(RADIATOR) Re: Authentication BY SQL

Hugh Irvine hugh at open.com.au
Thu Sep 6 20:44:40 CDT 2001


Hello 'Tunde -

Could you please send me a copy of the configuration file (no secrets) 
together with an example user record from your SQL database and the table 
definition for the users table.

thanks

Hugh


On Friday 07 September 2001 00:25, 'Tunde Ogedengbe wrote:
> We are setting our RADIUS to authenticate via SQL Database.  The Radius is
>  communicating properly with the SQL database.  However, The Radius server
> is
>  rejecting all password even though the passwords are correct (Pls see log
>  below)
>
>   Pls help.
>
> 'Tunde
> 
> ---------------------------------------------------------------------------
> -
>
> > --------------------------------------------------
> >
> >
> >
> >  from SUbsInfo where USERNAME='otisvi'
> >
> > Thu Sep  6 15:20:39 2001: DEBUG: Radius::AuthSQL looks for match with
>
> otisvi
>
> > Thu Sep  6 15:20:39 2001: DEBUG: Radius::AuthSQL REJECT: Bad Password
> > Thu Sep  6 15:20:39 2001: DEBUG: Query is: select PASSWORD, CHECKATTR,
> > REPLYATTR
> >  from SUbsInfo where USERNAME='DEFAULT'
> >
> > Thu Sep  6 15:20:39 2001: INFO: Access rejected for otisvi: Bad Password
> > Thu Sep  6 15:20:39 2001: DEBUG: Packet dump:
> > *** Sending to 195.166.231.247 port 1645 ....
> > Code:       Access-Reject
> > Identifier: 120
> > Authentic:  <140>*'<197><8><168>v`[<135>6?<14><16><206><146>
> > Attributes:
> >         Reply-Message = "Request Denied"
> >
> > Thu Sep  6 15:20:40 2001: ERR: Attribute number 39049 (vendor 429) is not
> > define
> > d in your dictionary
> > Thu Sep  6 15:20:40 2001: DEBUG: Packet dump:
> > *** Received from 195.166.231.247 port 1645 ....
> > Code:       Access-Request
> > Identifier: 121
> > Authentic:
> > <209><217><156><201><232><148><255><148>_H<229><227><145><230><17><2
> > 30>
> > Attributes:
> >         User-Name = "otisvi"
> >         User-Password =
> > "<138>c9<145><24><152><11><186>*<176>1<238>lM<166><146>"
> >
> >         NAS-IP-Address = 195.166.231.247
> >         NAS-Port = 773
> >         Acct-Session-Id = "50594945"
> >         USR-Interface-Index = 2029
> >         Service-Type = Framed-User
> >         Framed-Protocol = PPP
> >         USR-Chassis-Call-Slot = 4
> >         USR-Chassis-Call-Span = 1
> >         USR-Chassis-Call-Channel = 5
> >         USR-Connect-Speed = NONE
> >         Calling-Station-Id = ""
> >         Called-Station-Id = ""
> >         NAS-Port-Type = Async
> >
> > Thu Sep  6 15:20:40 2001: DEBUG: Handling request with Handler
> > 'Realm=DEFAULT'
> > Thu Sep  6 15:20:40 2001: DEBUG:  Deleting session for otisvi,
> > 195.166.231.247,
> > 773
> > Thu Sep  6 15:20:40 2001: DEBUG: Handling with Radius::AuthSQL
> > Thu Sep  6 15:20:40 2001: DEBUG: Handling with Radius::AuthSQL
> > Thu Sep  6 15:20:40 2001: DEBUG: Query is: select PASSWORD, CHECKATTR,
> > REPLYATTR
> >  from SUbsInfo where USERNAME='otisvi'
> >
> > Thu Sep  6 15:20:40 2001: DEBUG: Radius::AuthSQL looks for match with
>
> otisvi
>
> > Thu Sep  6 15:20:40 2001: DEBUG: Radius::AuthSQL REJECT: Bad Password
> > Thu Sep  6 15:20:40 2001: DEBUG: Query is: select PASSWORD, CHECKATTR,
> > REPLYATTR
> >  from SUbsInfo where USERNAME='DEFAULT'
> >
> > Thu Sep  6 15:20:40 2001: INFO: Access rejected for otisvi: Bad Password
> > Thu Sep  6 15:20:40 2001: DEBUG: Packet dump:
> > *** Sending to 195.166.231.247 port 1645 ....
> > Code:       Access-Reject
> > Identifier: 121
> > Authentic:
> > <209><217><156><201><232><148><255><148>_H<229><227><145><230><17><2
> > 30>
> > Attributes:
> >         Reply-Message = "Request Denied"
> >
> > Thu Sep  6 15:20:40 2001: ERR: Attribute number 39049 (vendor 429) is not
> > define
> > d in your dictionary
> > Thu Sep  6 15:20:40 2001: DEBUG: Packet dump:
> > *** Received from 195.166.231.247 port 1645 ....
> > Code:       Access-Request
> > Identifier: 122
> > Authentic:  <15><181><128><13><218><240><162><8><13><254>]<199>t&<0>z
> > Attributes:
> >         User-Name = "prawa"
> >         User-Password =
> > "<244><154><157><245><214>j<30><190>i<188>P<159><<230><2
> > 21>6"
> >         NAS-IP-Address = 195.166.231.247
> >         NAS-Port = 12
> >         Acct-Session-Id = "721209"
> >         USR-Interface-Index = 1268
> >         Service-Type = Framed-User
> >         Framed-Protocol = PPP
> >         USR-Chassis-Call-Slot = 1
> >         USR-Chassis-Call-Span = 1
> >         USR-Chassis-Call-Channel = 12
> >         USR-Connect-Speed = NONE
> >         Calling-Station-Id = ""
> >         Called-Station-Id = ""
> >         NAS-Port-Type = Async
> >
> > Thu Sep  6 15:20:40 2001: DEBUG: Handling request with Handler
> > 'Realm=DEFAULT'
> > Thu Sep  6 15:20:40 2001: DEBUG:  Deleting session for prawa,
> > 195.166.231.247, 1
> > 2
> > Thu Sep  6 15:20:40 2001: DEBUG: Handling with Radius::AuthSQL
> > Thu Sep  6 15:20:40 2001: DEBUG: Handling with Radius::AuthSQL
> > Thu Sep  6 15:20:40 2001: DEBUG: Query is: select PASSWORD, CHECKATTR,
> > REPLYATTR
> >  from SUbsInfo where USERNAME='prawa'
> >
> > Thu Sep  6 15:20:40 2001: DEBUG: Radius::AuthSQL looks for match with
>
> prawa
>
> > Thu Sep  6 15:20:40 2001: DEBUG: Radius::AuthSQL REJECT: Bad Password
> > Thu Sep  6 15:20:40 2001: DEBUG: Query is: select PASSWORD, CHECKATTR,
> > REPLYATTR
> >  from SUbsInfo where USERNAME='DEFAULT'
> >
> > Thu Sep  6 15:20:40 2001: INFO: Access rejected for prawa: Bad Password
> > Thu Sep  6 15:20:40 2001: DEBUG: Packet dump:
> > *** Sending to 195.166.231.247 port 1645 ....
> > Code:       Access-Reject
> > Identifier: 122
> > Authentic:  <15><181><128><13><218><240><162><8><13><254>]<199>t&<0>z
> > Attributes:
> >         Reply-Message = "Request Denied"
> >
> > Thu Sep  6 15:20:42 2001: ERR: Attribute number 39049 (vendor 429) is not
> > define
> > d in your dictionary
> > Thu Sep  6 15:20:42 2001: DEBUG: Packet dump:
> > *** Received from 195.166.231.247 port 1645 ....
