Здавствуйте!
Есть впн клиенты, появилась необходимость сливать аккаунтинг в базу. В качестве радиуса выступал radius-cisctron и с ним циска работала нормально.

Так как цистрон не умеет складывать всё это в базу, то решили перейти на freeradius. Вот с ним и возникли проблемы - не работает VPN
Конфиг радиуса включены аутентификация по PAP и CHAP. Подключение не проходит.
Повторюсь, на cistron всё работает без вопросов!
Конфиги радиуса

radius.conf
.
.
.

authorize {
    pap
    chap
}

authenticate {
    Auth-Type PAP {
        pap
    }
    Auth-Type CHAP {
        chap
    }
}

____________________________________________________________________
clients.conf

bfm_test Auth-Type := Local,  User-Password == "bfm_test"
        Service-Type = Framed-User,
        Framed-Protocol = PPP,
        Framed-IP-Address = 10.78.16.129,
        Framed-IP-Netmask = 255.255.255.255,
        Session-Timeout = 86400

bfm_test1 Auth-Type := Local,  User-Password == "bfm_test"
        Service-Type = Framed-User,
        Framed-Protocol = PPP,
        Framed-IP-Address = 10.78.16.130,
        Framed-IP-Netmask = 255.255.255.255,
        Session-Timeout = 86400

DEFAULT Service-Type == Framed-User
       Framed-IP-Address = 255.255.255.254,
       Framed-MTU = 576,
       Service-Type = Framed-User,
       Fall-Through = Yes

DEFAULT Framed-Protocol == PPP
       Framed-Protocol = PPP,
       Framed-Compression = Van-Jacobson-TCP-IP
_______________________________________________________
ЛОГИ на радиусе

Threads: total/active/spare threads = 5/1/4
        Framed-Protocol = PPP
        User-Name = "bfm_test"
        User-Password = "bfm_test"
        NAS-Port-Type = Virtual
        NAS-Port = 367
        NAS-Port-Id = "Uniq-Sess-ID367"
        Service-Type = Framed-User
        NAS-IP-Address = a.a.a.a
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 7
rlm_pap: WARNING! No "known good" password found for the user.  Authentication may fail because of this.
  modcall[authorize]: module "pap" returns noop for request 7
  modcall[authorize]: module "chap" returns noop for request 7
modcall: leaving group authorize (returns noop) for request 7
auth: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user
auth: Failed to validate the user.
Login incorrect: [bfm_test/bfm_test] (from client korona port 367)

ЛОГ на циске:

