Re: [Radiusplugin-users] openvpn 2.1 + ACCOUNTING

radiusplugin-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Radiusplugin-users] openvpn 2.1 + ACCOUNTING

From:	Ralf Lübben
Subject:	Re: [Radiusplugin-users] openvpn 2.1 + ACCOUNTING
Date:	Sat, 2 Jan 2010 14:59:59 +0100
User-agent:	KMail/1.12.2 (Linux/2.6.31-16-generic; KDE/4.3.2; i686; ; )

The problem was related to a bug in the config parser, when non unix line 
breaks were ignored.

Plugin versions >2.1beta5 will fix the bug. A new version will be available 
soon.

Ralf
  


Am Samstag, 12. Dezember 2009 11:52:04 schrieb Ralf Lübben:
> Hi,
> 
> did you adapted your plugin config for the plugin version?
> 
> Important options are, e.g.
> 
> OpenVPNConfig=/etc/openvpn/server.conf
> overwriteccfiles=true
> 
> You can find more information in the example file radiusplugin.cnf.
> 
> Please also increase the verbose level >=5.
> 
> You should see the line
> 
> "RADIUS-PLUGIN: FOREGROUND: Commonname set to Username";
> 
> somewhere in your log files, if the username-as-common-name option is used.
> 
> Please check this first, if it doesn't work I will check the source code.
> 
> Regards,
> Ralf
> 
> Am Freitag, 11. Dezember 2009 22:27:48 schrieb Sukhneer Singh:
> > hi i have been using this plugin for a while and it was working
> > perfectly with openvpn 2.0
> > but recently i shifted to openvpn 2.1 and radiusplugin 2.1 and now i
> > am having a RADIUS ACCT problem
> >
> > first a little info of my setup:
> > -user-certificate common-name is "vpnuser"
> > -radius is perfectly working and there are no issues in AUTH
> > -the username i am testing with is "test"
> > -username-as-common-name    IS SET in the erver.conf file (pasted at end)
> >
> > The problem which i have understood uptill now is that radiusplugin is
> > NOT USING the username (ie test) as the common-name and still looks
> > for the certificate-common-name when dealing with accounts packets
> >
> > here are the last few logs from my openvpn logfile
> >
> > Fri Dec 11 20:49:24 2009 test/59.94.240.30:3991 Connection reset,
> > restarting [-1]
> > Fri Dec 11 20:49:24 2009 test/59.94.240.30:3991
> > SIGUSR1[soft,connection-reset] received, client-instance restarting
> > Fri Dec 11 20:49:24 2009 RADIUS-PLUGIN: BACKGROUND ACCT: No accounting
> > data was found for vpnuser,59.94.240.30:3991.
> > Fri Dec 11 20:49:24 2009 PLUGIN_CALL: POST
> > /etc/openvpn/radiusplugin.so/PLUGIN_CLIENT_DISCONNECT status=0
> > Fri Dec 11 20:49:24 2009 TCP/UDP: Closing socket
> > =========================================================================
> >== ====
> >
> > as you can see here in line 1 the username is -"test" and has just
> > disconnected from the vpn server but on line 3 the radius-plugin is
> > looking for accounting data with the username- "vpnuser" !!!!
> >
> > here is my status file --
> >
> > OpenVPN CLIENT LIST
> > Updated,Fri Dec 11 21:16:15 2009
> > Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since
> > test,59.94.240.30:4233,3920,4652,Fri Dec 11 21:15:45 2009
> > ROUTING TABLE
> > Virtual Address,Common Name,Real Address,Last Ref
> > 10.10.0.6,test,59.94.240.30:4233,Fri Dec 11 21:16:13 2009
> > GLOBAL STATS
> > Max bcast/mcast queue length,0
> > END
> > ===========================================================
> >
> > another thing that i would like to add here is that no matter which
> > username i use, to login with, no file with that username is being
> > created in the client-config-directory.
> > There is just one file in the CCD with the name "vpnuser" which my
> > certificates common name.
> >
> > server.conf--
> > ==========
> > dev tun
> > fast-io
> > port 443
> > proto tcp
> > persist-tun
> > persist-key
> >
> > server 10.10.0.0 255.255.255.0
> > management 127.0.0.1 7505
> >
> > client-config-dir /etc/openvpn/ccd/
> > client-to-client
> >
> > push "redirect-gateway def1"
> > #push "dhcp-option NTP 10.10.0.1"
> > push "dhcp-option DNS 208.67.222.222"
> >
> > ping-timer-rem
> > keepalive 10 60
> >
> > # Use compression
> > comp-lzo
> >
> > ca keys/ca.crt
> > cert keys/server.crt
> > key keys/server.key
> > dh keys/dh1024.pem
> >
> > plugin /etc/openvpn/radiusplugin.so /etc/openvpn/radiusplugin.cnf
> > username-as-common-name
> > verb 3
> > mute 10
> >
> > status /var/log/openvpn/status.log 1
> > log /var/log/openvpn/radiusvpn.log
> >
> > =============================================================
> >
> >
> > i had been trying day and night to solve this problem but uptill now i
> > have not been able to find a solution !
> >
> > has anybody encountered this problem with the 2.1beta5 + openvpn2.1 ?
> > could this be a problem with the source-code ?
> >
> > i would appreciate any help .
> >
> > Regards
> > Marshal
> >
> >
> > _______________________________________________
> > Radiusplugin-users mailing list
> > address@hidden
> > http://lists.nongnu.org/mailman/listinfo/radiusplugin-users
> 
> _______________________________________________
> Radiusplugin-users mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/radiusplugin-users
>

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Radiusplugin-users] openvpn 2.1 + ACCOUNTING, Ralf Lübben <=

Next by Date: Re: [Radiusplugin-users] Re: FreeBSD and openvpn
Next by thread: Re: [Radiusplugin-users] Re: FreeBSD and openvpn
Index(es):
- Date
- Thread