(RADIATOR) Ascend SNMP Problems

Leon Oosterwijk leon at isdn.net
Tue Aug 28 10:18:51 CDT 2001 

Hugh/Mike, 

I've got a problem with the DefaulSimultaneousUse. This does not seem to
work for my realm-based customers. 
Below is a trace level 4 of the different steps for checking the simutaneous
use. As you can see it checks with the Ascend NAS using AscendSNMP. But the
USERNAME passed is "lydia". Not "lydia at cora.net". Hence there is never match
and Radiator thinks that the session has gone away. This however is not
true. If the AscendSNMP would check agains "lydia at cora.net" it would notice
that this username and the username in the MIB match and deny access.

Mon Aug 27 11:53:11 2001: DEBUG: Checking if user is still online:
AscendSNMP, lydia, 207.65.70.7, 842, 326199869
Mon Aug 27 11:53:11 2001: DEBUG: Running command `/usr/bin/snmpget
207.65.70.7 community .iso.org.dod.internet.private.enterprises.326199869
Mon Aug 27 11:53:11 2001: NOTICE: sessiondb Session for lydia at
207.65.70.7:842 has gone away
Mon Aug 27 11:53:11 2001: DEBUG: sessiondb Deleting session for lydia,
207.65.70.7, 842
Mon Aug 27 11:53:11 2001: DEBUG: do query is: delete from RADONLINE where
USERNAME='lydia at cora.net' and NASIDENTIFIER='207.65.70.7'

I've done a little bit of poking around the code to try and find out where
the problem lies. However the code is a little bit dense for me. :) 

Sincerely, 

Leon Oosterwijk


The part of the config file that is relevant to cora.net:

===============
# NetServices -> cora.net
#*******************************************************************
<Handler Realm=cora.net>
#       MaxSessions 1
        RewriteUsername      s/^([^@]+).*/$1/
                
        <AuthBy SQL>
                DBSource        dbi:mysql:NETSERVICES:host=216.153.4.28
                DBUsername      root
                DBAuth          shit
                
                AuthSelect select password, ip_address, netmask, port_limit,
idle_timeout, max_connect_time  from Dialup where user$
                AuthColumnDef 0, User-Password, check
                AuthColumnDef 1, Framed-IP-Address, reply
                AuthColumnDef 2, Framed-IP-Netmask, reply
                AuthColumnDef 3, Ascend-Maximum-Channels, reply
                AuthColumnDef 4, Ascend-Idle-Limit, reply  
                AuthColumnDef 5, Ascend-Maximum-Call-Duration, reply

                DefaultSimultaneousUse  1
                PrependToReply Ascend-Assign-IP-Pool = 12

#               PrependToReply Ascend-Idle-Limit = 1800

                StripFromReply Proxy-State
                StripFromReply Filter-Id
                StripFromReply Framed-Routing
                StripFromReply Ascend-Idle-Limit

                AddToReply      Ascend-Idle-Limit = 1800
                AddToReplyIfNotExist Service-Type = Framed, Framed-Protocol
= PPP, \
                                Ascend-Maximum-Call-Duration = 180,
Ascend-Maximum-Channels = 2

#                AddToReplyIfNotExist Framed-Routing = None
                
#                AddToReplyIfNotExist Service-Type = Framed
#                AddToReplyIfNotExist Framed-Protocol = PPP
#                AddToReplyIfNotExist Ascend-Idle-Limit = 1800
                
#                AddToReplyIfNotExist Ascend-Maximum-Call-Duration = 180
#                AddToReplyIfNotExist Ascend-Maximum-Channels = 2
                
        </AuthBy>
                
</Handler>
===========================


===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list