[Openswan Users] RES: RES: Openswan using Radius server forauthentication
Arnel B. Espanola
aespanola at arts.ucla.edu
Mon Jun 2 12:37:12 EDT 2008
I enabled the pppd log and I see more details in it when I tried to
connect to my vpn server using my radius for authentication. But I still
don't have clue why it fails as I don't know what are those error codes.
And I don't see anything on my radius server logs so it means I couldn't
reach the radius server. The plugin radius.so is executable and
permissions seem ok on the files you've asked me to verify.
Thanks,
Arnel
Jun 2 09:07:19 vpn xl2tpd[11201]: ourtid = 4635, entropy_buf = 121b
Jun 2 09:07:19 vpn xl2tpd[11201]: ourcid = 28165, entropy_buf = 6e05
Jun 2 09:07:19 vpn xl2tpd[11201]: check_control: control, cid = 0, Ns =
0, Nr = 0
Jun 2 09:07:21 vpn xl2tpd[11201]: ourtid = 7476, entropy_buf = 1d34
Jun 2 09:07:21 vpn xl2tpd[11201]: check_control: control, cid = 0, Ns =
0, Nr = 0
Jun 2 09:07:21 vpn xl2tpd[11201]: control_finish: Peer requested tunnel
1 twice , ignoring second one.
Jun 2 09:07:21 vpn xl2tpd[11201]: check_control: control, cid = 0, Ns =
1, Nr = 1
Jun 2 09:07:21 vpn xl2tpd[11201]: Connection established to 10.0.1.146,
1701. Local: 4635, Remote: 1
(ref=0/0). LNS session is 'default'
Jun 2 09:07:21 vpn xl2tpd[11201]: check_control: control, cid = 0, Ns =
2, Nr = 1
Jun 2 09:07:21 vpn xl2tpd[11201]: ourcid = 2360, entropy_buf = 938
Jun 2 09:07:21 vpn xl2tpd[11201]: check_control: control, cid = 0, Ns =
3, Nr = 1
Jun 2 09:07:21 vpn xl2tpd[11201]: check_control: control, cid = 1, Ns =
3, Nr = 2
Jun 2 09:07:21 vpn xl2tpd[11201]: start_pppd: I'm running:
Jun 2 09:07:21 vpn xl2tpd[11201]: "/usr/sbin/pppd"
Jun 2 09:07:21 vpn xl2tpd[11201]: "passive"
Jun 2 09:07:21 vpn xl2tpd[11201]: "-detach"
Jun 2 09:07:21 vpn xl2tpd[11201]: "10.0.1.65:10.0.1.70"
Jun 2 09:07:21 vpn xl2tpd[11201]: "refuse-pap"
Jun 2 09:07:21 vpn xl2tpd[11201]: "auth"
Jun 2 09:07:21 vpn xl2tpd[11201]: "require-chap"
Jun 2 09:07:21 vpn xl2tpd[11201]: "name"
Jun 2 09:07:21 vpn xl2tpd[11201]: "pppuser"
Jun 2 09:07:21 vpn xl2tpd[11201]: "debug"
Jun 2 09:07:21 vpn xl2tpd[11201]: "file"
Jun 2 09:07:21 vpn xl2tpd[11201]: "/etc/ppp/options.xl2tpd"
Jun 2 09:07:21 vpn xl2tpd[11201]: "/dev/pts/1"
Jun 2 09:07:21 vpn xl2tpd[11201]: Call established with 10.0.1.146,
Local: 2360 , Remote: 1, Serial: 0
Jun 2 09:07:21 vpn xl2tpd[11201]: check_control: control, cid = 0, Ns =
4, Nr = 2
Jun 2 09:07:21 vpn pppd[22040]: Plugin radius.so loaded.
Jun 2 09:07:21 vpn pppd[22040]: RADIUS plugin initialized.
