for RADIUS raw data
?Debug &#58; Jul 08 11&#58;13&#58;00 RADIUS Stream&#91;plugin&#93;&#58; Ping reply received
?Debug &#58; Jul 08 11&#58;13&#58;01 RADIUS Stream&#91;plugin&#93;&#58; Ping reply received
?Debug &#58; Jul 08 11&#58;13&#58;02 RADIUS Stream&#91;plugin&#93;&#58; Ping reply received
?Debug &#58; Jul 08 11&#58;13&#58;04 RADIUS Stream&#91;plugin&#93;&#58; Ping reply received
?Debug &#58; Jul 08 11&#58;13&#58;04 RADIUS Stream&#91;plugin&#93;&#58; Ping reply received
?Debug &#58; Jul 08 11&#58;13&#58;05 RADIUS Stream&#91;plugin&#93;&#58; Ping reply received
?Debug &#58; Jul 08 11&#58;13&#58;07 RADIUS Stream&#91;plugin&#93;&#58; Ping reply received
?Debug &#58; Jul 08 11&#58;13&#58;07 RADIUS DBA&#58; No interim update enabled session <7> found. Setting to default &#40;if enabled&#41;.
?Debug &#58; Jul 08 11&#58;13&#58;07 RADIUS Stream&#91;plugin&#93;&#58; Ping reply received
?Debug &#58; Jul 08 11&#58;13&#58;28 RADIUS Stream&#91;plugin&#93;&#58; Ping reply received
?Debug &#58; Jul 08 11&#58;13&#58;30 RADIUS Stream&#91;plugin&#93;&#58; Ping reply received
?Debug &#58; Jul 08 11&#58;13&#58;31 RADIUS Stream&#91;plugin&#93;&#58; Ping reply received
?Debug &#58; Jul 08 11&#58;13&#58;32 RADIUS Stream&#91;plugin&#93;&#58; Ping reply received
?Debug &#58; Jul 08 11&#58;13&#58;34 RADIUS Stream&#91;plugin&#93;&#58; Ping reply received

[parazit]

вроде сделал...могу авторизовать пользователя...но вот проблема на микротике в адрес листе не создает allow_ip...и не считает трафик этому пользователю...

[icenet]

проверь правила в ЮТМ админке

/ip firewall address-list add address=UIP list=allow_ip comment=UID

/ip firewall address-list remove [find comment=UID]


И на микротике группе выставь права
read
test
write
ssh

[parazit]

спасибочки заработало после того как добавил юзеру test

[sclif]

То же бьюсь не могу подружить mikrotik+pppoe c radius utm
Вообще начал с utm5-1.10-017 связалось нормально.
Сделал услугу Коммутируемый доступ, указал имя и пароль. Все нормально связалось. Добавил radius атрибут на NAS и получилось нарезать скорость 64k. Стал ставить больше 64k начались глюки.
Затем решил соединить с 5.2.1-006.
Собрать ту же схему не получилось.
вот сообщение в логах radius
?Debug : Jul 09 13:37:38 RADIUS DBA: NAS found. Data size <0>
ERROR : Jul 09 13:37:38 AcctServer: No Acct-Status-Type or Session-Id attribute in packet !
ERROR : Jul 09 13:37:38 AcctServer: Error! (74)
?
-- при авторизации пользователя
?Debug : Jul 09 13:59:47 AuthServer: User <333> connecting
?Debug : Jul 09 13:59:47 AuthServer: Session for sessionid <333> not found in <NAS_IP> cache
?Debug : Jul 09 13:59:47 RADIUS DBA: Info for login <333> found. type <2>
?Debug : Jul 09 13:59:47 RADIUS DBA: login_store iter->second.dialup.session_count:0
?Debug : Jul 09 13:59:47 AuthServer: Auth scheme: MS-CHAPv2
?Debug : Jul 09 13:59:47 AuthServer: MS-CHAPv2: Authorized user <333>
?Debug : Jul 09 13:59:47 AuthServer: MS-CHAPv2: MPPE Keys send
?Debug : Jul 09 13:59:47 AuthServer: Not-Callback for link <2120> is not enabled, user=<333>
?Debug : Jul 09 13:59:47 AuthServer: Calling fill radius attributes for NAS. Attr storage size <0>
Notice: Jul 09 13:59:47 AuthServer: Login incorrect <333> from NAS <NAS_IP> CLID <pppoe1> Calling-station <00:A0:CC:D4:9C:22>
Notice: Jul 09 13:59:47 AuthServer: Authorization failed for user <333>

Бился долго, но с услугой коммутируемый доступ не получилось. Решил создать услугу передача IP-трафика, тогда произошло соединение. Но тут одно не удобство надо каждому сидеть писать IP статичный.