> > Code:       Access-Request
> > Identifier: 123
> > Authentic:  Rw<149><145><173>BQ<188>p<186><1><235>B<151><174>N
> > Attributes:
> >         User-Name = "otisvi"
> >         User-Password =
> > "<144><24>!<129>i<168><170><164><230><163><183><254>Z<18
> > 2><145>x"
> >         NAS-IP-Address = 195.166.231.247
> >         NAS-Port = 773
> >         Acct-Session-Id = "50594945"
> >         USR-Interface-Index = 2029
> >         Service-Type = Framed-User
> >         Framed-Protocol = PPP
> >         USR-Chassis-Call-Slot = 4
> >         USR-Chassis-Call-Span = 1
> >         USR-Chassis-Call-Channel = 5
> >         USR-Connect-Speed = NONE
> >         Calling-Station-Id = ""
> >         Called-Station-Id = ""
> >         NAS-Port-Type = Async
> >
> > Thu Sep  6 15:20:42 2001: DEBUG: Handling request with Handler
> > 'Realm=DEFAULT'
> > Thu Sep  6 15:20:42 2001: DEBUG:  Deleting session for otisvi,
> > 195.166.231.247,
> > 773
> > Thu Sep  6 15:20:42 2001: DEBUG: Handling with Radius::AuthSQL
> > Thu Sep  6 15:20:42 2001: DEBUG: Handling with Radius::AuthSQL
> > Thu Sep  6 15:20:42 2001: DEBUG: Query is: select PASSWORD, CHECKATTR,
> > REPLYATTR
> >  from SUbsInfo where USERNAME='otisvi'
> >
> > Thu Sep  6 15:20:42 2001: DEBUG: Radius::AuthSQL looks for match with
>
> otisvi
>
> > Thu Sep  6 15:20:42 2001: DEBUG: Radius::AuthSQL REJECT: Bad Password
> > Thu Sep  6 15:20:42 2001: DEBUG: Query is: select PASSWORD, CHECKATTR,
> > REPLYATTR
> >  from SUbsInfo where USERNAME='DEFAULT'
> >
> > Thu Sep  6 15:20:42 2001: INFO: Access rejected for otisvi: Bad Password
> > Thu Sep  6 15:20:42 2001: DEBUG: Packet dump:
> > *** Sending to 195.166.231.247 port 1645 ....
> > Code:       Access-Reject
> > Identifier: 123
> > Authentic:  Rw<149><145><173>BQ<188>p<186><1><235>B<151><174>N
> > Attributes:
> >         Reply-Message = "Request Denied"
> >
> > Thu Sep  6 15:20:43 2001: ERR: Attribute number 39049 (vendor 429) is not
> > define
> > d in your dictionary
> > Thu Sep  6 15:20:43 2001: DEBUG: Packet dump:
> > *** Received from 195.166.231.247 port 1645 ....
> > Code:       Access-Request
> > Identifier: 124
> > Authentic:  <227>&B<176><135>"vOb<9>ob<217><220><167>Y
> > Attributes:
> >         User-Name = "prawa"
> >         User-Password =
> > "<219><213>V<3><207><133><248><242><153><202>"<176><135>
> > +u<231>"
> >         NAS-IP-Address = 195.166.231.247
> >         NAS-Port = 12
> >         Acct-Session-Id = "721209"
> >         USR-Interface-Index = 1268
> >         Service-Type = Framed-User
> >         Framed-Protocol = PPP
> >         USR-Chassis-Call-Slot = 1
> >         USR-Chassis-Call-Span = 1
> >         USR-Chassis-Call-Channel = 12
> >         USR-Connect-Speed = NONE
> >         Calling-Station-Id = ""
> >         Called-Station-Id = ""
> >         NAS-Port-Type = Async
> >
> > Thu Sep  6 15:20:43 2001: DEBUG: Handling request with Handler
> > 'Realm=DEFAULT'
> > Thu Sep  6 15:20:43 2001: DEBUG:  Deleting session for prawa,
> > 195.166.231.247, 1
> > 2
> > Thu Sep  6 15:20:43 2001: DEBUG: Handling with Radius::AuthSQL
> > Thu Sep  6 15:20:43 2001: DEBUG: Handling with Radius::AuthSQL
> > Thu Sep  6 15:20:43 2001: DEBUG: Query is: select PASSWORD, CHECKATTR,
> > REPLYATTR
> >  from SUbsInfo where USERNAME='prawa'
> >
> > Thu Sep  6 15:20:43 2001: DEBUG: Radius::AuthSQL looks for match with
>
> prawa
>
> > Thu Sep  6 15:20:43 2001: DEBUG: Radius::AuthSQL REJECT: Bad Password
> > Thu Sep  6 15:20:43 2001: DEBUG: Query is: select PASSWORD, CHECKATTR,
> > REPLYATTR
> >  from SUbsInfo where USERNAME='DEFAULT'
> >
> > Thu Sep  6 15:20:43 2001: INFO: Access rejected for prawa: Bad Password
> > Thu Sep  6 15:20:43 2001: DEBUG: Packet dump:
> > *** Sending to 195.166.231.247 port 1645 ....
