在配置pptpd+radius+mysql的過程中碰見的問題,望各位達人幫忙指點一下!!!

火星人 @ 2014-03-04 , reply:0


在配置pptpd+radius+mysql的過程中碰見的問題,望各位達人幫忙指點一下!!!

最近看了網路中盛行的pptpd+radius+mysql -sdathisetsket- 安裝攻略1,2,3 這篇文章,在進行配置的過程中出現一問題,實在無法解決,在這裡希望哪位高人指點一下,萬分感謝,

困惑一個星期了.
錯誤日誌如下:
tail -f /var/log/messages
Apr  2 10:31:16 localhost pptpd: CTRL: Client 219.237.24.160 control connection started
Apr  2 10:31:16 localhost pptpd: CTRL: Starting call (launching pppd, opening GRE)
Apr  2 10:31:16 localhost pppd: Plugin /usr/lib/pppd/2.4.4/radius.so loaded.
Apr  2 10:31:16 localhost pppd: RADIUS plugin initialized.
Apr  2 10:31:16 localhost pppd: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
Apr  2 10:31:16 localhost pppd: pptpd-logwtmp: $Version$
Apr  2 10:31:16 localhost pppd: pppd options in effect:
Apr  2 10:31:16 localhost pppd: debug            # (from /etc/ppp/options.pptpd)
Apr  2 10:31:16 localhost pppd: logfile /var/log/pptpd.log               # (from /etc/ppp/options.pptpd)
Apr  2 10:31:16 localhost pppd: dump             # (from /etc/ppp/options.pptpd)
Apr  2 10:31:16 localhost pppd: plugin /usr/lib/pppd/2.4.4/radius.so             # (from command line)
Apr  2 10:31:16 localhost pppd: plugin /usr/lib/pptpd/pptpd-logwtmp.so           # (from command line)
Apr  2 10:31:16 localhost pppd: require-mschap-v2                # (from /etc/ppp/options.pptpd)
Apr  2 10:31:16 localhost pppd: refuse-pap               # (from /etc/ppp/options.pptpd)
Apr  2 10:31:16 localhost pppd: refuse-chap              # (from /etc/ppp/options.pptpd)
Apr  2 10:31:16 localhost pppd: refuse-mschap            # (from /etc/ppp/options.pptpd)
Apr  2 10:31:16 localhost pppd: name pptpd               # (from /etc/ppp/options.pptpd)
Apr  2 10:31:16 localhost pppd: pptpd-original-ip 219.237.24.160                # (from command line)
Apr  2 10:31:16 localhost pppd: radius-config-file /etc/radiusclient/radiusclient.conf           # (from /etc/ppp/options.pptpd)
Apr  2 10:31:16 localhost pppd: 115200           # (from command line)
Apr  2 10:31:16 localhost pppd: lock             # (from /etc/ppp/options.pptpd)
Apr  2 10:31:16 localhost pppd: local            # (from command line)
Apr  2 10:31:16 localhost pppd: novj             # (from /etc/ppp/options.pptpd)
Apr  2 10:31:16 localhost pppd: novjccomp                # (from /etc/ppp/options.pptpd)
Apr  2 10:31:16 localhost pppd: ipparam 219.237.24.160          # (from command line)
Apr  2 10:31:16 localhost pppd: proxyarp         # (from /etc/ppp/options.pptpd)
Apr  2 10:31:16 localhost pppd: 192.168.5.10:192.168.7.225               # (from command line)
Apr  2 10:31:16 localhost pppd: nobsdcomp                # (from /etc/ppp/options.pptpd)
Apr  2 10:31:16 localhost pppd: require-mppe-128         # (from /etc/ppp/options.pptpd)
Apr  2 10:31:16 localhost pppd: pppd 2.4.4 started by root, uid 0
Apr  2 10:31:16 localhost pppd: Using interface ppp0
Apr  2 10:31:16 localhost pppd: Connect: ppp0 <--> /dev/pts/3
Apr  2 10:31:16 localhost pptpd: CTRL: Ignored a SET LINK INFO packet with real ACCMs!
Apr  2 10:31:26 localhost pppd: Peer miladuo failed CHAP authentication
Apr  2 10:31:26 localhost pppd: Connection terminated.
Apr  2 10:31:26 localhost pppd: Exit.
Apr  2 10:31:26 localhost pptpd: GRE: read(fd=6,buffer=8059680,len=8196) from PTY failed: status = -1 error = Input/output error, usually caused by