Jun 2 09:07:21 vpn pppd[22040]: pppd 2.4.4 started by root, uid 0
Jun 2 09:07:21 vpn pppd[22040]: using channel 107
Jun 2 09:07:21 vpn pppd[22040]: Using interface ppp0
Jun 2 09:07:21 vpn pppd[22040]: Connect: ppp0 <--> /dev/pts/1
Jun 2 09:07:21 vpn pppd[22040]: sent [LCP ConfReq id=0x1 <mru 1410>
<asyncmap 0 x0> <auth chap MD5> <magic
0x3e7be82e> <pcomp> <accomp>]
Jun 2 09:07:21 vpn pppd[22040]: rcvd [LCP ConfReq id=0x0 <mru 1400>
<magic 0x2b 827b2a> <pcomp> <accomp>
<callback CBCP>]
Jun 2 09:07:21 vpn pppd[22040]: sent [LCP ConfRej id=0x0 <callback CBCP>]
Jun 2 09:07:21 vpn pppd[22040]: rcvd [LCP ConfAck id=0x1 <mru 1410>
<asyncmap 0 x0> <auth chap MD5> <magic
0x3e7be82e> <pcomp> <accomp>]
Jun 2 09:07:21 vpn pppd[22040]: rcvd [LCP ConfReq id=0x1 <mru 1400>
<magic 0x2b 827b2a> <pcomp> <accomp>]
Jun 2 09:07:21 vpn pppd[22040]: sent [LCP ConfAck id=0x1 <mru 1400>
<magic 0x2b 827b2a> <pcomp> <accomp>]
Jun 2 09:07:21 vpn pppd[22040]: sent [CHAP Challenge id=0x24
<d6853ec0fdb015738 1bc7bd85af509238b>,
name = "pppuser"]
Jun 2 09:07:21 vpn pppd[22040]: rcvd [LCP Ident id=0x2 magic=0x2b827b2a
"MSRASV 5.10"]
Jun 2 09:07:21 vpn pppd[22040]: rcvd [LCP Ident id=0x3 magic=0x2b827b2a
"MSRAS- 0-ARTS-D610-06"]
Jun 2 09:07:21 vpn pppd[22040]: rcvd [CHAP Response id=0x24
<142753bdd1814d7b94 2514bb7dc79569>,
name = "arnel"]
Jun 2 09:07:21 vpn pppd[22040]: rc_send_server: bind: 10.0.1.101:
Permission de nied
Jun 2 09:07:21 vpn pppd[22040]: Peer arnel failed CHAP authentication
Jun 2 09:07:21 vpn pppd[22040]: sent [CHAP Failure id=0x24 ""]
Jun 2 09:07:21 vpn pppd[22040]: sent [LCP TermReq id=0x2
"Authentication failed "]
Jun 2 09:07:21 vpn xl2tpd[11201]: check_control: control, cid = 1, Ns =
4, Nr = 2
Jun 2 09:07:21 vpn xl2tpd[11201]: control_finish: Connection closed to
10.0.1.1 46, serial 0 ()
Jun 2 09:07:21 vpn xl2tpd[11201]: Untrustingly terminating pppd:
sending KILL s ignal to pid 22040
Jun 2 09:07:21 vpn xl2tpd[11201]: pppd 22040 successfully terminated
Jun 2 09:07:21 vpn xl2tpd[11201]: check_control: control, cid = 0, Ns =
5, Nr = 2
Jun 2 09:07:21 vpn xl2tpd[11201]: control_finish: Connection closed to
10.0.1.1 46, port 1701 (), Local: 4635,
Remote: 1
Giovani Moda wrote:
>> May 30 15:31:34 vpn pppd[11331]: Connect: ppp0 <--> /dev/pts/1 May 30
> 15:31:36 vpn pppd[11331]: rc_send_server: bind: >10.0.1.101: Permission
> denied
>
> "Permission denied" could mean a file permission problem. Is radius.so
> executable? Also check permissions for options.xl2tpd and the files
> under /etc/radiusclient. Make sure the user running pppd has the
> permissions to read the configuration files and execute radius plugin.
>
> Did you debug your radius server to see if your VPN server attempts a
> connection to it? If it doesn't, the problem isn't your radiusclient
> configuration, it's happening before, at pppd.
>
> Also try debugging pppd. Add
>
> debug
>
> To options.xl2tpd and
>
> # The next line writes pppd messages to /var/log/pppd.log
> daemon.*
> /var/log/pppd.log
>
> To your /etc/syslog.conf. Create the log file (touch /var/log/pppd.log)
> and restart syslogd.
>
> It should help you trace down the problem.
>
> Giovani Moda
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list