Syed Jahanzaib Personal Blog to Share Knowledge !

August 6, 2015

Enabling Authentication Logs in Freeradius

Filed under: Linux Related, Radius Manager — Tags: , — Syed Jahanzaib / Pinochio~:) @ 3:35 PM

logs-error

Sometimes in freeradius base billing system, user is unable to authenticate with the system. To quickly investigate the issue, its better to enable freeradius authentication logs to see if its the user end id password issue or something else.

To enable Free- Radius LOGS to get additional information on users authentication ,

Edit /usr/local/etc/raddb/radiusd.conf

nano /usr/local/etc/raddb/radiusd.conf

and modify following

auth = no
auth_badpass = no
auth_goodpass = no

to following

auth = yes
auth_badpass = yes
auth_goodpass = yes

Save and Exit.

Now restart radius service by

service radiusd restart

Check Logs by

tail -f /usr/local/var/log/radius/radius.log

and you will AUTH logs for Good and Bad Login Attempts, It helps a lot in troubleshooting troubled users.

Thu Aug  6 14:52:06 2015 : Auth: Login OK: [usernameX/username] (from client CCR-GW port 15747979 cli xx:D1:11:64:B8:39)
Thu Aug  6 14:52:07 2015 : Auth: Login OK: [usernameX/username] (from client CCR-GW port 15747975 cli xx:44:76:72:A7:9C)
Thu Aug  6 14:52:08 2015 : Auth: Login OK: [usernameX/username] (from client CCR-GW port 15747978 cli xx:44:76:72:9E:9C)

Thu Aug  6 14:58:48 2015 : Auth: Login incorrect: [usernameY<via Auth-Type = mschap>] (from client pppoe2 port 16056177 cli xx:DE:27:2F:23:95)
Thu Aug  6 14:58:49 2015 : Auth: Login incorrect: [usernameZ/<via Auth-Type = mschap>] (from client pppoe1 port 15819569 cli xx:F3:C1:AD:70:17)

 

Regard’s

Syed Jahanzaib

 

 

%d bloggers like this: