(RADIATOR) Static IPs for users

Hugh Irvine hugh at open.com.au
Thu Apr 18 17:10:11 CDT 2002 

Hello -

Have you got virtual-templates defined on the NAS?

This topic has been discussed on the list previously, so have a look at the 
archive site and do a search on "virtual-template".

	http://www.open.com.au/archives/radiator

regards

Hugh


On Fri, 19 Apr 2002 01:48, cistron wrote:
> While trying to get static IPs for users I found that at the 3640 NAS I
> had to give
> aaa authorization network radius otherwise it would not get the IP from
> Radiator Radius (3.0).
>
> I am using ios 12.2(8) T.  Can someone kindly help me in finding out
> where I am making a mistake.
>
> Thanks and Regards
>
> Following is the debug output at access server.
>
> ---------------------------------------------------------------------------
>-------------
>
> *Mar  2 00:24:05.261: As98 LCP: I CONFACK [ACKsent] id 141 len 24
> *Mar  2 00:24:05.261: As98 LCP:    ACCM 0x000A0000 (0x0206000A0000)
> *Mar  2 00:24:05.261: As98 LCP:    AuthProto PAP (0x0304C023)
> *Mar  2 00:24:05.261: As98 LCP:    MagicNumber 0x15B80E95
> (0x050615B80E95)
> *Mar  2 00:24:05.261: As98 LCP:    PFC (0x0702)
> *Mar  2 00:24:05.265: As98 LCP:    ACFC (0x0802)
> *Mar  2 00:24:05.265: As98 LCP: State is Open
> *Mar  2 00:24:05.265: As98 PPP: Phase is AUTHENTICATING, by this end
> *Mar  2 00:24:05.269: As98 PAP: I AUTH-REQ id 6 len 23 from
> "city at INTERNAL"
> *Mar  2 00:24:05.273: As98 PAP: Authenticating peer city at INTERNAL
> *Mar  2 00:24:05.349: As98 PAP: O AUTH-ACK id 6 len 5
> *Mar  2 00:24:05.349: As98 PPP: Phase is UP
> *Mar  2 00:24:05.349: As98 IPCP: O CONFREQ [Closed] id 98 len 10
> *Mar  2 00:24:05.349: As98 IPCP:    Address 202.5.150.1
> (0x0306CA059601)
> *Mar  2 00:24:05.361: As98 PPP: Outbound context-status packet dropped,
> IPCP sta
> te is REQsent
> *Mar  2 00:24:05.377: As98 PPP: Outbound context-status packet dropped,
> IPCP sta
> te is REQsent
> *Mar  2 00:24:05.381: As98 IPCP: O CONFREQ [REQsent] id 99 len 16
> *Mar  2 00:24:05.381: As98 IPCP:    CompressType VJ 15 slots
> (0x0206002D0F00)
> *Mar  2 00:24:05.381: As98 IPCP:    Address 202.5.150.1
> (0x0306CA059601)
> *Mar  2 00:24:05.381: As98 IPCP: O CONFREQ [REQsent] id 100 len 16
> *Mar  2 00:24:05.381: As98 IPCP:    CompressType VJ 15 slots
> (0x0206002D0F00)
> *Mar  2 00:24:05.381: As98 IPCP:    Address 202.5.150.1
> (0x0306CA059601)
> *Mar  2 00:24:05.517: As98 IPCP: I CONFREQ [REQsent] id 2 len 16
> *Mar  2 00:24:05.517: As98 IPCP:    CompressType VJ 15 slots
> CompressSlotID (0x0
> 206002D0F01)
> *Mar  2 00:24:05.517: As98 IPCP:    Address 0.0.0.0 (0x030600000000)
> *Mar  2 00:24:05.517: As98 AAA/AUTHOR/IPCP: Start.  Her address
> 0.0.0.0, we want
>  0.0.0.0
> *Mar  2 00:24:05.517: As98 LCP: O PROTREJ [Open] id 142 len 22 protocol
> IPCP
> *Mar  2 00:24:05.521: As98 LCP:  (0x8021010200100206002D0F0103060000)
> *Mar  2 00:24:05.521: As98 LCP:  (0x0000)
> *Mar  2 00:24:05.521: As98 IPCP: State is Closed
> *Mar  2 00:24:05.525: As98 IPCP: I CONFACK [Closed] id 98 len 10
> *Mar  2 00:24:05.525: As98 IPCP:    Address 202.5.150.1
> (0x0306CA059601)
> *Mar  2 00:24:05.525: As98 IPCP: Lower layer not up, discarding packet
> *Mar  2 00:24:05.553: As98 IPCP: I CONFACK [Closed] id 99 len 16
> *Mar  2 00:24:05.553: As98 IPCP:    CompressType VJ 15 slots
> (0x0206002D0F00)
> *Mar  2 00:24:05.553: As98 IPCP:    Address 202.5.150.1
> (0x0306CA059601)
> *Mar  2 00:24:05.553: As98 IPCP: Lower layer not up, discarding packet
