PPPoE and Radius on 6.0RC1

Marcin Jessa lists at yazzy.org
Fri Oct 21 05:56:01 PDT 2005


On Fri, 21 Oct 2005 19:45:52 +0800
<fooler at skyinet.net> wrote:

> ----- Original Message ----- 
> From: "Marcin Jessa" <lists at yazzy.org>
> To: <fooler at skyinet.net>
> Cc: <glebius at FreeBSD.org>; <current at FreeBSD.org>; <net at FreeBSD.org>
> Sent: Friday, October 21, 2005 5:29 PM
> Subject: Re: PPPoE and Radius on 6.0RC1
> 
> 
> > The problem seems to be ppp is never started by pppoe.
> 
> here is a sample configuration for your pppoe server.... assuming you
> have two intel nics named fxp0 and fxp1... fxp0 is facing the net and
> fxp1 is facing the pppoe clients... fxp1 is ip less...
> 
> please do the following...
> 
> 1. in your kernel config file, add the following options and compile
> the kernel
> 
> options    NETGRAPH
> options    NETGRAPH_ETHER
> options    NETGRAPH_PPPOE
> options    NETGRAPH_SOCKET
> 
> 2. in your /etc/rc.conf
> 
> gateway_enable="YES"
> ifconfig_fxp0="inet 192.168.2.8 netmask 255.255.255.0"
> ifconfig_fxp1="up"
> pppoed_enable="YES"
> pppoed_flags="-l PPPoE -P /var/run/pppoed.pid"
> pppoed_interface="fxp1"
> 
> 3. in your /etc/ppp/ppp.conf
> 
> default:
>     set log Phase Chat LCP IPCP CCP tun command Debug Radius
>     ident user-ppp VERSION (built COMPILATIONDATE)
> 
> PPPoE:
>     set ifaddr 192.168.2.8 192.168.2.100-192.168.2.120 255.255.255.255
>     set radius /etc/ppp/radius.conf
>     set dns 192.168.2.45
>     deny deflate
>     disable deflate
>     accept dns
>     enable lqr
>     enable echo
>     deny pap
>     deny chap
>     deny LANMan
>     deny MSChap
>     enable MSChapV2
>     disable pred1
>     disable utmp
>     disable ipv6cp
>     set callback
>     set cbcp
>     set cd 5!
>     set nbns
>     set speed sync
>     set timeout 0
> 
> 4. in your /etc/ppp/radius.conf
> 
> auth 127.0.0.1:1812 secret_key 3 3
> acct 127.0.0.1:1813 secret_key 3 3
> 
> try to remark "set radius /etc/ppp/radius.conf" first
> in /etc/ppp/ppp.conf to make sure that your pppoe authentication is
> working without using a radius server... if all went well, then make
> sure your radius server is working properly by binding to ip address
> 127.0.0.1 only for security purposes...
 
Thanks a lot.
I recompiled my kernel with the netgraph options and set up the
server with your configs. Besides from the fact that I only use my fxp0
in the tests.
root      787  0.0  0.1  1256   796  ??  Ss    2:41PM
0:00.02 /usr/libexec/pppoed -l PPPoE -P /var/run/pppoed.pid -p * fxp0

I disabled radius as well adding username and password by
hand. Although the radius itself works fine when I test it with radtest
and user's credits.
Just like before, nothing gets loged in ppp.log and the ppp process
itself never gets started up by the pppoe daemon.

"on receipt of the SUCCESS indication, pppoed
will execute exec /usr/sbin/ppp -direct label"
- This part is not taking place....

Marcin.


More information about the freebsd-net mailing list