(RADIATOR) Problem with AuthBy RADIUS after upgrade to 2.18.1

Mike McCauley mikem at open.com.au
Thu May 17 15:29:03 CDT 2001


Hi Mark,

On May 17, 10:08am, Hugh Irvine wrote:
> Subject: Re: (RADIATOR) Problem with AuthBy RADIUS after upgrade to 2.18.1
>
> Hello Mark -
>
> The key here is probably what AuthByPolicy you are using to control
> the two AuthBy clauses. I have also copied this to Mike so he can
> take a look.

Yes, sounds like Hugh is right.
FYI, at 2.18.1, NoForwardAuthentication causes AuthBy RADIUS to always ACCEPT.
So look to your AuthByPolicy.

Cheers.

>
> regards
>
> Hugh
>
>
> At 19:06 +0100 16/5/01, mark at eclipse.net.uk wrote:
> >Hi,
> >
> >We have been running Radiator 2.16.3 for sometime and recently upgraded
> >to 2.18.1.  Since doing this we have experience problems with a some
> >handlers
> >that use AuthBy Radius and AuthBy LDAP, I am not sure if it is a bug with
> >2.18.1 or just a duff config that happened to work by chance under 2.16.3 ?
> >
> >Handler config is as follows:
> ><snip>
> >         <AuthBy RADIUS>
> >                 Host n.n.n.n,n.n.n.n
> >                 Secret xxxxxxxx
> >                 LocalAddress n.n.n.n
> >                 NoForwardAuthentication
> >         </AuthBy>
> >         <AuthBy LDAP>
> >                 Host            127.0.0.1
> >                 Port            389
> >                 AuthDN          xxxxxxxxxxxxxxxxxxxxxxxxxxx
> >                 AuthPassword    xxxxxxxxxxxx
> >                 HoldServerConnection
> >                 BaseDN          xxxxxxxxxxx
> >                 SearchFilter    (&(uid=$name)(objectstatus=enable))
> >                 UsernameAttr    uid
> >                 PasswordAttr    userpassword
> >                 AuthAttrDef     rasservicetype,Service-Type,check
> >                 AuthAttrDef     etc, etc
> >                 AddToReplyIfNotExist
> >Service-Type="Framed-User",Framed-Protocol="PPP"
> >                 NoDefault
> >         </AuthBy>
> ><snip>
> >
> >Under 2.18.1 it will authenticate the user and return no attributes.  Under
> >2.16.3 it works
> >fine.  If I remove the <AuthBy Radius> then the attributes are returned
> >correctly, but
> >I don't log accounting records :(
> >
> >Is this a problem with 2.18.1 or is my config fundamentally flawed !
> >
> >
> >Mark
> >
> >
> >
> >--
> >Eclipse Internet - Network Operations <noc at eclipse.net.uk>
> >Tel: 01392 333309 Fax: 01392 333319 Web: http://www.eclipse.co.uk/
> >*** World Class Internet for Business ***
> >===
> >Archive at http://www.open.com.au/archives/radiator/
> >Announcements on radiator-announce at open.com.au
> >To unsubscribe, email 'majordomo at open.com.au' with
> >'unsubscribe radiator' in the body of the message.
>
> --
>
> NB: I am travelling this week, so there may be delays in our correspondence.
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
> Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
>-- End of excerpt from Hugh Irvine



-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985                       Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc 
on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list