(RADIATOR) SNMP not correctly identifying multiple logins
Hugh Irvine
hugh at open.com.au
Sun Jan 6 23:39:15 CST 2002
Hello David -
There are also NasType entries for PM3 and PM4 - have you tried those?
I also seem to recall this topic being discussed on the mailing list, so
check the archive and do a search.
www.open.com.au/archives/radiator
It is certain that if the SNMP query cannot be run manually, Radiator will
not be able to use it either.
regards
Hugh
On Sat, 5 Jan 2002 11:16, David Miller wrote:
> Hi all:
> Have been relying on a session database to enforce multiple login limits,
> but after our data link provider experienced a temporary routing problem
> that left the
> session database out of sync with the actual users connected, decided a
> little more robust
> solution was in order.
> Have been attempting to use the snmpget program to verify multiple login
> violations
> with the Livingston Portmaster NASes (PM25 and PM3). These NASes service
> channelized T1
> lines. The snmpget program is getting called as shown in the trace below,
> but multiple
> logins are not getting correctly identified. Logging into the NAS shows
> the sessions were still actually active. Have tried various settings for
> the LivingstonHole and LivingstonOffs parameters, but to no avail.
> Radiator (version 2.18.4) is running on RedHat Linux 7.1, snmpget program
> is from
> ucd-snmp-4.2.1-4.7.x rpm from sourceforge. I know these are not the most
> current versions
> of Radiator, and snmp (plan to upgrade as soon as we finish a move to new
> facilities).
>
> Running the first snmpget command shown in the trace from the command line
> results
> in the following output (community string sanitized):
>
> [root at dns2 radiator]# snmpget 204.250.116.14 xxxxxxx
> .iso.org.dod.internet.private.enterprises.307.2.1.1.1.2.5
> Error in packet
> Reason: (noSuchName) There is no such variable name in this MIB.
> Failed object: enterprises.307.2.1.1.1.2.5
>
> Please forgive my ignorance of snmp, just starting to get my feet wet.
> Please let me know if I can supply any additional information. Any insights
> would be appreciated.
>
> Regards,
> David Miller
> dmiller at newportnet.com
>
>
> ----------------------------
> # radius.cfg
> #
> #=====================
> # Global Parameters
> #=====================
> LogDir /var/log/radius
> DbDir /etc/radiator/raddb
>
> AuthPort 1645
> AcctPort 1646
>
> # User a low trace level in production systems. Increase
> # it to 4 or 5 for debugging, or use the -trace flag to radiusd
> # Trace 3
> Trace 4
>
> # Log file, in form of logfile.dd_Mmm_yyy
> LogFile %L/logfile.%d_%v_%Y
>
> # Username Rewrite Rules. Strip off realm name, change to lowercase, and
> remove # any whitespace.
> RewriteUsername s/^([^@]+).*/$1/
> RewriteUsername tr/A-Z/a-z/
> RewriteUsername s/\s+//g
>
> # location of snmpget program
> SnmpgetProg /usr/bin/snmpget
>
> # Livingston hole and offs
> # LivingstonHole 1
> # LivingstonOffs 22
>
> #===========
> # Clients
> #===========
> <Client a.b.c.d>
> Secret xxxxxx
> DupInterval 2
> NasType Livingston
> SNMPCommunity xxxxxx
> </Client>
>
> <Client a.b.c.e>
> Secret xxxxxx
> DupInterval 2
> NasType Livingston
> SNMPCommunity xxxxxx
> </Client>
>
> <Client a.b.c.f>
> Secret xxxxxx
> DupInterval 2
> NasType Livingston
> SNMPCommunity xxxxxx
> </Client>
>
> <Client a.b.c.g>
> Secret xxxxxx
> DupInterval 2
> NasType Livingston
> SNMPCommunity xxxxxx
> </Client>
>
> <Client a.b.c.h>
> Secret xxxxxx
> DupInterval 2
> NasType Livingston
> SNMPCommunity xxxxxx
> </Client>
>
> #==================
> # Session Database
> #==================
> <SessionDatabase SQL>
> Identifier RadiusDB1
> DBSource dbi:DB2:radius2
> DBUsername xxxxxxx
> DBAuth xxxxxxx
> </SessionDatabase SQL>
>
> #==================
> # Realms
> #==================
> <Realm DEFAULT>
> # Session Database to use
> SessionDatabase RadiusDB1
>
> <AuthBy FILE>
> # Make passwords case insensitive
> CaseInsensitivePasswords
>
> # Default SimultaneousUse. Can be overridden on a per user basis.
> DefaultSimultaneousUse 1
>
> Filename %D/users
> # no caching for test purposes
> # Nocache
> </AuthBy>
>
> # Log accounting to a detail file
> # Detail filename in form of detail.dd_Mmm_yyy
> AcctLogFileName %L/detail.%d_%v_%Y
> </Realm>
>
>
>
> ----------------------------------------------
> debug trace, community strings sanitized
> ----------------------------------------------
> Thu Jan 3 15:15:40 2002: DEBUG: Packet dump:
> *** Received from 206.158.98.10 port 1026 ....
> Code: Access-Request
> Identifier: 204
> Authentic: <157><192>x<241><7><224><247>@<241><150><19><253><154><17>>r
> Attributes:
> User-Name = "kstevens"
> User-Password = "<241>+<18><130>j{<147><220><216><232><228><236>h^<149>]"
> NAS-IP-Address = 206.158.98.10
> NAS-Port = 10
> NAS-Port-Type = Async
> Service-Type = Framed-User
> Framed-Protocol = PPP
> Connect-Info = "48000 LAPM/V42BIS"
>
> Thu Jan 3 15:15:40 2002: DEBUG: Rewrote user name to kstevens
> Thu Jan 3 15:15:40 2002: DEBUG: Rewrote user name to kstevens
> Thu Jan 3 15:15:40 2002: DEBUG: Rewrote user name to kstevens
> Thu Jan 3 15:15:40 2002: DEBUG: Handling request with Handler
> 'Realm=DEFAULT' Thu Jan 3 15:15:40 2002: DEBUG: RadiusDB1 Deleting session
> for kstevens, 206.158.98.10, 10
> Thu Jan 3 15:15:40 2002: DEBUG: do query is: delete from RADONLINE where
> NASIDENTIFIER='206.158.98.10' and NASPORT=010
>
> Thu Jan 3 15:15:40 2002: DEBUG: Handling with Radius::AuthFILE:
> Thu Jan 3 15:15:40 2002: DEBUG: Radius::AuthFILE looks for match with
> kstevens Thu Jan 3 15:15:40 2002: DEBUG: Query is: select NASIDENTIFIER,
> NASPORT, ACCTSESSIONID, FRAMEDIPADDRESS from RADONLINE where
> USERNAME='kstevens'
>
> Thu Jan 3 15:15:40 2002: DEBUG: Checking if user is still online:
> Livingston, kstevens, 206.158.98.11, 26, 2400184E 206.158.99.81
> Thu Jan 3 15:15:40 2002: DEBUG: Running command `/usr/bin/snmpget
> 206.158.98.11 xxxxxxxx
> .iso.org.dod.internet.private.enterprises.307.2.1.1.1.2.5`
> Thu Jan 3 15:15:40 2002: DEBUG: Running command `/usr/bin/snmpget
> 206.158.98.11 xxxxxxxx
> .iso.org.dod.internet.private.enterprises.307.3.2.1.1.1.5.30`
> Thu Jan 3 15:15:40 2002: NOTICE: RadiusDB1 Session for kstevens at
> 206.158.98.11:26 has gone away
> Thu Jan 3 15:15:40 2002: DEBUG: RadiusDB1 Deleting session for kstevens,
> 206.158.98.11, 26
> Thu Jan 3 15:15:40 2002: DEBUG: do query is: delete from RADONLINE where
> NASIDENTIFIER='206.158.98.11' and NASPORT=026
>
> Thu Jan 3 15:15:40 2002: DEBUG: Radius::AuthFILE ACCEPT:
> Thu Jan 3 15:15:40 2002: DEBUG: Access accepted for kstevens
> Thu Jan 3 15:15:40 2002: DEBUG: Packet dump:
> *** Sending to 206.158.98.10 port 1026 ....
> Code: Access-Accept
> Identifier: 204
> Authentic: <157><192>x<241><7><224><247>@<241><150><19><253><154><17>>r
> Attributes:
>
> Thu Jan 3 15:15:41 2002: DEBUG: Packet dump:
> *** Received from 206.158.98.10 port 1026 ....
> Code: Accounting-Request
> Identifier: 205
> Authentic: <159><11><162><210>w<174><8><215><22><174>n<171>K<182><226>e
> Attributes:
> Acct-Session-Id = "2F002436"
> User-Name = "kstevens"
> NAS-IP-Address = 206.158.98.10
> NAS-Port = 10
> NAS-Port-Type = Async
> Acct-Status-Type = Start
> Acct-Authentic = RADIUS
> Connect-Info = "48000 LAPM/V42BIS"
> Service-Type = Framed-User
> Framed-Protocol = PPP
> Framed-IP-Address = 206.158.99.22
> Acct-Delay-Time = 0
>
> Thu Jan 3 15:15:41 2002: DEBUG: Rewrote user name to kstevens
> Thu Jan 3 15:15:41 2002: DEBUG: Rewrote user name to kstevens
> Thu Jan 3 15:15:41 2002: DEBUG: Rewrote user name to kstevens
> Thu Jan 3 15:15:41 2002: DEBUG: Handling request with Handler
> 'Realm=DEFAULT' Thu Jan 3 15:15:41 2002: DEBUG: RadiusDB1 Adding session
> for kstevens, 206.158.98.10, 10
> Thu Jan 3 15:15:41 2002: DEBUG: do query is: delete from RADONLINE where
> NASIDENTIFIER='206.158.98.10' and NASPORT=010
>
> Thu Jan 3 15:15:41 2002: DEBUG: do query is: insert into RADONLINE
> (USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,
> FRAMEDIPADDRESS, NASPORTTYPE, SERVICETYPE) values ('kstevens',
> '206.158.98.10', 010, '2F002436', 1010099741, '206.158.99.22', 'Async',
> 'Framed-User')
>
> Thu Jan 3 15:15:41 2002: DEBUG: Handling with Radius::AuthFILE:
> Thu Jan 3 15:15:41 2002: DEBUG: Accounting accepted
> Thu Jan 3 15:15:41 2002: DEBUG: Packet dump:
> *** Sending to 206.158.98.10 port 1026 ....
> Code: Accounting-Response
> Identifier: 205
> Authentic: <159><11><162><210>w<174><8><215><22><174>n<171>K<182><226>e
> Attributes:
>
>
> <snip>
>
>
> Thu Jan 3 15:19:37 2002: DEBUG: Packet dump:
> *** Received from 206.158.98.10 port 1026 ....
> Code: Access-Request
> Identifier: 214
> Authentic: <224>oO",<127><181><133><240>X4"<134><252>p<0>
> Attributes:
> User-Name = "wheelhouse"
> User-Password = "(g<182>:<227><198><148>Fs<178><4>o<205><255>0<151>"
> NAS-IP-Address = 206.158.98.10
> NAS-Port = 17
> NAS-Port-Type = Async
> Service-Type = Framed-User
> Framed-Protocol = PPP
> Connect-Info = "28800 LAPM/V42BIS"
>
> Thu Jan 3 15:19:37 2002: DEBUG: Rewrote user name to wheelhouse
> Thu Jan 3 15:19:37 2002: DEBUG: Rewrote user name to wheelhouse
> Thu Jan 3 15:19:37 2002: DEBUG: Rewrote user name to wheelhouse
> Thu Jan 3 15:19:37 2002: DEBUG: Handling request with Handler
> 'Realm=DEFAULT' Thu Jan 3 15:19:37 2002: DEBUG: RadiusDB1 Deleting session
> for wheelhouse, 206.158.98.10, 17
> Thu Jan 3 15:19:37 2002: DEBUG: do query is: delete from RADONLINE where
> NASIDENTIFIER='206.158.98.10' and NASPORT=017
>
> Thu Jan 3 15:19:37 2002: DEBUG: Handling with Radius::AuthFILE:
> Thu Jan 3 15:19:37 2002: DEBUG: Radius::AuthFILE looks for match with
> wheelhouse
> Thu Jan 3 15:19:37 2002: DEBUG: Query is: select NASIDENTIFIER, NASPORT,
> ACCTSESSIONID, FRAMEDIPADDRESS from RADONLINE where USERNAME='wheelhouse'
>
> Thu Jan 3 15:19:37 2002: DEBUG: Checking if user is still online:
> Livingston, wheelhouse, 206.158.98.11, 2, 2400187D 206.158.99.75
> Thu Jan 3 15:19:37 2002: DEBUG: Running command `/usr/bin/snmpget
> 206.158.98.11 xxxxxxxx
> .iso.org.dod.internet.private.enterprises.307.2.1.1.1.2.5`
> Thu Jan 3 15:19:38 2002: DEBUG: Running command `/usr/bin/snmpget
> 206.158.98.11 xxxxxxxx
> .iso.org.dod.internet.private.enterprises.307.3.2.1.1.1.5.7`
> Thu Jan 3 15:19:38 2002: NOTICE: RadiusDB1 Session for wheelhouse at
> 206.158.98.11:2 has gone away
> Thu Jan 3 15:19:38 2002: DEBUG: RadiusDB1 Deleting session for wheelhouse,
> 206.158.98.11, 2
> Thu Jan 3 15:19:38 2002: DEBUG: do query is: delete from RADONLINE where
> NASIDENTIFIER='206.158.98.11' and NASPORT=02
>
> Thu Jan 3 15:19:38 2002: DEBUG: Radius::AuthFILE ACCEPT:
> Thu Jan 3 15:19:38 2002: DEBUG: Access accepted for wheelhouse
> Thu Jan 3 15:19:38 2002: DEBUG: Packet dump:
> *** Sending to 206.158.98.10 port 1026 ....
> Code: Access-Accept
> Identifier: 214
> Authentic: <224>oO",<127><181><133><240>X4"<134><252>p<0>
> Attributes:
>
> Thu Jan 3 15:19:39 2002: DEBUG: Packet dump:
> *** Received from 206.158.98.10 port 1026 ....
> Code: Accounting-Request
> Identifier: 215
> Authentic: <23>V.J<243>X&<16>F<250><199>[=<27><186><6>
> Attributes:
> Acct-Session-Id = "2F002439"
> User-Name = "wheelhouse"
> NAS-IP-Address = 206.158.98.10
> NAS-Port = 17
> NAS-Port-Type = Async
> Acct-Status-Type = Start
> Acct-Authentic = RADIUS
> Connect-Info = "28800 LAPM/V42BIS"
> Service-Type = Framed-User
> Framed-Protocol = PPP
> Framed-IP-Address = 206.158.99.56
> Acct-Delay-Time = 0
>
> Thu Jan 3 15:19:39 2002: DEBUG: Rewrote user name to wheelhouse
> Thu Jan 3 15:19:39 2002: DEBUG: Rewrote user name to wheelhouse
> Thu Jan 3 15:19:39 2002: DEBUG: Rewrote user name to wheelhouse
> Thu Jan 3 15:19:39 2002: DEBUG: Handling request with Handler
> 'Realm=DEFAULT' Thu Jan 3 15:19:39 2002: DEBUG: RadiusDB1 Adding session
> for wheelhouse, 206.158.98.10, 17
> Thu Jan 3 15:19:39 2002: DEBUG: do query is: delete from RADONLINE where
> NASIDENTIFIER='206.158.98.10' and NASPORT=017
>
> Thu Jan 3 15:19:39 2002: DEBUG: do query is: insert into RADONLINE
> (USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,
> FRAMEDIPADDRESS, NASPORTTYPE, SERVICETYPE) values ('wheelhouse',
> '206.158.98.10', 017, '2F002439', 1010099979, '206.158.99.56', 'Async',
> 'Framed-User')
>
> Thu Jan 3 15:19:39 2002: DEBUG: Handling with Radius::AuthFILE:
> Thu Jan 3 15:19:39 2002: DEBUG: Accounting accepted
> Thu Jan 3 15:19:39 2002: DEBUG: Packet dump:
> *** Sending to 206.158.98.10 port 1026 ....
> Code: Accounting-Response
> Identifier: 215
> Authentic: <23>V.J<243>X&<16>F<250><199>[=<27><186><6>
> Attributes:
>
> <snip>
>
>
> Thu Jan 3 15:33:11 2002: DEBUG: Packet dump:
> *** Received from 206.158.98.11 port 1026 ....
> Code: Access-Request
> Identifier: 225
> Authentic: <31><230><184><225>5b<171><237>m<247><156><217><139><199>T<157>
> Attributes:
> User-Name = "bhyde"
> User-Password = "U<216><136>K#qD<224><180><163><199><244>pij<234>"
> NAS-IP-Address = 206.158.98.11
> NAS-Port = 32
> NAS-Port-Type = Async
> Service-Type = Framed-User
> Framed-Protocol = PPP
> Connect-Info = "49333 LAPM/V42BIS"
>
> Thu Jan 3 15:33:11 2002: DEBUG: Rewrote user name to bhyde
> Thu Jan 3 15:33:11 2002: DEBUG: Rewrote user name to bhyde
> Thu Jan 3 15:33:11 2002: DEBUG: Rewrote user name to bhyde
> Thu Jan 3 15:33:11 2002: DEBUG: Handling request with Handler
> 'Realm=DEFAULT' Thu Jan 3 15:33:11 2002: DEBUG: RadiusDB1 Deleting session
> for bhyde, 206.158.98.11, 32
> Thu Jan 3 15:33:11 2002: DEBUG: do query is: delete from RADONLINE where
> NASIDENTIFIER='206.158.98.11' and NASPORT=032
>
> Thu Jan 3 15:33:11 2002: DEBUG: Handling with Radius::AuthFILE:
> Thu Jan 3 15:33:11 2002: DEBUG: Radius::AuthFILE looks for match with
> bhyde Thu Jan 3 15:33:11 2002: DEBUG: Query is: select NASIDENTIFIER,
> NASPORT, ACCTSESSIONID, FRAMEDIPADDRESS from RADONLINE where
> USERNAME='bhyde'
>
> Thu Jan 3 15:33:11 2002: DEBUG: Checking if user is still online:
> Livingston, bhyde, 206.158.98.10, 34, 2F002440 206.158.99.19
> Thu Jan 3 15:33:11 2002: DEBUG: Running command `/usr/bin/snmpget
> 206.158.98.10 xxxxxxxx
> .iso.org.dod.internet.private.enterprises.307.2.1.1.1.2.5`
> Thu Jan 3 15:33:11 2002: DEBUG: Running command `/usr/bin/snmpget
> 206.158.98.10 xxxxxxxx
> .iso.org.dod.internet.private.enterprises.307.3.2.1.1.1.5.38`
> Thu Jan 3 15:33:11 2002: NOTICE: RadiusDB1 Session for bhyde at
> 206.158.98.10:34 has gone away
> Thu Jan 3 15:33:11 2002: DEBUG: RadiusDB1 Deleting session for bhyde,
> 206.158.98.10, 34
> Thu Jan 3 15:33:11 2002: DEBUG: do query is: delete from RADONLINE where
> NASIDENTIFIER='206.158.98.10' and NASPORT=034
>
> Thu Jan 3 15:33:11 2002: DEBUG: Radius::AuthFILE ACCEPT:
> Thu Jan 3 15:33:11 2002: DEBUG: Access accepted for bhyde
> Thu Jan 3 15:33:11 2002: DEBUG: Packet dump:
> *** Sending to 206.158.98.11 port 1026 ....
> Code: Access-Accept
> Identifier: 225
> Authentic: <31><230><184><225>5b<171><237>m<247><156><217><139><199>T<157>
> Attributes:
>
> Thu Jan 3 15:33:12 2002: DEBUG: Packet dump:
> *** Received from 206.158.98.11 port 1026 ....
> Code: Accounting-Request
> Identifier: 226
> Authentic:
> <232><209><248>v<12><182><14><127><142><236><221>F<159><190><171><244>
> Attributes:
> Acct-Session-Id = "2400188D"
> User-Name = "bhyde"
> NAS-IP-Address = 206.158.98.11
> NAS-Port = 32
> NAS-Port-Type = Async
> Acct-Status-Type = Start
> Acct-Authentic = RADIUS
> Connect-Info = "49333 LAPM/V42BIS"
> Service-Type = Framed-User
> Framed-Protocol = PPP
> Framed-IP-Address = 206.158.99.95
> Acct-Delay-Time = 0
>
> Thu Jan 3 15:33:12 2002: DEBUG: Rewrote user name to bhyde
> Thu Jan 3 15:33:12 2002: DEBUG: Rewrote user name to bhyde
> Thu Jan 3 15:33:12 2002: DEBUG: Rewrote user name to bhyde
> Thu Jan 3 15:33:12 2002: DEBUG: Handling request with Handler
> 'Realm=DEFAULT' Thu Jan 3 15:33:12 2002: DEBUG: RadiusDB1 Adding session
> for bhyde, 206.158.98.11, 32
> Thu Jan 3 15:33:12 2002: DEBUG: do query is: delete from RADONLINE where
> NASIDENTIFIER='206.158.98.11' and NASPORT=032
>
> Thu Jan 3 15:33:12 2002: DEBUG: do query is: insert into RADONLINE
> (USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,
> FRAMEDIPADDRESS, NASPORTTYPE, SERVICETYPE) values ('bhyde',
> '206.158.98.11', 032, '2400188D', 1010100792, '206.158.99.95', 'Async',
> 'Framed-User')
>
> Thu Jan 3 15:33:12 2002: DEBUG: Handling with Radius::AuthFILE:
> Thu Jan 3 15:33:12 2002: DEBUG: Accounting accepted
> Thu Jan 3 15:33:12 2002: DEBUG: Packet dump:
> *** Sending to 206.158.98.11 port 1026 ....
> Code: Accounting-Response
> Identifier: 226
> Authentic:
> <232><209><248>v<12><182><14><127><142><236><221>F<159><190><171><244>
> Attributes:
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list