(RADIATOR) Problems checking Simultaneous-Use with TC NAS & Manager problems
Gib Salisbury
gsalisbu at qtm.net
Thu Aug 1 15:14:13 CDT 2002
Hey all,
I'm trying to get a new radiator configuration working on my FreeBSD 4.4
Machine that is using Radiator 3.1 and Perl 5.6.1. The problem that I am
having is when Radiator tries to check if an existing session is still
active with snmpget it times out every time without repsonse. I am using
snmpget 5.0.1 that was compiled locally. Also, the TotalControls are
running various ComOS versions 5.0-5.3. I have made sure that the SNMP
community was configured in the TC and that it had the proper host
authority. If you could provide any pointers as to what I could be doing
wrong it would be much appreciated. I have attached my config file and
also the trace level 4 output.
Secondly, I am having a problem with the TC putting accounting entries in
for Manager every minute. It increases the session id by one each time it
does it. Does anyone know if this is a setting inside ComOS? Thanks in
advance.
Sincerely,
Gib Salisbury
Technician
Quantum Connections, LLC
Phone (616) 926-4242 x215
http://www.qtm.net/
*** Received from 127.0.0.1 port 3713 ....
Code: Access-Request
Identifier: 82
Authentic: 1234567890123456
Attributes:
User-Name = "gsalisbu"
Service-Type = Framed-User
NAS-IP-Address = 216.163.41.10
NAS-Port = 1234
Called-Station-Id = "123456789"
Calling-Station-Id = "987654321"
NAS-Port-Type = Async
User-Password = "*removed but correct*"
Thu Aug 1 15:47:07 2002: DEBUG: Rewrote user name to gsalisbu
Thu Aug 1 15:47:07 2002: DEBUG: Rewrote user name to gsalisbu
Thu Aug 1 15:47:07 2002: DEBUG: Rewrote user name to gsalisbu
Thu Aug 1 15:47:07 2002: DEBUG: Handling request with Handler
'Realm=x2realm'
Thu Aug 1 15:47:07 2002: DEBUG: Rewrote user name to gsalisbu
Thu Aug 1 15:47:07 2002: DEBUG: SessionSQL Deleting session for gsalisbu,
216.163.41.10, 1234
Thu Aug 1 15:47:07 2002: DEBUG: do query is: delete from RADONLINE where
NASIDENTIFIER='216.163.41.10' and NASPORT=01234
Thu Aug 1 15:47:07 2002: DEBUG: Handling with Radius::AuthSQL
Thu Aug 1 15:47:07 2002: DEBUG: Handling with Radius::AuthFILE: x2users
Thu Aug 1 15:47:07 2002: DEBUG: Radius::AuthFILE looks for match with
gsalisbu
Thu Aug 1 15:47:07 2002: DEBUG: Handling with Radius::AuthUNIX: password
Thu Aug 1 15:47:07 2002: DEBUG: Radius::AuthUNIX looks for match with
gsalisbu
Thu Aug 1 15:47:07 2002: DEBUG: Query is: select NASIDENTIFIER, NASPORT,
ACCTSESSIONID from RADONLINE where USERNAME='gsalisbu'
Thu Aug 1 15:47:07 2002: WARNING: SessionSQL Could not find a Client for
NAS 203.63.154.1 to double-check Simultaneous-Use. Perhaps you do not have
a reverse DNS for that NAS?
Thu Aug 1 15:47:07 2002: WARNING: SessionSQL Could not find a Client for
NAS 216.163.32.138 to double-check Simultaneous-Use. Perhaps you do not
have a reverse DNS for that NAS?
Thu Aug 1 15:47:07 2002: DEBUG: Checking if user is still online: Hiper,
gsalisbu, 216.163.62.138, 4577, 00001234
Thu Aug 1 15:47:07 2002: DEBUG: Running command `/usr/local/bin/snmpget -c
'public' 216.163.62.138
.iso.org.dod.internet.private.enterprises.429.4.10.1.1.18.5833`
Timeout: No Response from 216.163.62.138.
