Antwort: Re: (RADIATOR) Radiator - Probs with Authby SQL
Hugh Irvine
hugh at open.com.au
Fri Jul 12 03:55:09 CDT 2002
Hello Christian -
Thanks for sending the DB record - which looks OK, so I am surprised that we
do not see the repy attributes that you have specified. Actually - I have
just noticed that you have a trailing comma ',' in the replyattr field, which
is probably confusing the parser.
Please remove it and send me the results.
regards
Hugh
On Thu, 11 Jul 2002 18:35, Christian Rautscher wrote:
> Hi Hugh,
> thank you for your quick response.
>
> >Could you please send me a couple of user definitions from your database,
>
> so I
>
> >can see the contents of the various fields?
>
> aThat what i did is to create a simple standart Mysql DB with the Table
> SUBSCRIBERS, where i defined
> 4 different Test accounts. Table Colums are the following:
>
> USERNAME | PASSWORD | ENCRYPTED PASSWORD | CHECKATTR | REPLYATTR |
> TIMELEFT
> test | test | NULL | Service-Type
> = Framed-User | Framed-Protocol = PPP, Framed-IP-Address= x.x.x.x,
>
> | NULL
>
> And in the Table RADCLIENTLIST i defined only my NAS (IP) with the Radius
> Key (Secret). Nothing else.
>
> I hope that the things i sent you can help you.
> Thank you again and regards,
> Christian
>
>
>
>
>
>
> Hugh Irvine <hugh at open.com.au>@open.com.au am 11.07.2002 09:28:54
>
> Bitte antworten an hugh at open.com.au
>
> Gesendet von: owner-radiator at open.com.au
>
>
> An: "Christian Rautscher" <Christian.Rautscher at run.bz.it>,
> radiator at open.com.au
> Kopie: (Blindkopie: Christian Rautscher/RUN/RAIFF)
>
> Thema: Re: (RADIATOR) Radiator - Probs with Authby SQL
>
>
>
> Ciao Christian -
>
>
> thanks
>
> Hugh
>
> On Thu, 11 Jul 2002 00:27, Christian Rautscher wrote:
> > Hi there,
> >
> > I'm actually testing Radiator 3.1 DEMO Version for different kind
> > of AccessAuthentications for different Services on Cisco Routers.
> > When i tested Radiator by a "flat-file" Authentication everything
> > went well.
> > Actually i am using Mysql as DB and it works fine
> > for Login and Administrative Services, but only the Dial-IN connections
> > with PPP doesn't work. The Debug on my Cisco-Router tells me
>
> Authorization
>
> > errors.
> >
> > ( I am sure that the Cisco Config is fine, 'coz it works with
> > Radiator-Flat-File-Authentication)
> >
> > My Radiator config looks like this:
>
> ---------------------------------------------------------------------------
>
> >------------------------- <ClientListSQL>
> > DBSource dbi:mysql:radius
> > DBUsername [snip]
> > DBAuth [snip]
> > </ClientListSQL>
> >
> > <Realm DEFAULT>
> > <AuthBy SQL>
> > DBSource dbi:mysql:radius
> > DBUsername [snip]
> > DBAuth [snip]
> >
> > AuthSelect select password, checkattr, replyattr from SUBSCRIBERS
> > where USERNAME='%U'
> >
> > AuthColumnDef 0, User-Password, check
> > AuthColumnDef 1, GENERIC, check
> > AuthColumnDef 2, GENERIC, reply
>
> ---------------------------------------------------------------------------
>
> >----------------------------
> >
> > The Radiator Log "trace 5" looks like this. The User Authentication seems
> > going well, but after that
> > in the Section of "Reply-Attributes" the log acruptly ends without any
> > reason.
> >
> > I'd like to thank you just in advance for your help, and if anyone needs
> > any other
> > information, please don't hesitate to contact me.
> > Thankyou and kind regards,
> > Chris
> >
> >
> > ----------------------------
> > Log-File Radiator (trace5)
> >
> > Code: Access-Request
> > Identifier: 131
> > Authentic: <185><152>Mw&<156><132><27>h;<179><160>c6<233>9
> > Attributes:
> > NAS-IP-Address = [snip]
> > NAS-Port = 74
> > NAS-Port-Type = Async
> > User-Name = "test"
> > Called-Station-Id = "[snip]"
> > Calling-Station-Id = "[snip]"
> > User-Password = "[snip]"
> > Service-Type = Framed-User
> > Framed-Protocol = PPP
> >
> > Wed Jul 10 15:51:36 2002: DEBUG: Handling request with Handler
> > 'Realm=DEFAULT'
> > Wed Jul 10 15:51:36 2002: DEBUG: Deleting session for test,
> > IP-ADDRESS[snip], 74
> > Wed Jul 10 15:51:36 2002: DEBUG: Handling with Radius::AuthSQL
> > Wed Jul 10 15:51:36 2002: DEBUG: Handling with Radius::AuthSQL:
> > Wed Jul 10 15:51:36 2002: DEBUG: Query is: select password, checkattr,
> > replyattr from SUBSCRIBERS where USERNAME='test'
> >
> > Wed Jul 10 15:51:36 2002: DEBUG: Radius::AuthSQL looks for match with
> > bcomtest
> > Wed Jul 10 15:51:36 2002: DEBUG: Radius::AuthSQL ACCEPT:
> > Wed Jul 10 15:51:36 2002: DEBUG: Access accepted for test
> > Wed Jul 10 15:51:36 2002: DEBUG: Packet dump:
> > *** Sending to IP[snip] port 1645 ....
> >
> > Packet length = 20
> > 02 83 00 14 9a 9e 5d 4b 4f 70 91 b2 73 7f f1 dc
> > a1 6e 2b 7b
> > Code: Access-Accept
> > Identifier: 131
> > Authentic: <185><152>Mw&<156><132><27>h;<179><160>c6<233>9
> > Attributes:
> >
> >
> >
> >
> > ===
> > Archive at http://www.open.com.au/archives/radiator/
> > Announcements on radiator-announce at open.com.au
> > To unsubscribe, email 'majordomo at open.com.au' with
> > 'unsubscribe radiator' in the body of the message.
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list