.Apr 10 14:26:59: ppp367 PAP: I AUTH-REQ id 72 len 22 from "bfm_test"
.Apr 10 14:26:59: ppp367 PAP: Authenticating peer bfm_test
.Apr 10 14:26:59: ppp367 PPP: Phase is FORWARDING, Attempting Forward
.Apr 10 14:26:59: ppp367 PPP: Phase is AUTHENTICATING, Unauthenticated User
.Apr 10 14:26:59: RADIUS/ENCODE(000A0509):Orig. component type = VPDN
.Apr 10 14:26:59: RADIUS:  AAA Unsupported Attr: interface         [158] 15
.Apr 10 14:26:59: RADIUS:   55 6E 69 71 2D 53 65 73 73 2D 49 44 33           [Uniq-Sess-ID3]
.Apr 10 14:26:59: RADIUS(000A0509): Config NAS IP: 0.0.0.0
.Apr 10 14:26:59: RADIUS/ENCODE(000A0509): acct_session_id: 1035783
.Apr 10 14:26:59: RADIUS(000A0509): sending
.Apr 10 14:26:59: RADIUS/ENCODE: Best Local IP-Address a.a.a.afor Radius-Server 77.238.224.254
.Apr 10 14:26:59: RADIUS(000A0509): Send Access-Request to x.x.x.x:xid 1645/128, len 95
.Apr 10 14:26:59: RADIUS:  authenticator 6E 41 C9 DC 3D 82 C0 17 - B4 87 16 34 CF B6 53 D7
.Apr 10 14:26:59: RADIUS:  Framed-Protocol     [7]   6   PPP                       [1]
.Apr 10 14:26:59: RADIUS:  User-Name           [1]   10  "bfm_test"
.Apr 10 14:26:59: RADIUS:  User-Password       [2]   18  *
.Apr 10 14:26:59: RADIUS:  NAS-Port-Type       [61]  6   Virtual                   [5]
.Apr 10 14:26:59: RADIUS:  NAS-Port            [5]   6   367
.Apr 10 14:26:59: RADIUS:  NAS-Port-Id         [87]  17  "Uniq-Sess-ID367"
.Apr 10 14:26:59: RADIUS:  Service-Type        [6]   6   Framed                    [2]
.Apr 10 14:26:59: RADIUS:  NAS-IP-Address      [4]   6   77.238.225.1
.Apr 10 14:27:02: ppp367 PAP: I AUTH-REQ id 73 len 22 from "bfm_test"
.Apr 10 14:27:02: ppp367 PAP: Ignoring Additional Request
.Apr 10 14:27:04: RADIUS: no sg in radius-timers: ctx 0x4818BF88 sg 0x0000
.Apr 10 14:27:04: RADIUS: Retransmit to (x.x.x.x:1812,1813) for id 1645/128
.Apr 10 14:27:04: RADIUS: Received from id 1645/128 x.x.x.x:1812, Access-Reject, len 20
.Apr 10 14:27:04: RADIUS: Response for non-existent request ident
.Apr 10 14:27:05: ppp367 PAP: I AUTH-REQ id 74 len 22 from "bfm_test"
.Apr 10 14:27:05: ppp367 PAP: Ignoring Additional Request
.Apr 10 14:27:08: ppp367 PAP: I AUTH-REQ id 75 len 22 from "bfm_test"
.Apr 10 14:27:08: ppp367 PAP: Ignoring Additional Request
.Apr 10 14:27:09: ppp367 AUTH: Timeout 1
.Apr 10 14:27:09: RADIUS: no sg in radius-timers: ctx 0x4818BF88 sg 0x0000
.Apr 10 14:27:09: RADIUS: Retransmit to (x.x.x.x:1812,1813) for id 1645/128
.Apr 10 14:27:11: ppp367 PAP: I AUTH-REQ id 76 len 22 from "bfm_test"
.Apr 10 14:27:11: ppp367 PAP: Ignoring Additional Request
.Apr 10 14:27:14: ppp367 PAP: I AUTH-REQ id 77 len 22 from "bfm_test"
.Apr 10 14:27:14: ppp367 PAP: Ignoring Additional Request
.Apr 10 14:27:14: ppp1028 PPP: Send Message[Dynamic Bind Response]
.Apr 10 14:27:14: ppp1028 PPP: Using vpn set call direction
.Apr 10 14:27:14: ppp1028 PPP: Treating connection as a callin
.Apr 10 14:27:14: ppp1028 PPP: Session handle[CB00089B] Session id[1028]
.Apr 10 14:27:14: ppp1028 PPP: Phase is ESTABLISHING, Passive Open
.Apr 10 14:27:14: ppp1028 LCP: State is Listen
.Apr 10 14:27:15: RADIUS: no sg in radius-timers: ctx 0x4818BF88 sg 0x0000
.Apr 10 14:27:15: RADIUS: Retransmit to (x.x.x.x:1812,1813) for id 1645/128
.Apr 10 14:27:15: RADIUS: Received from id 1645/128 x.x.x.x:1812, Access-Reject, len 2

Может забыл какую магическую строчку в конфиг... Если у кого есть рабочий конфиг для фрирадиуса, просьба поделиться! Решение проблемы необходимо, как всегда срочно и в пятницу....
Заранее благодарю за помощь