Thu Aug 1 15:47:13 2002: NOTICE: SessionSQL Session for gsalisbu at
216.163.62.138:4577 has gone away
Thu Aug 1 15:47:13 2002: DEBUG: SessionSQL Deleting session for gsalisbu,
216.163.62.138, 4577
Thu Aug 1 15:47:13 2002: DEBUG: do query is: delete from RADONLINE where
NASIDENTIFIER='216.163.41.10' and NASPORT=01234
Thu Aug 1 15:47:13 2002: DEBUG: Checking if user is still online:
TotalControlSNMP, gsalisbu, 216.163.41.10, 4577, 00001234
Thu Aug 1 15:47:13 2002: DEBUG: Running command `/usr/local/bin/snmpget -c
'public' 216.163.41.10
.iso.org.dod.internet.private.enterprises.429.4.2.1.140.1.2.8.48.48.48.4
8.49.50.51.52`
Timeout: No Response from 216.163.41.10.
Thu Aug 1 15:47:19 2002: NOTICE: SessionSQL Session for gsalisbu at
216.163.41.10:4577 has gone away
Thu Aug 1 15:47:19 2002: DEBUG: SessionSQL Deleting session for gsalisbu,
216.163.41.10, 4577
Thu Aug 1 15:47:19 2002: DEBUG: do query is: delete from RADONLINE where
NASIDENTIFIER='216.163.41.10' and NASPORT=01234
Thu Aug 1 15:47:19 2002: DEBUG: Query is: select NASIDENTIFIER, NASPORT,
ACCTSESSIONID from RADONLINE where USERNAME='gsalisbu'
Thu Aug 1 15:47:19 2002: WARNING: SessionSQL Could not find a Client for
NAS 203.63.154.1 to double-check Simultaneous-Use. Perhaps you do not have
a reverse DNS for that NAS?
Thu Aug 1 15:47:19 2002: WARNING: SessionSQL Could not find a Client for
NAS 216.163.32.138 to double-check Simultaneous-Use. Perhaps you do not
have a reverse DNS for that NAS?
Thu Aug 1 15:47:19 2002: DEBUG: Checking if user is still online: Hiper,
gsalisbu, 216.163.62.138, 4577, 00001234
Thu Aug 1 15:47:19 2002: DEBUG: Running command `/usr/local/bin/snmpget -c
'public' 216.163.62.138
.iso.org.dod.internet.private.enterprises.429.4.10.1.1.18.5833`
Timeout: No Response from 216.163.62.138.
Thu Aug 1 15:47:25 2002: NOTICE: SessionSQL Session for gsalisbu at
216.163.62.138:4577 has gone away
Thu Aug 1 15:47:25 2002: DEBUG: SessionSQL Deleting session for gsalisbu,
216.163.62.138, 4577
Thu Aug 1 15:47:26 2002: DEBUG: do query is: delete from RADONLINE where
NASIDENTIFIER='216.163.41.10' and NASPORT=01234
Thu Aug 1 15:47:26 2002: DEBUG: Checking if user is still online:
TotalControlSNMP, gsalisbu, 216.163.41.10, 4577, 00001234
Thu Aug 1 15:47:26 2002: DEBUG: Running command `/usr/local/bin/snmpget -c
'public' 216.163.41.10
.iso.org.dod.internet.private.enterprises.429.4.2.1.140.1.2.8.48.48.48.4
8.49.50.51.52`
Timeout: No Response from 216.163.41.10.
Thu Aug 1 15:47:32 2002: NOTICE: SessionSQL Session for gsalisbu at
216.163.41.10:4577 has gone away
Thu Aug 1 15:47:32 2002: DEBUG: SessionSQL Deleting session for gsalisbu,
216.163.41.10, 4577
Thu Aug 1 15:47:32 2002: DEBUG: do query is: delete from RADONLINE where
NASIDENTIFIER='216.163.41.10' and NASPORT=01234
Thu Aug 1 15:47:32 2002: DEBUG: Radius::AuthUNIX REJECT:
DefaultSimultaneousUse of 1 exceeded
Thu Aug 1 15:47:32 2002: DEBUG: Radius::AuthFILE REJECT:
DefaultSimultaneousUse of 1 exceeded
Thu Aug 1 15:47:32 2002: DEBUG: Radius::AuthFILE looks for match with
DEFAULT
Thu Aug 1 15:47:32 2002: DEBUG: Radius::AuthFILE REJECT: Check item
Authentication-type expression 'Unix-PW' does not match '' in request
Thu Aug 1 15:47:32 2002: INFO: Access rejected for gsalisbu: Check item
Authentication-type expression 'Unix-PW' does not match '' in request
Thu Aug 1 15:47:32 2002: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 3713 ....
