(RADIATOR) Failed Auth

Rick Ross rickross at nishna.net
Wed Dec 26 16:53:39 CST 2001 

What do i need to do to make this work
what am I missing do I need to have diffrent reply attribs  we are useing
CHAP
with Mysql   Im just not seeing what I need in the docs or I am just
overlooking it
Rick
################ppp log from remot computer##############
12-26-2001 11:25:52.78 - Microsoft Dial Up Adapter log opened.
12-26-2001 11:25:52.78 - Server type is  PPP (Point to Point Protocol).
12-26-2001 11:25:52.78 - FSA : Adding Control Protocol 80fd (CCP) to control
protocol chain.
12-26-2001 11:25:52.78 - FSA : Protocol not bound - skipping control
protocol 803f (NBFCP).
12-26-2001 11:25:52.78 - FSA : Adding Control Protocol 8021 (IPCP) to
control protocol chain.
12-26-2001 11:25:52.78 - FSA : Protocol not bound - skipping control
protocol 802b (IPXCP).
12-26-2001 11:25:52.78 - FSA : Adding Control Protocol c029 (CallbackCP) to
control protocol chain.
12-26-2001 11:25:52.78 - FSA : Encrypted Password required.
12-26-2001 11:25:52.78 - FSA : Encrypted Password required.
12-26-2001 11:25:52.78 - FSA : Adding Control Protocol c223 (CHAP) to
control protocol chain.
12-26-2001 11:25:52.78 - FSA : Adding Control Protocol c021 (LCP) to control
protocol chain.
12-26-2001 11:25:52.78 - LCP : Callback negotiation enabled.
12-26-2001 11:25:52.78 - LCP : Layer started.
12-26-2001 11:25:52.78 - PPP : Transmitting Control Packet of length: 25
12-26-2001 11:25:52.78 - Data 0000: c0 21 01 01 00 17 02 06 | .!.....
12-26-2001 11:25:52.78 - Data 0008: 00 0a 00 00 05 06 00 52 | .......R
12-26-2001 11:25:52.78 - Data 0010: 4a 24 07 02 08 02 0d 03 | J$......
12-26-2001 11:25:52.78 - Data 0018: 06 00 00 00 00 00 00 00 | ........
12-26-2001 11:25:53.44 - PPP : Received Control Packet of length: 9
12-26-2001 11:25:53.44 - Data 0000: c0 21 04 01 00 07 0d 03 | .!......
12-26-2001 11:25:53.44 - Data 0008: 06 00 00 00 00 00 00 00 | ........
12-26-2001 11:25:53.44 - LCP : Received configure reject for callback
control protocol option.
12-26-2001 11:25:53.44 - PPP : Transmitting Control Packet of length: 22
12-26-2001 11:25:53.44 - Data 0000: c0 21 01 02 00 14 02 06 | .!......
12-26-2001 11:25:53.44 - Data 0008: 00 0a 00 00 05 06 00 52 | .......R
12-26-2001 11:25:53.44 - Data 0010: 4a 24 07 02 08 02 00 00 | J$......
12-26-2001 11:25:53.60 - PPP : Received Control Packet of length: 22
12-26-2001 11:25:53.60 - Data 0000: c0 21 02 02 00 14 02 06 | .!......
12-26-2001 11:25:53.60 - Data 0008: 00 0a 00 00 05 06 00 52 | .......R
12-26-2001 11:25:53.60 - Data 0010: 4a 24 07 02 08 02 00 00 | J$......
12-26-2001 11:25:55.36 - PPP : Received Control Packet of length: 54
12-26-2001 11:25:55.36 - Data 0000: c0 21 01 02 00 34 02 06 | .!...4..
