From owner-freebsd-net@FreeBSD.ORG Mon Oct 24 13:23:33 2005 Return-Path: <owner-freebsd-net@FreeBSD.ORG> X-Original-To: net@FreeBSD.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EE1DB16A41F; Mon, 24 Oct 2005 13:23:33 +0000 (GMT) (envelope-from lists@yazzy.org) Received: from mail.yazzy.org (mail.yazzy.org [217.8.140.16]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7EE8E43D72; Mon, 24 Oct 2005 13:23:23 +0000 (GMT) (envelope-from lists@yazzy.org) Received: from lapdance.yazzy.net (unknown [192.168.99.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.yazzy.org (Postfix) with ESMTP id 002ED3983D; Mon, 24 Oct 2005 15:23:19 +0200 (CEST) Date: Mon, 24 Oct 2005 13:22:36 +0000 From: Marcin Jessa <lists@yazzy.org> To: <fooler@skyinet.net> Message-Id: <20051024132236.01e59929.lists@yazzy.org> In-Reply-To: <016201c5d845$84992820$42764eca@ilo.skyinet.net> References: <20051019235111.2225345e.lists@yazzy.org> <20051020070145.GA59364@cell.sick.ru> <20051020131549.5e432073.lists@yazzy.org> <20051020123159.33f6fa33.lists@yazzy.org> <07c501c5d5e1$0ddf67f0$42764eca@ilo.skyinet.net> <20051021112934.7c857fcc.lists@yazzy.org> <002801c5d634$fdc66bd0$42764eca@ilo.skyinet.net> <20051021145523.097758f5.lists@yazzy.org> <016201c5d845$84992820$42764eca@ilo.skyinet.net> Organization: YazzY.org X-Mailer: Sylpheed version 2.0.2 (GTK+ 2.6.10; i386-portbld-freebsd6.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: glebius@FreeBSD.org, net@FreeBSD.org Subject: Re: PPPoE and Radius on 6.0RC1 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>, <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net> List-Post: <mailto:freebsd-net@freebsd.org> List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>, <mailto:freebsd-net-request@freebsd.org?subject=subscribe> X-List-Received-Date: Mon, 24 Oct 2005 13:23:34 -0000 On Mon, 24 Oct 2005 10:49:13 +0800 <fooler@skyinet.net> wrote: > ----- Original Message ----- > From: "Marcin Jessa" <lists@yazzy.org> > To: <fooler@skyinet.net> > Cc: <glebius@FreeBSD.org>; <current@FreeBSD.org>; <net@FreeBSD.org> > Sent: Friday, October 21, 2005 8:55 PM > Subject: Re: PPPoE and Radius on 6.0RC1 > > > > Thanks a lot. > > I recompiled my kernel with the netgraph options and set up the > > server with your configs. Besides from the fact that I only use my > > fxp0 in the tests. > > root 787 0.0 0.1 1256 796 ?? Ss 2:41PM > > 0:00.02 /usr/libexec/pppoed -l PPPoE -P /var/run/pppoed.pid -p * > > fxp0 > > ok... but i would like to suggest your pppoe clients must be facing > the ip less interface nic so that clients would not put static > configuration on their side to defeat your pppoe configuration :-> Yeah I know. This is just a test setup so it's ok with only one iface. > > I disabled radius as well adding username and password by > > hand. > > without radius does it worked? > > > Although the radius itself works fine when I test it with radtest > > and user's credits. > > Just like before, nothing gets loged in ppp.log and the ppp process > > itself never gets started up by the pppoe daemon. > > does your radius server supports microsoft chap version 2? my config > given to you only authenticates mschapv2... It does. Everything is working now. I have recompiled my kernel to match exactly the one I had with working PPPoE and I am set. Although I have seen a strange thing. Enabling support for chap, mschap and mschapv2 does not work at the same time. A client can connect only with chap when all the others are enabled. When I enable e.g. mschapv2 only I can login using mschapv2 just fine then. Any idea how to make ppp support all the methods at the same time so the client can chose what to use? I remember this worked fine before last I tried it on 5.x. > > "on receipt of the SUCCESS indication, pppoed > > will execute exec /usr/sbin/ppp -direct label" > > - This part is not taking place.... > > actually pppoed did executed ppp.... ppp will exit immediately if it > sees something wrong with its configuration, authentication and > others... It's working now after lots of tweaking with ppp config and kernel options. Thanks a lot.