> > Code:       Access-Reject
> > Identifier: 124
> > Authentic:  <227>&B<176><135>"vOb<9>ob<217><220><167>Y
> > Attributes:
> >         Reply-Message = "Request Denied"
> >
> > Thu Sep  6 15:20:43 2001: ERR: Attribute number 39049 (vendor 429) is not
> > define
> > d in your dictionary
> > Thu Sep  6 15:20:43 2001: DEBUG: Packet dump:
> > *** Received from 195.166.231.247 port 1645 ....
> > Code:       Access-Request
> > Identifier: 125
> > Authentic: 
> > <143><1><232><228><0><150><158><243><205>$<215><182>f<6>k<157>
> > Attributes:
> >         User-Name = "spaspool"
> >         User-Password =
> > "A<161><31><192><154>L<229>%4<133><239><211><10><233><18
> > 6><249>"
> >         NAS-IP-Address = 195.166.231.247
> >         NAS-Port = 260
> >         Acct-Session-Id = "16975037"
> >         USR-Interface-Index = 1516
> >         Service-Type = Framed-User
> >         Framed-Protocol = PPP
> >         USR-Chassis-Call-Slot = 2
> >         USR-Chassis-Call-Span = 1
> >         USR-Chassis-Call-Channel = 4
> >         USR-Connect-Speed = NONE
> >         Calling-Station-Id = ""
> >         Called-Station-Id = ""
> >         NAS-Port-Type = Async
> >
> > Thu Sep  6 15:20:43 2001: DEBUG: Handling request with Handler
> > 'Realm=DEFAULT'
> > Thu Sep  6 15:20:43 2001: DEBUG:  Deleting session for spaspool,
> > 195.166.231.247
> > , 260
> > Thu Sep  6 15:20:43 2001: DEBUG: Handling with Radius::AuthSQL
> > Thu Sep  6 15:20:43 2001: DEBUG: Handling with Radius::AuthSQL
> > Thu Sep  6 15:20:43 2001: DEBUG: Query is: select PASSWORD, CHECKATTR,
> > REPLYATTR
> >  from SUbsInfo where USERNAME='spaspool'
> >
> > Thu Sep  6 15:20:43 2001: DEBUG: Radius::AuthSQL looks for match with
> > spaspool
> > Thu Sep  6 15:20:43 2001: DEBUG: Radius::AuthSQL REJECT: Bad Password
> > Thu Sep  6 15:20:43 2001: DEBUG: Query is: select PASSWORD, CHECKATTR,
> > REPLYATTR
> >  from SUbsInfo where USERNAME='DEFAULT'
> >
> > Thu Sep  6 15:20:43 2001: INFO: Access rejected for spaspool: Bad
> > Password Thu Sep  6 15:20:43 2001: DEBUG: Packet dump:
> > *** Sending to 195.166.231.247 port 1645 ....
> > Code:       Access-Reject
> > Identifier: 125
> > Authentic: 
> > <143><1><232><228><0><150><158><243><205>$<215><182>f<6>k<157>
> > Attributes:
> >         Reply-Message = "Request Denied"
> >
> > Thu Sep  6 15:20:45 2001: ERR: Attribute number 39049 (vendor 429) is not
> > define
> > d in your dictionary
> > Thu Sep  6 15:20:45 2001: DEBUG: Packet dump:
> > *** Received from 195.166.231.247 port 1645 ....
