radiusplugin-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Radiusplugin-users] openvpn 2.1 + ACCOUNTING

From: Ralf Lübben
Subject: Re: [Radiusplugin-users] openvpn 2.1 + ACCOUNTING
Date: Sat, 12 Dec 2009 11:52:04 +0100
User-agent: KMail/1.12.2 (Linux/2.6.31-16-generic; KDE/4.3.2; i686; ; ) 
Hi,

did you adapted your plugin config for the plugin version? 

Important options are, e.g.

OpenVPNConfig=/etc/openvpn/server.conf
overwriteccfiles=true

You can find more information in the example file radiusplugin.cnf. 

Please also increase the verbose level >=5.

You should see the line

"RADIUS-PLUGIN: FOREGROUND: Commonname set to Username";

somewhere in your log files, if the username-as-common-name option is used.

Please check this first, if it doesn't work I will check the source code.

Regards,
Ralf



Am Freitag, 11. Dezember 2009 22:27:48 schrieb Sukhneer Singh:
> hi i have been using this plugin for a while and it was working
> perfectly with openvpn 2.0
> but recently i shifted to openvpn 2.1 and radiusplugin 2.1 and now i
> am having a RADIUS ACCT problem
> 
> first a little info of my setup:
> -user-certificate common-name is "vpnuser"
> -radius is perfectly working and there are no issues in AUTH
> -the username i am testing with is "test"
> -username-as-common-name    IS SET in the erver.conf file (pasted at end)
> 
> The problem which i have understood uptill now is that radiusplugin is
> NOT USING the username (ie test) as the common-name and still looks
> for the certificate-common-name when dealing with accounts packets
> 
> here are the last few logs from my openvpn logfile
> 
> Fri Dec 11 20:49:24 2009 test/59.94.240.30:3991 Connection reset,
> restarting [-1]
> Fri Dec 11 20:49:24 2009 test/59.94.240.30:3991
> SIGUSR1[soft,connection-reset] received, client-instance restarting
> Fri Dec 11 20:49:24 2009 RADIUS-PLUGIN: BACKGROUND ACCT: No accounting
> data was found for vpnuser,59.94.240.30:3991.
> Fri Dec 11 20:49:24 2009 PLUGIN_CALL: POST
> /etc/openvpn/radiusplugin.so/PLUGIN_CLIENT_DISCONNECT status=0
> Fri Dec 11 20:49:24 2009 TCP/UDP: Closing socket
> ===========================================================================
> ====
> 
> as you can see here in line 1 the username is -"test" and has just
> disconnected from the vpn server but on line 3 the radius-plugin is
> looking for accounting data with the username- "vpnuser" !!!!
> 
> here is my status file --
> 
> OpenVPN CLIENT LIST
> Updated,Fri Dec 11 21:16:15 2009
> Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since
> test,59.94.240.30:4233,3920,4652,Fri Dec 11 21:15:45 2009
> ROUTING TABLE
> Virtual Address,Common Name,Real Address,Last Ref
> 10.10.0.6,test,59.94.240.30:4233,Fri Dec 11 21:16:13 2009
> GLOBAL STATS
> Max bcast/mcast queue length,0
> END
> ===========================================================
> 
> another thing that i would like to add here is that no matter which
> username i use, to login with, no file with that username is being
> created in the client-config-directory.
> There is just one file in the CCD with the name "vpnuser" which my
> certificates common name.
> 
> server.conf--
> ==========
> dev tun
> fast-io
> port 443
> proto tcp
> persist-tun
> persist-key
> 
> server 10.10.0.0 255.255.255.0
> management 127.0.0.1 7505
> 
> client-config-dir /etc/openvpn/ccd/
> client-to-client
> 
> push "redirect-gateway def1"
> #push "dhcp-option NTP 10.10.0.1"
> push "dhcp-option DNS 208.67.222.222"
> 
> ping-timer-rem
> keepalive 10 60
> 
> # Use compression
> comp-lzo
> 
> ca keys/ca.crt
> cert keys/server.crt
> key keys/server.key
> dh keys/dh1024.pem
> 
> plugin /etc/openvpn/radiusplugin.so /etc/openvpn/radiusplugin.cnf
> username-as-common-name
> verb 3
> mute 10
> 
> status /var/log/openvpn/status.log 1
> log /var/log/openvpn/radiusvpn.log
> 
> =============================================================
> 
> 
> i had been trying day and night to solve this problem but uptill now i
> have not been able to find a solution !
> 
> has anybody encountered this problem with the 2.1beta5 + openvpn2.1 ?
> could this be a problem with the source-code ?
> 
> i would appreciate any help .
> 
> Regards
> Marshal
> 
> 
> _______________________________________________
> Radiusplugin-users mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/radiusplugin-users
>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]