на первом серваке pptpd+radiusclient ОС Debian 6.0
конфиг /etc/radiusclient/servers
Код:
# Make sure that this file is mode 600 (readable only to owner)!
#
#Server Name or Client/Server pair Key
#---------------- ---------------
#portmaster.elemental.net hardlyasecret
#portmaster2.elemental.net donttellanyone
10.222.0.161 12345
#
#Server Name or Client/Server pair Key
#---------------- ---------------
#portmaster.elemental.net hardlyasecret
#portmaster2.elemental.net donttellanyone
10.222.0.161 12345
конфиг /etc/radiusclient/radiusclient.conf
Код:
# General settings
# specify which authentication comes first respectively which
# authentication is used. possible values are: "radius" and "local".
# if you specify "radius,local" then the RADIUS server is asked
# first then the local one. if only one keyword is specified only
# this server is asked.
auth_order radius,local
# maximum login tries a user has
login_tries 4
# timeout for all login tries
# if this time is exceeded the user is kicked out
login_timeout 60
# name of the nologin file which when it exists disables logins.
# it may be extended by the ttyname which will result in
# a terminal specific lock (e.g. /etc/nologin.ttyS2 will disable
# logins on /dev/ttyS2)
nologin /etc/nologin
# name of the issue file. it's only display when no username is passed
# on the radlogin command line
# issue /etc/radiusclient/issue
# RADIUS settings
# RADIUS server to use for authentication requests. this config
# item can appear more then one time. if multiple servers are
# defined they are tried in a round robin fashion if one
# server is not answering.
# optionally you can specify a the port number on which is remote
# RADIUS listens separated by a colon from the hostname. if
# no port is specified /etc/services is consulted of the radius
# service. if this fails also a compiled in default is used.
authserver 10.222.0.161
# RADIUS server to use for accouting requests. All that I
# said for authserver applies, too.
#
acctserver 10.222.0.161
# file holding shared secrets used for the communication
# between the RADIUS client and server
servers /etc/radiusclient/servers
# dictionary of allowed attributes and values
# just like in the normal RADIUS distributions
dictionary /etc/radiusclient/dictionary
# program to call for a RADIUS authenticated login
#login_radius /usr/sbin/login.radius
# file which holds sequence number for communication with the
# RADIUS server
seqfile /var/run/radius.seq
# file which specifies mapping between ttyname and NAS-Port attribute
mapfile /etc/radiusclient/port-id-map
# default authentication realm to append to all usernames if no
# realm was explicitly specified by the user
# the radiusd directly form Livingston doesnt use any realms, so leave
# it blank then
default_realm
# time to wait for a reply from the RADIUS server
radius_timeout 10
# resend request this many times before trying the next server
radius_retries 3
# LOCAL settings
# program to execute for local login
# it must support the -f flag for preauthenticated login
#login_local /bin/login
# specify which authentication comes first respectively which
# authentication is used. possible values are: "radius" and "local".
# if you specify "radius,local" then the RADIUS server is asked
# first then the local one. if only one keyword is specified only
# this server is asked.
auth_order radius,local
# maximum login tries a user has
login_tries 4
# timeout for all login tries
# if this time is exceeded the user is kicked out
login_timeout 60
# name of the nologin file which when it exists disables logins.
# it may be extended by the ttyname which will result in
# a terminal specific lock (e.g. /etc/nologin.ttyS2 will disable
# logins on /dev/ttyS2)
nologin /etc/nologin
