(RADIATOR) DefaultSimultaneousUse With Cisco
Hugh Irvine
hugh at open.com.au
Tue Jan 20 01:11:32 CST 2004
Hello Al -
I'm guessing here, but I suspect the problem is due to your Client
definitions in the SQL database - specifically the contents of the
NASTYPE field for at least the NAS in question. As you will see from
the debug, Radiator is trying to find a module called " Radius/Nas/.pm"
in the Redback case so this is not correct at all.
The problem with the Cisco is that the NAS-Port attribute is always
"0", so this will never work in any case.
regards
Hugh
On 20 Jan 2004, at 09:04, al mccain wrote:
>
> Hello Guys,
>
> I have yet another problem. We are trying to implement concurrent login
> checks. I am having trouble using DefaultSimultaneousUse = 1 with our
> cisco boxes. It works perfectly for our Redbacks equipment. Could
> someone
> take a look and let me know what I'm doing wrong? I have attached my
> config as well as 2 trace 4's. One is the redback (acting perfectly)
> and
> one of the cisco (acting no-so-perfectly).
>
> Thanks!
>
> Al
>
>
> Config
> --------------------------------------------------------
>
> #Foreground
> #LogStdout
> LogDir /var/adm/radacct
> DbDir /etc/raddb
> PreHandlerHook file:"%D/prehook"
>
> SnmpgetProg /usr/local/bin/snmpget
> Trace 4
> RewriteUsername s/^([^@]+)\@centurytel.net/$1/
> RewriteUsername s/^([^@]+)\@digisys.net/$1/
> RewriteUsername s/\s+//g
> #RewriteUsername s/\'//g
> RewriteUsername tr/A-Z/a-z/
> <Client DEFAULT>
>
>
> Secret letMEin
> DupInterval 0
>
>
> </Client>
>
> <SessionDatabase SQL>
>
> DBSource dbi:mysql:radius:*******************
> DBUsername ******
> DBAuth ********
> Identifier SQLS
>
> AddQuery insert into RADONLINE (USERNAME,\
> NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,\
> FRAMEDIPADDRESS, NASPORTTYPE) \
> values ('%n', '%N',\
> '%{NAS-Port}', '%{Acct-Session-Id}', '%o',\
> '%{Framed-IP-Address}', '%{NAS-Port-Type}')
>
>
> DeleteQuery delete from RADONLINE where NASIDENTIFIER='%1' and
> NASPORT=0%2
> ClearNasQuery delete from RADONLINE where NASIDENTIFIER='%0'
> CountQuery select NASIDENTIFIER, NASPORT, ACCTSESSIONID from RADONLINE
> \
> where USERNAME ='%u'
>
>
> </SessionDatabase>
>
>
> <ClientListSQL>
>
> DBSource dbi:mysql:radius:********************
> DBUsername *******
> DBAuth *********
>
> select NASIDENTIFIER,SECRET,IGNOREACCTSIGNATURE,DUPINTERVAL, \
> DEFAULTREALM,NASTYPE,SNMPCOMMUNITY,LIVINGSTONOFFS, \
> LIVINGSTONHOLE,FRAMEDGROUPBASEADDRESS, \
> FRAMEDGROUPMAXPORTSPERCLASSC,REWRITEUSERNAME, \
> NOIGNOREDUPLICATES from RADCLIENTLIST
>
>
> </ClientListSQL>
> <AuthBy UNIX>
>
> # DefaultSimultaneousUse 1
> Identifier System
> Filename /etc/shadow
>
> </AuthBy>
>
> <AuthBy LDAP2>
> DefaultSimultaneousUse 1
> Identifier LDAP
> Host 127.0.0.1
> Port 389
> AuthDN uid=searchuser,dc=centurytel,dc=net
> AuthPassword ********
> BaseDN %0=%1,ou=people,dc=centurytel,dc=net
> Scope base