> > Code:       Access-Request
> > Identifier: 126
> > Authentic:  {<247><248>X<149><145><159><215>v<130><187>J<161><235><242>!
> > Attributes:
> >         User-Name = "prawa"
> >         User-Password =
> > "<185>o<197>q<1><(<177><252><195>A#<181><217><21><227>"
> >         NAS-IP-Address = 195.166.231.247
> >         NAS-Port = 12
> >         Acct-Session-Id = "721209"
> >         USR-Interface-Index = 1268
> >         Service-Type = Framed-User
> >         Framed-Protocol = PPP
> >         USR-Chassis-Call-Slot = 1
> >         USR-Chassis-Call-Span = 1
> >         USR-Chassis-Call-Channel = 12
> >         USR-Connect-Speed = NONE
> >         Calling-Station-Id = ""
> >         Called-Station-Id = ""
> >         NAS-Port-Type = Async
> >
> > Thu Sep  6 15:20:45 2001: DEBUG: Handling request with Handler
> > 'Realm=DEFAULT'
> > Thu Sep  6 15:20:45 2001: DEBUG:  Deleting session for prawa,
> > 195.166.231.247, 1
> > 2
> > Thu Sep  6 15:20:45 2001: DEBUG: Handling with Radius::AuthSQL
> > Thu Sep  6 15:20:45 2001: DEBUG: Handling with Radius::AuthSQL
> > Thu Sep  6 15:20:45 2001: DEBUG: Query is: select PASSWORD, CHECKATTR,
> > REPLYATTR
> >  from SUbsInfo where USERNAME='prawa'
> >
> > Thu Sep  6 15:20:45 2001: DEBUG: Radius::AuthSQL looks for match with
>
> prawa
>
> > Thu Sep  6 15:20:45 2001: DEBUG: Radius::AuthSQL REJECT: Bad Password
> > Thu Sep  6 15:20:45 2001: DEBUG: Query is: select PASSWORD, CHECKATTR,
> > REPLYATTR
> >  from SUbsInfo where USERNAME='DEFAULT'
> >
> > Thu Sep  6 15:20:45 2001: INFO: Access rejected for prawa: Bad Password
> > Thu Sep  6 15:20:45 2001: DEBUG: Packet dump:
> > *** Sending to 195.166.231.247 port 1645 ....
> > Code:       Access-Reject
> > Identifier: 126
> > Authentic:  {<247><248>X<149><145><159><215>v<130><187>J<161><235><242>!
> > Attributes:
> >         Reply-Message = "Request Denied"
> >
> >
> > 'Tunde Ogedengbe
> > Linkserve Limited
> > 22 Akin Adesola Street
> > Victoria Island
> > Lagos - Nigeria
> > Tel: +234 1 2623900
> > Fax: +234 1 2623906
> > URL: http://www.linkserve.net
> > ----- Original Message -----
> > From: "Hugh Irvine" <hugh at open.com.au>
> > To: "'Tunde Ogedengbe" <tunde at linkserve.net>
> > Cc: <radiator at open.com.au>
> > Sent: Thursday, September 06, 2001 12:22 AM
> > Subject: (RADIATOR) Re: IP restriction
> >
> > > Hello 'Tunde -
> > >
> > > On Wednesday 05 September 2001 21:18, 'Tunde Ogedengbe wrote:
> > > > I have a set of Netservers.  How do I restrict the use of of IP to a
> > > > particular Netserver within Radius?
> > >
> > > I don't understand the question, sorry.
> > >
> > > Could you explain what you mean?
> > >
> > > thanks
> > >
> > > Hugh
> > >
> > >
> > > --
> > > Radiator: the most portable, flexible and configurable RADIUS server
> > > anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> > > -
> > > Nets: internetwork inventory and management - graphical, extensible,
> > > flexible with hardware, software, platform and database independence.
> > > ===
> > > Archive at http://www.open.com.au/archives/radiator/
> > > Announcements on radiator-announce at open.com.au
> > > To unsubscribe, email 'majordomo at open.com.au' with
> > > 'unsubscribe radiator' in the body of the message.

-- 
Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list