12-26-2001 11:25:55.36 - Data 0008: 00 0a 00 00 03 05 c2 23 | .......#
12-26-2001 11:25:55.36 - Data 0010: 05 05 06 54 03 bf aa 07 | ...T....
12-26-2001 11:25:55.36 - Data 0018: 02 08 02 11 04 05 f4 13 | ........
12-26-2001 11:25:55.36 - Data 0020: 17 01 6e 61 73 31 30 2e | .nas10.
12-26-2001 11:25:55.36 - Data 0028: 61 72 6c 69 6e 67 74 6f | arlingto
12-26-2001 11:25:55.36 - Data 0030: 6e 31 2e 76 61 2e 00 00 | n1.va...
12-26-2001 11:25:55.36 - LCP : Received and accepted ACCM of a0000.
12-26-2001 11:25:55.36 - LCP : Received and accepted authentication protocol
c223 (CHAP).
12-26-2001 11:25:55.36 - LCP : Received and accepted magic number 5403bfaa.
12-26-2001 11:25:55.36 - LCP : Received and accepted protocol field
compression option.
12-26-2001 11:25:55.36 - LCP : Received and accepted address+control field
compression option.
12-26-2001 11:25:55.36 - PPP : Transmitting Control Packet of length: 33
12-26-2001 11:25:55.36 - Data 0000: c0 21 04 02 00 1f 11 04 | .!.....
12-26-2001 11:25:55.36 - Data 0008: 05 f4 13 17 01 6e 61 73 | ....nas
12-26-2001 11:25:55.36 - Data 0010: 31 30 2e 61 72 6c 69 6e | 10.arlin
12-26-2001 11:25:55.36 - Data 0018: 67 74 6f 6e 31 2e 76 61 | gton1.va
12-26-2001 11:25:55.36 - Data 0020: 2e 00 00 00 00 00 00 00 | ........
12-26-2001 11:25:55.52 - PPP : Received Control Packet of length: 27
12-26-2001 11:25:55.52 - Data 0000: c0 21 01 03 00 19 02 06 | .!.....
12-26-2001 11:25:55.52 - Data 0008: 00 0a 00 00 03 05 c2 23 | .......#
12-26-2001 11:25:55.52 - Data 0010: 05 05 06 54 03 bf aa 07 | ...T....
12-26-2001 11:25:55.52 - Data 0018: 02 08 02 00 00 00 00 00 | ........
12-26-2001 11:25:55.52 - LCP : Received and accepted ACCM of a0000.
12-26-2001 11:25:55.52 - LCP : Received and accepted authentication protocol
c223 (CHAP).
12-26-2001 11:25:55.52 - LCP : Received and accepted magic number 5403bfaa.
12-26-2001 11:25:55.52 - LCP : Received and accepted protocol field
compression option.
12-26-2001 11:25:55.52 - LCP : Received and accepted address+control field
compression option.
12-26-2001 11:25:55.52 - PPP : Transmitting Control Packet of length: 27
12-26-2001 11:25:55.52 - Data 0000: c0 21 02 03 00 19 02 06 | .!.....
12-26-2001 11:25:55.52 - Data 0008: 00 0a 00 00 03 05 c2 23 | .......#
12-26-2001 11:25:55.52 - Data 0010: 05 05 06 54 03 bf aa 07 | ...T....
12-26-2001 11:25:55.52 - Data 0018: 02 08 02 00 00 00 00 00 | ........
12-26-2001 11:25:55.52 - LCP : Layer up.
12-26-2001 11:25:55.52 - CHAP : Layer started.
12-26-2001 11:25:55.68 - PPP : Received Control Packet of length: 48
12-26-2001 11:25:55.68 - Data 0000: c2 23 01 01 00 2e 10 04 | .#......
12-26-2001 11:25:55.68 - Data 0008: e3 d3 9d 83 37 fb 29 73 | ....7.)s
12-26-2001 11:25:55.68 - Data 0010: 17 27 b8 96 86 4c 5a 6e | '...LZn
