The OpenNET Project / Index page

[ новости /+++ | форум | теги | ]

форумы  помощь  поиск  регистрация  майллист  вход/выход  слежка  RSS
"FreeBSD7.4,MPD5.5, NetUP5 - клиенты перестали авторизоваться"
Вариант для распечатки  
Пред. тема | След. тема 
Форум Открытые системы на сервере (Dialup, PPP)
Изначальное сообщение [ Отслеживать ]

"FreeBSD7.4,MPD5.5, NetUP5 - клиенты перестали авторизоваться"  +/
Сообщение от ivandel877 email(ok) on 16-Янв-12, 13:48 
Доброго времени суток!
Собрал для РРРоЕ-клиентов следующую конфигурацию:
- FreeBSD 7.4 RELEASE
- MPD-5.5
- NetUP UTM 5.2.1-007 + NetUP RADIUS

После 40 дней успешного аптайма, клиенты перестали авторизоваться.

Привожу конфиги и логи:

Mpd.conf:

startup:
set user admin qwezxcrt90
set console self 127.0.0.1 5005
set console open
set web self 0.0.0.0 5006
set web open
default:
load def_conf
def_conf:
create bundle template B
set bundle enable compression
set bundle enable encryption
set iface idle 0
set iface disable proxy-arp
set iface enable tcpmssfix
set ipcp yes vjcomp
set ipcp ranges 196.0.0.1/24 196.0.0.254/24
set ipcp dns xx.xx.xx.xx yy.yy.yy.yy
set ccp yes mppc
set mppc yes e40
set mppc yes e56
set mppc yes e128
set mppc yes stateless
set ecp disable dese-bis dese-old
log -echo -ipv6cp -radius -rep
load common
common:
create link template PPPoE pppoe
set link enable no-orig-auth
set link max-children 300
set auth max-logins 0
load pppoe
pppoe:
set link action bundle B
set link enable multilink
set link yes acfcomp protocomp
set link disable chap pap eap
set link enable chap chap-msv1 chap-msv2 chap-md5
set link keep-alive 10 60
create link template ng1_0 PPPoE
set pppoe iface bge1
set pppoe service ""
set link enable incoming
set auth enable radius-auth
set auth enable radius-acct
set radius server localhost secret 1812 1813
set radius retries 3
set radius timeout 10
create link template ng1_1 PPPoE
set pppoe iface vlan301
set pppoe service ""
set link enable incoming
set auth enable radius-auth
set auth enable radius-acct
set radius server localhost secret 1812 1813
set radius retries 3
set radius timeout 10
create link template ng1_2 PPPoE
set pppoe iface vlan302
set pppoe service ""
set link enable incoming
set auth enable radius-auth
set auth enable radius-acct
set radius server localhost secret 1812 1813
set radius retries 3
set radius timeout 10

При подключении клиента с виндой:

Лог МПД

Multi-link PPP daemon for FreeBSD

process 2676 started, version 5.5 (root@ 10:31 29-Jun-2011)
bind: Address already in use
CONSOLE: Can't listen for connections on 127.0.0.1 5005
bind: Address already in use
WebOpen: error http_server_start: 48
PPPoE: waiting for connection on bge1:, service ""
PPPoE: waiting for connection on vlan301:, service ""
PPPoE: waiting for connection on vlan302:, service ""
[ng1_2] Incoming PPPoE connection request via vlan302: for service ""
from 00:13:77:68:52:d8
[ng1_2-4] Accepting PPPoE connection
[ng1_2-4] Link: OPEN event
[ng1_2-4] LCP: Open event
[ng1_2-4] LCP: state change Initial --> Starting
[ng1_2-4] LCP: LayerStart
[ng1_2-4] PPPoE: connection successful
[ng1_2-4] Link: UP event
[ng1_2-4] LCP: Up event
[ng1_2-4] LCP: state change Starting --> Req-Sent
[ng1_2-4] LCP: SendConfigReq #1
[ng1_2-4] PROTOCOMP
[ng1_2-4] MRU 1492
[ng1_2-4] MAGICNUM aba244c8
[ng1_2-4] AUTHPROTO CHAP MSOFTv2
[ng1_2-4] MP MRRU 2048
[ng1_2-4] MP SHORTSEQ
[ng1_2-4] ENDPOINTDISC [802.1] 00 14 5e 68 49 66
[ng1_2-4] LCP: rec'd Configure Request #0 (Req-Sent)
[ng1_2-4] MRU 1466
[ng1_2-4] MAGICNUM 2ea13afd
[ng1_2-4] CALLBACK 6
[ng1_2-4] LCP: SendConfigRej #0
[ng1_2-4] CALLBACK 6
[ng1_2-4] LCP: rec'd Configure Reject #1 (Req-Sent)
[ng1_2-4] PROTOCOMP
[ng1_2-4] MP MRRU 2048
[ng1_2-4] MP SHORTSEQ
[ng1_2-4] ENDPOINTDISC [802.1] 00 14 5e 68 49 66
[ng1_2-4] LCP: SendConfigReq #2
[ng1_2-4] MRU 1492
[ng1_2-4] MAGICNUM aba244c8
[ng1_2-4] AUTHPROTO CHAP MSOFTv2
[ng1_2-4] LCP: rec'd Configure Request #1 (Req-Sent)
[ng1_2-4] MRU 1466
[ng1_2-4] MAGICNUM 2ea13afd
[ng1_2-4] LCP: SendConfigAck #1
[ng1_2-4] MRU 1466
[ng1_2-4] MAGICNUM 2ea13afd
[ng1_2-4] LCP: state change Req-Sent --> Ack-Sent
[ng1_2-4] LCP: rec'd Configure Ack #2 (Ack-Sent)
[ng1_2-4] MRU 1492
[ng1_2-4] MAGICNUM aba244c8
[ng1_2-4] AUTHPROTO CHAP MSOFTv2
[ng1_2-4] LCP: state change Ack-Sent --> Opened
[ng1_2-4] LCP: auth: peer wants nothing, I want CHAP
[ng1_2-4] CHAP: sending CHALLENGE #1 len: 21
[ng1_2-4] LCP: LayerUp
[ng1_2-4] LCP: rec'd Ident #2 (Opened)
[ng1_2-4] MESG: MSRASV5.10
[ng1_2-4] LCP: rec'd Ident #3 (Opened)
[ng1_2-4] MESG: MSRAS-0-TEHNOTE
[ng1_2-4] CHAP: rec'd RESPONSE #1 len: 58
[ng1_2-4] Name: "radd"
[ng1_2-4] AUTH: Trying RADIUS
[ng1_2-4] CHAP: rec'd RESPONSE #1 len: 58
[ng1_2-4] Name: "radd"
[ng1_2-4] CHAP: Auth return status: busy              {!!!!!!!!!!!!!!!!!!!}
[ng1_2-4] CHAP: rec'd RESPONSE #1 len: 58
[ng1_2-4] Name: "radd"
[ng1_2-4] CHAP: Auth return status: busy
[ng1_2-4] CHAP: rec'd RESPONSE #1 len: 58
[ng1_2-4] Name: "radd"
[ng1_2-4] CHAP: Auth return status: busy
[ng1_2-4] CHAP: rec'd RESPONSE #1 len: 58
[ng1_2-4] Name: "radd"
[ng1_2-4] CHAP: Auth return status: busy
[ng1_2-4] CHAP: rec'd RESPONSE #1 len: 58
[ng1_2-4] Name: "radd"
[ng1_2-4] CHAP: Auth return status: busy
[ng1_2-4] CHAP: rec'd RESPONSE #1 len: 58
[ng1_2-4] Name: "radd"
[ng1_2-4] CHAP: Auth return status: busy
[ng1_2-4] CHAP: rec'd RESPONSE #1 len: 58
[ng1_2-4] Name: "radd"
[ng1_2-4] CHAP: Auth return status: busy
[ng1_2-4] CHAP: rec'd RESPONSE #1 len: 58
[ng1_2-4] Name: "radd"
[ng1_2-4] CHAP: Auth return status: busy
[ng1_2-4] CHAP: rec'd RESPONSE #1 len: 58
[ng1_2-4] Name: "radd"
[ng1_2-4] CHAP: Auth return status: busy
[ng1_2-4] LCP: rec'd Terminate Request #4 (Opened)
[ng1_2-4] LCP: state change Opened --> Stopping
[ng1_2-4] LCP: SendTerminateAck #3
[ng1_2-4] LCP: LayerDown
[ng1_2-4] LCP: state change Stopping --> Stopped
[ng1_2-4] LCP: LayerFinish
[ng1_2-4] PPPoE: connection closed
[ng1_2-4] Link: DOWN event
[ng1_2-4] LCP: Close event
[ng1_2-4] LCP: state change Stopped --> Closed
[ng1_2-4] LCP: Down event
[ng1_2-4] LCP: state change Closed --> Initial
[ng1_2-4] Link: SHUTDOWN event
[ng1_2-4] Link: Shutdown

