Page MenuHomeVyOS Platform

Radius
Resolved (N/A)PublicBUG

Description

If set vpn pptp or L2TP to Radius authentication can not commit. Error.
Router send wrong credential
(23) Received Accounting-Request Id 180 from xxx.xxx.xxx.38:41877 to xxx.xxx.xxx.16:1813 length 72
(23) User-Name = "root"
(23) NAS-IP-Address = 127.0.1.1
(23) NAS-Identifier = "sudo"
(23) NAS-Port = 14234
(23) NAS-Port-Type = Virtual
(23) Acct-Status-Type = Start
(23) Acct-Session-Id = "00014234"
(23) Acct-Authentic = RADIUS

+pptp {
+ remote-access {
+ authentication {
+ mode radius
+ radius {
+ nas-identifier vyos_test
+ nas-ip-address xxx.xxx.xxx.38
+ preallocate-vif
+ server xxx.xxx.xxx.16 {
+ acct-port 1813
+ key xxxxxxxx
+ port 1812
+ }
+ source-address xxx.xxx.xxx.38
+ }
+ }
+ client-ip-pool {
+ start 100.64.5.1
+ stop 100.64.5.10
+ }
+ gateway-address 100.64.5.1
+ }
+}

In 1.3 work fine.

Details

Difficulty level
Unknown (require assessment)
Version
1.4 latest
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)

Event Timeline

@BiMW Can you re-check it?

It seems it was fixed:

set vpn pptp remote-access authentication radius nas-identifier 'vyos_test'
set vpn pptp remote-access authentication radius nas-ip-address '192.168.122.11'
set vpn pptp remote-access authentication radius preallocate-vif
set vpn pptp remote-access authentication radius server 192.168.122.11 acct-port '1813'
set vpn pptp remote-access authentication radius server 192.168.122.11 key 'xxxkey'
set vpn pptp remote-access authentication radius server 192.168.122.11 port '1812'
set vpn pptp remote-access client-ip-pool start '192.0.2.10'
set vpn pptp remote-access client-ip-pool stop '192.0.2.20'
set vpn pptp remote-access gateway-address '192.0.2.1'
set vpn pptp remote-access outside-address '192.168.122.11'

radacct:

Tue Oct 12 15:52:59 2021
	User-Name = "cisco"
	NAS-Identifier = "vyos_test"
	NAS-IP-Address = 192.168.122.11
	NAS-Port = 0
	NAS-Port-Id = "pptp0"
	NAS-Port-Type = Virtual
	Service-Type = Framed-User
	Framed-Protocol = PPP
	Calling-Station-Id = "192.168.122.1"
	Called-Station-Id = "192.168.122.11"
	Acct-Status-Type = Start
	Acct-Authentic = RADIUS
	Acct-Session-Id = "3ca88b8a3af67bbc"
	Acct-Session-Time = 0
	Acct-Input-Octets = 0
	Acct-Output-Octets = 0
	Acct-Input-Packets = 0
	Acct-Output-Packets = 0
	Acct-Input-Gigawords = 0
	Acct-Output-Gigawords = 0
	Framed-IP-Address = 192.0.2.13
	Event-Timestamp = "Oct 12 2021 15:52:59 UTC"
	Tmp-String-9 = "ai:"
	Acct-Unique-Session-Id = "420b742bc0f6fe4837f44af564b1fcdf"
	Timestamp = 1634053979
Viacheslav changed the task status from Open to Needs testing.Oct 12 2021, 4:01 PM
Viacheslav changed the task status from Resolved to Resolved N/A.
Viacheslav claimed this task.