> UsernameAttr uid
> PasswordAttr userPassword
> HoldServerConnection
> SearchFilter (&(gecos=active)(uid=%1))
> AuthAttrDef gidNumber, gid-attr, request
> # DefaultReply
> Service-Type=Framed-User,Framed-Protocol=PPP
> </AuthBy>
> <AuthBy SQL>
> # NoDefault
> DefaultSimultaneousUse 1
> Identifier CheckSQL
>
> DBSource dbi:mysql:radius:********************
> DBUsername ******
> DBAuth ********
>
>
> AuthSelect select PASSWORD, CHECKATTR, REPLYATTR \
> from SUBSCRIBERS \
> where USERNAME=%0
>
> AuthColumnDef 0, User-Password, check
> AuthColumnDef 1, GENERIC, check
> AuthColumnDef 2, GENERIC, reply
> # DefaultReply
> Service-Type=Framed-User,Framed-Protocol=PPP
>
>
> </AuthBy>
> <Realm DEFAULT>
> RewriteUsername s/^([^@]+).*/$1/
>
>
>
> PostAuthHook file:"%D/postHook"
> AcctLogFileName %L/%N/detail
>
>
>
> #AuthByPolicy ContinueWhileReject
> AuthByPolicy ContinueUntilAccept
> #AuthBy LDAP
> AuthBy CheckSQL
> AuthBy System
>
>
> </Realm>
>
> ----------------------------------------------
> End Config
>
>
> Trace 4 Redback
> ----------------------------------------------
> Mon Jan 19 12:56:10 2004: DEBUG: Packet dump:
> *** Received from 209.142.136.22 port 1812 ....
> Code: Access-Request
> Identifier: 11
> Authentic: E<138><164><4>E<130>FE<30><232><199>@<23>j<201><247>
> Attributes:
> User-Name = "nethelp1"
> User-Password = "<187>6<25>L<247><7><5><168><148><235>0 5V<3><199>"
> NAS-Identifier = "rb-test.mx"
> NAS-IP-Address = 209.142.136.22
> RB-NAS-Real-Port = 537067624
> Service-Type = Framed-User
> Framed-Protocol = PPP
> NAS-Port = 3892314117
> Connect-Info = "ubrc"
>
> Mon Jan 19 12:56:10 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:56:10 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:56:10 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:56:10 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:56:10 2004: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
> Mon Jan 19 12:56:10 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:56:10 2004: DEBUG: SQLS Deleting session for nethelp1,
> 209.142.136.22, 3892314117
> Mon Jan 19 12:56:10 2004: DEBUG: do query is: 'delete from RADONLINE
> where NASIDENTIFIER='209.142.136.22' and NASPORT=03892314117':
>
> Mon Jan 19 12:56:10 2004: DEBUG: Handling with Radius::AuthSQL
> Mon Jan 19 12:56:10 2004: DEBUG: Handling with Radius::AuthSQL:
> CheckSQL
> Mon Jan 19 12:56:10 2004: DEBUG: Query is: 'select PASSWORD,
> CHECKATTR, REPLYATTR from SUBSCRIBERS where USERNAME='nethelp1'':
>
> Mon Jan 19 12:56:10 2004: DEBUG: Radius::AuthSQL looks for match with
> nethelp1
> Mon Jan 19 12:56:10 2004: DEBUG: Query is: 'select NASIDENTIFIER,
> NASPORT from RADONLINE where USERNAME ='nethelp1'':
>
> Mon Jan 19 12:56:10 2004: DEBUG: Radius::AuthSQL ACCEPT:
> Mon Jan 19 12:56:10 2004: DEBUG: Access accepted for nethelp1
> Mon Jan 19 12:56:10 2004: DEBUG: Packet dump:
> *** Sending to 209.142.136.22 port 1812 ....
