Indice del forum www.zeroshell.net
Distribuzione Linux ZeroShell
 
 FAQFAQ   CercaCerca  GruppiGruppi   RegistratiRegistrati 
 ProfiloProfilo  Log inLog in   Messaggi privatiMessaggi privati 

Errore autenticazione captive portal radius v. 2.0 RC1

 
Nuovo argomento   Rispondi    Indice del forum -> Segnalazione BUG
Precedente :: Successivo  
Autore Messaggio
riccato



Registrato: 21/10/12 16:15
Messaggi: 4

MessaggioInviato: Lun Ott 22, 2012 7:57 am    Oggetto: Errore autenticazione captive portal radius v. 2.0 RC1 Rispondi citando

Salve a tutti. Vi segnalo un problema che sto incontrando da un po' di tempo.

Il sistema zeroshell 2.0RC1 serve per gestire gli accessi di circa 200 utenti ad una lan wifi del dopolavoro ed è costituito da un PC Atom con due schede di rete in bridge e una chiavetta USB, su cui stanno sia il sistema che i dati.

Al momento dell'accesso, il popup di login mostra ERROR nel tempo di connessione e undefined nelle altre caselle. Inoltre l'utente risulta non connesso.



Se vado a vedere nella configurazione del captive portal trovo delle entry senza username né mac address, solo con l'IP del PC, che poi rimane connesso indefinitamente.



Qualcuno ha qualche consiglio su come recuperare la situazione? Ho provato disabilitando l'accounting ma senza risultati.

M.
Top
Profilo Invia messaggio privato
riccato



Registrato: 21/10/12 16:15
Messaggi: 4

MessaggioInviato: Gio Ott 25, 2012 12:33 pm    Oggetto: Rispondi citando

Vi posto anche i logs, sperando di capire che sta succedendo. C'è qualche fondata possibilità che ci sia un componente della rete (un AP?) che non fa registrare il mac address. Da un paio di AP funziona regolarmente, da un altro, ma soprattutto tramite i PC direttamente connessi all'ETH0 tramite uno switch, si crea una situazione per cui navigano senza venir beccati dal CP.

AIUTO!!!

