(RADIATOR) Packet of Disconnect problem.

Hugh Irvine hugh at open.com.au
Wed Nov 28 18:28:23 CST 2001


Hello Chris -

At 9:59 +1000 01/11/29, Chris Myers wrote:
>Folks,
>
>I know this maybe a vendor problem, but I thought I'd try here first
>to see if anyone else has had this problem.
>
>Basically when sending a POD to our Cisco AS5300 I'm getting an "illegal
>authenticator" message.  I thought this meant the secret was wrong on
>one
>end, but no, they are the same.  Is there something I'm missing?
>
>prompt% radpwtst -s NASADDRESS -noacct -auth_port 1700 -acct_port 1700
>-noauth -secret xxxxx
>-code Disconnect-Request User-Name=cchris Framed-IP-Address=172.22.5.34
>Acct-Session-Id=00000002
>
>Cisco AS5300:
>
>1w0d: POD: 130.102.x.x request queued
>1w0d: POD: Illegal authenticator in POD from 130.102.x.x
>1w0d: POD: 130.102.x.x user cchris 172.22.5.34 sessid 0x2 key 0x0
>DROPPED
>1w0d: POD: Sending NAK to 130.102.x.x/61186
>

 From the Cisco debug shown above, it appears that the session for 
cchris was DROPPED in any case? This would seem to be a Cisco bug, if 
the Cisco configuration is indeed correct (is there a separate shared 
secret that must be set to process disconnect packets?).

regards

Hugh

-- 

NB: I am travelling this week, so there may be delays in our correspondence.

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list