> Code: Access-Accept
> Identifier: 11
> Authentic: E<138><164><4>E<130>FE<30><232><199>@<23>j<201><247>
> Attributes:
> Framed-IP-Address = 66.112.90.42
> Service-Type = Framed-User
> Framed-Protocol = PPP
> Framed-IP-Netmask = 255.255.255.255
> Idle-Timeout = 0
> Session-Timeout = 0
>
> Mon Jan 19 12:56:12 2004: ERR: Attribute number 144 (vendor 2352) is
> not defined in your dictionary
> Mon Jan 19 12:56:12 2004: DEBUG: Packet dump:
> *** Received from 209.142.136.22 port 1812 ....
> Code: Accounting-Request
> Identifier: 29
> Authentic: <136>}<253><170><198>`<188><251>N<28><253>`<135><232><29>r
> Attributes:
> User-Name = "nethelp1"
> NAS-Identifier = "rb-test.mx"
> NAS-IP-Address = 209.142.136.22
> Service-Type = Framed-User
> Framed-Protocol = PPP
> NAS-Port = 3892314117
> RB-NAS-Real-Port = 537067624
> Acct-Session-Id = "E8000005-400B2C3E"
> Acct-Authentic = RADIUS
> Connect-Info = "ubrc"
> Framed-IP-Address = 66.112.90.42
> Acct-Status-Type = Start
>
> Mon Jan 19 12:56:12 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:56:12 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:56:12 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:56:12 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:56:12 2004: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
> Mon Jan 19 12:56:12 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:56:12 2004: DEBUG: SQLS Adding session for nethelp1,
> 209.142.136.22, 3892314117
> Mon Jan 19 12:56:12 2004: DEBUG: do query is: 'delete from RADONLINE
> where NASIDENTIFIER='209.142.136.22' and NASPORT=03892314117':
>
> Mon Jan 19 12:56:12 2004: DEBUG: do query is: 'insert into RADONLINE
> (USERNAME,NASIDENTIFIER, NASPORT, ACCTSESSIONID,
> TIME_STAMP,FRAMEDIPADDRESS, NASPORTTYPE) values ('nethelp1',
> '209.142.136.22','3892314117', 'E8000005-400B2C3E', 'Mon Jan 19
> 12:56:12 2004','66.112.90.42', '')':
>
> Mon Jan 19 12:56:12 2004: DEBUG: Handling with Radius::AuthSQL
> Mon Jan 19 12:56:12 2004: DEBUG: Handling accounting with
> Radius::AuthSQL
> Mon Jan 19 12:56:12 2004: DEBUG: Accounting accepted
> Mon Jan 19 12:56:12 2004: DEBUG: Packet dump:
> *** Sending to 209.142.136.22 port 1812 ....
> Code: Accounting-Response
> Identifier: 29
> Authentic: <136>}<253><170><198>`<188><251>N<28><253>`<135><232><29>r
> Attributes:
>
> Mon Jan 19 12:56:13 2004: ERR: Attribute number 144 (vendor 2352) is
> not defined in your dictionary
> Mon Jan 19 12:56:13 2004: DEBUG: Packet dump:
> *** Received from 209.142.136.22 port 1812 ....