12-26-2001 11:25:55.68 - Data 0018: 61 73 31 30 2e 61 72 6c | as10.arl
12-26-2001 11:25:55.68 - Data 0020: 69 6e 67 74 6f 6e 31 2e | ington1.
12-26-2001 11:25:55.68 - Data 0028: 76 61 2e 75 73 2e 64 61 | va.us.da
12-26-2001 11:25:55.68 - PPP : Transmitting Control Packet of length: 43
12-26-2001 11:25:55.68 - Data 0000: c2 23 02 01 00 29 10 73 | .#...).s
12-26-2001 11:25:55.68 - Data 0008: ad a8 5a 23 9e ef 95 72 | ..Z#...r
12-26-2001 11:25:55.68 - Data 0010: 52 35 60 51 e5 b0 3f 71 | R5`Q..?q
12-26-2001 11:25:55.68 - Data 0018: 77 74 65 73 74 40 6e 69 | wtest at ni
12-26-2001 11:25:55.68 - Data 0020: 73 68 6e 61 6e 65 74 2e | shnanet.
12-26-2001 11:25:55.68 - Data 0028: 63 6f 6d 00 00 00 00 00 | com.....
12-26-2001 11:25:55.96 - PPP : Received Control Packet of length: 26
12-26-2001 11:25:55.96 - Data 0000: c2 23 04 01 00 18 41 75 | .#...Au
12-26-2001 11:25:55.96 - Data 0008: 74 68 6f 72 69 7a 61 74 | thorizat
12-26-2001 11:25:55.96 - Data 0010: 69 6f 6e 20 66 61 69 6c | ion fail
12-26-2001 11:25:55.96 - Data 0018: 65 64 00 00 00 00 00 00 | ed......
12-26-2001 11:25:55.96 - CHAP : Login failed: username, password, or domain
was incorrect.
12-26-2001 11:25:55.96 - PPP : Received Control Packet of length: 6
12-26-2001 11:25:55.96 - Data 0000: c0 21 05 04 00 04 00 00 | .!......
12-26-2001 11:25:55.96 - LCP : Received terminate request.
12-26-2001 11:25:55.96 - LCP : Layer down.
12-26-2001 11:25:55.96 - PPP : Transmitting Control Packet of length: 6
12-26-2001 11:25:55.96 - Data 0000: c0 21 06 04 00 04 00 00 | .!......
12-26-2001 11:25:56.02 - Remote access driver is shutting down.
12-26-2001 11:25:56.02 - CRC Errors             1
12-26-2001 11:25:56.02 - Timeout Errors         0
12-26-2001 11:25:56.02 - Alignment Errors       0
12-26-2001 11:25:56.02 - Overrun Errors         0
12-26-2001 11:25:56.02 - Framing Errors         0
12-26-2001 11:25:56.02 - Buffer Overrun Errors  0
12-26-2001 11:25:56.02 - Incomplete Packets     1
12-26-2001 11:25:56.03 - Bytes Received         845
12-26-2001 11:25:56.03 - Bytes Transmittted     266
12-26-2001 11:25:56.03 - Frames Received        7
12-26-2001 11:25:56.03 - Frames Transmitted     6
12-26-2001 11:25:56.03 - Microsoft Dial Up Adapter log closed.
###################recent logfile################
Mon Dec 24 13:39:29 2001: DEBUG: Packet dump:
*** Received from 0.0.0.0 port 59209 ....
Code:       Access-Request
Identifier: 58
Authentic:  <200>!b<13>z}j<s<23>'<184><163><14>l<223>
Attributes:
 User-Name = "qwtest"
 CHAP-Password =
<1>*<14><155><155>4<127><31><219>q<3><170><20><243><24><25><160>
 NAS-IP-Address =0.0.0.0
 NAS-Port = 7190
 Service-Type = Framed-User
 Framed-Protocol = PPP
 Cisco-NAS-Port = "Async4/50*Serial7/0:1:22"
 Acct-Session-Id = "07000331"
 NAS-Port-Type = Async

