(RADIATOR) Cisco and radiator

telco soltn dc_telco at yahoo.com
Wed Jun 6 22:11:14 CDT 2001 

hello!

I'm having trouble with the authby sql option of radiator using a cisco
2620 NAS with 12.1(3)T IOS. you can see the the radius server
authenticating the user but the cisco NAS itself rejects it with this
error: % Authorization failed.

the cisco nas log has this:

4d16h: %TTY-3-AUTOCONFIG: TTY40: Modem auto-configuration failed

here's my config file:

# Radius Config File

Foreground
LogStdout
LogDir          /var/log/radius/
DbDir           /etc/radius
DictionaryFile %D/dictionary.cisco
FingerProg      /bin/finger
SnmpgetProg     /usr/bin/snmpget
AuthPort       1812
AcctPort       1813

# User a lower trace level in production systems:
Trace 5

# You will probably want to change this to suit your site.

#<Client DEFAULT>
#       Secret  mysecret
#       DupInterval 0
#</Client>


<Client myclientaddress>
        DefaultRealm    DEFAULT
        NasType         Cisco
        Secret          mysecret
</Client>




<Realm DEFAULT>
  RewriteUsername s/^([^@]+).*/$1/
  AuthByPolicy ContinueWhileAccept
  AccountingHandled
  SessionDatabase SQL
  MaxSessions 4
  AcctLogFileName %L/detail
  RejectHasReason

        <AuthBy SQL>

        DBSource        dbi:mysql:radius
        DBUsername      root
        DBAuth          suse123


#       AuthSelect      select PASSWORD from SUBSCRIBERS where
USERNAME='%n'
#       EncryptedPassword

#       AuthColumnDef   0, Encrypted-Password, check

        AccountingTable ACCOUNTING
        AcctColumnDef   USERNAME,User-Name
        AcctColumnDef   TIME_STAMP,Timestamp,integer
        AcctColumnDef   ACCTSTATUSTYPE,Acct-Status-Type
        AcctColumnDef   ACCTDELAYTIME,Acct-Delay-Time,integer
        AcctColumnDef   ACCTINPUTOCTETS,Acct-Input-Octets,integer
        AcctColumnDef   ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
        AcctColumnDef   ACCTSESSIONID,Acct-Session-Id
        AcctColumnDef   ACCTSESSIONTIME,Acct-Session-Time,integer
        AcctColumnDef   ACCTTERMINATECAUSE,Acct-Terminate-Cause
        AcctColumnDef   NASIDENTIFIER,NAS-Identifier
        AcctColumnDef   NASIDENTIFIER,NAS-IP-Address
        AcctColumnDef   NASPORT,NAS-Port,integer
        AcctColumnDef   FRAMEDIPADDRESS,Framed-IP-Address


#       AddToReply Framed-Protocol = PPP,
Framed-IP-Netmask=255.255.255.255,Framed-Routing = None,Framed-

        AddToReplyIfNotExist Service-Type = Framed-User,\
        Framed-Routing = None,\
        Framed-MTU = 1500,\
        Framed-Compression = Van-Jacobson-TCP-IP
        AddToReply Service-Type = Framed-User, \
#       Framed-Protocol = PPP, \
#       Framed-MTU = 1500

        </AuthBy>
</Realm>

<SessionDatabase SQL>

  AddQuery insert into RADONLINE (USERNAME, NASIDENTIFIER, NASPORT,
ACCTSESSIONID, TIME_STAMP, FRAMEDIPAD
  ClearNasQuery delete from RADONLINE where NASIDENTIFIER='%N'
  CountNasSessionsQuery select ACCTSESSIONID from RADONLINE where
NASIDENTIFIER='%N'
  CountQuery select NASIDENTIFIER, NASPORT, ACCTSESSIONID from RADONLINE
where USERNAME='%u'
 DBSource dbi:mysql:radius
  DBUsername root
  DBAuth suse123
  DeleteQuery delete from RADONLINE where NASIDENTIFIER='%N' and
NASPORT=0%{NAS-Port}

</SessionDatabase>


__________________________________________________
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail - only $35 
a year!  http://personal.mail.yahoo.com/
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list