unexpected termination of pppd, check option syntax and pppd logs
Apr  2 10:31:26 localhost pptpd: CTRL: PTY read or GRE write failed (pty,gre)=(6,7)
Apr  2 10:31:26 localhost pptpd: CTRL: Client 219.237.24.160 control connection finished

vi /var/log/pptpd.log
proxyarp                # (from /etc/ppp/options.pptpd)
192.168.5.10:192.168.7.225              # (from command line)
nobsdcomp               # (from /etc/ppp/options.pptpd)
require-mppe-128                # (from /etc/ppp/options.pptpd)
using channel 52
Using interface ppp0
Connect: ppp0 <--> /dev/pts/4
sent
rcvd
sent
rcvd
rcvd
sent
sent
rcvd
rcvd
rcvd
Peer miladuo failed CHAP authentication
sent
sent
rcvd
Discarded non-LCP packet when LCP not open
rcvd
Discarded non-LCP packet when LCP not open
rcvd
Discarded non-LCP packet when LCP not open
rcvd
Discarded non-LCP packet when LCP not open
rcvd
Discarded non-LCP packet when LCP not open
rcvd
Connection terminated.


我的服務配置信息如下:
vi /etc/pptpd.conf
option /etc/ppp/options.pptpd
logwtmp
localip 192.168.5.10-30,192.168.5.33
remoteip 192.168.7.225-238,192.168.7.245

vi /etc/ppp/options.pptpd
name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
proxyarp
debug
dump
lock
nobsdcomp
novj
novjccomp
nologfd
plugin /usr/lib/pppd/2.4.4/radius.so
radius-config-file /etc/radiusclient/radiusclient.conf
logfile /var/log/pptpd.log

vi /etc/ppp/chap-secrets
"miladuo"       *       "1234qwer"                      *
"miladuo"       pptpd   "1234qwer"                      *

vi /etc/raddb/users
miladuo Auth-Type:= MS-CHAP, User-Password=="1234qwer", Simultaneous-Use:=1
          Service-Type = Framed-User,
          Framed-Protocol = PPP,
          Framed-IP-Address = 255.255.255.254,
          Framed-IP-Netmask = 255.255.255.0

vi /etc/raddb/clients.conf
client 127.0.0.1 {
        secret          = testing123
        shortname       = localhost
        nastype           = other
        }

其他配置完全按文章修改,如
編輯 radiusd.conf 使其支持mysql認證;
vi /etc/raddb/radiusd.conf

註釋掉 authorize {
的files
去掉sql前的註釋


註釋掉 preacct {
的files


註釋掉 accounting {
的radutmp
去掉sql前面的#


註釋掉 session{
的radutmp
去掉sql前面的#


去掉 post-auth {
sql前的#


總之就是去掉files模塊,開啟sql模塊

我現在在另外一台win機器上面測試撥號,每次都在驗證用戶名密碼那個地方過不去,報錯誤691.我也看了日誌錯誤,百度,google搜索了N天,實在是找不到解決方案,還望大家幫忙看

