FreeRADIUS одновременного использования не работает

Недавно я создал портал Fortigate с аутентификацией по радиусу с использованием freeradius. Но есть некоторая проблема, когда я пытаюсь реализовать одновременное использование, чтобы ограничить количество устройств на пользователя. Когда я посмотрел его в Google, я обнаружил, что это как-то связано с сессиями и бухгалтерским учетом. Затем я заметил, что таблица radacct остается пустой после аутентификации пользователя. Кто-нибудь может мне помочь с этим вопросом? На Fortigate я включил Radius Accounting и разрешил все входящие и исходящие порты. На Freeradius я включил учет для использования radutmp и sql и сессию для использования sql. Вот вывод от freeradius -X

    rad_recv: Access-Request packet from host 192.168.1.1 port 1048, id=24, length=125
        NAS-Identifier = "FGT60D4615093464"
        User-Name = "sultanrad1"
        User-Password = "sultan"
        NAS-Port-Type = Virtual
        Calling-Station-Id = "C0-87-EB-A4-E6-D1"
        Acct-Session-Id = "1548ab84"
        Connect-Info = "web-auth"
        Fortinet-Vdom-Name = "root"
# Executing section authorize from file /etc/freeradius/sites-enabled/default
+group authorize {
++[preprocess] = ok
++[chap] = noop
++[mschap] = noop
++[digest] = noop
[suffix] No '@' in User-Name = "sultanrad1", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] = noop
[eap] No EAP-Message, not doing EAP
++[eap] = noop
++[files] = noop
[sql]   expand: %{User-Name} -> sultanrad1
[sql] sql_set_user escaped user --> 'sultanrad1'
rlm_sql (sql): Reserving sql socket id: 31
[sql]   expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = 'sultanrad1'           ORDER BY id
[sql] User found in radcheck table
[sql]   expand: SELECT id, username, attribute, value, op           FROM radreply           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radreply           WHERE username = 'sultanrad1'           ORDER BY id
[sql]   expand: SELECT groupname           FROM radusergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM radusergroup           WHERE username = 'sultanrad1'           ORDER BY priority
rlm_sql (sql): Released sql socket id: 31
++[sql] = ok
++[expiration] = noop
++[logintime] = noop
rlm_sqlcounter: Entering module authorize code
WARNING: Please replace '%k' with '${key}'
sqlcounter_expand:  'SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='%{User-Name}''
[noresetcounter]        expand: SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='%{User-Name}' -> SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='sultanrad1'
WARNING: Please replace '%S' with '${sqlmod-inst}'
sqlcounter_expand:  '%{sql:SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='sultanrad1'}'
[noresetcounter] sql_xlat
[noresetcounter]        expand: %{User-Name} -> sultanrad1
[noresetcounter] sql_set_user escaped user --> 'sultanrad1'
[noresetcounter]        expand: SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='sultanrad1' -> SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='sultanrad1'
rlm_sql (sql): Reserving sql socket id: 30
[noresetcounter] sql_xlat finished
rlm_sql (sql): Released sql socket id: 30
[noresetcounter]        expand: %{sql:SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='sultanrad1'} -> 0
rlm_sqlcounter: Check item is greater than query result
rlm_sqlcounter: Authorized user sultanrad1, check_item=300, counter=0
rlm_sqlcounter: Sent Reply-Item for user sultanrad1, Type=Session-Timeout, value=300
++[noresetcounter] = ok
++[pap] = updated
+} # group authorize = updated
Found Auth-Type = PAP
# Executing group from file /etc/freeradius/sites-enabled/default
+group PAP {
[pap] login attempt with password "sultan"
[pap] Using clear text password "sultan"
[pap] User authenticated successfully
++[pap] = ok
+} # group PAP = ok
# Executing section session from file /etc/freeradius/sites-enabled/default
+group session {
[radutmp]       expand: /var/log/freeradius/radutmp -> /var/log/freeradius/radutmp
[radutmp]       expand: %{User-Name} -> sultanrad1
++[radutmp] = ok
+} # group session = ok
# Executing section post-auth from file /etc/freeradius/sites-enabled/default
+group post-auth {
[sql]   expand: %{User-Name} -> sultanrad1
[sql] sql_set_user escaped user --> 'sultanrad1'
[sql]   expand: %{User-Password} -> sultan
[sql]   expand: INSERT INTO radpostauth                           (username, pass, reply, authdate)                           VALUES (                           '%{User-Name}',                           '%{%{User-Password}:-%{Chap-Password}}',                           '%{reply:Packet-Type}', '%S') -> INSERT INTO radpostauth                           (username, pass, reply, authdate)                           VALUES (                           'sultanrad1',                           'sultan',                           'Access-Accept', '2019-03-26 16:58:11')
rlm_sql (sql) in sql_postauth: query is INSERT INTO radpostauth                           (username, pass, reply, authdate)                           VALUES (                           'sultanrad1',                           'sultan',                           'Access-Accept', '2019-03-26 16:58:11')
rlm_sql (sql): Reserving sql socket id: 29
rlm_sql (sql): Released sql socket id: 29
++[sql] = ok
++[exec] = noop
+} # group post-auth = ok
Sending Access-Accept of id 24 to 192.168.1.1 port 1048
        Session-Timeout = 300
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 0 ID 24 with timestamp +569
Ready to process requests.

Что-то я пропустил или неправильно настроил? Кто-нибудь может помочь мне с этим вопросом?

Источник

0 ответов

Другие вопросы по тегам