Самое странное что к услуге hotspot то же нормально цепляется.
Параметры radius выдает только на услуге передача IP-трафика.

В чем проблема, может кто знает секретный код для прохождения квеста.

[stealth]

У меня почему то тоже не авторизует клиента подключающегося к NAS Mikrotik . Ошибка 691 в результате.
Логи микротика:

Код: Выделить всё

13:44:18 pptp,info TCP connection established from 192.168.19.2 
13&#58;44&#58;18 pptp,ppp,info <pptp-0>&#58; waiting for call... 
13&#58;44&#58;18 pptp,ppp,debug <192.168.19.2>&#58; LCP lowerup 
13&#58;44&#58;18 pptp,ppp,debug <192.168.19.2>&#58; LCP open 
13&#58;44&#58;18 pptp,ppp,debug,packet  <192.168.19.2>&#58; rcvd LCP ConfReq id=0x0 
13&#58;44&#58;18 pptp,ppp,debug,packet    <mru 1400> 
13&#58;44&#58;18 pptp,ppp,debug,packet    <magic 0x1b2be51c> 
13&#58;44&#58;18 pptp,ppp,debug,packet    <pcomp> 
13&#58;44&#58;18 pptp,ppp,debug,packet    <accomp> 
13&#58;44&#58;18 pptp,ppp,debug,packet    <callback 0x06> 
13&#58;44&#58;18 pptp,ppp,debug,packet  <192.168.19.2>&#58; sent LCP ConfReq id=0x1 
13&#58;44&#58;18 pptp,ppp,debug,packet    <mru 1460> 
13&#58;44&#58;18 pptp,ppp,debug,packet    <magic 0x180b8bde> 
13&#58;44&#58;18 pptp,ppp,debug,packet    <auth  mschap2> 
13&#58;44&#58;18 pptp,ppp,debug,packet  <192.168.19.2>&#58; sent LCP ConfRej id=0x0 
13&#58;44&#58;18 pptp,ppp,debug,packet    <pcomp> 
13&#58;44&#58;18 pptp,ppp,debug,packet    <accomp> 
13&#58;44&#58;18 pptp,ppp,debug,packet  <192.168.19.2>&#58; rcvd LCP ConfNak id=0x1 
13&#58;44&#58;18 pptp,ppp,debug,packet    <auth  chap> 
13&#58;44&#58;18 pptp,ppp,debug,packet  <192.168.19.2>&#58; sent LCP ConfReq id=0x2 
13&#58;44&#58;18 pptp,ppp,debug,packet    <mru 1460> 
13&#58;44&#58;18 pptp,ppp,debug,packet    <magic 0x180b8bde> 
13&#58;44&#58;18 pptp,ppp,debug,packet    <auth  mschap> 
13&#58;44&#58;18 pptp,ppp,debug,packet  <192.168.19.2>&#58; rcvd LCP ConfReq id=0x1 
13&#58;44&#58;18 pptp,ppp,debug,packet    <mru 1400> 
13&#58;44&#58;18 pptp,ppp,debug,packet    <magic 0x1b2be51c> 
13&#58;44&#58;18 pptp,ppp,debug,packet    <callback 0x06> 
13&#58;44&#58;18 pptp,ppp,debug,packet  <192.168.19.2>&#58; sent LCP ConfAck id=0x1 
13&#58;44&#58;18 pptp,ppp,debug,packet    <mru 1400> 
13&#58;44&#58;18 pptp,ppp,debug,packet    <magic 0x1b2be51c> 
13&#58;44&#58;18 pptp,ppp,debug,packet    <callback 0x06> 
13&#58;44&#58;18 pptp,ppp,debug,packet  <192.168.19.2>&#58; rcvd LCP ConfNak id=0x2 
13&#58;44&#58;18 pptp,ppp,debug,packet    <auth  chap> 
13&#58;44&#58;18 pptp,ppp,debug,packet  <192.168.19.2>&#58; sent LCP ConfReq id=0x3 
13&#58;44&#58;18 pptp,ppp,debug,packet    <mru 1460> 
13&#58;44&#58;18 pptp,ppp,debug,packet    <magic 0x180b8bde> 