Codice:
12:53:17    AS: Radius authentication (PAP) failed for Pdallago@prc.lan (Client: 192.168.0.70)
12:53:17    AS: warning: authentication failed for the user Pdallago@prc.lan (Client: 192.168.0.70)
12:53:46    AS: http session (Client: 192.168.0.110) captured for authentication (Popup: no)
12:56:47    GW: warning: authenticator message expired for the user raven84@prc.lan (client: 192.168.0.76) and cannot be renewed
12:56:57    AS: http session (Client: 192.168.0.76) captured for authentication (Popup: yes)
12:56:58    AS: http session (Client: 192.168.0.76) captured for authentication (Popup: yes)
12:56:59    AS: trying Radius authentication (PAP) for raven84@prc.lan (Client: 192.168.0.76)
12:57:00    AS: Success: user raven84@prc.lan (Client: 192.168.0.76) successfully authenticated (Username,Password)
12:57:00    GW: Success: user raven84@prc.lan (IP: 192.168.0.76 MAC: e0:ca:94:6c:b8:32) connected
12:57:37    AS: http session (Client: 192.168.0.183) captured for authentication (Popup: yes)
12:58:10    AS: http session (Client: 192.168.0.169) captured for authentication (Popup: no)
12:58:37    AS: trying Radius authentication (PAP) for ltarzia@prc.lan (Client: 192.168.0.169)
12:58:37    AS: Success: user ltarzia@prc.lan (Client: 192.168.0.169) successfully authenticated (Username,Password)
12:58:41    GW: Success: user ltarzia@prc.lan (IP: 192.168.0.169 MAC: e0:f8:47:81:c4:13) connected
12:59:21    AS: http session (Client: 192.168.0.161) captured for authentication (Popup: yes)
12:59:21    AS: http session (Client: 192.168.0.153) captured for authentication (Popup: yes)
12:59:27    AS: trying Radius authentication (PAP) for buzz@prc.lan (Client: 192.168.0.161)
12:59:27    AS: Success: user buzz@prc.lan (Client: 192.168.0.161) successfully authenticated (Username,Password)
12:59:27    GW: Success: user buzz@prc.lan (IP: 192.168.0.161 MAC: d0:27:88:7a:03:b0) connected
13:00:17    AS: http session (Client: 192.168.0.105) captured for authentication (Popup: yes)
13:00:18    message repeated 2 times
13:00:35    AS: http session (Client: 192.168.0.178) captured for authentication (Popup: no)
13:01:19    GW: Success: user ltarzia@prc.lan (IP: 192.168.0.169 MAC: ) disconnected
13:01:44    AS: http session (Client: 192.168.0.120) captured for authentication (Popup: no)
13:01:46    AS: trying Radius authentication (PAP) for apini@prc.lan (Client: 192.168.0.120)
13:01:46    AS: Success: user apini@prc.lan (Client: 192.168.0.120) successfully authenticated (Username,Password)
13:01:47    GW: Success: user apini@prc.lan (IP: 192.168.0.120 MAC: 98:0c:82:58:08:04) connected
13:02:17    AS: Success: Captive Portal Authentication Server started
13:02:17    GW: warning: authenticator expired for raven84@prc.lan (Client: 192.168.0.76)
13:02:19    GW: Success: user raven84@prc.lan (IP: 192.168.0.76 MAC: e0:ca:94:6c:b8:32) disconnected
13:02:19    GW: Success: Captive Portal Gateway started (2 clients connected)
13:02:32    AS: Success: Captive Portal Authentication Server started
13:02:32    GW: Success: Captive Portal Gateway started (2 clients connected)
13:02:42    AS: http session (Client: 192.168.0.161) captured for authentication (Popup: yes)
13:02:47    AS: trying Radius authentication (PAP) for buzz@prc.lan (Client: 192.168.0.161)
13:02:49    AS: Radius authentication (PAP) failed for buzz@prc.lan (Client: 192.168.0.161)
13:02:49    AS: warning: authentication failed for the user buzz@prc.lan (Client: 192.168.0.161)
13:02:58    AS: http session (Client: 192.168.0.178) captured for authentication (Popup: no)
13:03:02    AS: http session (Client: 192.168.0.161) captured for authentication (Popup: yes)
13:03:08    AS: trying Radius authentication (PAP) for buzz@prc.lan (Client: 192.168.0.161)
13:03:08    AS: Success: user buzz@prc.lan (Client: 192.168.0.161) successfully authenticated (Username,Password)
13:03:08    GW: Success: user buzz@prc.lan (IP: 192.168.0.161 MAC: d0:27:88:7a:03:b0) connected
13:03:20    AS: http session (Client: 192.168.0.51) captured for authentication (Popup: no)
13:03:22    AS: trying Radius authentication (PAP) for buzz@prc.lan (Client: 192.168.0.51)
13:03:23    AS: Success: user buzz@prc.lan (Client: 192.168.0.51) successfully authenticated (Username,Password)
13:03:26    GW: Success: user buzz@prc.lan (IP: 192.168.0.51 MAC: 18:e2:c2:1f:52:0a) connected
13:03:40    AS: http session (Client: 192.168.0.188) captured for authentication (Popup: yes)
13:04:06    AS: http session (Client: 192.168.0.203) captured for authentication (Popup: yes)
13:04:06    AS: http session (Client: 192.168.0.203) captured for authentication (Popup: yes)
13:04:09    AS: http session (Client: 192.168.0.153) captured for authentication (Popup: yes)
13:04:14    AS: http session (Client: 192.168.0.188) captured for authentication (Popup: yes)
13:04:17    AS: http session (Client: 192.168.0.188) captured for authentication (Popup: yes)
13:04:18    AS: http session (Client: 192.168.0.188) captured for authentication (Popup: yes)
13:04:21    AS: http session (Client: 192.168.0.159) captured for authentication (Popup: yes)
13:04:22    message repeated 3 times
13:04:31    AS: trying Radius authentication (PAP) for piccio@prc.lan (Client: 192.168.0.159)
13:04:31    AS: http session (Client: 192.168.0.159) captured for authentication (Popup: yes)
13:04:31    AS: Success: user piccio@prc.lan (Client: 192.168.0.159) successfully authenticated (Username,Password)
13:04:31    GW: Success: user piccio@prc.lan (IP: 192.168.0.159 MAC: d0:27:88:75:c9:16) connected
13:04:32    GW: warning: authenticator expired for apini@prc.lan (Client: 192.168.0.120)
13:04:32    AS: http session (Client: 192.168.0.203) captured for authentication (Popup: yes)
13:04:33    GW: Success: user apini@prc.lan (IP: 192.168.0.120 MAC: 98:0c:82:58:08:04) disconnected
13:04:33    AS: http session (Client: 192.168.0.203) captured for authentication (Popup: yes)
13:04:40    message repeated 6 times
13:04:42    AS: http session (Client: 192.168.0.188) captured for authentication (Popup: yes)
13:04:48    AS: trying Radius authentication (PAP) for sctun68@prc.lan (Client: 192.168.0.203)
13:04:48    AS: Success: user sctun68@prc.lan (Client: 192.168.0.203) successfully authenticated (Username,Password)
13:04:49    GW: Success: user sctun68@prc.lan (IP: 192.168.0.203 MAC: 00:1b:77:dc:b7:c7) connected
13:05:31    AS: http session (Client: 192.168.0.153) captured for authentication (Popup: yes)
13:05:49    AS: http session (Client: 192.168.0.188) captured for authentication (Popup: yes)
13:06:07    message repeated 2 times
13:06:13    AS: trying Radius authentication (PAP) for oracon@prc.lan (Client: 192.168.0.188)
13:06:13    AS: Success: user oracon@prc.lan (Client: 192.168.0.188) successfully authenticated (Username,Password)
13:06:17    GW: Success: user oracon@prc.lan (IP: 192.168.0.188 MAC: 00:23:6c:97:48:a0) connected
13:06:37    AS: http session (Client: 192.168.0.120) captured for authentication (Popup: no)
13:07:07    AS: http session (Client: 192.168.0.120) captured for authentication (Popup: no)
13:08:59    AS: http session (Client: 192.168.0.114) captured for authentication (Popup: no)
13:10:35    AS: http session (Client: 192.168.0.114) captured for authentication (Popup: no)
13:12:38    AS: http session (Client: 192.168.0.183) captured for authentication (Popup: yes)
13:13:20    AS: http session (Client: 192.168.0.10) captured for authentication (Popup: no)
13:13:22    message repeated 2 times
13:13:35    AS: http session (Client: 192.168.0.10) captured for authentication (Popup: no)
13:13:46    message repeated 4 times
13:14:09    AS: trying Radius authentication (PAP) for berto@prc.lan (Client: 192.168.0.10)
13:14:09    AS: Success: user berto@prc.lan (Client: 192.168.0.10) successfully authenticated (Username,Password)
13:14:10    GW: Success: user berto@prc.lan (IP: 192.168.0.10 MAC: a0:0b:ba:e1:06:eb) connected
13:14:22    AS: http session (Client: 192.168.0.12) captured for authentication (Popup: no)
13:14:24    AS: trying Radius authentication (PAP) for thceo@prc.lan (Client: 192.168.0.12)
13:14:24    AS: Success: user thceo@prc.lan (Client: 192.168.0.12) successfully authenticated (Username,Password)
13:14:26    GW: Success: user thceo@prc.lan (IP: 192.168.0.12 MAC: 5c:0a:5b:41:09:e1) connected
13:15:18    GW: Success: user (IP: 192.168.0.10 MAC: ) disconnected
13:15:25    GW: Success: user (IP: 192.168.0.12 MAC: ) disconnected
13:15:28    AS: http session (Client: 192.168.0.220) captured for authentication (Popup: no)
13:15:35    AS: trying Radius authentication (PAP) for thceo@prc.lan (Client: 192.168.0.220)
13:15:35    AS: Success: user thceo@prc.lan (Client: 192.168.0.220) successfully authenticated (Username,Password)
13:15:36    GW: Success: user thceo@prc.lan (IP: 192.168.0.220 MAC: 5c:0a:5b:41:09:e1) connected
13:15:56    AS: trying Radius authentication (PAP) for thceo@prc.lan (Client: 192.168.0.220)
13:15:56    AS: Success: user thceo@prc.lan (Client: 192.168.0.220) successfully authenticated (Username,Password)
13:15:56    GW: Warning: the client 192.168.0.220 is already connected (User: MAC: )
13:17:45    AS: http session (Client: 192.168.0.33) captured for authentication (Popup: yes)
[/code]
Top
Profilo Invia messaggio privato
riccato



