(RADIATOR) Here are my configs.........Plz help !!!
Hugh Irvine
hugh at open.com.au
Thu Jul 26 18:33:22 CDT 2001
Hello Imran -
May I respectfully suggest you start by reading the RFC's which are included
in the distribution ("doc/rfc2865.txt" and "doc/rfc2866.txt"), and then read
the Radiator reference manual thoroughly ("doc/ref.html").
The dictionary file is included in the distribution in the file called
"dictionary", and it defines the mapping for all attributes from binary to
string and vice-versa. Keep in mind that the protocol on the wire is encoded
in binary, while the Radiator configuration file and users file and so on all
use plain english text strings.
Once you have read the documentation as noted above, I will be happy to
answer any additional questions.
regards
Hugh
On Friday 27 July 2001 07:02, Imran Moin wrote:
> Hi all,
>
> Here are the radius.cfg and users file. I have not
> changed anything else. I have the switch configured to
> send requests on 1645 and 1646 ports. When i tried to
> send the requests on 1812 and 1813, it
> would take a lot of time for the answer to come back
> (which would be authentication failed) and also the
> logfile would not show me any entry.
>
> I am also sending u some of the output of the log
> file.
>
> C if u can figure it out. It would mean a lot to me.
>
> Also can anyone tell me the concept behind a
> dictionary file. Where do i specify that. Is it am
> empty file like logfile where all the NAS attributes
> will be stored? How do i specify it in radius.cfg
>
> Thanks a lot. It would mean a lot to me.
>
>
>
> # radius.cfg
> #
> # Example Radiator configuration file.
> # This very simple file will allow you to get started
> with
> # a simple system. You can then add and change
> features.
> # We suggest you start simple, prove to yourself that
> it
> # works and then develop a more complicated
> configuration.
> #
> # This example will authenticate from a standard users
> file in
> # the current directory and log accounting to a file
> in the current
> # directory.
> # It will accept requests from any client and try to
> handle request
> # for any realm.
> # And it will print out what its doing in great
> detail.
> #
> # You should consider this file to be a starting point
> only
> # $Id: linux-radius.cfg,v 1.1 2001/05/17 05:33:34
> mikem Exp mikem $
>
>
> Foreground
> LogStdout
> LogDir /var/log/radius
> DbDir /etc/radiator
> #DictionaryFile %D/dictionary.cis
>
> # Use a low trace level in production systems.
> Increase
> # it to 4 or 5 for debugging, or use the -trace flag
> to radiusd
> Trace 4
>
> # You will probably want to add other Clients to suit
> your site,
> # one for each NAS you want to work with
>
> #<Client DEFAULT>
> # Secret imran
> # DupInterval 1
> #</Client>
>
> # THIS IS THE 5500 CLIENT- ATTEMPTING A NON-NAMESERVED
> ENTRY
> <Client a.b.c.d>
> DefaultRealm DEFAULT
> NasType Cisco
> Secret imran
> DupInterval 1
> </Client>
>
> # For testing: this allows us to honour requests from
> radpwtst
> # on the same host.
> <Client localhost>
> Secret imran
> DupInterval 0
> </Client>
>
>
> #<Realm backbone>
> # <AuthBy FILE>
> # Filename %D/users
> # </AuthBy>
> # # Log accounting to a detail file
> # AcctLogFileName %L/detail
> #</Realm>
>
> <Realm DEFAULT>
> <AuthBy FILE>
> Filename %D/users
> </AuthBy>
> # Log accounting to a detail file
> AcctLogFileName %L/detail
> PasswordLogFileName %L/passwords
> </Realm>
> .......................................................
>
> and here is the users file
>
> # users
> # This is an example of how to set up simple user for
> # AuthBy FILE.
> # The example user mikem has a password of fred, and
> will
> # receive reply attributes suitable for most NASs.
> # You can do many more interesting things. See the
> reference
> # manual at /usr/share/doc/Radiator-2.18.1/ref.html
> #
> # You can test this user with the command
> # radpwtst
>
> mikem User-Password = "fred",
> Service-Type = Framed-User,
> Framed-Protocol = PPP,
> Framed-IP-Netmask = 255.255.255.255,
> Framed-Routing = None,
> Framed-MTU = 1500,
> Framed-Compression = Van-Jacobson-TCP-IP
>
> moin User-Password = "pete", Service-Type =
> Framed-User
> Framed-Protocol = Ethernet, Framed-IP-Netmask
> = 255.255.255.0,
> Framed-Routing = None, Framed-MTU = 1500
> # Framed-Compression = Van-Jacobson-TCP-IP
>
> vince User-Password=fred
>
> vince Password=biondoli
> Service-Type = Framed-User,
> Framed-Protocol = PPP,
> Framed-IP-Netmask = 255.255.255.255,
> Port-Limit = 1,
> Session-Timeout = 21600,
> Idle-Timeout = 3600
>
>
> ....................................................