13&#58;44&#58;18 pptp,ppp,debug,packet    <auth  chap> 
13&#58;44&#58;18 pptp,ppp,debug,packet  <192.168.19.2>&#58; rcvd LCP ConfAck id=0x3 
13&#58;44&#58;18 pptp,ppp,debug,packet    <mru 1460> 
13&#58;44&#58;18 pptp,ppp,debug,packet    <magic 0x180b8bde> 
13&#58;44&#58;18 pptp,ppp,debug,packet    <auth  chap> 
13&#58;44&#58;18 pptp,ppp,debug <192.168.19.2>&#58; LCP opened 
13&#58;44&#58;18 pptp,ppp,debug,packet  <192.168.19.2>&#58; sent CHAP Challenge id=0x1 
13&#58;44&#58;18 pptp,ppp,debug,packet     <challenge len=10> 
13&#58;44&#58;18 pptp,ppp,debug,packet     <name T-REX_junior> 
13&#58;44&#58;18 pptp,ppp,debug,packet  <192.168.19.2>&#58; rcvd LCP Ident id=0x2 
13&#58;44&#58;18 pptp,ppp,debug,packet     <magic 0x1b2be51c> 
13&#58;44&#58;18 pptp,ppp,debug,packet     MSRASV5.10 
13&#58;44&#58;18 pptp,ppp,debug,packet  <192.168.19.2>&#58; rcvd LCP Ident id=0x3 
13&#58;44&#58;18 pptp,ppp,debug,packet     <magic 0x1b2be51c> 
13&#58;44&#58;18 pptp,ppp,debug,packet     MSRAS-0-IGOR 
13&#58;44&#58;18 pptp,ppp,debug,packet  <192.168.19.2>&#58; rcvd CHAP Response id=0x1 
13&#58;44&#58;18 pptp,ppp,debug,packet     <response len=10> 
13&#58;44&#58;18 pptp,ppp,debug,packet     <name 12345> 
13&#58;44&#58;18 pptp,ppp,debug,packet  <192.168.19.2>&#58; sent CHAP Failure id=0x1 
13&#58;44&#58;18 pptp,ppp,debug,packet     bad username or password 
13&#58;44&#58;18 pptp,ppp,debug <192.168.19.2>&#58; peer authentication failed for remote host 
13&#58;44&#58;18 pptp,ppp,debug <192.168.19.2>&#58; LCP close 
13&#58;44&#58;18 pptp,ppp,debug <192.168.19.2>&#58; LCP closed 
13&#58;44&#58;18 pptp,ppp,debug,packet  <192.168.19.2>&#58; sent LCP TermReq id=0x4 
13&#58;44&#58;18 pptp,ppp,debug,packet     user 12345 authentication failed - radius timeout 
13&#58;44&#58;18 pptp,ppp,debug,packet  <192.168.19.2>&#58; rcvd LCP TermAck id=0x4 
13&#58;44&#58;18 pptp,ppp,debug,packet     user 12345 authentication failed - radius timeout 
13&#58;44&#58;18 pptp,ppp,debug <192.168.19.2>&#58; LCP lowerdown 
13&#58;44&#58;18 pptp,ppp,info <pptp-0>&#58; terminating... - user 12345 authentication failed - radius timeout 
13&#58;44&#58;18 pptp,ppp,debug <192.168.19.2>&#58; LCP lowerdown 
13&#58;44&#58;18 pptp,ppp,debug <192.168.19.2>&#58; LCP down event in initial state 
13&#58;44&#58;18 pptp,ppp,info <pptp-0>&#58; disconnected

tcpdump port 1812 radius-сервер :

Код: Выделить всё

13:44:18.295881 IP 192.168.0.6.58478 > 191.168.77.2.radius: RADIUS, Access Request (1), id: 0x23 length: 136
13:44:18.331890 IP 192.168.0.6.58478 > 191.168.77.2.radius: RADIUS, Access Request (1), id: 0x23 length: 136
13:44:18.371889 IP 192.168.0.6.58478 > 191.168.77.2.radius: RADIUS, Access Request (1), id: 0x23 length: 136