Registrato: 21/10/12 16:15
Messaggi: 4

MessaggioInviato: Gio Ott 25, 2012 1:09 pm    Oggetto: Rispondi citando

No, non ho evidenze di AP che facciano le bizze (nel senso che gli errori avvengono un po' a casaccio, sto cercando di fare una casistica dei clients.

La cosa più grave è che il sistema vede correttamente gli utenti:
Codice:
14:00:08    AS: trying Radius authentication (PAP) for Sara_cav@prc.lan (Client: 192.168.0.172)
14:00:08    AS: Success: user Sara_cav@prc.lan (Client: 192.168.0.172) successfully authenticated (Username,Password)
14:00:11    GW: Success: user Sara_cav@prc.lan (IP: 192.168.0.172 MAC: 40:30:04:a4:21:68) connected


Mentre poi sul captive portal succede che venga riportata una riga con username e mac address vuoti e IP corretto. Se forzo la disconnessione il PC naviga senza limiti.

Aiuto!

M.
Top
Profilo Invia messaggio privato
fulvio
Site Admin


Registrato: 01/11/06 17:45
Messaggi: 1559

MessaggioInviato: Gio Ott 25, 2012 10:25 pm    Oggetto: Rispondi citando

Sembra che tu abbia esaurito lo spazio disco nella partizione dei profili. Giusto?

Ciao
Fulvio
Top
Profilo Invia messaggio privato
Mostra prima i messaggi di:   
Nuovo argomento   Rispondi    Indice del forum -> Segnalazione BUG Tutti i fusi orari sono GMT + 1 ora
Pagina 1 di 1

 
Vai a:  
Non puoi inserire nuovi argomenti
Non puoi rispondere a nessun argomento
Non puoi modificare i tuoi messaggi
Non puoi cancellare i tuoi messaggi
Non puoi votare nei sondaggi


Powered by phpBB © 2001, 2005 phpBB Group
phpbb.it