TCPDump:

# tcpdump -i bge1
tcpdump: WARNING: bge1: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on bge1, link-type EN10MB (Ethernet), capture size 96 bytes
13:03:36.013013 PPPoE PADI [Service-Name] [Host-Uniq 0x0B0000003A000000]
13:03:36.013335 PPPoE PADO [AC-Name "NONAME"] [Service-Name]
[Host-Uniq 0x0B0000003A000000] [AC-Cookie 0xC0C08FC6]
13:03:36.013668 PPPoE PADR [Service-Name] [Host-Uniq
0x0B0000003B000000] [AC-Cookie 0xC0C08FC6]
13:03:36.013698 PPPoE PADS [ses 0x2] [AC-Name "NONAME"] [Service-Name]
[Host-Uniq 0x0B0000003B000000] [AC-Cookie 0xC0C08FC6]
13:03:36.014242 PPPoE [ses 0x2] LCP, Conf-Request (0x01), id 1, length 38
13:03:36.034850 PPPoE [ses 0x2] LCP, Conf-Request (0x01), id 0, length 19
13:03:36.035101 PPPoE [ses 0x2] LCP, Conf-Reject (0x04), id 0, length 9
13:03:36.035164 PPPoE [ses 0x2] LCP, Conf-Reject (0x04), id 1, length 23
13:03:36.035517 PPPoE [ses 0x2] LCP, Conf-Request (0x01), id 2, length 21
13:03:36.037874 PPPoE [ses 0x2] LCP, Conf-Request (0x01), id 1, length 16
13:03:36.038033 PPPoE [ses 0x2] LCP, Conf-Ack (0x02), id 2, length 21
13:03:36.038119 PPPoE [ses 0x2] LCP, Conf-Ack (0x02), id 1, length 16
13:03:36.038423 PPPoE [ses 0x2] CHAP, Challenge (0x01), id 1, Value
bb1e681cafc40022ee116a21c1d0a218, Name
13:03:36.040623 PPPoE [ses 0x2] LCP, Ident (0x0c), id 2, length 20
13:03:36.040780 PPPoE [ses 0x2] LCP, Ident (0x0c), id 3, length 25
13:03:36.041406 PPPoE [ses 0x2] CHAP, Response (0x02), id 1, Value
8e74d7a6bc3d0cbbf367e0bde8df7e9800000000000000009db0dc0a7b1d85388de8e14d400382dc57d416f370c9a45e00,
Name radd
13:03:38.025826 PPPoE [ses 0x2] CHAP, Response (0x02), id 1, Value
8e74d7a6bc3d0cbbf367e0bde8df7e9800000000000000009db0dc0a7b1d85388de8e14d400382dc57d416f370c9a45e00,
Name radd
13:03:40.025846 PPPoE [ses 0x2] CHAP, Response (0x02), id 1, Value
8e74d7a6bc3d0cbbf367e0bde8df7e9800000000000000009db0dc0a7b1d85388de8e14d400382dc57d416f370c9a45e00,
Name radd
13:03:42.025697 PPPoE [ses 0x2] CHAP, Response (0x02), id 1, Value
8e74d7a6bc3d0cbbf367e0bde8df7e9800000000000000009db0dc0a7b1d85388de8e14d400382dc57d416f370c9a45e00,
Name radd
13:03:44.025710 PPPoE [ses 0x2] CHAP, Response (0x02), id 1, Value
8e74d7a6bc3d0cbbf367e0bde8df7e9800000000000000009db0dc0a7b1d85388de8e14d400382dc57d416f370c9a45e00,
Name radd
13:03:46.025723 PPPoE [ses 0x2] CHAP, Response (0x02), id 1, Value
8e74d7a6bc3d0cbbf367e0bde8df7e9800000000000000009db0dc0a7b1d85388de8e14d400382dc57d416f370c9a45e00,
Name radd
13:03:48.025731 PPPoE [ses 0x2] CHAP, Response (0x02), id 1, Value
8e74d7a6bc3d0cbbf367e0bde8df7e9800000000000000009db0dc0a7b1d85388de8e14d400382dc57d416f370c9a45e00,
Name radd
13:03:50.025587 PPPoE [ses 0x2] CHAP, Response (0x02), id 1, Value
8e74d7a6bc3d0cbbf367e0bde8df7e9800000000000000009db0dc0a7b1d85388de8e14d400382dc57d416f370c9a45e00,
Name radd
13:03:52.025602 PPPoE [ses 0x2] CHAP, Response (0x02), id 1, Value
8e74d7a6bc3d0cbbf367e0bde8df7e9800000000000000009db0dc0a7b1d85388de8e14d400382dc57d416f370c9a45e00,
Name radd
13:03:54.025612 PPPoE [ses 0x2] CHAP, Response (0x02), id 1, Value
8e74d7a6bc3d0cbbf367e0bde8df7e9800000000000000009db0dc0a7b1d85388de8e14d400382dc57d416f370c9a45e00,
Name radd
13:03:56.030305 PPPoE [ses 0x2] LCP, Term-Request (0x05), id 4, length 18
13:03:56.030553 PPPoE [ses 0x2] LCP, Term-Ack (0x06), id 3, length 6
13:03:58.031431 PPPoE PADT [ses 0x2] [Generic-Error "session closed"]
13:03:58.031762 PPPoE PADT [ses 0x2]