> Code: Accounting-Request
> Identifier: 30
> Authentic: g%M<161><249><226><174>'<244>NO<194>5Y<176>s
> Attributes:
> User-Name = "nethelp1"
> NAS-Identifier = "rb-test.mx"
> NAS-IP-Address = 209.142.136.22
> Service-Type = Framed-User
> Framed-Protocol = PPP
> NAS-Port = 3892314117
> RB-NAS-Real-Port = 537067624
> Acct-Session-Id = "E8000005-400B2C3E"
> Acct-Authentic = RADIUS
> Connect-Info = "ubrc"
> Acct-Status-Type = Alive
> Framed-IP-Address = 66.112.90.42
> Framed-IP-Netmask = 255.255.255.255
> RB-Client-DNS-Pri = 209.142.136.85
> RB-Client-DNS-Sec = 209.206.199.16
> Acct-Input-Octets = 180
> Acct-Output-Octets = 0
> Acct-Input-Packets = 3
> Acct-Output-Packets = 0
> Acct-Session-Time = 0
> RB-Acct-Input-Octets-64 = 0xb4
> RB-Acct-Output-Octets-64 = 0x0
> RB-Acct-Input-Packets-64 = 0x3
> RB-Acct-Output-Packets-64 = 0x0
>
> Mon Jan 19 12:56:13 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:56:13 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:56:13 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:56:13 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:56:13 2004: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
> Mon Jan 19 12:56:13 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:56:13 2004: DEBUG: SQLS Adding session for nethelp1,
> 209.142.136.22, 3892314117
> Mon Jan 19 12:56:13 2004: DEBUG: do query is: 'delete from RADONLINE
> where NASIDENTIFIER='209.142.136.22' and NASPORT=03892314117':
>
> Mon Jan 19 12:56:13 2004: DEBUG: do query is: 'insert into RADONLINE
> (USERNAME,NASIDENTIFIER, NASPORT, ACCTSESSIONID,
> TIME_STAMP,FRAMEDIPADDRESS, NASPORTTYPE) values ('nethelp1',
> '209.142.136.22','3892314117', 'E8000005-400B2C3E', 'Mon Jan 19
> 12:56:13 2004','66.112.90.42', '')':
>
> Mon Jan 19 12:56:13 2004: DEBUG: Handling with Radius::AuthSQL
> Mon Jan 19 12:56:13 2004: DEBUG: Handling accounting with
> Radius::AuthSQL
> Mon Jan 19 12:56:13 2004: DEBUG: Accounting accepted
> Mon Jan 19 12:56:13 2004: DEBUG: Packet dump:
> *** Sending to 209.142.136.22 port 1812 ....
> Code: Accounting-Response
> Identifier: 30
> Authentic: g%M<161><249><226><174>'<244>NO<194>5Y<176>s
> Attributes:
>
> Mon Jan 19 12:57:53 2004: DEBUG: Packet dump:
> *** Received from 209.142.136.22 port 1812 ....
> Code: Access-Request
> Identifier: 12
> Authentic: <240><165><246>oN<222><231>t<28><143><163>oA<206><12><203>
> Attributes:
> User-Name = "nethelp1"
> User-Password = ""<4>y<223>1J<218>2<240><239><149><197>I<213>"m"
> NAS-Identifier = "rb-test.mx"
> NAS-IP-Address = 209.142.136.22
> RB-NAS-Real-Port = 537067622
> Service-Type = Framed-User
> Framed-Protocol = PPP
> NAS-Port = 3892314118
> Connect-Info = "ubrc"
>
> Mon Jan 19 12:57:53 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:57:53 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:57:53 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:57:53 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:57:53 2004: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
> Mon Jan 19 12:57:53 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:57:53 2004: DEBUG: SQLS Deleting session for nethelp1,
> 209.142.136.22, 3892314118
> Mon Jan 19 12:57:53 2004: DEBUG: do query is: 'delete from RADONLINE
> where NASIDENTIFIER='209.142.136.22' and NASPORT=03892314118':
>
> Mon Jan 19 12:57:53 2004: DEBUG: Handling with Radius::AuthSQL
> Mon Jan 19 12:57:53 2004: DEBUG: Handling with Radius::AuthSQL:
> CheckSQL
> Mon Jan 19 12:57:53 2004: DEBUG: Query is: 'select PASSWORD,
> CHECKATTR, REPLYATTR from SUBSCRIBERS where USERNAME='nethelp1'':
>
> Mon Jan 19 12:57:53 2004: DEBUG: Radius::AuthSQL looks for match with
> nethelp1
> Mon Jan 19 12:57:53 2004: DEBUG: Query is: 'select NASIDENTIFIER,
> NASPORT from RADONLINE where USERNAME ='nethelp1'':
>
> Mon Jan 19 12:57:53 2004: DEBUG: Checking if user is still online: ,
> nethelp1, 209.142.136.22, 3892314117,
> Mon Jan 19 12:57:53 2004: ERR: Could not load NAS-specific module
> Radius::Nas::: Can't locate Radius/Nas/.pm in @INC (@INC contains: .