Лог radius'a

Код: Выделить всё

Notice&#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Login OK <12345> from NAS <192.168.0.6> CLID <192.168.19.1>                             
Warn  &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Unable to claim IP&#58; No such file or directory
Notice&#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Login incorrect <12345> from NAS <192.168.0.6> CLID <192.168.19.1>
Notice&#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Authorization failed for user <12345>
Warn  &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Unable to claim IP&#58; No such file or directory
Notice&#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Login incorrect <12345> from NAS <192.168.0.6> CLID <192.168.19.1> 
Notice&#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Authorization failed for user <12345>                                                   
 

Debug лог radius'a :

Код: Выделить всё

?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Packet from NAS <192.168.0.6>
?Debug &#58; Jul 10 13&#58;44&#58;18 RADIUS DBA&#58; NAS found. Data size <0>
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Packet from <192.168.0.6> packet dump&#58; RPacket&#58;
Code&#58; 1; ID&#58; 35
<Vendor&#58; 0; Attr&#58; 1>&#91;5&#93;&#58; 3132333435
<Vendor&#58; 0; Attr&#58; 3>&#91;17&#93;&#58; 01857c5fe7558c971a607222c4a72810de
<Vendor&#58; 0; Attr&#58; 4>&#91;4&#93;&#58; c0a80006
<Vendor&#58; 0; Attr&#58; 5>&#91;4&#93;&#58; 0000013a
<Vendor&#58; 0; Attr&#58; 6>&#91;4&#93;&#58; 00000002
<Vendor&#58; 0; Attr&#58; 7>&#91;4&#93;&#58; 00000001
<Vendor&#58; 0; Attr&#58; 30>&#91;12&#93;&#58; 3139322e3136382e31392e31
<Vendor&#58; 0; Attr&#58; 31>&#91;12&#93;&#58; 3139322e3136382e31392e32
<Vendor&#58; 0; Attr&#58; 32>&#91;12&#93;&#58; 542d5245585f6a756e696f72
<Vendor&#58; 0; Attr&#58; 60>&#91;16&#93;&#58; 8a7d3592d8e469d649fda6bafdd34859
<Vendor&#58; 0; Attr&#58; 61>&#91;4&#93;&#58; 00000005
 
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; User <12345> connecting
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Session for sessionid <12345> not found in <192.168.0.6> cache
?Debug &#58; Jul 10 13&#58;44&#58;18 RADIUS DBA&#58; Info for login <12345> found. type <1>
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Auth scheme&#58; CHAP
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; CHAP&#58; Challenge size&#58; 16
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; CHAP&#58; Authorized user <12345>
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; IP claimed&#58; 0xc0a80003 &#40;<192.168.0.3>&#41;
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Calling fill radius attributes for service. Attr storage size <0>
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Calling fill radius attributes for slink. Attr storage size <0>
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Calling fill radius attributes for NAS. Attr storage size <0>
 Notice&#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Login OK <12345> from NAS <192.168.0.6> CLID <192.168.19.1>
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Setting interim update interval from config
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Auth reply&#58; RPacket&#58;
Code&#58; 2; ID&#58; 35
<Vendor&#58; 0; Attr&#58; 6>&#91;4&#93;&#58; 00000002
<Vendor&#58; 0; Attr&#58; 7>&#91;4&#93;&#58; 00000001
<Vendor&#58; 0; Attr&#58; 8>&#91;4&#93;&#58; c0a80003
<Vendor&#58; 0; Attr&#58; 9>&#91;4&#93;&#58; ffffffff
<Vendor&#58; 0; Attr&#58; 10>&#91;4&#93;&#58; 00000000
<Vendor&#58; 0; Attr&#58; 27>&#91;4&#93;&#58; 00015180
<Vendor&#58; 0; Attr&#58; 85>&#91;4&#93;&#58; 0000003e

