(RADIATOR) AddressAllocator DHCP
Hugh Irvine
hugh at open.com.au
Tue Sep 11 19:22:43 CDT 2001
Hello Andreas -
Could you please send me a trace 4 debug from Radiator showing what is
happening? I would also like to know what hardware/software platform you are
using and what version of Radiator.
The tcpdump shown below only shows the initial DHCPDISCOVER being sent, with
no reply coming back. What DHCP server are you using and what version? Also,
are there any filters between the two machines that might be blocking the
packets? And what does a debug on the DHCP server show?
thanks
Hugh
On Wednesday 12 September 2001 04:12, Andreas Häggander wrote:
> Hi !
>
> I got a Q about AddressAllocator DHCP.
>
> I want to connect to a Nortel Shasta BSN 5000, with Nortel Extranet Client
> and terminate an IPsex tunnel. For this i need to authenticate the user.
>
> Everything works fine, but im not getting a leased ip-address from the DHCP
> server. The Radiator connects to the DHCP server but can assign an addrsss
> for the user.
>
> If a give the user at statick frame ip address, the IP tunnel is setup.
>
> For more info, see the configs and tcp-dump for DHCP.
> Of course the DHCP server is configured for 10.10.10.0/24
>
> Suggestions ?
>
> Cheers
>
> /Andreas
>
>
> #cat /usr/local/etc/users
> mike at saab.net User-Password = saab
> PoolHint = 10.10.10.12
>
> #cat /usr/local/etc/radius.cfg
>
> AuthPort 1645
> AcctPort 1646
>
> Foreground
> LogStdout
> LogDir .
> DbDir .
>
> # User a lower trace level in production systems:
> Trace 4
>
> <Client DEFAULT>
> Secret mysecret
> DupInterval 0
> </Client>
>
> <AddressAllocator DHCP>
>
> Identifier dhcpallocator
> Host 62.119.0.2
>
> ServerPort 67
> ClientPort 68
>
> SubnetSelectionOption 118
> #SubnetSelectionOption 211
>
>
> </AddressAllocator>
>
> <Realm DEFAULT>
>
> AuthByPolicy ContinueWhileAccept
>
> <AuthBy FILE>
> Filename /usr/local/etc/users
> </AuthBy>
> # Log accounting to a detail file
> AcctLogFileName /usr/local/etc/detail
>
> <AuthBy DYNADDRESS>
>
> Allocator dhcpallocator
> PoolHint %{Reply:PoolHint}
> #MapAttribute yiaddr, Framed-IP-Address
> #MapAttribute subnetmask, Framed-IP-Netmask
> StripFromReply PoolHint
>
> </AuthBy>
> </Realm>
>
> <Realm utfors.net>
> # Strip the realm so we can auth with the bare user name
> # in the users file
> RewriteUsername s/^([^@]+).*/$1/
>
> <AuthBy FILE>
> Filename /usr/local/etc/users_utfors
> </AuthFile>
> </Realm>
>
> ETHER: ----- Ether Header -----
> ETHER:
> ETHER: Packet 16 arrived at 11:31:21.51
> ETHER: Packet size = 342 bytes
> ETHER: Destination = 8:0:20:f0:e2:1e, Sun
> ETHER: Source = 0:3:42:6:40:a5,
> ETHER: Ethertype = 0800 (IP)
> ETHER:
> IP: ----- IP Header -----
> IP:
> IP: Version = 4
> IP: Header length = 20 bytes
> IP: Type of service = 0x00
> IP: xxx. .... = 0 (precedence)
> IP: ...0 .... = normal delay
> IP: .... 0... = normal throughput
> IP: .... .0.. = normal reliability
> IP: Total length = 328 bytes
> IP: Identification = 23744
> IP: Flags = 0x4
> IP: .1.. .... = do not fragment
> IP: ..0. .... = last fragment
> IP: Fragment offset = 0 bytes
> IP: Time to live = 251 seconds/hops
> IP: Protocol = 17 (UDP)
> IP: Header checksum = 0f1e
> IP: Source address = 212.73.0.4, frodo.defero.net
> IP: Destination address = 62.119.0.2, captive.defero.net
> IP: No options
> IP:
> UDP: ----- UDP Header -----
> UDP:
> UDP: Source port = 67
> UDP: Destination port = 67 (BOOTPS)
> UDP: Length = 308
> UDP: Checksum = 3079
> UDP:
> DHCP: ----- Dynamic Host Configuration Protocol -----
> DHCP:
> DHCP: Hardware address type (htype) = 1 (Ethernet (10Mb))
> DHCP: Hardware address length (hlen) = 6 octets
> DHCP: Relay agent hops = 1
> DHCP: Transaction ID = 0x4
> DHCP: Time since boot = 0 seconds
> DHCP: Flags = 0x0000
> DHCP: Client address (ciaddr) = 0.0.0.0
> DHCP: Your client address (yiaddr) = 0.0.0.0
> DHCP: Next server address (siaddr) = 0.0.0.0
> DHCP: Relay agent address (giaddr) = 212.73.0.4
> DHCP: Client hardware address (chaddr) = 0F:FF:00:00:00:04
> DHCP:
> DHCP: ----- (Options) field options -----
> DHCP:
> DHCP: Message type = DHCPDISCOVER
> DHCP: Client Identifier = 0x006D696B6540736161622E6E6574
> (unprintable) DHCP: IP Address Lease Time = 86400 seconds
> DHCP: Value = 0x0A0A0A7F (unprintable)
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list