[Comm] pptpd+freeraduis+openldap

ALT Linux Community general discussions
 help / color / mirror / Atom feed

From: "Olaf Portvineson" <cyberskunk@gmail.com>
To: "ALT Linux Community" <community@lists.altlinux.org>
Subject: [Comm] pptpd+freeraduis+openldap
Date: Wed, 29 Mar 2006 14:11:47 +0400
Message-ID: <59387b920603290211p6c48de49r299d8942aa6ee7f4@mail.gmail.com> (raw)

Обращался в [Sysadmins], но там что-то безрезультатно.
Ситуёвина такая:
Пытаюсь реализовать сабж. Система на ALM2.4.
Все работает с использованием файла chap-secrets, но никак не могу
прикрутить авторизацию через ЛДАП.
В конфигах следующее:
pptpd.conf (тут вроде все нормально,  ничего не менял относительно
того, что было при использовании chap-secrets)
    speed 115200
    option /etc/ppp/options.pptpd
    localip 192.168.2.1
    remoteip 192.168.2.130-200
соответственно, options.pptpd пополнился строчкой plugin radius.so
    lock
    noipdefault
    nodefaultroute
   logfd 2
   name PPTP
   nobsdcomp
   nodeflate
   refuse-pap
   refuse-chap
   require-mppe
   require-mschap
   require-mschap-v2
   plugin radius.so
в /etc/radiusclient/servers что-то типа
   localhost        12345678
аналогично в /etc/raddb/clients.conf что-то вроде
    client 127.0.0.1{
   secret=12345678
   shortname=localhost
   nastype=other}
в radiusd.conf все по умалчанию, только добавлено:
modules{
ldap{
   identity="cn=vpupkin, dc=setki,dc=net"
   password= zloj_parol
   basedn="ou=Users,dc=setki,dc=net"
   filter="(uid=%{Stripped-User-Name:-%{User-Name}})"
   start_tls=no
   tls_mode=no
  accessAttr="dialupAccess"
  dictionary_mapping=${raddbdir}/ldap.attrmap
}}

При этом коннект с виндовой машины не проходит, зависание происходит
на "Opening port...", в логи валится следующее:
Mar 23 15:01:52 skunk pptpd[20663]: MGR: Launching /usr/sbin/pptpctrl
to handle client
Mar 23 15:01:52 skunk pptpd[20663]: CTRL: local address = 192.168.2.1
Mar 23 15:01:52 skunk pptpd[20663]: CTRL: remote address = 192.168.2.131
Mar 23 15:01:52 skunk pptpd[20663]: CTRL: pppd options file =
/etc/ppp/options.pptpd
Mar 23 15:01:52 skunk pptpd[20663]: CTRL: Client 192.168.2.17 control
connection started
Mar 23 15:01:52 skunk pptpd[20663]: CTRL: Received PPTP Control
Message (type: 1)
Mar 23 15:01:52 skunk pptpd[20663]: CTRL: Made a START CTRL CONN RPLY packet
Mar 23 15:01:52 skunk pptpd[20663]: CTRL: I wrote 156 bytes to the client.
Mar 23 15:01:52 skunk pptpd[20663]: CTRL: Sent packet to client
Mar 23 15:01:52 skunk pptpd[20663]: CTRL: Received PPTP Control
Message (type: 7)
Mar 23 15:01:52 skunk pptpd[20663]: CTRL: Set parameters to 1525
maxbps, 64 window size
Mar 23 15:01:52 skunk pptpd[20663]: CTRL: Made a OUT CALL RPLY packet
Mar 23 15:01:52 skunk pptpd[20663]: CTRL: Starting call (launching
pppd, opening GRE)
Mar 23 15:01:52 skunk pptpd[20663]: CTRL: pty_fd = 5
Mar 23 15:01:52 skunk pptpd[20663]: CTRL: tty_fd = 6
Mar 23 15:01:52 skunk pptpd[20663]: CTRL: I wrote 32 bytes to the client.
Mar 23 15:01:52 skunk pptpd[20664]: CTRL (PPPD Launcher): Connection
speed = 115200
Mar 23 15:01:52 skunk pptpd[20664]: CTRL (PPPD Launcher): local
address = 192.168.2.1
Mar 23 15:01:52 skunk pptpd[20664]: CTRL (PPPD Launcher): remote
address = 192.168.2.131
Mar 23 15:01:52 skunk pptpd[20663]: CTRL: Sent packet to client
Mar 23 15:01:52 skunk pptpd[20663]: CTRL: Received PPTP Control
Message (type: 15)
Mar 23 15:01:52 skunk pptpd[20663]: CTRL: Got a SET LINK INFO packet
with standard ACCMs
Mar 23 15:01:53 skunk pppd[20664]: Plugin radius.so loaded.
Mar 23 15:01:53 skunk pptpd[20663]: CTRL: Closing child BCrelay with pid 0
Mar 23 15:01:53 skunk pptpd[20663]: CTRL: Closing child ppp with pid 20664
Mar 23 15:01:53 skunk pptpd[20663]: CTRL: Client 192.168.2.17 control
connection finished
Mar 23 15:01:53 skunk pptpd[20663]: CTRL: Exiting now
Mar 23 15:01:53 skunk pptpd[1486]: MGR: Reaped child 20663

Куда копать? Почему от pppd вообще ничего нет, кроме того, что
загружен плагин? За что его, беднягу, репают?
--
WBR,
   CyberSkunk aka dRuNk Ph!ZiK

next             reply	other threads:[~2006-03-29 10:11 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2006-03-29 10:11 Olaf Portvineson [this message]
2006-04-02 18:28 ` Michael Shigorin

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=59387b920603290211p6c48de49r299d8942aa6ee7f4@mail.gmail.com \
    --to=cyberskunk@gmail.com \
    --cc=community@lists.altlinux.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

ALT Linux Community general discussions

This inbox may be cloned and mirrored by anyone:

	git clone --mirror http://lore.altlinux.org/community/0 community/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 community community/ http://lore.altlinux.org/community \
		mandrake-russian@linuxteam.iplabs.ru community@lists.altlinux.org community@lists.altlinux.ru community@lists.altlinux.com
	public-inbox-index community

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://lore.altlinux.org/org.altlinux.lists.community


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git