search

rakasatria / ovpn-radius

OpenVPN Radius Plugin | Go-based OpenVPN with Radius Authentication and Accounting
GNU General Public License v2.0
4 stars 5 forks source link

Accounting Issue #2

Open AKZAD opened 11 months ago

AKZAD commented 11 months ago

Hi, I have issue with accounting process. When the server.conf file is configured with: client-connect "/etc/openvpn/plugin/ovpn-radius acct " The log file "radius-plugin.log" shows this: time="2023-08-04T19:06:12Z" level=info msg="accountingRequest: prepare send request to 192.168.1.100:1813 with request type: start" time="2023-08-04T19:06:12Z" level=info msg="accountingRequest: get user data with Id 192.168.1.50:55606" time="2023-08-04T19:06:12Z" level=info msg="accountingRequest: update user data ip address to 172.17.1.6 with Id 192.168.1.50:55606" time="2023-08-04T19:06:12Z" level=info msg="accountingRequest: sent request to 192.168.1.100:1813 with request type: start" time="2023-08-04T19:06:12Z" level=error msg="accountingRequest: error: exit status 1"

and if I comment out client-connect "/etc/openvpn/plugin/ovpn-radius acct " the authentication process will work prefectly.

Here is server.conf configuration: proto udp local 192.168.1.12 auth-user-pass-verify "/etc/openvpn/plugin/ovpn-radius auth" via-file client-connect "/etc/openvpn/plugin/ovpn-radius acct " client-disconnect "/etc/openvpn/plugin/ovpn-radius stop "

script-security 3

ca ca.crt cert server.crt key server.key dh none server 172.17.1.0 255.255.255.0 ifconfig-pool-persist /var/log/openvpn/ipp.txt push "redirect-gateway def1 bypass-dhcp" push "dhcp-option DNS 8.8.8.8" duplicate-cn keepalive 10 120 tls-crypt ta.key cipher AES-256-GCM auth SHA256 user nobody group nogroup persist-key persist-tun status /var/log/openvpn/openvpn-status.log syslog openvpn ;management 127.0.0.1 3799 verb 4 explicit-exit-notify 1

and this is how the config.json looks like: { "LogFile": "/var/log/openvpn/radius-plugin.log", "ServerInfo": { "Identifier": "openvpn", "IpAddress": "192.168.1.12", "PortType": "5", "ServiceType": "5" }, "Radius": { "Authentication": { "Server": "192.168.1.100:1812", "Secret": "123456" }, "Accounting": { "Server": "192.168.1.100:1813", "Secret": "123456" } } }

And also I used tcpdum udp port 1813 in purpose of monitor accounting packets at the radius server but didn't receive any packet.

OS: Ubuntu 20.04.2 Openvpn 2.5.5 RadiusServer: Freeradius with Radiuskdesk GUI

Any idea what I did wong?

Regards

rakasatria commented 10 months ago

The purpose of using client-connect and disconnect is doing sending radius accounting to the radius server. Are you enable accounting services radius at the freeradius?

What the accounting does at free adius?

Reset816 commented 8 months ago

I encounter the same error and I cannot find any log about accounting in freeradius. I follow this to enable accounting. Is any other conf I need to edit to enable accounting?

/etc/freeradius/3.0/sites-available/default

        #
        #  Look in an SQL database.  The schema of the database
        #  is meant to mirror the "users" file.
        #
        #  See "Authorization Queries" in mods-available/sql
        sql
        monthlytrafficcounter

/etc/freeradius/3.0/mods-available/sqlcounter

sqlcounter monthlytrafficcounter {
        sql_module_instance = sql
#dialect = ${modules.sql.dialect}
        dialect = "mysql"

        counter_name = Monthly-Traffic
        check_name = Max-Monthly-Traffic
        reply_name = Monthly-Traffic-Limit
        key = User-Name
        reset = monthly

        $INCLUDE ${modconfdir}/sql/counter/${dialect}/${.:instance}.conf
}
Reset816 commented 8 months ago

dailycounter also leads to same error