(RADIATOR) Authenticaton Problems

Dave Kitabjian dave at netcarrier.com
Wed Jan 2 16:07:22 CST 2002 

Hmm, not sure why it's not working. Here are two things to try:

1) Restart Radiator completely (you can't always trust the HUP)

2) Try changing

	<Realm DEFAULT>
	...
	</Realm>

to

	<Handler>
	...
	</Handler>

If that doesn't catch everything, I don't know what will. Let us know.

Dave

> -----Original Message-----
> From: Eric Johnson [mailto:eric at teamworksmedia.com] 
> Sent: Wednesday, January 02, 2002 4:10 PM
> To: radiator at open.com.au
> Subject: RE: (RADIATOR) Authenticaton Problems
> 
> 
> I just tried changing the realm and I am still getting the same 
> error.  Only now instead of 127.0.0.1 it shows the realm as default
> 
> At 03:42 PM 1/2/02 -0500, Dave Kitabjian wrote:
> >The problem is that "127.0.0.1" is not a realm, it's a Client.
> >
> >Try changing
> >
> >         <Realm 127.0.0.1>
> >
> >to
> >
> >         <Realm DEFAULT>
> >
> >and let us know if it works.
> >
> >Dave
> >
> > > -----Original Message-----
> > > From: Eric Johnson [mailto:eric at teamworksmedia.com]
> > > Sent: Wednesday, January 02, 2002 11:21 AM
> > > To: radiator at open.com.au
> > > Subject: (RADIATOR) Authenticaton Problems
> > >
> > >
> > > When I run radpwtst I get three no reply errors in a row. The 
> > > default user is in the test database.  In the log file 
> the error is 
> > > a bad authenticator.  Here is the log file and the config 
> file that 
> > > I am using.  Could someone tell me what I am doing wrong and 
> > > possibly how to fix it?
> > >
> > > Wed Jan  2 10:05:56 2002: DEBUG: Packet dump:
> > > *** Received from 127.0.0.1 port 1528 ....
> > > Code:       Access-Request
> > > Identifier: 131
> > > Authentic:  1234567890123456
> > > Attributes:
> > >       User-Name = "mikem"
> > >       Service-Type = Framed-User
> > >       NAS-IP-Address = 203.63.154.1
> > >       NAS-Port = 1234
> > >       Called-Station-Id = "123456789"
> > >       Calling-Station-Id = "987654321"
> > >       NAS-Port-Type = Async
> > >       User-Password = 
> > > "<159><249>:<201><175>\<4><246><188>8<9><160><216>}x<153>"
> > >
> > > Wed Jan  2 10:05:56 2002: DEBUG: Check if Handler Realm=127.0.0.1 
> > > should be used to handle this request Wed Jan  2 10:05:56 2002: 
> > > WARNING: Could not find a handler for
> > > mikem: request is ignored Wed Jan  2 10:06:01 2002: DEBUG: Packet 
> > > dump:
> > > *** Received from 127.0.0.1 port 1528 ....
> > > Code:       Accounting-Request
> > > Identifier: 132
> > > Authentic:  
> <156>,{*<190><151><218><249><183><15>Y<127><146><128><6>
> > > Attributes:
> > >       User-Name = "mikem"
> > >       Service-Type = Framed-User
> > >       NAS-IP-Address = 203.63.154.1
> > >       NAS-Port = 1234
> > >       NAS-Port-Type = Async
> > >       Acct-Session-Id = "00001234"
> > >       Acct-Status-Type = Start
> > >       Called-Station-Id = "123456789"
> > >       Calling-Station-Id = "987654321"
> > >
> > > Wed Jan  2 10:06:01 2002: WARNING: Bad authenticator in 
> request from 
> > > 127.0.0.1 (203.63.154.1) Wed Jan  2 10:06:06
> > > 2002: DEBUG: Packet dump:
> > > *** Received from 127.0.0.1 port 1528 ....
> > > Code:       Accounting-Request
> > > Identifier: 133
> > > Authentic:  
> > > <193><187><186><190><186><181><21><228><23>V<253>a+2I<133>
> > > Attributes:
> > >       User-Name = "mikem"
> > >       Service-Type = Framed-User
> > >       NAS-IP-Address = 203.63.154.1
> > >       NAS-Port = 1234
> > >       NAS-Port-Type = Async
> > >       Acct-Session-Id = "00001234"
> > >       Acct-Status-Type = Stop
> > >       Called-Station-Id = "123456789"
> > >       Calling-Station-Id = "987654321"
> > >       Acct-Delay-Time = 0
> > >       Acct-Session-Time = 1000
> > >       Acct-Input-Octets = 20000
> > >       Acct-Output-Octets = 30000
> > >
> > > Wed Jan  2 10:06:06 2002: WARNING: Bad authenticator in 
> request from 
> > > 127.0.0.1 (203.63.154.1)
> > >
> > > Foreground
> > > LogStdout
> > > LogDir  /Radiator/log
> > > #Dictionary File is in current dir
> > > DictionaryFile ./dictionary
> > > Trace 4
> > >
> > > <Client 127.0.0.1>
> > >        Secret  dogcat
> > >          DupInterval 0
> > > </Client>
> > >      <AuthBy SQL>
> > >
> > >          Identifier CheckSQL
> > >
> > >          DBSource        dbi:mysql:ISP
> > >          DBUsername      admin
> > >          DBAuth lifter
> > >          AccountingTable ACCOUNTING
> > >          AcctColumnDef   USERNAME,User-Name
> > >          AcctColumnDef   TIME_STAMP,Timestamp,integer
> > >          AcctColumnDef   ACCTSTATUSTYPE,Acct-Status-Type
> > >          AcctColumnDef   ACCTDELAYTIME,Acct-Delay-Time,integer
> > >          AcctColumnDef   ACCTINPUTOCTETS,Acct-Input-Octets,integer
> > >          AcctColumnDef   
> ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
> > >          AcctColumnDef   ACCTSESSIONID,Acct-Session-Id
> > >          AcctColumnDef   ACCTSESSIONTIME,Acct-Session-Time,integer
> > >          AcctColumnDef   ACCTTERMINATECAUSE,Acct-Terminate-Cause
> > >          AcctColumnDef   NASIDENTIFIER,NAS-Identifier
> > >          AcctColumnDef   NASPORT,NAS-Port,integer
> > >      </AuthBy>
> > >
> > >
> > >
> > > <AuthBy NT>
> > >
> > >                  Identifier CheckNT
> > >
> > >                  # You must set the domain name here to suit your 
> > > site
> > >                  Domain ETHERNET1
> > >
> > >                  # ON NT, optionally specify the name of the
> > >                  # Primary Domain Controller, including 
> the leading
> > >                  # \\ slashes, to override the default domain 
> > > controller
> > >                  # for the domain you specified above
> > >                  DomainController \\FEZZIK
> > >
> > >                  # On Unix, you MUST specify the Domain Controller
> > >                  # name as the NT host name of the domain 
> controller
> > >                  # its not optional. This needs to be set 
> to the NT
> > >                  # name of the Primary Domain Controller, 
> and further
> > >                  # the NT name must be in the Unix hosts or DNS
> > >                  DomainController FEZZIK
> > >
> > >                  # On NT, you can optionally check the
> > >                  # "Grant dialin permission to user" flag in the
> > >                  # user manager. Requires the
> > >                  # Win32-RasAdmin Perl package to be 
> installed first
> > >                  # HonourDialinPermission
> > >
> > >                  # This will set up some standard reply items for
> > >                  # your NAS, you may need others for your NAS
> > >                   DefaultReply 
> > > Service-Type=Framed-User,Framed-Protocol=PPP
> > >          </AuthBy>
> > >
> > > <Realm 127.0.0.1>
> > >          AuthByPolicy ContinueUntilAccept
> > >          AuthBy CheckNT
> > >          AuthBy CheckSQL
> > >          # Log accounting to the detail file in LogDir
> > >          AcctLogFileName ./detail
> > > </Realm>
> > >
> > >
> > > --
> > > Eric Johnson
> > >
> > > Teamworks Media
> > > www.teamworksmedia.com
> > > --
> > > ===
> > > Archive at http://www.open.com.au/archives/radiator/
> > > Announcements on radiator-announce at open.com.au
> > > To unsubscribe, email 'majordomo at open.com.au' with 'unsubscribe 
> > > radiator' in the body of the message.
> > >
> 
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
> 
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list