Code: Access-Reject
Identifier: 82
Authentic: 1234567890123456
Attributes:
Reply-Message = "Request Denied"
DbDir /raddb
DictionaryFile /raddb/dictionary
LogDir /raddb
LogFile %L\radius
PidFile radius.pid
SnmpgetProg /usr/local/bin/snmpget
RewriteUsername s/^([^@]+).*/$1/
RewriteUsername tr/[A-Z]/[a-z]/
RewriteUsername s/\s+//g
Trace 4
LogStdout
<AuthBy UNIX>
DefaultSimultaneousUse 1
Description unix pw auth
Filename /etc/master.passwd
GroupFilename /etc/group
Identifier password
</AuthBy>
<AuthBy FILE>
DefaultSimultaneousUse 1
Description users std
Filename %D/users
Identifier users
</AuthBy>
<AuthBy FILE>
DefaultSimultaneousUse 1
Description tc8 users
Filename %D/tc8.users
Identifier tc8users
</AuthBy>
<AuthBy FILE>
DefaultSimultaneousUse 1
Description dsl
Filename %D/dsl.users
Identifier dslusers
</AuthBy>
<AuthBy FILE>
DefaultSimultaneousUse 1
Description x2 user auth
Filename %D/x2.users
Identifier x2users
</AuthBy>
<AuthBy SQL>
DBSource dbi:mysql:radius
DBUsername radius
DBAuth XXXX
AuthSelect
Identifier sqlacct
AcctColumnDef USERNAME,User-Name
AcctColumnDef TIME_STAMP,Timestamp,integer
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
AcctColumnDef NASIDENTIFIER,NAS-Identifier
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AcctColumnDef CALLINGSTATION,Calling-Station-Id,integer
</AuthBy>
<ClientListSQL>
DBSource dbi:mysql:radius
DBUsername radius
DBAuth XXXX
</ClientListSQL>
<Log SQL>
DBSource dbi:mysql:radius
DBUsername radius
DBAuth XXXX
</Log>
<StatsLog SQL>
DBSource dbi:mysql:radius
DBUsername radius
DBAuth XXXX
Interval 86400
</StatsLogSQL>
<Realm realmusers>
RewriteUsername s/^([^@]+).*/$1/
AuthByPolicy null
AuthBy sqlacct
AuthBy users
PasswordLogFileName pwd.log
SessionDatabase
</Realm>
<Realm x2realm>
RewriteUsername s/^([^@]+).*/$1/
AuthByPolicy Null
AuthBy sqlacct
AuthBy x2users
PasswordLogFileName pwd.log
SessionDatabase
</Realm>
<Realm dslrealm>
RewriteUsername s/^([^@]+).*/$1/
AuthByPolicy Null
AuthBy sqlacct
AuthBy dslusers
PasswordLogFileName pwd.log
SessionDatabase
</Realm>
<Realm tc8realm>
RewriteUsername s/^([^@]+).*/$1/
AuthByPolicy Null
AuthBy sqlacct
AuthBy tc8users
PasswordLogFileName pwd.log
SessionDatabase
</Realm>
<SessionDatabase SQL>
AddQuery insert into RADONLINE (USERNAME, NASIDENTIFIER, NASPORT,
ACCTSESSIONID, TIME_STAMP, FRAMEDIPADDRESS, NASPORTTYPE, SERVICETYPE)
values ('%u', '%N', 0%{NAS-Port}, '%{Acct-Session-Id}', %{Timestamp},
'%{Framed-IP-Address}', '%{NAS-Port-Type}', '%{Service-Type}')
ClearNasQuery delete from RADONLINE where NASIDENTIFIER='%N'
CountNasSessionsQuery select ACCTSESSIONID from RADONLINE where
NASIDENTIFIER='%N'
CountQuery select NASIDENTIFIER, NASPORT, ACCTSESSIONID from RADONLINE
where USERNAME='%u'
DBAuth XXXX
DBSource dbi:mysql:radius
DBUsername radius
DeleteQuery delete from RADONLINE where NASIDENTIFIER='%N' and
NASPORT=0%{NAS-Port}
Description Current Session database
Identifier SessionSQL
</SessionDatabase>
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list