Не выходит вынести на отдельную машину PPPoE сервер

[veca16]

Не выходит вынести на отдельную машину PPPoE сервер.
До этого все стояло на одном компьютере и работало прекрасно, появилась надобность вынести PPPoE сервер отдельно. Установил на второй

[stix]

а в чем проблема?

[veca16]

о этого все стояло на одном компьютере и работало прекрасно, появилась надобность вынести PPPoE сервер отдельно. Установил на второй компьютер Freebsd 9 установил mpd5, задал айпишки сетевым но не хочет работать при подключении к PPPoE  серверу выдает 691 ошибку что такого пользователя не существует.
Думаю что то не так с радиусом, но пока не могу понять что!
Конфиг clients.conf

client 192.168.5.2 {
        secret          = hadrpass5
        shortname       = NoDenyDB
        nastype         = cisco
}
 
Конфиг  mpd5

startup:
        set user admin hardpass6
        set console self 127.0.0.1 5005
        set console open
        set web self 0.0.0.0 5006
        set web open

default:
        load pppoe_server

pppoe_server:

        create bundle template B
        set ipcp ranges 127.0.0.1/32 127.0.0.2/32
   set ipcp dns 10.1.1.1
   set ccp yes mppc
   set mppc yes e40
   set mppc yes e56
   set mppc yes e128
   set mppc yes stateless
   set ecp disable dese-bis dese-old

        create link template common pppoe
        set link enable multilink
        set link action bundle B
        set link disable chap pap eap
        set link enable pap
        load radius
        set pppoe service "*"

        create link template vlan1 common
        set link max-children 1000
        set pppoe iface vlan1
        set link enable incoming
radius:
        set radius server 192.168.5.1 hardpass5 1812 1813
        set radius retries 3
        set radius timeout 3
        set radius me 127.0.0.1
        set auth acct-update 45
        set auth enable radius-auth
        set auth enable radius-acct
        set radius enable message-authentic

192.168.5.1 айпи сетевой на основной машине, 192.168.5.2 внешний айпи 2 машины.
Подскажите где я делаю ошибку!

[stix]

радиус в режиме radiusd -X запусти
посмотри что в логах напишет

проверь процедуры, простым запуском call

[veca16]

