Всем, привет.При настройке поптопа на CentOs 5.2 столкнулся с проблемой использования IAS (M$) в качестве радиус сервера. На шапке 8.0 было все Ок, и конфигурацию перенес максимально полно. Вот мои конфиги:
$Id: pptpd.conf,v 1.10 2006/09/04 23:30:57 quozl Exp $
-----------------------------------
option /etc/ppp/options.pptpd
logwtmp
bcrelay eth2
delegate
connections 5
ocalip 192.168.100.200
remoteip 192.168.100.5-30
-----------------------------------
options.pptpd
----------------------------
name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
ms-dns 192.168.1.219
ms-dns 192.168.100.200
proxyarp
debug
dump
lock
auth
nobsdcomp
novj
novjccomp
idle 300
plugin radius.so
---------------------------------
По логу у меня получается следующее
---------------------------------------
Nov 10 16:20:37 srv-internet pptpd[12447]: CTRL: Starting call (launching pppd, opening GRE)
Nov 10 16:20:37 srv-internet pppd[12448]: Plugin radius.so loaded.
Nov 10 16:20:37 srv-internet pppd[12448]: RADIUS plugin initialized.
Nov 10 16:20:37 srv-internet pppd[12448]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
Nov 10 16:20:37 srv-internet pppd[12448]: pptpd-logwtmp: $Version$
Nov 10 16:20:37 srv-internet pppd[12448]: pppd options in effect:
Nov 10 16:20:37 srv-internet pppd[12448]: debug # (from /etc/ppp/options.pptpd)
Nov 10 16:20:37 srv-internet pppd[12448]: idle 300 # (from /etc/ppp/options.pptpd)
Nov 10 16:20:37 srv-internet pppd[12448]: dump # (from /etc/ppp/options.pptpd)
Nov 10 16:20:37 srv-internet pppd[12448]: plugin radius.so # (from command line)
Nov 10 16:20:37 srv-internet pppd[12448]: plugin /usr/lib/pptpd/pptpd-logwtmp.so # (from command line)
Nov 10 16:20:37 srv-internet pppd[12448]: auth # (from /etc/ppp/options.pptpd)
Nov 10 16:20:37 srv-internet pppd[12448]: refuse-pap # (from /etc/ppp/options.pptpd)
Nov 10 16:20:37 srv-internet pppd[12448]: refuse-chap # (from /etc/ppp/options.pptpd)
Nov 10 16:20:37 srv-internet pppd[12448]: refuse-mschap # (from /etc/ppp/options.pptpd)
Nov 10 16:20:37 srv-internet pppd[12448]: name pptpd # (from /etc/ppp/options.pptpd)
Nov 10 16:20:37 srv-internet pppd[12448]: pptpd-original-ip 192.168.1.2 # (from command line)
Nov 10 16:20:37 srv-internet pppd[12448]: 115200 # (from command line)
Nov 10 16:20:37 srv-internet pppd[12448]: lock # (from /etc/ppp/options.pptpd)
Nov 10 16:20:37 srv-internet pppd[12448]: local # (from command line)
Nov 10 16:20:37 srv-internet pppd[12448]: novj # (from /etc/ppp/options.pptpd)
Nov 10 16:20:37 srv-internet pppd[12448]: novjccomp # (from /etc/ppp/options.pptpd)
Nov 10 16:20:37 srv-internet pppd[12448]: ipparam 192.168.1.2 # (from command line)
Nov 10 16:20:37 srv-internet pppd[12448]: ms-dns xxx # [don't know how to print value] # (from /etc/ppp/options.pptpd)
Nov 10 16:20:37 srv-internet pppd[12448]: ms-wins xxx # [don't know how to print value] # (from /etc/ppp/options.pptpd)
Nov 10 16:20:37 srv-internet pppd[12448]: proxyarp # (from /etc/ppp/options.pptpd)
Nov 10 16:20:37 srv-internet pppd[12448]: nobsdcomp # (from /etc/ppp/options.pptpd)
Nov 10 16:20:37 srv-internet pppd[12448]: require-mppe-128 # (from /etc/ppp/options.pptpd)
Nov 10 16:20:37 srv-internet pppd[12448]: pppd 2.4.4 started by root, uid 0
Nov 10 16:20:37 srv-internet pppd[12448]: Using interface ppp0
Nov 10 16:20:37 srv-internet pppd[12448]: Connect: ppp0 <--> /dev/pts/5
Nov 10 16:20:37 srv-internet pptpd[12447]: GRE: Bad checksum from pppd.