>
> here is the output of the log file
>
> Thu Jul 26 11:52:57 2001: INFO: Access rejected for
> moin: Bad Password
> Thu Jul 26 11:53:16 2001: INFO: Access rejected for
> mikem: Bad Password
> Thu Jul 26 11:58:29 2001: INFO: Access rejected for
> vince: No such user
> Thu Jul 26 11:59:28 2001: INFO: Access rejected for
> vince: No such user
> Thu Jul 26 12:01:08 2001: INFO: Access rejected for
> vince: No such user
> Thu Jul 26 12:02:03 2001: INFO: Access rejected for
> vince: No such user
> Thu Jul 26 12:02:36 2001: INFO: Access rejected for
> vince: No such user
> Thu Jul 26 12:05:54 2001: INFO: Access rejected for
> mikem: Bad Password
> Thu Jul 26 12:06:38 2001: INFO: Access rejected for
> vince: No such user
> Thu Jul 26 12:07:42 2001: INFO: Access rejected for
> vince: No such user
> Thu Jul 26 12:08:33 2001: ERR: There is no value named
> Van-Jacobson-TCP-IP vince
> Password = "biondoli" Service-Type =
> Framed-User for attribute Framed-Co
> mpression. Using 0.
> Thu Jul 26 12:09:19 2001: INFO: Access rejected for
> vince: No such user
> Thu Jul 26 12:09:27 2001: ERR: There is no value named
> Van-Jacobson-TCP-IP vince
> Password=biondoli Service-Type = Framed-User
> for attribute Framed-Compre
> ssion. Using 0.
> Thu Jul 26 12:09:37 2001: INFO: Access rejected for
> mikem: Bad Password
> Thu Jul 26 12:10:17 2001: INFO: Access rejected for
> vince: No such user
> Thu Jul 26 12:12:45 2001: INFO: Access rejected for
> moin: Bad Password
> Thu Jul 26 12:14:05 2001: INFO: Access rejected for
> fred: No such user
> Thu Jul 26 12:18:52 2001: INFO: Access rejected for
> moin: Bad Password
> Thu Jul 26 12:19:22 2001: INFO: Access rejected for
> mikem: Bad Password
> Thu Jul 26 12:19:53 2001: INFO: Access rejected for
> moin: Bad Password
> Thu Jul 26 12:20:03 2001: INFO: Access rejected for
> mikem: Bad Password
> Thu Jul 26 12:20:27 2001: INFO: Access rejected for
> vince: No such user
> Thu Jul 26 12:23:57 2001: INFO: Access rejected for
> mikem: Bad Password
> Thu Jul 26 12:24:27 2001: INFO: Access rejected for
> mikem: Bad Password
> Thu Jul 26 12:26:22 2001: INFO: Access rejected for
> moin: Bad Password
> Thu Jul 26 12:30:03 2001: INFO: Access rejected for
> vince: Bad Password
> Thu Jul 26 12:54:08 2001: INFO: Access rejected for
> moin: Bad Password
> Thu Jul 26 12:58:37 2001: INFO: Access rejected for
> moin: Bad Password
> Thu Jul 26 13:00:31 2001: INFO: Access rejected for
> moin: Bad Password
> Thu Jul 26 13:00:49 2001: INFO: Access rejected for
> mikem: Bad Password
> Thu Jul 26 13:04:12 2001: INFO: Access rejected for
> moin: Bad Password
> Thu Jul 26 13:04:50 2001: INFO: Access rejected for
> moin: Bad Password
> Thu Jul 26 13:27:37 2001: INFO: Access rejected for
> mikem: Check item Framed-Pro
> tocol expression 'PPP' does not match '' in request
> Thu Jul 26 13:29:10 2001: ERR: There is no value named
> Ethernet for attribute Fr
> amed-Protocol. Using 0.
> Thu Jul 26 13:29:20 2001: INFO: Access rejected for
> moin: Bad Password
> Thu Jul 26 13:33:22 2001: NOTICE: SIGHUP received:
> restarting
> Thu Jul 26 13:33:22 2001: INFO: Server started:
> Radiator 2.18.2 on radii (DEMO)
> (DEMO)
> Thu Jul 26 13:33:36 2001: INFO: Access rejected for
> xxx: No such user
> Thu Jul 26 13:33:55 2001: NOTICE: SIGHUP received:
> restarting
> Thu Jul 26 13:33:55 2001: INFO: Server started:
> Radiator 2.18.2 on radii (DEMO)
> (DEMO) (DEMO)
> Thu Jul 26 13:34:37 2001: INFO: Access rejected for
> moin: Bad Password
> Thu Jul 26 13:37:05 2001: INFO: Access rejected for
> moin: Bad Password
> Thu Jul 26 13:37:13 2001: INFO: Access rejected for
> mikem: Bad Password
> Thu Jul 26 13:51:36 2001: DEBUG: Reading users file
> /etc/radiator/users
> Thu Jul 26 13:51:36 2001: ERR: Could not open
> dictionary file '/etc/radiator/use
> rs/dictionary': Not a directory
> Thu Jul 26 13:54:42 2001: INFO: Access rejected for
> moin: Bad Password
> Thu Jul 26 13:54:58 2001: INFO: Access rejected for
> mikem: Bad Password
> Thu Jul 26 13:55:16 2001: INFO: Access rejected for
> vince: Bad Password
> Thu Jul 26 13:56:37 2001: INFO: Access rejected for
> vince: Bad Password
> Thu Jul 26 14:01:25 2001: INFO: Access rejected for
> mikem: Bad Password
> Thu Jul 26 14:01:34 2001: INFO: Access rejected for
> moin: Bad Password
>
>
> Thanks a lot.
>
>
>
> __________________________________________________
> Do You Yahoo!?
> Make international calls for as low as $.04/minute with Yahoo! Messenger
> http://phonecard.yahoo.com/
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list