nodeny# /usr/local/sbin/radiusd -X
Starting - reading configuration files ...
reread_config:  reading radiusd.conf
Config:   including file: /usr/local/etc/raddb/proxy.conf
Config:   including file: /usr/local/etc/raddb/clients.conf
Config:   including file: /usr/local/etc/raddb/snmp.conf
Config:   including file: /usr/local/etc/raddb/eap.conf
Config:   including file: /usr/local/etc/raddb/sql.conf
 main: prefix = "/usr/local"
 main: localstatedir = "/var"
 main: logdir = "/var/log"
 main: libdir = "/usr/local/lib"
 main: radacctdir = "/var/log/radacct"
 main: hostname_lookups = no
 main: max_request_time = 30
 main: cleanup_delay = 5
 main: max_requests = 1024
 main: delete_blocked_requests = 0
 main: port = 0
 main: allow_core_dumps = no
 main: log_stripped_names = no
 main: log_file = "/var/log/radius.log"
 main: log_auth = no
 main: log_auth_badpass = no
 main: log_auth_goodpass = no
 main: pidfile = "/var/run/radiusd/radiusd.pid"
 main: user = "freeradius"
 main: group = "freeradius"
 main: usercollide = no
 main: lower_user = "no"
 main: lower_pass = "no"
 main: nospace_user = "no"
 main: nospace_pass = "no"
 main: checkrad = "/usr/local/sbin/checkrad"
 main: proxy_requests = yes
 proxy: retry_delay = 5
 proxy: retry_count = 3
 proxy: synchronous = no
 proxy: default_fallback = yes
 proxy: dead_time = 120
 proxy: post_proxy_authorize = no
 proxy: wake_all_if_all_dead = no
 security: max_attributes = 200
 security: reject_delay = 1
 security: status_server = no
 main: debug_level = 0
read_config_files:  reading dictionary
read_config_files:  reading naslist
Using deprecated naslist file.  Support for this will go away soon.
read_config_files:  reading clients
read_config_files:  reading realms
radiusd:  entering modules setup
Module: Library search path is /usr/local/lib
Module: Loaded exec
 exec: wait = yes
 exec: program = "(null)"
 exec: input_pairs = "request"
 exec: output_pairs = "(null)"
 exec: packet_type = "(null)"
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
 pap: encryption_scheme = "crypt"
 pap: auto_header = yes
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
 mschap: use_mppe = yes
 mschap: require_encryption = no
 mschap: require_strong = no
 mschap: with_ntdomain_hack = no
 mschap: passwd = "(null)"
 mschap: ntlm_auth = "(null)"
Module: Instantiated mschap (mschap)
Module: Loaded System
 unix: cache = no
 unix: passwd = "(null)"
 unix: shadow = "(null)"
 unix: group = "(null)"
 unix: radwtmp = "/var/log/radwtmp"
 unix: usegroup = no
 unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded eap
 eap: default_eap_type = "md5"
 eap: timer_expire = 60
 eap: ignore_unknown_eap_types = no
 eap: cisco_accounting_username_bug = no
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
 gtc: challenge = "Password: "
 gtc: auth_type = "PAP"
rlm_eap: Loaded and initialized type gtc
 mschapv2: with_ntdomain_hack = no
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded preprocess
 preprocess: huntgroups = "/usr/local/etc/raddb/huntgroups"
 preprocess: hints = "/usr/local/etc/raddb/hints"
 preprocess: with_ascend_hack = no
 preprocess: ascend_channels_per_line = 23
 preprocess: with_ntdomain_hack = no
 preprocess: with_specialix_jetstream_hack = no
 preprocess: with_cisco_vsa_hack = no
 preprocess: with_alvarion_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
 realm: format = "suffix"
 realm: delimiter = "@"
 realm: ignore_default = no
 realm: ignore_null = no
Module: Instantiated realm (suffix)
Module: Loaded files
 files: usersfile = "/usr/local/etc/raddb/users"
 files: acctusersfile = "/usr/local/etc/raddb/acct_users"
 files: preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users"
 files: compat = "no"
Module: Instantiated files (files)
Module: Loaded SQL
 sql: driver = "rlm_sql_mysql"
 sql: server = "localhost"
 sql: port = ""
 sql: login = "bill_kernel"
 sql: password = "hardpass4"
 sql: radius_db = "bill"
 sql: nas_table = "nas"
 sql: sqltrace = no
 sql: sqltracefile = "/var/log/sqltrace.sql"
 sql: readclients = no
 sql: deletestalesessions = yes
 sql: num_sql_socks = 5
 sql: sql_user_name = "%{User-Name}"
 sql: default_user_profile = ""
 sql: query_on_not_found = no
 sql: authorize_check_query = "call radcheck('%{SQL-User-Name}')"
 sql: authorize_reply_query = "call radreply('%{SQL-User-Name}')"
 sql: authorize_group_check_query = ""
 sql: authorize_group_reply_query = ""
 sql: accounting_onoff_query = ""
 sql: accounting_update_query = "call radupdate('%{SQL-User-Name}')"
 sql: accounting_update_query_alt = ""
 sql: accounting_start_query = ""
 sql: accounting_start_query_alt = ""
 sql: accounting_stop_query = "call radstop('%{SQL-User-Name}')"
 sql: accounting_stop_query_alt = ""
 sql: group_membership_query = ""
 sql: connect_failure_retry_delay = 60
 sql: simul_count_query = ""
 sql: simul_verify_query = ""
 sql: postauth_query = ""
 sql: safe-characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
rlm_sql (sql): Attempting to connect to bill_kernel@localhost:/bill
rlm_sql (sql): starting 0
rlm_sql (sql): Attempting to connect rlm_sql_mysql #0
rlm_sql_mysql: Starting connect to MySQL server for #0
rlm_sql (sql): Connected new DB handle, #0
rlm_sql (sql): starting 1
rlm_sql (sql): Attempting to connect rlm_sql_mysql #1
rlm_sql_mysql: Starting connect to MySQL server for #1
rlm_sql (sql): Connected new DB handle, #1
rlm_sql (sql): starting 2
rlm_sql (sql): Attempting to connect rlm_sql_mysql #2
rlm_sql_mysql: Starting connect to MySQL server for #2
rlm_sql (sql): Connected new DB handle, #2
rlm_sql (sql): starting 3
rlm_sql (sql): Attempting to connect rlm_sql_mysql #3
rlm_sql_mysql: Starting connect to MySQL server for #3
rlm_sql (sql): Connected new DB handle, #3
rlm_sql (sql): starting 4
rlm_sql (sql): Attempting to connect rlm_sql_mysql #4
rlm_sql_mysql: Starting connect to MySQL server for #4
rlm_sql (sql): Connected new DB handle, #4
Module: Instantiated sql (sql)
Module: Loaded Acct-Unique-Session-Id
 acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
Module: Instantiated acct_unique (acct_unique)
Module: Loaded radutmp
 radutmp: filename = "/var/log/radutmp"
 radutmp: username = "%{User-Name}"
 radutmp: case_sensitive = yes
 radutmp: check_with_nas = yes
 radutmp: perm = 384
 radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Listening on authentication *:1812
Listening on accounting *:1813
Ready to process requests.
Это запустил в -Х