Nov 10 16:20:39 srv-internet setroubleshoot: SELinux is preventing pppd (pppd_t) "node_bind" to <Unknown> (inaddr_any_node_t). For complete SELinux messages.
Nov 10 16:20:39 srv-internet pppd[12448]: MPPE 128-bit stateless compression enabled
Nov 10 16:20:42 srv-internet pppd[12448]: Could not determine local IP address
Nov 10 16:20:42 srv-internet pppd[12448]: pptpd-logwtmp.so ip-down ppp0
Nov 10 16:20:42 srv-internet pppd[12448]: Connect time 0.1 minutes.
Nov 10 16:20:42 srv-internet pppd[12448]: Sent 130 bytes, received 160 bytes.
Nov 10 16:20:42 srv-internet setroubleshoot: SELinux is preventing pppd (pppd_t) "write" to ./wtmp (wtmp_t). For complete SELinux messages. run sealert -l cfd
Nov 10 16:20:42 srv-internet setroubleshoot: SELinux is preventing pppd (pppd_t) "lock" to /var/log/wtmp (wtmp_t). For complete SELinux messages. run sealert
Nov 10 16:20:42 srv-internet pppd[12448]: MPPE disabled
Nov 10 16:20:42 srv-internet pppd[12448]: Modem hangup
Nov 10 16:20:42 srv-internet pppd[12448]: Connection terminated.
Nov 10 16:20:42 srv-internet pppd[12448]: Connect time 0.1 minutes.
Nov 10 16:20:42 srv-internet pppd[12448]: Sent 170 bytes, received 240 bytes.
Nov 10 16:20:43 srv-internet pppd[12448]: Exit.
----------------------------------------------
А вот в логе ИАС сервера вообще чудно. Вот его небольшой кусок:
---------------------------------------------
192.168.1.234,admin,11/07/2008,14:45:46,IAS,SRV-NEPTUN-1,44,49142A7C7C0100,25,311
127.0.0.1,admin,11/10/2008,15:51:02,IAS,SRV-NEPTUN-1,6,2,7,1,31,192.168.1.2,4,127.0.0
127.0.0.1,admin,11/10/2008,15:51:02,IAS,SRV-NEPTUN-1,25,311 1 192.168.1.210 11/07/200
----------------------------------------------
Т.е. последний нормальный логин от адреса (.234) проходил нормально (старая шапка), а вот уже "странные" логины от 127.0.0.1 так это уже совсем не понятно из-за чего.
PS:
При отключении ИАС авторизации (дизаблим радиус плуг и дерективу delegate) и оставляем chap авторизацию. Так все Ок. Работает как часы. Вот рабочий лог.