> /usr/local/lib/perl5/5.8.0/sun4-solaris /usr/local/lib/perl5/5.8.0
> /usr/local/lib/perl5/site_perl/5.8.0/sun4-solaris
> /usr/local/lib/perl5/site_perl/5.8.0 /usr/local/lib/perl5/site_perl .)
> at (eval 190) line 3.
>
> Mon Jan 19 12:57:53 2004: DEBUG: Radius::AuthSQL REJECT:
> Simultaneous-Use of 1 exceeded
> Mon Jan 19 12:57:53 2004: DEBUG: Query is: 'select PASSWORD,
> CHECKATTR, REPLYATTR from SUBSCRIBERS where USERNAME='DEFAULT'':
>
> Mon Jan 19 12:57:53 2004: DEBUG: Radius::AuthSQL looks for match with
> DEFAULT
> Mon Jan 19 12:57:53 2004: DEBUG: Handling with Radius::AuthLDAP2: LDAP
> Mon Jan 19 12:57:53 2004: INFO: Connecting to 127.0.0.1, port 389
> Mon Jan 19 12:57:53 2004: ERR: Could not open LDAP connection to
> 127.0.0.1, port 389. Backing off for 600 seconds.
> Mon Jan 19 12:57:53 2004: DEBUG: Radius::AuthSQL IGNORE: User database
> access error
> Mon Jan 19 12:57:53 2004: DEBUG: Handling with Radius::AuthUNIX: System
> Mon Jan 19 12:57:53 2004: DEBUG: Radius::AuthUNIX looks for match with
> nethelp1
> Mon Jan 19 12:57:53 2004: INFO: Access rejected for nethelp1: No such
> user
> Mon Jan 19 12:57:53 2004: DEBUG: Packet dump:
> *** Sending to 209.142.136.22 port 1812 ....
> Code: Access-Reject
> Identifier: 12
> Authentic: <240><165><246>oN<222><231>t<28><143><163>oA<206><12><203>
> Attributes:
> Reply-Message = "choice: "
> Reply-Message = "Request Denied"
>
> -----------------------------------------------
> end trace 4 redback
>
>
> Trace 4 cisco
> -----------------------------------------------
> Mon Jan 19 12:42:45 2004: DEBUG: Packet dump:
> *** Received from 209.142.136.170 port 21659 ....
> Code: Access-Request
> Identifier: 15
> Authentic: ,6~<148>$L<139>/<139>hC<142><166><16><184>D
> Attributes:
> Framed-Protocol = PPP
> User-Name = "nethelp1"
> User-Password =
> "<219>@~<155><31><188><179><167><189><12><204><218><232><31><139>i"
> NAS-Port-Type = Virtual
> Cisco-NAS-Port = "5/0/0/3.102"
> NAS-Port = 0
> Service-Type = Framed-User
> NAS-IP-Address = 209.142.136.170
>
> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:42:45 2004: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:42:45 2004: DEBUG: SQLS Deleting session for nethelp1,
> 209.142.136.170, 0
> Mon Jan 19 12:42:45 2004: DEBUG: do query is: 'delete from RADONLINE
> where NASIDENTIFIER='209.142.136.170' and NASPORT=00':
>
> Mon Jan 19 12:42:45 2004: DEBUG: Handling with Radius::AuthSQL
> Mon Jan 19 12:42:45 2004: DEBUG: Handling with Radius::AuthSQL:
> CheckSQL
> Mon Jan 19 12:42:45 2004: DEBUG: Query is: 'select PASSWORD,
> CHECKATTR, REPLYATTR from SUBSCRIBERS where USERNAME='nethelp1'':
>
> Mon Jan 19 12:42:45 2004: DEBUG: Radius::AuthSQL looks for match with
> nethelp1
> Mon Jan 19 12:42:45 2004: DEBUG: Query is: 'select NASIDENTIFIER,
> NASPORT from RADONLINE where USERNAME ='nethelp1'':
>
> Mon Jan 19 12:42:45 2004: DEBUG: Radius::AuthSQL ACCEPT:
> Mon Jan 19 12:42:45 2004: DEBUG: Access accepted for nethelp1
> Mon Jan 19 12:42:45 2004: DEBUG: Packet dump:
> *** Sending to 209.142.136.170 port 21659 ....
