(RADIATOR) Bad login count

Chairath K chairath at lensodatacom.co.th
Mon Dec 10 22:17:36 CST 2001


Hello Hugh,

I have got problem about Bad login count. According to section 5.1.9 in reference manual of RAdmin version 1.4 , it said that if we leave this field blank, then no bad login limits will be applied. But !! when I try ,  I can't login . In log file shows a message like these


Tue Dec 11 10:53:56 2001: INFO: Access rejected for user2 at test2: No such user
Tue Dec 11 10:53:56 2001: DEBUG: Packet dump:
*** Sending to 10.20.0.2 port 49156 ....
Code:       Access-Reject
Identifier: 159
Authentic:  <0><0>4G<0><0><13><21><0><0><31>><0><0>/<172>
Attributes:
 Reply-Message = "Request Denied"

So how can I fixed it . 
Futhermore ,  how can I expand login limit  to more than 5

Regards,
Chairath

P.S. Our system are running with Radiator 2.18 and Radmin 1.4

Foreground
LogStdout
LogDir  d:/Radiator-2.18/log
DbDir  d:/Radiator-2.18
LogFile %L/logfile-%d-%m-%Y

# Dont turn this up too high, since all log messages are logged
# to the RADMESSAGES table in the database. 3 will give you everything
# except debugging messages
Trace 4


# PreClientHook to add NAS-Port attribute
PreClientHook file:"%D/addNASPort"

# You will probably want to change this to suit your site.
# You should list all the clients you have, and their secrets
# If you are using the Radmin Clients table, you wil probably
# want to disable this.
#<Client DEFAULT>
# Secret mysecret
# DupInterval 0
#</Client>

# You can put additonal (or all) client details in your Radmin
# database table
# and get their details from there with something like this:
# You can then use the Radmin 'Add Radius Client' to add new clients.
<ClientListSQL>
 DBSource dbi:ODBC:Radmin
 DBUsername xxx
 DBAuth  xxxx
</ClientListSQL>

#<AuthBy RADIUS>
# Identifier ProxyTofunk
# Host 10.2.0.6
# Secret test
#</AuthBy>

#<Realm funk>
# strip Realm
# RewriteUsername s/^([^@]+).*/$1/
# AuthBy ProxyTofunk
#</Realm>

<AuthBy RADMIN>
 Identifier RADMINAUTH
 # Change DBSource, DBUsername, DBAuth for your database
 # See the reference manual. You will also have to 
 # change the one in <SessionDatabse SQL> below
 # so its the same
 DBSource dbi:ODBC:Radmin
 DBUsername xxx
 DBAuth  xxxx
 DateFormat %e %m  %Y %T
 # You can add to or change these if you want, but you
 # will probably want to change the database schema first
 AccountingTable RADUSAGE
 AcctColumnDef USERNAME,User-Name
 AcctColumnDef TIME_STAMP,Timestamp,integer
 AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type,integer
 AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
 AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
 AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
 AcctColumnDef ACCTSESSIONID,Acct-Session-Id
 AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
 AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause,integer
 AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
 AcctColumnDef NASIDENTIFIER,NAS-Identifier
 AcctColumnDef NASIDENTIFIER,NAS-IP-Address
 AcctColumnDef NASPORT,NAS-Port,integer
 AcctColumnDef DNIS,Called-Station-Id
 AcctColumnDef DATE,Timestamp,integer-date
 # This updates the time and octets left
 # for this user
 AcctSQLStatement update RADUSERS set TIMELEFT=TIMELEFT-0%{Acct-Session-Time}, OCTETSINLEFT=OCTETSINLEFT-0%{Acct-Input-Octets}, OCTETSOUTLEFT=OCTETSOUTLEFT-0%{Acct-Output-Octets} where USERNAME='%n'

</AuthBy>

<AuthBy GROUP>
  Identifier WithIdleTimeout
  AuthBy RADMINAUTH
 # These are the classic things to add to each users 
 # reply to allow a PPP dialup session. It may be 
 # different for your NAS. This will add some 
 # reply items to everyone's reply
 AddToReply Framed-Protocol = PPP,\
  Service-Type = Framed-User,\
         Framed-IP-Netmask = 255.255.255.255,\
         Framed-Routing = None,\
         Framed-MTU = 1500,\
  Framed-Compression = Van-Jacobson-TCP-IP,\
  Idle-Timeout = 600,\
  Class = %{NAS-Port}
</AuthBy>

<AuthBy GROUP>
  Identifier WithOutIdleTimeout
  AuthBy RADMINAUTH
 # These are the classic things to add to each users 
 # reply to allow a PPP dialup session. It may be 
 # different for your NAS. This will add some 
 # reply items to everyone's reply
 AddToReply Framed-Protocol = PPP,\
  Service-Type = Framed-User,\
         Framed-IP-Netmask = 255.255.255.255,\
         Framed-Routing = None,\
         Framed-MTU = 1500,\
  Framed-Compression = Van-Jacobson-TCP-IP,\
  Class = %{NAS-Port}
</AuthBy>

<AuthBy FILE>
 Identifier TimeZone
 Filename %D/adsl.users
</AuthBy>

<Handler Request-Type=Accounting-Request>
 AuthBy RADMINAUTH
</Handler>

<Handler Realm=test1>
 AuthBy TimeZone
</Handler>

<Handler Realm=test2>
 AuthBy WithOutIdleTimeout
</Handler>

<Handler>
 AuthBy WithIdleTimeout
</Handler>


# Handle User with NO Realm with RADMIN
#<Realm>
# AuthBy RADMINAUTH
#</Realm>

# Handle everyone with RADMIN
#<Realm DEFAULT>
# AuthBy RADMINAUTH
#</Realm>

<SessionDatabase SQL>
 # This database spec usually should be exactly the same
 # as in <AuthBy RADMIN> above
 DBSource dbi:ODBC:Radmin
 DBUsername xxxx
 DBAuth  xxxx
 ClearNasQuery
</SessionDatabase>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20011211/88dee7df/attachment.html>


More information about the radiator mailing list