?Debug &#58; Jul 10 13&#58;44&#58;18 RADIUS Packet&#58; raw data constructed! size <62>
?Debug &#58; Jul 10 13&#58;44&#58;18 RadiusSocket&#58; Moving RADIUS packet into send queue
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Next...
?Trace &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Process loop step
?Debug &#58; Jul 10 13&#58;44&#58;18 RadiusSocket&#58; Waiting for RADIUS raw data
?Debug &#58; Jul 10 13&#58;44&#58;18 RadiusSocket&#58; RADIUS packet successfully received
?Debug &#58; Jul 10 13&#58;44&#58;18 RadiusSocket&#58; RADIUS raw data sent
?Debug &#58; Jul 10 13&#58;44&#58;18 RadiusSocket&#58; RADIUS raw data obtained
?Debug &#58; Jul 10 13&#58;44&#58;18 RADIUS Packet&#58; Size <136>; HDR.Size <136>
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Recv...
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Packet from NAS <192.168.0.6>
?Debug &#58; Jul 10 13&#58;44&#58;18 RADIUS DBA&#58; NAS found. Data size <0>
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Packet from <192.168.0.6> packet dump&#58; RPacket&#58;
Code&#58; 1; ID&#58; 35
<Vendor&#58; 0; Attr&#58; 1>&#91;5&#93;&#58; 3132333435
<Vendor&#58; 0; Attr&#58; 3>&#91;17&#93;&#58; 01857c5fe7558c971a607222c4a72810de
<Vendor&#58; 0; Attr&#58; 4>&#91;4&#93;&#58; c0a80006
<Vendor&#58; 0; Attr&#58; 5>&#91;4&#93;&#58; 0000013a
<Vendor&#58; 0; Attr&#58; 6>&#91;4&#93;&#58; 00000002
<Vendor&#58; 0; Attr&#58; 7>&#91;4&#93;&#58; 00000001
<Vendor&#58; 0; Attr&#58; 30>&#91;12&#93;&#58; 3139322e3136382e31392e31
<Vendor&#58; 0; Attr&#58; 31>&#91;12&#93;&#58; 3139322e3136382e31392e32
<Vendor&#58; 0; Attr&#58; 32>&#91;12&#93;&#58; 542d5245585f6a756e696f72
<Vendor&#58; 0; Attr&#58; 60>&#91;16&#93;&#58; 8a7d3592d8e469d649fda6bafdd34859
<Vendor&#58; 0; Attr&#58; 61>&#91;4&#93;&#58; 00000005
 
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; User <12345> connecting
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Session for sessionid <12345> not found in <192.168.0.6> cache
?Debug &#58; Jul 10 13&#58;44&#58;18 RADIUS DBA&#58; Info for login <12345> found. type <1>
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Auth scheme&#58; CHAP
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; CHAP&#58; Challenge size&#58; 16
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; CHAP&#58; Authorized user <12345>
 Warn  &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Unable to claim IP&#58; No such file or directory
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Calling fill radius attributes for NAS. Attr storage size <0>
 Notice&#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Login incorrect <12345> from NAS <192.168.0.6> CLID <192.168.19.1>
 Notice&#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Authorization failed for user <12345>
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Auth reply&#58; RPacket&#58;
Code&#58; 3; ID&#58; 35
<Vendor&#58; 0; Attr&#58; 18>&#91;21&#93;&#58; 417574686f72697a6174696f6e206661696c65642e

?Debug &#58; Jul 10 13&#58;44&#58;18 RADIUS Packet&#58; raw data constructed! size <43>
?Debug &#58; Jul 10 13&#58;44&#58;18 RadiusSocket&#58; Moving RADIUS packet into send queue
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Next...
?Trace &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Process loop step
?Debug &#58; Jul 10 13&#58;44&#58;18 RadiusSocket&#58; Waiting for RADIUS raw data
?Debug &#58; Jul 10 13&#58;44&#58;18 RadiusSocket&#58; RADIUS packet successfully received
?Debug &#58; Jul 10 13&#58;44&#58;18 RadiusSocket&#58; RADIUS raw data sent
?Debug &#58; Jul 10 13&#58;44&#58;18 RadiusSocket&#58; RADIUS raw data obtained
?Debug &#58; Jul 10 13&#58;44&#58;18 RADIUS Packet&#58; Size <136>; HDR.Size <136>
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Recv...
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Packet from NAS <192.168.0.6>
?Debug &#58; Jul 10 13&#58;44&#58;18 RADIUS DBA&#58; NAS found. Data size <0>
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Packet from <192.168.0.6> packet dump&#58; RPacket&#58;
Code&#58; 1; ID&#58; 35
<Vendor&#58; 0; Attr&#58; 1>&#91;5&#93;&#58; 3132333435
<Vendor&#58; 0; Attr&#58; 3>&#91;17&#93;&#58; 01857c5fe7558c971a607222c4a72810de
<Vendor&#58; 0; Attr&#58; 4>&#91;4&#93;&#58; c0a80006
<Vendor&#58; 0; Attr&#58; 5>&#91;4&#93;&#58; 0000013a
<Vendor&#58; 0; Attr&#58; 6>&#91;4&#93;&#58; 00000002
<Vendor&#58; 0; Attr&#58; 7>&#91;4&#93;&#58; 00000001
<Vendor&#58; 0; Attr&#58; 30>&#91;12&#93;&#58; 3139322e3136382e31392e31
<Vendor&#58; 0; Attr&#58; 31>&#91;12&#93;&#58; 3139322e3136382e31392e32
<Vendor&#58; 0; Attr&#58; 32>&#91;12&#93;&#58; 542d5245585f6a756e696f72
<Vendor&#58; 0; Attr&#58; 60>&#91;16&#93;&#58; 8a7d3592d8e469d649fda6bafdd34859
<Vendor&#58; 0; Attr&#58; 61>&#91;4&#93;&#58; 00000005
 