[veca16]

Когда возвращаю айпи адрес в clients.conf на 127.0.0.1 и запускаю mpd5 на той же машине что и биллинг все работает.

[0xbad0c0d3]

Код:

set radius me IP|ifname|hostname
Посылает полученный IP в RAD_NAS_IP_ADDRESS параметр на сервер.

может стоит туда написать локальный IP из сети 192.168.5.0/24 или какая там маска - ХЗ
думаю, что там должно быть написано: 192.168.5.2

[stix]

 set radius me 127.0.0.1
че стоит?

UPD: опередили )

[0xbad0c0d3]

:PP Теперь я тебя опередил ))) 1:1

[veca16]

поменял, ничего не изменилось!

[stix]

:PP Теперь я тебя опередил ))) 1:1

ыы

если после Ready to process requests.
у тебя ничего в логах нет, то на радиус сервер не поступают запросы с твоего роутера.
отключи на радиус сервере файрвол и на nas роутере

[0xbad0c0d3]

radtest на удаленной тачке

[veca16]

radtest vitaliy njivfe 192.168.5.2 0 hardpass5
Sending Access-Request of id 184 to 192.168.5.2 port 1812
        User-Name = "vitaliy"
        User-Password = "njivfe"
        NAS-IP-Address = 255.255.255.255radtest vitaliy njivfe 192.168.5.2 0 hardpass5
        NAS-Port = 0
Re-sending Access-Request of id 184 to 192.168.5.2 port 1812
        User-Name = "vitaliy"
        User-Password = "njivfe"
        NAS-IP-Address = 255.255.255.255
        NAS-Port = 0
Re-sending Access-Request of id 184 to 192.168.5.2 port 1812
        User-Name = "vitaliy"
        User-Password = "njivfe"
        NAS-IP-Address = 255.255.255.255
        NAS-Port = 0
Re-sending Access-Request of id 184 to 192.168.5.2 port 1812
        User-Name = "vitaliy"
        User-Password = "njivfe"
        NAS-IP-Address = 255.255.255.255
        NAS-Port = 0

фаерволы на обоих выключил бесполезно, по портах там все нормально я проверял!

[veca16]

Появилось в логе радиуса но это судя по всему после перезапуска.