> Code: Access-Accept
> Identifier: 15
> Authentic: ,6~<148>$L<139>/<139>hC<142><166><16><184>D
> Attributes:
> Framed-IP-Address = 66.112.90.42
> Service-Type = Framed-User
> Framed-Protocol = PPP
> Framed-IP-Netmask = 255.255.255.255
> Idle-Timeout = 0
> Session-Timeout = 0
>
> Mon Jan 19 12:42:45 2004: DEBUG: Packet dump:
> *** Received from 209.142.136.170 port 21659 ....
> Code: Accounting-Request
> Identifier: 16
> Authentic: <211><202>yl<21>J<178>fh<233><213><244>4<236><236>b
> Attributes:
> Acct-Session-Id = "00000506"
> cisco-avpair = "client-mac-address=0060.0f4e.604e"
> Framed-Protocol = PPP
> Acct-Authentic = RADIUS
> User-Name = "nethelp1"
> Acct-Status-Type = Start
> NAS-Port-Type = Virtual
> Cisco-NAS-Port = "5/0/0/3.102"
> NAS-Port = 0
> Service-Type = Framed-User
> NAS-IP-Address = 209.142.136.170
> Acct-Delay-Time = 0
>
> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:42:45 2004: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:42:45 2004: DEBUG: SQLS Adding session for nethelp1,
> 209.142.136.170, 0
> Mon Jan 19 12:42:45 2004: DEBUG: do query is: 'delete from RADONLINE
> where NASIDENTIFIER='209.142.136.170' and NASPORT=00':
>
> Mon Jan 19 12:42:45 2004: DEBUG: do query is: 'insert into RADONLINE
> (USERNAME,NASIDENTIFIER, NASPORT, ACCTSESSIONID,
> TIME_STAMP,FRAMEDIPADDRESS, NASPORTTYPE) values ('nethelp1',
> '209.142.136.170','0', '00000506', 'Mon Jan 19 12:42:45 2004','',
> 'Virtual')':
>
> Mon Jan 19 12:42:45 2004: DEBUG: Handling with Radius::AuthSQL
> Mon Jan 19 12:42:45 2004: DEBUG: Handling accounting with
> Radius::AuthSQL
> Mon Jan 19 12:42:45 2004: DEBUG: Accounting accepted
> Mon Jan 19 12:42:45 2004: DEBUG: Packet dump:
> *** Sending to 209.142.136.170 port 21659 ....
> Code: Accounting-Response
> Identifier: 16
> Authentic: <211><202>yl<21>J<178>fh<233><213><244>4<236><236>b
> Attributes:
>
> Mon Jan 19 12:43:46 2004: DEBUG: Packet dump:
> *** Received from 209.142.136.170 port 21659 ....