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; User <12345> connecting
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Session for sessionid <12345> not found in <192.168.0.6> cache
?Debug &#58; Jul 10 13&#58;44&#58;18 RADIUS DBA&#58; Info for login <12345> found. type <1>
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Auth scheme&#58; CHAP
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; CHAP&#58; Challenge size&#58; 16
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; CHAP&#58; Authorized user <12345>
 Warn  &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Unable to claim IP&#58; No such file or directory
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Calling fill radius attributes for NAS. Attr storage size <0>
 Notice&#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Login incorrect <12345> from NAS <192.168.0.6> CLID <192.168.19.1>
 Notice&#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Authorization failed for user <12345>
?Debug &#58; Jul 10 13&#58;44&#58;18 AuthServer&#58; Auth reply&#58; RPacket&#58;
Code&#58; 3; ID&#58; 35
<Vendor&#58; 0; Attr&#58; 18>&#91;21&#93;&#58; 417574686f72697a6174696f6e206661696c65642e

Клиент обыкновенный windows xp, авторизация только chap.
При смене NASa на другой работающий под mpd5 на другой машине -все проходит замечательно.
Смущает тройной запрос авторизации. на какой уй и откуда- не понятно, перерыл кажется все...

[sclif]

Есть ли такие счаствличики кто смог соединить utm5 и mikrotik с pppoe?
Напишите версию utm5.

[icenet]

13:44:18.295881 IP 192.168.0.6.58478 > 191.168.77.2.radius: RADIUS, Access Request (1), id: 0x23 length: 136
13:44:18.331890 IP 192.168.0.6.58478 > 191.168.77.2.radius: RADIUS, Access Request (1), id: 0x23 length: 136
13:44:18.371889 IP 192.168.0.6.58478 > 191.168.77.2.radius: RADIUS, Access Request (1), id: 0x23 length: 136

191.168.77.2 знает откуда в обратку ему тащиться на 192.168.0.6?

[parazit]

насчет ппое не знаю но пптп успешно соединил не думаю что там большая разница...пока не забыл можешь стукнуть в аську чем смогу-помогу

[stealth]

13:44:18.295881 IP 192.168.0.6.58478 > 191.168.77.2.radius: RADIUS, Access Request (1), id: 0x23 length: 136
13:44:18.331890 IP 192.168.0.6.58478 > 191.168.77.2.radius: RADIUS, Access Request (1), id: 0x23 length: 136
13:44:18.371889 IP 192.168.0.6.58478 > 191.168.77.2.radius: RADIUS, Access Request (1), id: 0x23 length: 136

191.168.77.2 знает откуда в обратку ему тащиться на 192.168.0.6?

Знает разумеется- достижимость в один хоп. Почему упорно не отвечает- не понятно. Не требуются же какие то специально указывать Radius-параметры для NASa ?

[sclif]

После мозгового штурма биллинг сдался прикинте!
Для авторизации по pppoe нужно создать тариф в котором две услуги
коммутируемый доступ и передача Ip траффика. В обоих услугах я поставил Динамическое распределение IP. Затем прикрутив эти услуги к пользователю в передача Ip трафика пишу фиктивный IP и все. В услуге коммутируемый доступ прописываю имя и пароль и галку ringdown. Ну и все заработало, что на mikrotik, что на cisco.
Пока не получилось разорвать pppoe ссесию придется видимо через ssh это делать.

Вопрос такой где это описано в документации!!!