(RADIATOR) Static IP Address using RADIATOR AND RADMIN
Jai Kumar Shinde
jai.s at net4india.net
Sat Nov 10 06:41:49 CST 2001
Hi,
I am using RADIATOR AND RADMIN with MYSQL DATABASE for DIALUP
AUTHENTICATION, with RAS CISCO 5300.
i am trying to allocat static IP address for few users which are in MYSQL
database, As i am using the field STATICIPADDRESS in mysql, i have added
that ip address in that field. but when i try to connect using DIALUP, it
allots the different IPADDRESS which in RAS local POOL, not from the
STATICIPADDRESS field. After seeing the log file the radius is sending the
ip address..plz see below
*** Sending to 203.171.148.13 port 1645 ....
Code: Access-Accept
Identifier: 73
Authentic: )uR<248><132><129><221>:yL<156><240><182><253>Pd
Attributes:
Framed-IP-Address = x.x.x.x(the ip address
Session-Timeout = 27433
Service-Type = Framed-User
Framed-Protocol = PPP
Framed-IP-Netmask = 255.255.255.255
Framed-Routing = None
Framed-MTU = 1500
Framed-Compression = Van-Jacobson-TCP-IP
As started debug at the CISCO RAS, its showing the Framed-IP-ADDRESS IP
address,
2d00h: AAA/MEMORY: create_user (0x61BD6734) user='0404040404040404' ruser=''
port='Async195' rem_addr='116161989/116189707' authen_type=CHAP service=PPP
priv=1
2d00h: AAA/AUTHEN/START (2933723112): port='Async195' list='net4del2'
action=LOGIN service=PPP
2d00h: AAA/AUTHEN/START (2933723112): found list net4del2
2d00h: AAA/AUTHEN (2933723112): status = UNKNOWN
2d00h: AAA/AUTHEN/START (2933723112): Method=LOCAL
2d00h: AAA/AUTHEN (2933723112): status = ERROR
2d00h: AAA/AUTHEN/START (2933723112): Method=radius (radius)
2d00h: RADIUS: ustruct sharecount=1
2d00h: RADIUS: Initial Transmit Async195 id 216 x.x.x.x:1812,
Access-Request, len 109
2d00h: Attribute 4 6 CB47813C
2d00h: Attribute 5 6 000000C3
2d00h: Attribute 61 6 00000000
2d00h: Attribute 1 18 30343034
2d00h: Attribute 30 11 31313631
2d00h: Attribute 31 11 31313631
2d00h: Attribute 3 19 13400D0C
2d00h: Attribute 6 6 00000002
2d00h: Attribute 7 6 00000001
2d00h: RADIUS: Received from id 216 x.x.x.x:1812, Access-Accept, len 99
2d00h: Attribute 8 6 CB478201 -------> ( STATIPADDRESS FROM MYSQL
DATABASE)
2d00h: Attribute 27 6 0005663D
2d00h: Attribute 7 6 00000001
2d00h: Attribute 9 6 FFFFFF00
2d00h: Attribute 10 6 00000001
2d00h: Attribute 12 6 000005DC
2d00h: Attribute 13 6 00000000
2d00h: Attribute 3 6 00000004
2d00h: Attribute 45 6 00000001
2d00h: Attribute 26 25 0000000901136970
2d00h: AAA/AUTHEN (2933723112): status = PASS
as U see above the line "Attribute 8 6 CB478201"...8 means FRAMED-IPADDRESS
from Dictionary. which is getting from radius (MYSQ DATABASE),
I AM NOT ABLE TO MAKE the ERROR WITH CISCO 5300 OR RADIUS....CAN ANY ONE
HELP ME OUT...!!! : - )
I am adding the radius.cfg below....
<Realm DEFAULT>
<AuthBy RADMIN>
# Change DBSource, DBUsername, DBAuth for your database
# See the reference manual. You will also have to
# change the one in <SessionDatabse SQL> below
# so its the same
DBSource dbi:mysql:radmin
DBUsername radmin
DBAuth xxxxx
# You can add to or change these if you want, but you
# will probably want to change the databse schema first
AccountingTable RADUSAGE
AcctColumnDef USERNAME,User-Name
AcctColumnDef TIME_STAMP,Timestamp,integer
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type,integer
AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef
ACCTTERMINATECAUSE,Acct-Terminate-Cause,integer
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
# AcctColumnDef NASIDENTIFIER,NAS-Identifier
AcctColumnDef NASIDENTIFIER,NAS-IP-Address
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef DNIS,Called-Station-Id
# This updates the time and octets left
# for this user
# AcctSQLStatement update RADUSERS set
TIMELEFT=TIMELEFT-0%{Acct-Session-Time}, OCTETSINLEFT=OCTETSINLEFT-0%{Acc
t-Input-Octets}, OCTETSOUTLEFT=OCTETSOUTLEFT-0%{Acct-Output-Octets} where
USERNAME='%n'
AcctSQLStatement update RADUSERS set
TIMELEFT=TIMELEFT-0%{Acct-Session-Time}, OCTETSINLEFT=OCTETSINLEFT-0%{Acct
-Input-Octets} where USERNAME='%n'
# These are the classic things to add to each users
# reply to allow a PPP dialup session. It may be
# different for your NAS. This will add some
# reply items to everyone's reply
AddToReply Service-Type = Framed-User,\
Framed-Protocol = PPP,\
Framed-IP-Netmask = 255.255.255.255,\
Framed-Routing = None,\
Framed-MTU = 1500,\
Framed-Compression = Van-Jacobson-TCP-IP
</AuthBy>
</Realm>
<SessionDatabase SQL>
# This database spec usually should be exactly the same
# as in <AuthBy RADMIN> above
DBSource dbi:mysql:radmin
DBUsername radmin
DBAuth radminpw
</SessionDatabase>
THANZ...!!!
-----------------
Jai Kumar shinde
------------------
System/Network Engg.
Net4india Ltd.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list