> Code: Access-Request
> Identifier: 17
> Authentic: ~<193>en-4}<12>B<224><28><14>mr<201><0>
> Attributes:
> Framed-Protocol = PPP
> User-Name = "nethelp1"
> User-Password =
> "<27><217><190>0<243><6>g<208><239><241><24><215><249>_<229>+"
> NAS-Port-Type = Virtual
> Cisco-NAS-Port = "5/0/0/3.104"
> NAS-Port = 0
> Service-Type = Framed-User
> NAS-IP-Address = 209.142.136.170
>
> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:43:46 2004: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:43:46 2004: DEBUG: SQLS Deleting session for nethelp1,
> 209.142.136.170, 0
> Mon Jan 19 12:43:46 2004: DEBUG: do query is: 'delete from RADONLINE
> where NASIDENTIFIER='209.142.136.170' and NASPORT=00':
>
> Mon Jan 19 12:43:46 2004: DEBUG: Handling with Radius::AuthSQL
> Mon Jan 19 12:43:46 2004: DEBUG: Handling with Radius::AuthSQL:
> CheckSQL
> Mon Jan 19 12:43:46 2004: DEBUG: Query is: 'select PASSWORD,
> CHECKATTR, REPLYATTR from SUBSCRIBERS where USERNAME='nethelp1'':
>
> Mon Jan 19 12:43:46 2004: DEBUG: Radius::AuthSQL looks for match with
> nethelp1
> Mon Jan 19 12:43:46 2004: DEBUG: Query is: 'select NASIDENTIFIER,
> NASPORT from RADONLINE where USERNAME ='nethelp1'':
>
> Mon Jan 19 12:43:46 2004: DEBUG: Radius::AuthSQL ACCEPT:
> Mon Jan 19 12:43:46 2004: DEBUG: Access accepted for nethelp1
> Mon Jan 19 12:43:46 2004: DEBUG: Packet dump:
> *** Sending to 209.142.136.170 port 21659 ....
> Code: Access-Accept
> Identifier: 17
> Authentic: ~<193>en-4}<12>B<224><28><14>mr<201><0>
> Attributes:
> Framed-IP-Address = 66.112.90.42
> Service-Type = Framed-User
> Framed-Protocol = PPP
> Framed-IP-Netmask = 255.255.255.255
> Idle-Timeout = 0
> Session-Timeout = 0
>
> Mon Jan 19 12:43:46 2004: DEBUG: Packet dump:
> *** Received from 209.142.136.170 port 21659 ....
> Code: Accounting-Request
> Identifier: 18
> Authentic: <223>G<198><10><160>]<178>"<182><166>()<158>PZ<19>
> Attributes:
> Acct-Session-Id = "00000507"
> cisco-avpair = "client-mac-address=0060.0fd5.b0f0"
> Framed-Protocol = PPP
> Acct-Authentic = RADIUS
> User-Name = "nethelp1"
> Acct-Status-Type = Start
> NAS-Port-Type = Virtual
> Cisco-NAS-Port = "5/0/0/3.104"
> NAS-Port = 0
> Service-Type = Framed-User
> NAS-IP-Address = 209.142.136.170
> Acct-Delay-Time = 0
>
> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:43:46 2004: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
> Mon Jan 19 12:43:46 2004: DEBUG: SQLS Adding session for nethelp1,
> 209.142.136.170, 0
> Mon Jan 19 12:43:46 2004: DEBUG: do query is: 'delete from RADONLINE
> where NASIDENTIFIER='209.142.136.170' and NASPORT=00':
>
> Mon Jan 19 12:43:46 2004: DEBUG: do query is: 'insert into RADONLINE
> (USERNAME,NASIDENTIFIER, NASPORT, ACCTSESSIONID,
> TIME_STAMP,FRAMEDIPADDRESS, NASPORTTYPE) values ('nethelp1',
> '209.142.136.170','0', '00000507', 'Mon Jan 19 12:43:46 2004','',
> 'Virtual')':
>
> Mon Jan 19 12:43:46 2004: DEBUG: Handling with Radius::AuthSQL
> Mon Jan 19 12:43:46 2004: DEBUG: Handling accounting with
> Radius::AuthSQL
> Mon Jan 19 12:43:46 2004: DEBUG: Accounting accepted
> Mon Jan 19 12:43:46 2004: DEBUG: Packet dump:
> *** Sending to 209.142.136.170 port 21659 ....
> Code: Accounting-Response
> Identifier: 18
> Authentic: <223>G<198><10><160>]<178>"<182><166>()<158>PZ<19>
> Attributes:
>
> -------------------------------------------------------------
> end trace 4 cisco
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>
NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list