--------------------------------
Nov 10 17:20:14 srv-internet pptpd[16327]: CTRL: Starting call (launching pppd, opening GRE)
Nov 10 17:20:14 srv-internet pppd[16328]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
Nov 10 17:20:14 srv-internet pppd[16328]: pptpd-logwtmp: $Version$
Nov 10 17:20:14 srv-internet pppd[16328]: pppd options in effect:
Nov 10 17:20:14 srv-internet pppd[16328]: debug # (from /etc/ppp/options.pptpd)
Nov 10 17:20:14 srv-internet pppd[16328]: idle 300 # (from /etc/ppp/options.pptpd)
Nov 10 17:20:14 srv-internet pppd[16328]: dump # (from /etc/ppp/options.pptpd)
Nov 10 17:20:14 srv-internet pppd[16328]: plugin /usr/lib/pptpd/pptpd-logwtmp.so # (from command line)
Nov 10 17:20:14 srv-internet pppd[16328]: auth # (from /etc/ppp/options.pptpd)
Nov 10 17:20:14 srv-internet pppd[16328]: refuse-pap # (from /etc/ppp/options.pptpd)
Nov 10 17:20:14 srv-internet pppd[16328]: refuse-chap # (from /etc/ppp/options.pptpd)
Nov 10 17:20:14 srv-internet pppd[16328]: refuse-mschap # (from /etc/ppp/options.pptpd)
Nov 10 17:20:14 srv-internet pppd[16328]: name pptpd # (from /etc/ppp/options.pptpd)
Nov 10 17:20:14 srv-internet pppd[16328]: pptpd-original-ip 81.29.140.12 # (from command line)
Nov 10 17:20:14 srv-internet pppd[16328]: 115200 # (from command line)
Nov 10 17:20:14 srv-internet pppd[16328]: lock # (from /etc/ppp/options.pptpd)
Nov 10 17:20:14 srv-internet pppd[16328]: local # (from command line)
Nov 10 17:20:14 srv-internet pppd[16328]: novj # (from /etc/ppp/options.pptpd)
Nov 10 17:20:14 srv-internet pppd[16328]: novjccomp # (from /etc/ppp/options.pptpd)
Nov 10 17:20:14 srv-internet pppd[16328]: ipparam 81.29.140.12 # (from command line)
Nov 10 17:20:14 srv-internet pppd[16328]: ms-dns xxx # [don't know how to print value] # (from /etc/ppp/options.pptpd)
Nov 10 17:20:14 srv-internet pppd[16328]: proxyarp # (from /etc/ppp/options.pptpd)
Nov 10 17:20:14 srv-internet pppd[16328]: 192.168.100.200:192.168.100.5 # (from command line)
Nov 10 17:20:14 srv-internet pppd[16328]: nobsdcomp # (from /etc/ppp/options.pptpd)
Nov 10 17:20:14 srv-internet pppd[16328]: require-mppe-128 # (from /etc/ppp/options.pptpd)
Nov 10 17:20:14 srv-internet pppd[16328]: pppd 2.4.4 started by root, uid 0
Nov 10 17:20:14 srv-internet pppd[16328]: Using interface ppp0
Nov 10 17:20:14 srv-internet pppd[16328]: Connect: ppp0 <--> /dev/pts/5
Nov 10 17:20:14 srv-internet pptpd[16327]: GRE: Bad checksum from pppd.
Nov 10 17:20:17 srv-internet pppd[16328]: MPPE 128-bit stateless compression enabled
Nov 10 17:20:19 srv-internet pppd[16328]: Cannot determine ethernet address for proxy ARP
Nov 10 17:20:19 srv-internet pppd[16328]: local IP address 192.168.100.200
Nov 10 17:20:19 srv-internet pppd[16328]: remote IP address 192.168.100.1
Nov 10 17:20:19 srv-internet pppd[16328]: pptpd-logwtmp.so ip-up ppp0 SDmitry 81.29.140.137
Nov 10 17:20:29 srv-internet pppd[16328]: LCP terminated by peer (*M-uEM-^R^@<M-Mt^@^@^@^@)
Nov 10 17:20:29 srv-internet pppd[16328]: pptpd-logwtmp.so ip-down ppp0
Nov 10 17:20:29 srv-internet pppd[16328]: Connect time 0.2 minutes.
Nov 10 17:20:29 srv-internet pppd[16328]: Sent 0 bytes, received 1024 bytes.
Nov 10 17:20:32 srv-internet pppd[16328]: Modem hangup
Nov 10 17:20:32 srv-internet pppd[16328]: Connection terminated.
Nov 10 17:20:32 srv-internet pppd[16328]: Exit.
------------------------------------------------------
Вариант для распечатки
OpenNET: Виртуальная конференция (Public)
(??) on 10-Ноя-08, 17:48 
