Sometimes in freeradius base billing system, user is unable to authenticate with the system. To quickly investigate the issue, its better to enable freeradius authentication logs to see if its the user end id password issue or something else.
To enable Free- Radius LOGS to get additional information on users authentication ,
Edit /usr/local/etc/raddb/radiusd.conf
nano /usr/local/etc/raddb/radiusd.conf
and modify following
auth = no auth_badpass = no auth_goodpass = no
to following
auth = yes auth_badpass = yes auth_goodpass = yes
Save and Exit.
Now restart radius service by
service radiusd restart
Check Logs by
tail -f /usr/local/var/log/radius/radius.log
and you will AUTH logs for Good and Bad Login Attempts, It helps a lot in troubleshooting troubled users.
Thu Aug 6 14:52:06 2015 : Auth: Login OK: [usernameX/username] (from client CCR-GW port 15747979 cli xx:D1:11:64:B8:39) Thu Aug 6 14:52:07 2015 : Auth: Login OK: [usernameX/username] (from client CCR-GW port 15747975 cli xx:44:76:72:A7:9C) Thu Aug 6 14:52:08 2015 : Auth: Login OK: [usernameX/username] (from client CCR-GW port 15747978 cli xx:44:76:72:9E:9C) Thu Aug 6 14:58:48 2015 : Auth: Login incorrect: [usernameY<via Auth-Type = mschap>] (from client pppoe2 port 16056177 cli xx:DE:27:2F:23:95) Thu Aug 6 14:58:49 2015 : Auth: Login incorrect: [usernameZ/<via Auth-Type = mschap>] (from client pppoe1 port 15819569 cli xx:F3:C1:AD:70:17)
Regard’s
Syed Jahanzaib
Filed under: Linux Related, Radius Manager