Mon Dec 24 13:39:29 2001: DEBUG: Handling request with Handler 'Realm='
Mon Dec 24 13:39:29 2001: DEBUG: Rewrote user name to qwtest
Mon Dec 24 13:39:29 2001: DEBUG: Rewrote user name to qwtest
Mon Dec 24 13:39:29 2001: DEBUG: intdb Deleting session for qwtest,
60.0.0.06, 7190
Mon Dec 24 13:39:29 2001: DEBUG: Handling with Radius::AuthSQL
Mon Dec 24 13:39:29 2001: DEBUG: Handling with Radius::AuthSQL: auth_0
Mon Dec 24 13:39:29 2001: DEBUG: Query is: select PASSWORD from SUBSCRIBERS
where USERNAME='qwtest'

Mon Dec 24 13:39:29 2001: DEBUG: Radius::AuthSQL looks for match with qwtest
Mon Dec 24 13:39:29 2001: DEBUG: Radius::AuthSQL ACCEPT:
Mon Dec 24 13:39:29 2001: DEBUG: Access accepted for qwtest
Mon Dec 24 13:39:29 2001: DEBUG: Packet dump:
*** Sending to 200.0.0 port 59209 ....
Code:       Access-Accept
Identifier: 58
Authentic:  <200>!b<13>z}j<s<23>'<184><163><14>l<223>
Attributes:

Mon Dec 24 13:41:15 2001: DEBUG: Packet dump:
*** Received from 20.0.0.0 port 59211 ....
Code:       Access-Request
Identifier: 59
Authentic:  <174><222>1<193><13>P<196>ys<23>'<184><178><220><145>V
Attributes:
 User-Name = "qwtest"
 CHAP-Password = <1>r<205>Rf<203><25>]<215><164>{<165>f<21>S3<207>
 NAS-IP-Address = 0.0.0.0
 NAS-Port = 7190
 Service-Type = Framed-User
 Framed-Protocol = PPP
 Cisco-NAS-Port = "Async4/52*Serial7/0:1:22"
 Acct-Session-Id = "07000332"
 NAS-Port-Type = Async

Mon Dec 24 13:41:15 2001: DEBUG: Handling request with Handler 'Realm='
Mon Dec 24 13:41:15 2001: DEBUG: Rewrote user name to qwtest
Mon Dec 24 13:41:15 2001: DEBUG: Rewrote user name to qwtest
Mon Dec 24 13:41:16 2001: DEBUG: intdb Deleting session for qwtest, 0.0.0.0
Mon Dec 24 13:41:16 2001: DEBUG: Handling with Radius::AuthSQL
Mon Dec 24 13:41:16 2001: DEBUG: Handling with Radius::AuthSQL: auth_0
Mon Dec 24 13:41:16 2001: DEBUG: Query is: select PASSWORD from SUBSCRIBERS
where USERNAME='qwtest'

Mon Dec 24 13:41:16 2001: DEBUG: Radius::AuthSQL looks for match with qwtest
Mon Dec 24 13:41:16 2001: DEBUG: Radius::AuthSQL ACCEPT:
Mon Dec 24 13:41:16 2001: DEBUG: Access accepted for qwtest
Mon Dec 24 13:41:16 2001: DEBUG: Packet dump:
*** Sending to 209.211.205.27 port 59211 ....
Code:       Access-Accept
Identifier: 59
Authentic:  <174><222>1<193><13>P<196>ys<23>'<184><178><220><145>V
Attributes:

Mon Dec 24 13:51:23 2001: DEBUG: Packet dump:
*** Received from 200.0.0.0port 59219 ....
Code:       Access-Request
Identifier: 60
Authentic:  <198><157><192>#r^t<240>s<23>'<184><165><145><208>=
Attributes:
 User-Name = "qwtest"
 CHAP-Password =
<1>i<182><243><2><187><136><223><226><197><197><222>;>XF<185>
 NAS-IP-Address = 0.0.0.0
 NAS-Port = 7190
 Service-Type = Framed-User
 Framed-Protocol = PPP
 Cisco-NAS-Port = "Async4/53*Serial7/0:1:22"
 Acct-Session-Id = "07000333"
 NAS-Port-Type = Async

Mon Dec 24 13:51:23 2001: DEBUG: Handling request with Handler 'Realm='
Mon Dec 24 13:51:23 2001: DEBUG: Rewrote user name to qwtest
Mon Dec 24 13:51:23 2001: DEBUG: Rewrote user name to qwtest
Mon Dec 24 13:51:23 2001: DEBUG: intdb Deleting session for qwtest,
63.152.3.66, 7190
Mon Dec 24 13:51:23 2001: DEBUG: Handling with Radius::AuthSQL
Mon Dec 24 13:51:23 2001: DEBUG: Handling with Radius::AuthSQL: auth_0
Mon Dec 24 13:51:23 2001: DEBUG: Query is: select PASSWORD from SUBSCRIBERS
where USERNAME='qwtest'