看.謝謝!
《解決方案》

回復 #1 miladuo 的帖子

radius -X 看看提示信息
樓主的這個是做什麼用途的,是自己玩玩 還是做什麼,是互聯網上的主機,還是公司內部的虛擬機 呵呵
《解決方案》

回復 #2 kns1024wh 的帖子

現在用的是公網環境配置,公網主機,暫時打算測試玩,以後會用在實際環境中.打算做一個基於WEB界面的VPN伺服器.
錯誤日誌如下:
# /usr/sbin/radiusd -x
Starting - reading configuration files ...
Using deprecated naslist file.  Support for this will go away soon.
There appears to be another RADIUS server running on the authentication port 1812
# /usr/sbin/radiusd -x
Starting - reading configuration files ...
Using deprecated naslist file.  Support for this will go away soon.
Module: Loaded exec
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
Module: Instantiated mschap (mschap)
Module: Loaded System
Module: Instantiated unix (unix)
Module: Loaded eap
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
rlm_eap: Loaded and initialized type gtc
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded preprocess
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
Module: Instantiated realm (suffix)
Module: Loaded SQL
rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
rlm_sql (sql): Attempting to connect to root@localhost:/radius
rlm_sql (sql): starting 0
rlm_sql (sql): Attempting to connect rlm_sql_mysql #0
rlm_sql_mysql: Starting connect to MySQL server for #0
rlm_sql (sql): Connected new DB handle, #0
rlm_sql (sql): starting 1
rlm_sql (sql): Attempting to connect rlm_sql_mysql #1
rlm_sql_mysql: Starting connect to MySQL server for #1
rlm_sql (sql): Connected new DB handle, #1
rlm_sql (sql): starting 2
rlm_sql (sql): Attempting to connect rlm_sql_mysql #2
rlm_sql_mysql: Starting connect to MySQL server for #2
rlm_sql (sql): Connected new DB handle, #2
rlm_sql (sql): starting 3
rlm_sql (sql): Attempting to connect rlm_sql_mysql #3
rlm_sql_mysql: Starting connect to MySQL server for #3
rlm_sql (sql): Connected new DB handle, #3
rlm_sql (sql): starting 4
rlm_sql (sql): Attempting to connect rlm_sql_mysql #4
rlm_sql_mysql: Starting connect to MySQL server for #4
rlm_sql (sql): Connected new DB handle, #4
Module: Instantiated sql (sql)
Module: Loaded Acct-Unique-Session-Id
Module: Instantiated acct_unique (acct_unique)
Module: Loaded detail
Module: Instantiated detail (detail)
Initializing the thread pool...
Listening on authentication *:1812
Listening on accounting *:1813
Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1:33266, id=195, length=152
        Service-Type = Framed-User
        Framed-Protocol = PPP
        User-Name = "miladuo"
        MS-CHAP-Challenge = 0x0d7e55d4ace2b26d40f47aa6937c338d
        MS-CHAP2-Response = 0x4c0003d6ad2f6bddf63cc8b11f3d268e0f10000000000000000023f32c74604cd86da4ec265228d65232282c686dbb72aca9
        Calling-Station-Id = "219.237.24.160"
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 0
rlm_sql (sql): Reserving sql socket id: 4
rlm_sql (sql): Released sql socket id: 4
rad_recv: Access-Request packet from host 127.0.0.1:33266, id=195, length=152
Sending Access-Reject of id 195 to 127.0.0.1 port 33266
《解決方案》

回復 #3 miladuo 的帖子

Access-Reject
《解決方案》

問題已經解決,現在自己結貼.
版本問題,因為我用的freeradius是1.1.7版本
換成1.1.0  或者1.1.3都可以.
《解決方案》

回復 #5 miladuo 的帖子

不會呀,1.1.7的可以的
《解決方案》

原帖由 miladuo 於 2009-4-16 16:53 發表 http://bbs2.chinaunix.net/images/common/back.gif
問題已經解決,現在自己結貼.
版本問題,因為我用的freeradius是1.1.7版本
換成1.1.0  或者1.1.3都可以.


是不是哪裡弄錯了?



[火星人 via ] 在配置pptpd+radius+mysql的過程中碰見的問題,望各位達人幫忙指點一下!!!已經有176次圍觀

http://www.coctec.com/docs/service/show-post-23170.html