(RADIATOR) passwords

Tech radiator at tcrholdings.com
Wed Sep 19 17:38:25 CDT 2001 

Dear Hugh

Thank you for your time in this matter

Yes I am using the hook below;
copy of logfile
Thu Sep 20 08:06:47 2001: DEBUG: Packet dump:
*** Received from 202.182.129.252 port 1025 ....
Code:       Access-Request
Identifier: 173
Authentic:  <148><149>.<166><236><150><180><144><135><235><17>F<133>W<180><11>
Attributes:
        User-Name = "123456780 at test.com"
        User-Password = ""
        NAS-IP-Address = 202.182.129.252
        NAS-Port = 20103
        NAS-Port-Type = Async
        Service-Type = Framed-User
        Framed-Protocol = PPP
        State = ""
        Calling-Station-Id = "0298694580"
        Called-Station-Id = "0299962000"
        Framed-IP-Address = 202.182.129.20
        Acct-Session-Id = "321559643"

Thu Sep 20 08:06:47 2001: DEBUG: Handling request with Handler 'Realm=test.com'

Thu Sep 20 08:06:47 2001: DEBUG: Rewrote user name to 123456780
Thu Sep 20 08:06:47 2001: DEBUG:  Deleting session for 123456780 at test.com,
202.182.129.252, 20103
Thu Sep 20 08:06:47 2001: DEBUG: Handling with Radius::AuthRADIUS
Thu Sep 20 08:06:47 2001: DEBUG: Packet dump:
*** Sending to 202.182.192.202 port 1645 ....
Code:       Access-Request
Identifier: 1
Authentic:  <148><149>.<166><236><150><180><144><135><235><17>F<133>W<180><11>
Attributes:
        User-Name = "123456780"
        User-Password = "<214><249>;Q5*<250>Q<194>"W8<5><242><14><185>"
        NAS-IP-Address = 202.182.129.252
        NAS-Port = 20103
        NAS-Port-Type = Async
        Service-Type = Framed-User
        Framed-Protocol = PPP
        State = ""
        Calling-Station-Id = "0298694580"
        Called-Station-Id = "0299962000"
        Framed-IP-Address = 202.182.129.20
        Acct-Session-Id = "321559643"

Thu Sep 20 08:06:48 2001: DEBUG: Packet dump:
*** Received from 202.182.192.202 port 1645 ....
Code:       Access-Reject
Identifier: 1
Authentic:  <235>C<213>9h<148><204><143>ErMgg<9><11>j
Attributes:
        Reply-Message = "Request Denied"

Thu Sep 20 08:06:48 2001: DEBUG: Received reply in AuthRADIUS for req 1 from
202.182.192.202:1645
Thu Sep 20 08:06:48 2001: INFO: Access rejected for 123456780: Proxied
Thu Sep 20 08:06:48 2001: DEBUG: Packet dump:
*** Sending to 202.182.129.252 port 1025 ....
Code:       Access-Reject
Identifier: 173
Authentic:  <148><149>.<166><236><150><180><144><135><235><17>F<133>W<180><11>
Attributes:
        Reply-Message = "Request Denied"
        Reply-Message = "Request Denied"
copy of config file
<Realm test.com>
        RewriteUsername s/^([^@]+).*/$1/
        PreAuthHook file:"%D/addUsernameAsPassword"
        <AuthBy RADIUS>
                Host 202.182.192.202
                Secret xxxxxxxxxxxx
        </AuthBy>
        AcctLogFileName %L/test.detail.%Y%m%d
        </Realm>


Hugh Irvine wrote:

> Hello -
>
> Have you tried the hook code that I sent you, shown in my message below?
>
> What you show below will definitely not work.
>
> In any case, a copy of your configuration file (no secrets) and a trace 4
> debug from Radiator showing what is happening are what I need to be able to
> help you.
>
> regards
>
> Hugh
>
> On Wednesday 19 September 2001 14:41, Tech wrote:
>
> > > Thank you for your help in this matter but I am still having the same
> > problem as can be seen from the password log I am still returning no
> > password
> > Wed Sep 19 11:09:25 2001:1000861765:1234567891::123456:FAIL
> > Wed Sep 19 11:38:21 2001:1000863501:1234567891::123456:FAIL
> > this was working on local
> > PreAuthHook sub { %U=> %P;chop(%P);chop(%P);chop(%P);chop(%P);}
> >
> > Hugh Irvine wrote:
> > > Hello -
> > >
> > > On Tuesday 18 September 2001 12:46, Tech wrote:
> > > > I am using radiator as a proxy only, but I have a problem, one of my
> > > >
> > > > logins never has a password and I have to roll part of the username
> > >
> > > to
> > >
> > > > %P this is ok for local use but not when ongoing presentation to the
> > > >
> > > > proxy.
> > > >
> > > > Suggestions or specific examples would be appreciated.
> > >
> > > I think you will have to do this with a PreAuthHook, something like
> > > this:
> > >
> > > # -*- mode: Perl -*-
> > > # addUsernameAsPassword
> > > #
> > > # PreAuthHook to add a Password attribute
> > > # to an Access-Request.
> > > # The User-Name is used for the Password.
> > > # Note that the Password must be encoded
> > > # with the shared secret of the original NAS.
> > > #
> > > # Author: Hugh Irvine (hugh at open.com.au)
> > > # Copyright (C) 2001 Open System Consultants
> > > #
> > >
> > > sub
> > > {
> > >     my $p = ${$_[0]};
> > >     my $rp = ${$_[1]};
> > >
> > >     # Get the request code.
> > >     my $code = $p->code;
> > >
> > >     if ($code eq 'Access-Request')
> > >     {
> > >         my $secret = $p->{Client}->{Secret};
> > >         $password = &Radius::Radius::encode_password
> > >             ($p->{User-Name}, $secret);
> > >         $p->add_attr('Password', $password);
> > >     }
> > >     return;
> > > }
> > >
> > > Your configuration file would look something like this:
> > >
> > > # define Realm(s) or Handler(s)
> > >
> > > <Realm .....>
> > >         .....
> > >         PreAuthHook file:"%D/addUsernameAsPassword"
> > >         .....
> > >
> > > >/Realm>
> > >
> > > I haven't tested the code, but you should get the idea.
> > >
> > > Please let me know how you get on.
> > >
> > > regards
> > >
> > > Hugh
> > >
> > > --
> > > Radiator: the most portable, flexible and configurable RADIUS server
> > > anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> > > -
> > > Nets: internetwork inventory and management - graphical, extensible,
> > > flexible with hardware, software, platform and database independence.
> > > ===
> > > Archive at http://www.open.com.au/archives/radiator/
> > > Announcements on radiator-announce at open.com.au
> > > To unsubscribe, email 'majordomo at open.com.au' with
> > > 'unsubscribe radiator' in the body of the message.
>
> ----------------------------------------
> Content-Type: text/html; charset="us-ascii"; name="Attachment: 1"
> Content-Transfer-Encoding: 7bit
> Content-Description:
> ----------------------------------------
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20010920/179f54b0/attachment.html>

More information about the radiator mailing list