# name of the issue file. it's only display when no username is passed
# on the radlogin command line
# issue /etc/radiusclient/issue
# RADIUS settings
# RADIUS server to use for authentication requests. this config
# item can appear more then one time. if multiple servers are
# defined they are tried in a round robin fashion if one
# server is not answering.
# optionally you can specify a the port number on which is remote
# RADIUS listens separated by a colon from the hostname. if
# no port is specified /etc/services is consulted of the radius
# service. if this fails also a compiled in default is used.
authserver 10.222.0.161
# RADIUS server to use for accouting requests. All that I
# said for authserver applies, too.
#
acctserver 10.222.0.161
# file holding shared secrets used for the communication
# between the RADIUS client and server
servers /etc/radiusclient/servers
# dictionary of allowed attributes and values
# just like in the normal RADIUS distributions
dictionary /etc/radiusclient/dictionary
# program to call for a RADIUS authenticated login
#login_radius /usr/sbin/login.radius
# file which holds sequence number for communication with the
# RADIUS server
seqfile /var/run/radius.seq
# file which specifies mapping between ttyname and NAS-Port attribute
mapfile /etc/radiusclient/port-id-map
# default authentication realm to append to all usernames if no
# realm was explicitly specified by the user
# the radiusd directly form Livingston doesnt use any realms, so leave
# it blank then
default_realm
# time to wait for a reply from the RADIUS server
radius_timeout 10
# resend request this many times before trying the next server
radius_retries 3
# LOCAL settings
# program to execute for local login
# it must support the -f flag for preauthenticated login
#login_local /bin/login
второй серв bgbilling+BGRadius ОС Fedora13 (Билинг версии 5.1)
радиус.пропертис:
Код:
processor.class=ru.bitel.bgbilling.modules.dialup.radius.DialUpRadiusProcessor
processor.mid=4
db.driver=com.mysql.jdbc.Driver
db.url=jdbc:mysql://127.0.0.1/bgbilling?useUnicode=true&characterEncoding=Cp1251&zeroDateTimeBehavior=convertToNull&jdbcCompliantTruncation=false&elideSetAutoCommits=true&cachePrepStmts=true&queryTimeoutKillsConnection=true
db.user=bill
db.pswd=bgbilling
db.maxIdle=20
db.maxActive=300
mq.url=failover:(nio://127.0.0.1:61616)
mq.user=bill
mq.pswd=bgbilling
auth.port=1812
acct.port=1813
admin.port=1955
auth.thread.count=20
auth.thread.queue=50
acct.thread.count=20
acct.thread.queue=50
#netflow.thread.count=10
#collector.capture.flow.port.1=2001
#collector.capture.flow.port.1.type=netflow
#collector.capture.flow.port.1.thread.count=10
#
#collector.capture.flow.port.2=2002
#collector.capture.flow.port.2.type=sflow
#collector.capture.flow.port.2.sources=0
#collector.capture.flow.port.2.thread.count=10
processor.mid=4
db.driver=com.mysql.jdbc.Driver
db.url=jdbc:mysql://127.0.0.1/bgbilling?useUnicode=true&characterEncoding=Cp1251&zeroDateTimeBehavior=convertToNull&jdbcCompliantTruncation=false&elideSetAutoCommits=true&cachePrepStmts=true&queryTimeoutKillsConnection=true
db.user=bill
db.pswd=bgbilling
db.maxIdle=20
db.maxActive=300
mq.url=failover:(nio://127.0.0.1:61616)
mq.user=bill
mq.pswd=bgbilling
auth.port=1812
acct.port=1813
admin.port=1955
auth.thread.count=20
auth.thread.queue=50
acct.thread.count=20
acct.thread.queue=50
#netflow.thread.count=10
#collector.capture.flow.port.1=2001
#collector.capture.flow.port.1.type=netflow
#collector.capture.flow.port.1.thread.count=10
#
#collector.capture.flow.port.2=2002
#collector.capture.flow.port.2.type=sflow
#collector.capture.flow.port.2.sources=0
#collector.capture.flow.port.2.thread.count=10
и собссно eror.log БГРадиуса:
Код:
radius 12-10/14:15:00 ERROR [radiusListener-p-2-t-8] RadiusListenerWorker - NAS not found for packet: Packet type: Access-Request
Identifier: 141
Authenticator: {5D 5A DB CE 44 8B 38 0E 3D 96 BB 06 45 0E 44 AE}
Attributes:
User-Name=1035
NAS-IP-Address=127.0.1.1
NAS-Port=0
Service-Type=2
Framed-Protocol=1
Calling-Station-Id=10.222.1.2
Identifier: 141
Authenticator: {5D 5A DB CE 44 8B 38 0E 3D 96 BB 06 45 0E 44 AE}
Attributes:
User-Name=1035
NAS-IP-Address=127.0.1.1
NAS-Port=0
Service-Type=2
Framed-Protocol=1
Calling-Station-Id=10.222.1.2
прошу Вашей помощи знатоки! хз че ему еще от меня надо