Mon Dec 24 13:51:23 2001: DEBUG: Radius::AuthSQL looks for match with qwtest
Mon Dec 24 13:51:23 2001: DEBUG: Radius::AuthSQL ACCEPT:
Mon Dec 24 13:51:23 2001: DEBUG: Access accepted for qwtest
Mon Dec 24 13:51:23 2001: DEBUG: Packet dump:
*** Sending to 209.211.205.27 port 59219 ....
Code:       Access-Accept
Identifier: 60
Authentic:  <198><157><192>#r^t<240>s<23>'<184><165><145><208>=
Attributes:

Mon Dec 24 13:52:06 2001: DEBUG: Packet dump:
*** Received from 209.211.205.27 port 59220 ....
Code:       Access-Request
############################################################################
#####
########config file#########################
AcctPort 1646
AuthPort 1645
DbDir /usr/local/etc/raddb
DictionaryFile /usr/local/etc/raddb/dictionary
Foreground
LogDir /var/log/radius
LogFile %L/logfile
LogStdout
PidFile /var/run/radiusd.pid
Trace 4

<AuthBy SQL>
  AccountingTable ACCOUNTING
  AcctColumnDef USERNAME,User-Name
  AcctColumnDef TIME_STAMP,Timestamp,integer
  AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
  AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
  AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
  AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
  AcctColumnDef ACCTSESSIONID,Acct-Session-Id
  AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
  AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
  AcctColumnDef NASIDENTIFIER,NAS-Identifier
  AcctColumnDef NASPORT,NAS-Port,integer
  AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
  AddToReply Service-Type=Framed-User,Framed-Protocol=PPP
  AuthSelect select PASSWORD from SUBSCRIBERS where USERNAME='%n'
  DBAuth  wwww
  DBSource dbi:mysql:radius
  DBUsername wwwww
  Description global access
  Identifier auth_0
</AuthBy>

<Client radtest01.arl.qwestip.net>
  Description testing
  DupInterval 2
  IdenticalClients
  IdenticalClients
  IdenticalClients
  IdenticalClients
  IdenticalClients
  IdenticalClients
  IdenticalClients
  IdenticalClients
  IdenticalClients
  IdenticalClients
  IdenticalClients
  IdenticalClients
  IdenticalClients
  NasType unknown
  Secret hgfdhgfdh
</Client>

<Realm nishnanet.com>
  AcctLogFileName /var/log/radius/accounting
  AuthBy auth_0
  AuthByPolicy ContinueAlways
  Description Global Dial
  RejectHasReason
  SessionDatabase sql_0
</Realm>

<Realm >
  AcctLogFileName /var/log/radius/logfile
  AuthBy auth_0
  AuthByPolicy ContinueAlways
  Description username only
  RejectHasReason
  SessionDatabase sql_0
</Realm>


<SessionDatabase SQL>
  AddQuery insert into RADONLINE (USERNAME, NASIDENTIFIER, NASPORT,
ACCTSESSIONID, TIME_STAMP, FRAMEDIPADDRESS, NASPORTTYPE, SERVICETYPE) values
('%u', '%N', 0%{NAS-Port}, '%{Acct-Session-Id}', %{Timestamp},
'%{Framed-IP-Address}', '%{NAS-Port-Type}', '%{Service-Type}')
  ClearNasQuery delete from RADONLINE where NASIDENTIFIER='%N'
  CountNasSessionsQuery select ACCTSESSIONID from RADONLINE where
NASIDENTIFIER='%N'
  CountQuery select NASIDENTIFIER, NASPORT, ACCTSESSIONID from RADONLINE
where USERNAME='%u'
  DBAuth radiator
  DBSource dbi:mysql:radius
  DBUsername radius
  DeleteQuery delete from RADONLINE where NASIDENTIFIER='%N' and
NASPORT=0%{NAS-Port}
  Description radsesiondb
  Identifier sql_0
</SessionDatabase>


===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list