Fri Oct 12 10:39:27 2012 : Info: Using deprecated naslist file.  Support for this will go away soo
Fri Oct 12 10:39:27 2012 : Info: rlm_exec: Wait=yes but no output defined. Did you mean output=non
Fri Oct 12 10:39:27 2012 : Info: rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded
Fri Oct 12 10:39:27 2012 : Info: rlm_sql (sql): Attempting to connect to bill_kernel@localhost:/bi
Fri Oct 12 10:39:27 2012 : Info: rlm_sql_mysql: Starting connect to MySQL server for #0
Fri Oct 12 10:39:27 2012 : Info: rlm_sql_mysql: Starting connect to MySQL server for #1
Fri Oct 12 10:39:27 2012 : Info: rlm_sql_mysql: Starting connect to MySQL server for #2
Fri Oct 12 10:39:27 2012 : Info: rlm_sql_mysql: Starting connect to MySQL server for #3
Fri Oct 12 10:39:27 2012 : Info: rlm_sql_mysql: Starting connect to MySQL server for #4
Fri Oct 12 10:39:27 2012 : Info: Ready to process requests.
Fri Oct 12 16:16:20 2012 : Info: Using deprecated naslist file.  Support for this will go away soo
Fri Oct 12 16:16:20 2012 : Info: rlm_exec: Wait=yes but no output defined. Did you mean output=non
Fri Oct 12 16:16:20 2012 : Info: rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded
Fri Oct 12 16:16:20 2012 : Info: rlm_sql (sql): Attempting to connect to bill_kernel@localhost:/bi
Fri Oct 12 16:16:20 2012 : Info: rlm_sql_mysql: Starting connect to MySQL server for #0
Fri Oct 12 16:16:21 2012 : Info: rlm_sql_mysql: Starting connect to MySQL server for #1
Fri Oct 12 16:16:21 2012 : Info: rlm_sql_mysql: Starting connect to MySQL server for #2
Fri Oct 12 16:16:21 2012 : Info: rlm_sql_mysql: Starting connect to MySQL server for #3
Fri Oct 12 16:16:21 2012 : Info: rlm_sql_mysql: Starting connect to MySQL server for #4
Fri Oct 12 16:16:21 2012 : Info: Ready to process requests.
Fri Oct 12 16:24:26 2012 : Info: Using deprecated naslist file.  Support for this will go away soo
Fri Oct 12 16:24:26 2012 : Info: rlm_exec: Wait=yes but no output defined. Did you mean output=non
Fri Oct 12 16:24:26 2012 : Info: rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded
Fri Oct 12 16:24:26 2012 : Info: rlm_sql (sql): Attempting to connect to bill_kernel@localhost:/bi
Fri Oct 12 16:24:26 2012 : Info: rlm_sql_mysql: Starting connect to MySQL server for #0
Fri Oct 12 16:24:26 2012 : Info: rlm_sql_mysql: Starting connect to MySQL server for #1
Fri Oct 12 16:24:26 2012 : Info: rlm_sql_mysql: Starting connect to MySQL server for #2
Fri Oct 12 16:24:26 2012 : Info: rlm_sql_mysql: Starting connect to MySQL server for #3
Fri Oct 12 16:24:26 2012 : Info: rlm_sql_mysql: Starting connect to MySQL server for #4
Fri Oct 12 16:24:26 2012 : Info: Ready to process requests.
Fri Oct 12 16:31:39 2012 : Info: Using deprecated naslist file.  Support for this will go away soo
Fri Oct 12 16:31:39 2012 : Info: rlm_exec: Wait=yes but no output defined. Did you mean output=non
Fri Oct 12 16:31:39 2012 : Info: rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded
Fri Oct 12 16:31:39 2012 : Info: rlm_sql (sql): Attempting to connect to bill_kernel@localhost:/bi
Fri Oct 12 16:31:39 2012 : Info: rlm_sql_mysql: Starting connect to MySQL server for #0
Fri Oct 12 16:31:39 2012 : Info: rlm_sql_mysql: Starting connect to MySQL server for #1
Fri Oct 12 16:31:39 2012 : Info: rlm_sql_mysql: Starting connect to MySQL server for #2
Fri Oct 12 16:31:39 2012 : Info: rlm_sql_mysql: Starting connect to MySQL server for #3
Fri Oct 12 16:31:39 2012 : Info: rlm_sql_mysql: Starting connect to MySQL server for #4
Fri Oct 12 16:31:39 2012 : Info: Ready to process requests.

[stix]

запусти tcpdump на radius сервере и слушай udp пакеты радиуса