(RADIATOR) Authentication to radius with Flat File
Hugh Irvine
hugh at open.com.au
Wed Aug 1 18:31:32 CDT 2001
Hello Janice -
There are several things wrong with what you show below, including
the user definition which should have all the check items on the
first line and all the reply items on the second and subsequent
lines, like this:
# user records have all check items on the first line (no comma at the end)
# reply items are on the second and subsequent lines (commas except the last)
bob12 User-Password = "forpccw"
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 202.79.95.17,
Framed-IP-Netmask = 255.255.255.255,
Framed-Routing = None,
Framed-MTU = 1500,
Framed-Compression = Van-Jacobson-TCP-IP
You will also need to uncomment the RewriteUsername to strip the
suffix off the username before checking it in the AuthBy FILE.
I will also need to see the complete configuration file (no secrets)
together with a trace 4 debug from Radiator showing what is happening.
thanks
Hugh
At 19:23 +0800 01/8/1, Wong, Janice wrote:
>hi all,
>
>I need to create a client to be authenticated using a fixed ip address. I
>have created a flat file containing user information to assign the framed ip
>address function for a specific user. But I do not seem to get
>authentication and it always give me a handler error msg trying to reach
>203.63.154.1
>
>This is my configuration on Radius.cfg
>
>
># Framed ip address testing
><Client 202.75.127.17>
> Secret xxxxx
> IgnoreAcctSignature
></Client>
>
># allow all clients to use the same secret
><Client DEFAULT>
> Secret xxxxx
></Client>
>
>
><Realm 202.75.127.17>
> AcctLogFileFormat file:"/usr/local/radiator/LogFormat"
> AcctLogFileName /usr/local/radiator/radacct/usage.testingrealm
> #RewriteUsername s/^([^@]+).*/$1/
> <AuthBy FILE>
> Filename %D/testuser
> </AuthBy>
></Realm>
>
>
>The user file :
>
>bob12 User-Password = "forpccw",
> Service-Type = Framed-User
> Framed-Protocol = PPP,
> Framed-IP-Address = 202.79.95.17,
> Framed-IP-Netmask =
>255.255.255.255,
> Framed-Routing = None,
> Framed-MTU = 1500,
> Framed-Compression = Van-
>Jacobson-TCP-IP
>
>radpwtst logfile error:
>
>Code: Accounting-Request
>Identifier: 67
>Authentic: }<163>kN$<220>T<150><142>U<188><193><183><245><234><15>
>Attributes:
> User-Name = "bob12 at 202.75.127.17"
> Service-Type = Framed-User
> NAS-IP-Address = 203.63.154.1
> NAS-Port = 1234
> NAS-Port-Type = Async
> Acct-Session-Id = "00001234"
> Acct-Status-Type = Stop
> Acct-Delay-Time = 0
> Acct-Session-Time = 1000
> Acct-Input-Octets = 20000
> Acct-Output-Octets = 30000
>
>Wed Aug 1 19:11:00 2001: WARNING: Bad authenticator in request from DEFAULT
>(203.63.154.1)
>
>Attributes:
> User-Name = "bob12 at 202.75.127.17"
> Service-Type = Framed-User
> NAS-IP-Address = 203.63.154.1
> NAS-Port = 1234
> NAS-Port-Type = Async
> User-Password = "<163>N<220><236><150>y<14><238>k(<135>Fp73<140>"
>
>Wed Aug 1 19:10:50 2001: DEBUG: Check if Handler Realm=xxxx.net.sg should
>be used to handle this request
>Wed Aug 1 19:10:50 2001: WARNING: Could not find a handler: request is
>ignored
>Wed Aug 1 19:10:55 2001: DEBUG: Packet dump:
>
>Am I missing any commands or configuration to enable the authentication?
>
>Janice
>===
>Archive at http://www.open.com.au/archives/radiator/
>Announcements on radiator-announce at open.com.au
>To unsubscribe, email 'majordomo at open.com.au' with
>'unsubscribe radiator' in the body of the message.
--
NB: I am travelling this week, so there may be delays in our correspondence.
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list