> *Mar  2 00:24:05.557: As98 IPCP: I CONFACK [Closed] id 100 len 16
> *Mar  2 00:24:05.557: As98 IPCP:    CompressType VJ 15 slots
> (0x0206002D0F00)
> *Mar  2 00:24:05.557: As98 IPCP:    Address 202.5.150.1
> (0x0306CA059601)
> *Mar  2 00:24:05.557: As98 IPCP: Lower layer not up, discarding packet
> *Mar  2 00:24:05.697: As98 LCP: I TERMREQ [Open] id 3 len 16
> (0x3B843FF8003CCD74
> 00000000)
>
> ---------------------------------------------------------------------------
>----
>
> The Radiator config file is given below
>
> ---------------------------------------------------------------------------
>---------
>
>
>
>
> Foreground
> LogStdout
> LogDir  .
> DbDir  .
> Trace 4
> AuthPort 1645
> AcctPort 1646
> # You will probably want to change this to suit your site.
> <Client 204.5.150.1>
>  Secret abc
>  DupInterval 0
> </Client>
> <Client 192.168.1.7>
>  Secret xyz
>  DupInterval 0
> </Client>
> <Client DEFAULT>
>  Secret abx
>  DupInterval 0
> </Client>
>
>
> <Realm INTERNAL>
>     <AuthBy FILE>
>  AddToReply Service-Type = Framed-User, \
>  Framed-Protocol = PPP, \
>  Framed-Routing = None, \
>  Framed-MTU = 1500, \
>  Framed-Compression = Van-Jacobson-TCP-IP, \
>  Idle-Timeout = 900, \
>  Session-Timeout = 1800
>     </AuthBy>
> </Realm>
>
> ---------------------------------------------------------------------------
>--------------
>
> Users file is given below
>
> ---------------------------------------------------------------------------
>--------------
>
> city at INTERNAL User-Password = "xyz", Service-Type = Framed-User
>         Framed-Protocol = PPP,
>         Framed-IP-Netmask = 255.255.255.254,
>         Framed-IP-Address = 202.5.150.250,
>         Framed-Routing = None,
>         Framed-MTU = 1500,
>  Framed-Compression = Van-Jacobson-TCP-IP,
>  Idle-Timeout = 900,
>  Session-Timeout = 1800
>
> ---------------------------------------------------------------------------
>----------------
>
> trace 4 debug logs at the Radiator are given below
>
> ---------------------------------------------------------------------------
>-----------------
>
>
>
>
>
> Thu Apr 18 16:15:29 2002: DEBUG: Packet dump:
> *** Received from 202.5.150.1 port 1645 ....
> Code:       Access-Request
> Identifier: 104
> Authentic:  <185><17>~x_<167><160><229><17><7><144><209><4><29><232>9
> Attributes:
>  Framed-Protocol = PPP
>  User-Name = "city at INTERNAL"
>  User-Password =
> "<199>%<136>H<226>]<165>c<178><224><156><10><193><139><253><214>"
>  NAS-Port = 98
>  NAS-Port-Type = Async
>  Calling-Station-Id = "async"
>  Service-Type = Framed-User
>  NAS-IP-Address = 202.5.150.1
>
> Thu Apr 18 16:15:29 2002: DEBUG: Handling request with Handler
> 'Realm=INTERNAL'
> Thu Apr 18 16:15:29 2002: DEBUG:  Deleting session for city at INTERNAL,
> 202.5.150.1, 98
> Thu Apr 18 16:15:29 2002: DEBUG: do query is: update serverports set
> acctstatustype='' where port=98 and ipaddress='202.5.150.1'
>
> Thu Apr 18 16:15:30 2002: DEBUG: Handling with Radius::AuthFILE:
> Thu Apr 18 16:15:30 2002: DEBUG: Radius::AuthFILE looks for match with
> city at INTERNAL
> Thu Apr 18 16:15:30 2002: DEBUG: Radius::AuthFILE ACCEPT:
> Thu Apr 18 16:15:30 2002: DEBUG: Access accepted for city at INTERNAL
> Thu Apr 18 16:15:30 2002: DEBUG: Packet dump:
> *** Sending to 202.5.150.1 port 1645 ....
> Code:       Access-Accept
> Identifier: 104
> Authentic:  <185><17>~x_<167><160><229><17><7><144><209><4><29><232>9
> Attributes:
>  Framed-IP-Address = 202.5.150.250
>  Framed-Protocol = PPP
>  Framed-IP-Netmask = 255.255.255.254
>  Framed-Routing = None
>  Framed-MTU = 1500
>  Framed-Compression = Van-Jacobson-TCP-IP
>  Idle-Timeout = 900
>  Session-Timeout = 1800
>  Service-Type = Framed-User
>  Framed-Protocol = PPP
>  Framed-Routing = None
>  Framed-MTU = 1500
>  Framed-Compression = Van-Jacobson-TCP-IP
>  Idle-Timeout = 900
>  Session-Timeout = 1800
>
> Thu Apr 18 16:15:30 2002: DEBUG: Packet dump:
> *** Received from 202.5.150.1 port 1646 ....
> Code:       Accounting-Request
> Identifier: 79
> Authentic:  <139>H<182>_<254>Q<187><213>5lu<241>_<221>,<28>
> Attributes:
>  Acct-Session-Id = "000002CC"
>  Framed-Protocol = PPP
>  Connect-Info = "21600/19200 V34/V42bis/LAPM"
>  Acct-Authentic = RADIUS
>  User-Name = "city at INTERNAL"
>  Acct-Status-Type = Start
>  NAS-Port = 98
>  NAS-Port-Type = Async
>  Calling-Station-Id = "async"
>  Service-Type = Framed-User
>  NAS-IP-Address = 202.5.150.1
>  Acct-Delay-Time = 0
>
> Thu Apr 18 16:15:30 2002: DEBUG: Handling request with Handler
> 'Realm=INTERNAL'
> Thu Apr 18 16:15:30 2002: DEBUG:  Adding session for city at INTERNAL,
> 202.5.150.1, 98
> Thu Apr 18 16:15:30 2002: DEBUG: do query is: update serverports set
> acctstatustype='Start' where port=98 and ipaddress='202.5.150.1'
>
> Thu Apr 18 16:15:30 2002: DEBUG: do query is: update serverports set
>
> username='city at INTERNAL',acctstatustype='Start',framedaddress='',callstatio
>nid='async',calldate=to_date('2002-04-18
>
> 16:15:30','yyyy-mm-dd HH24:MI:SS') where port=98 and
> ipaddress='202.5.150.1'
>
> Thu Apr 18 16:15:30 2002: DEBUG: Handling with Radius::AuthFILE:
> Thu Apr 18 16:15:30 2002: DEBUG: Accounting accepted
> Thu Apr 18 16:15:30 2002: DEBUG: Packet dump:
> *** Sending to 202.5.150.1 port 1646 ....
> Code:       Accounting-Response
> Identifier: 79
> Authentic:  <139>H<182>_<254>Q<187><213>5lu<241>_<221>,<28>
> Attributes:
>
> Thu Apr 18 16:15:30 2002: DEBUG: Packet dump:
> *** Received from 202.5.150.1 port 1646 ....
> Code:       Accounting-Request
> Identifier: 80
> Authentic:  <211><5><1><196><182><177>u<154><128><178><202><198>lrBM
> Attributes:
>  Acct-Session-Id = "000002CC"
>  Framed-Protocol = PPP
>  User-Name = "city at INTERNAL"
>  Acct-Session-Time = 0
>  Connect-Info = "21600/19200 V34/V42bis/LAPM"
>  Acct-Input-Octets = 86
>  Acct-Output-Octets = 88
>  Acct-Input-Packets = 5
>  Acct-Output-Packets = 5
>  Acct-Terminate-Cause = User-Request
>  Acct-Authentic = RADIUS
>  User-Name = "city at INTERNAL"
>  Acct-Status-Type = Stop
>  NAS-Port = 98
>  NAS-Port-Type = Async
>  Calling-Station-Id = "async"
>  Service-Type = Framed-User
>  NAS-IP-Address = 202.5.150.1
>  Acct-Delay-Time = 0
>
> Thu Apr 18 16:15:30 2002: DEBUG: Handling request with Handler
> 'Realm=INTERNAL'
> Thu Apr 18 16:15:30 2002: DEBUG:  Deleting session for city at INTERNAL,
> 202.5.150.1, 98
> Thu Apr 18 16:15:30 2002: DEBUG: do query is: update serverports set
> acctstatustype='Stop' where port=98 and ipaddress='202.5.150.1'
>
> Thu Apr 18 16:15:30 2002: DEBUG: Handling with Radius::AuthFILE:
> Thu Apr 18 16:15:30 2002: DEBUG: Accounting accepted
> Thu Apr 18 16:15:30 2002: DEBUG: Packet dump:
> *** Sending to 202.5.150.1 port 1646 ....
> Code:       Accounting-Response
> Identifier: 80
> Authentic:  <211><5><1><196><182><177>u<154><128><178><202><198>lrBM
> Attributes:
>
>
>
>
>
>
>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list