(RADIATOR) Not hitting the correct group
Keith Olmstead
kolmstea at centurytel.net
Wed May 23 16:28:29 CDT 2001
Ok,
Just so everybody had all the information. I am unable to get a dialup
account to work with a certain group. It by passes it and ends up
authenticating off the default group. Here are the 2 groups:
# Default Dial-Up PPP user with X-Stop
DEFAULT Auth-Type = System, Group = dxd00, NAS-Port-Type = Async
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 255.255.255.254,
Framed-IP-Netmask = 255.255.255.255,
Reply-Message="choice: ",
Port-Limit = 1,
Idle-Timeout = 1200,
Session-Timeout = 28800,
cisco-avpair = "lcp:interface-config=ip policy route-map faccess",
Filter-Id = "xstop.sec",
Class = dxd00
# Default Dial-Up PPP User System Profile
DEFAULT Auth-Type = System, NAS-Port-Type = Async
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 255.255.255.254,
Framed-IP-Netmask = 255.255.255.255,
Reply-Message="choice: ",
Port-Limit = 1,
Idle-Timeout = 1200,
Session-Timeout = 28800,
Class = default
Here is also a trace 4 debug on radius when dialing in. As you can see it
is not even looking for the groups.
Wed May 23 16:22:20 2001: DEBUG: Rewrote user name to ctnxxxxx
Wed May 23 16:22:20 2001: DEBUG: Rewrote user name to ctnxxxxx
Wed May 23 16:22:20 2001: NOTICE: Request from unknown client
xxx.xxx.xxx.xxx: ignored
Wed May 23 16:22:32 2001: DEBUG: Reading users file /etc/raddb/users
Wed May 23 16:22:52 2001: DEBUG: Reading group file /etc/group
Wed May 23 16:22:59 2001: DEBUG: Reading users file /etc/raddb/users
Wed May 23 16:23:19 2001: DEBUG: Reading group file /etc/group
Wed May 23 16:23:21 2001: DEBUG: Packet dump:
*** Received from xxx.xxx.xxx.xxx port 1036 ....
Code: Accounting-Request
Identifier: 27
Authentic: <159><142><150>yf<207><159><24><11>J<222>KH$,<13>
Attributes:
Acct-Session-Id = "22000008"
User-Name = "ctnxxxxx"
NAS-IP-Address = xxx.xxx.xxx.xxx
NAS-Port = 0
NAS-Port-Type = Async
Acct-Status-Type = Start
Acct-Authentic = RADIUS
Connect-Info = "26400 LAPM/V42BIS"
Called-Station-Id = "xxxxxx"
Calling-Station-Id = "xxxxxxxxxx"
Class = "default"
Service-Type = Framed-User
Framed-Protocol = PPP
Framed-IP-Address = xxx.xxx.xxx.xxx
Acct-Delay-Time = 0
Wed May 23 16:23:21 2001: DEBUG: Rewrote user name to ctnxxxxx
Wed May 23 16:23:21 2001: DEBUG: Rewrote user name to ctnxxxxx
Wed May 23 16:23:21 2001: NOTICE: Request from unknown client
xxx.xxx.xxx.xxx: ignored
Wed May 23 16:23:25 2001: DEBUG: Reading users file /etc/raddb/users
Wed May 23 16:23:38 2001: DEBUG: Packet dump:
*** Received from xxx.xxx.xxx.xxx port 1036 ....
Code: Accounting-Request
Identifier: 28
Authentic: wZ`<9>&`<13><153><155><205><1>_<190>9d<166>
Attributes:
Acct-Session-Id = "22000008"
User-Name = "ctnxxxxx"
NAS-IP-Address = xxx.xxx.xxx.xxx
NAS-Port = 0
NAS-Port-Type = Async
Acct-Status-Type = Stop
Acct-Session-Time = 17
Acct-Authentic = RADIUS
Connect-Info = "26400 LAPM/V42BIS"
Acct-Input-Octets = 6262
Acct-Output-Octets = 682
Called-Station-Id = "xxxxxx"
Calling-Station-Id = "xxxxxxxxxx"
Class = "default"
Acct-Terminate-Cause = User-Request
LE-Terminate-Detail = "User Request - PPP Term Req"
Service-Type = Framed-User
Framed-Protocol = PPP
Framed-IP-Address = xxx.xxx.xxx.xxx
Acct-Delay-Time = 0
Wed May 23 16:23:38 2001: DEBUG: Rewrote user name to ctn83410
Wed May 23 16:23:38 2001: DEBUG: Rewrote user name to ctn83410
Wed May 23 16:23:38 2001: NOTICE: Request from unknown client
209.142.136.22: ignored
This is what I have in my radtest.cfg
<Realm>
<AuthBy FILE>
# The filename defaults to %D/users
</AuthBy>
# Log accounting to the detail file in LogDir
AcctLogFileName %L/%N/detail
</Realm>
#
<Realm DEFAULT>
<AuthBy UNIX>
Identifier System
Filename /etc/shadow
GroupFilename /etc/group
</AuthBy>
AcctLogFileName %L/%N/detail
</Realm>
#
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list