На виндовом клиенте соответственно ошибка 718: удаленный комп не ответил вовремя.

Долгие гугления ответов не дали… помогите нубу!

Ответить | Правка | Cообщить модератору

Оглавление

Сообщения по теме [Сортировка по времени | RSS]


1. "FreeBSD7.4,MPD5.5, NetUP5 - клиенты перестали авторизоваться"  +/
Сообщение от кегна on 16-Янв-12, 14:07 
>[оверквотинг удален]
> Name radd
> 13:03:54.025612 PPPoE [ses 0x2] CHAP, Response (0x02), id 1, Value
> 8e74d7a6bc3d0cbbf367e0bde8df7e9800000000000000009db0dc0a7b1d85388de8e14d400382dc57d416f370c9a45e00,
> Name radd
> 13:03:56.030305 PPPoE [ses 0x2] LCP, Term-Request (0x05), id 4, length 18
> 13:03:56.030553 PPPoE [ses 0x2] LCP, Term-Ack (0x06), id 3, length 6
> 13:03:58.031431 PPPoE PADT [ses 0x2] [Generic-Error "session closed"]
> 13:03:58.031762 PPPoE PADT [ses 0x2]
> На виндовом клиенте соответственно ошибка 718: удаленный комп не ответил вовремя.
> Долгие гугления ответов не дали… помогите нубу!

process 2676 started, version 5.5 (root@ 10:31 29-Jun-2011)
bind: Address already in use
CONSOLE: Can't listen for connections on 127.0.0.1 5005
bind: Address already in use
WebOpen: error http_server_start: 48

подозреваю что кто то занял порт mpd...
думаю решится остановкой mpd..
посмотреть netstat кто занял..
пришибить... и запустить mpd снова ))

порт помоему 5005

Ответить | Правка | ^ к родителю #0 | Наверх | Cообщить модератору

3. "FreeBSD7.4,MPD5.5, NetUP5 - клиенты перестали авторизоваться"  +/
Сообщение от YuryD (??) on 16-Янв-12, 15:26 
> подозреваю что кто то занял порт mpd...
> порт помоему 5005

Это порт консоли управления mpd. Совершенно некритично, можно вообще выключить, тем более коннекты только с localhost...

Ответить | Правка | ^ к родителю #1 | Наверх | Cообщить модератору

2. "FreeBSD7.4,MPD5.5, NetUP5 - клиенты перестали авторизоваться"  +/
Сообщение от YuryD (??) on 16-Янв-12, 15:24 
> [ng1_2-4] CHAP: Auth return status: busy      

Отвалился radius ? У utm есть скрипты-ватчдоги для ядра и радиуса, используйте их.

Ответить | Правка | ^ к родителю #0 | Наверх | Cообщить модератору

4. "FreeBSD7.4,MPD5.5, NetUP5 - клиенты перестали авторизоваться"  +/
Сообщение от Square (ok) on 16-Янв-12, 15:36 
> TCPDump:

Очевидно вам надо смотреть лог радиуса, лог нетапа, а не лог tcpdump-а...


Ответить | Правка | ^ к родителю #0 | Наверх | Cообщить модератору

Архив | Удалить

Рекомендовать для помещения в FAQ | Индекс форумов | Темы | Пред. тема | След. тема




Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей 		Created 1996-2025 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру