Antwort: Re: Antwort: Re: Antwort: Re: (RADIATOR) Radiator - Probs with Authby SQL


Tue Jul 16 02:05:51 CDT 2002 

Hello Hugh,

>You are correct in your analysis below - what you describe is indeed how

the

>SQL interface operates.
>
>The reason that the Cisco is complaining is because there is no

"Service-Type

>= Framed-User" in the reply - Cisco's are very picky about this.

I see. But sadly than i don't really understand why it runs while i do use
the
"Flat-File-Authentication and using the same configuration on the Cisco
Router.
And that means to me that my Cisco Configuration should be fine. I mean,
the
RadiusServer response is always the same. And this response isn't different
only
because the Attributes were taken from DB or File.
Btw i am using a Cisco 3660 with 12.1-5.T and my Users-file
does look like the following:

test  Password=test
      Service-Type=Framed-User,
      Framed-Protocol=PPP,
      Framed-IP-Address=x.x.x.x,
      cisco-avpair="ip:route=z.z.z.z/25 x.x.x.x 1"  (i testet ciscoav
too..and works too)
      Framed-Routing=None,
      Framed-MTU=1500,
      Framed-Compression=Van-Jacobson-TCP-IP

>An alternative approach for common reply attributes is to simply use an
>AddToReply, like this:
>
><AuthBy SQL>
>......
>AddToReply Service-Type = Framed-User, \
>     Framed-Protocol = PPP, \
>     Framed-IP-Address = .....
>     </AuthBy>

I see. I tried the example as you suggested and it worked. But i did work
only, because
of the "Framed-IP-Address=x.x.x.x" with the AddToReply String. But that
doesn't help me
to solve this problem, because i won't use a "static" configuration but DB.

Furthermore I tried to use a partial configuration, that means that in the
AddToReply i specified
only Protocol PPP,and Service-type and contemporanealy i tried to assign
the IP through SQL.
Same thing as before. (Radius doesn't send the Attrib's back to Cisco)

As i don't really have any further idea, i'd like to know, that the reason
of
this strange problem could also be, because i am using a Radiator 3.1 DEMO
Version?

>I am still curious to understand why your configuration file is not

working.

Hugh, i can ensure you, that you'r not the only one:)


and NEIL: thanks for your suggestions, but i'm using C3660. Reloads i did
make
periodically and without any success, but anyways i don't believe that
Cisco
would be the problem.

Any of you with an idea?

Have a nice day, and again i'd thank you just in advance for your help,
Kind regards,
Christian

-------------------------------------------------------

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985                       Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc 
on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X etc etc

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list