交流 › RouterOS › freeradius对连ros问题

iapexli 发表于 2012-10-8 16:25:23

freeradius对连ros问题

ros 5.20， radius manager 3.9 密钥和ros设置一直并指向ros ipros建立ppoe ros radius ip指向freeradius ip    ros secrect 选中 ros中配置确定没有错误

问题：

      在RADIUS 服务状态: RADIUSD运行   为什么在 radius manager 建立帐号无法登陆 只有在 ros secret 中建立的帐号才能登陆？

radius.log

Tue Oct9 00:09:04 2012 : Info: Exiting normally.
Tue Oct9 00:09:07 2012 : Info: Loaded virtual server <default>
Tue Oct9 00:09:07 2012 : Info: Loaded virtual server inner-tunnel
Tue Oct9 00:09:07 2012 : Info: Ready to process requests.

# cat detail-20121008
Mon Oct8 23:02:21 2012
      Acct-Status-Type = Accounting-On
      NAS-Identifier = "MikroTik"
      Acct-Delay-Time = 0
      NAS-IP-Address = 172.17.0.1
      Acct-Unique-Session-Id = "ef14a4b788058783"
      Timestamp = 1349708541

sql.conf 配置如下：
sql {
      database = "mysql"
      driver = "rlm_sql_${database}"
      server = "localhost"
      login = "radius"
      password = "radpass"
      radius_db = "radius"
      acct_table1 = "radacct"
      acct_table2 = "radacct"
      postauth_table = "radpostauth"
      authcheck_table = "radcheck"
      authreply_table = "radreply"
      groupcheck_table = "radgroupcheck"
      groupreply_table = "radgroupreply"
      usergroup_table = "radusergroup"
      deletestalesessions = yes
      sqltrace = no
      sqltracefile = ${logdir}/sqltrace.sql
      num_sql_socks = 5
      connect_failure_retry_delay = 60
      lifetime = 0
      max_queries = 0
      nas_table = "nas"
      $INCLUDE sql/${database}/dialup.confradiusd.conf 如下：prefix = /usr/local
exec_prefix = ${prefix}
sysconfdir = ${prefix}/etc
localstatedir = ${prefix}/var
sbindir = ${exec_prefix}/sbin
logdir = ${localstatedir}/log/radius
raddbdir = ${sysconfdir}/raddb
radacctdir = ${logdir}/radacct

name = radiusd

confdir = ${raddbdir}
run_dir = ${localstatedir}/run/${name}

db_dir = ${raddbdir}

libdir = ${exec_prefix}/lib

pidfile = ${run_dir}/${name}.pid



max_request_time = 30

cleanup_delay = 5

max_requests = 1024

listen {
      type = auth


      ipaddr = *


      port = 0


}

listen {
      ipaddr = *
      port = 0
      type = acct
}

hostname_lookups = no

allow_core_dumps = no

regular_expressions   = yes
extended_expressions    = yes

log {
      destination = files

      file = ${logdir}/radius.log


      syslog_facility = daemon

      stripped_names = no

      auth = no

      auth_badpass = no
      auth_goodpass = no

}

checkrad = ${sbindir}/checkrad

security {
      max_attributes = 200

      reject_delay = 1

      status_server = yes
}

proxy_requests= yes
$INCLUDE proxy.conf



$INCLUDE clients.conf


thread pool {
      start_servers = 5

      max_servers = 32

      min_spare_servers = 3
      max_spare_servers = 10


      max_requests_per_server = 0
}

modules {

      $INCLUDE ${confdir}/modules/

      $INCLUDE eap.conf



}

instantiate {
      exec

      expr

      expiration
      logintime

}

$INCLUDE policy.conf

$INCLUDE sites-enabled/client.conf 如下：client localhost {
      ipaddr = 127.0.0.1





      secret          = testing123

      require_message_authenticator = no







}






client 172.17.0.1 {
      secret          = radius
      shortname       = Localhost
}

rockup 发表于 2012-10-9 06:20:55

在RADIUS 服务状态: RADIUSD运行   为什么在 radius manager 建立帐号无法登陆 只有在 ros secret 中建立的帐号才能登陆？

就这一句，证明ros跟rm没对接上

查看完整版本: freeradius对连ros问题