Antwort: Re: Antwort: Re: Antwort: Re: (RADIATOR) Radiator - Probs with Authby SQL

Hugh Irvine hugh at open.com.au
Tue Jul 16 04:04:27 CDT 2002


Hello Christian -

I understand your concerns and I am also keen to understand why the 
AuthBy SQL clause is not operating correctly.

Could you please send me the version of Radiator you are running, the 
type and version of database, the versions of Perl/DBD/DBI and the 
hardware/software platform you are running on. Also include any other 
information that might be useful. And don't forget to include copies 
of your configuration file (no secrets), a trace 4 debug showing what 
is happening, and copies of the relevant SQL records.

many thanks

Hugh



At 9:05 +0200 16/7/02, Christian Rautscher wrote:
>Hello Hugh,
>
>>You are correct in your analysis below - what you describe is indeed how
>the
>>SQL interface operates.
>>
>>The reason that the Cisco is complaining is because there is no
>"Service-Type
>>= Framed-User" in the reply - Cisco's are very picky about this.
>>
>
>I see. But sadly than i don't really understand why it runs while i do use
>the
>"Flat-File-Authentication and using the same configuration on the Cisco
>Router.
>And that means to me that my Cisco Configuration should be fine. I mean,
>the
>RadiusServer response is always the same. And this response isn't different
>only
>because the Attributes were taken from DB or File.
>Btw i am using a Cisco 3660 with 12.1-5.T and my Users-file
>does look like the following:
>
>test  Password=test
>       Service-Type=Framed-User,
>       Framed-Protocol=PPP,
>       Framed-IP-Address=x.x.x.x,
>       cisco-avpair="ip:route=z.z.z.z/25 x.x.x.x 1"  (i testet ciscoav
>too..and works too)
>       Framed-Routing=None,
>       Framed-MTU=1500,
>       Framed-Compression=Van-Jacobson-TCP-IP
>
>>An alternative approach for common reply attributes is to simply use an
>>AddToReply, like this:
>>
>><AuthBy SQL>
>>......
>>AddToReply Service-Type = Framed-User, \
>>      Framed-Protocol = PPP, \
>>      Framed-IP-Address = .....
>>      </AuthBy>
>
>I see. I tried the example as you suggested and it worked. But i did work
>only, because
>of the "Framed-IP-Address=x.x.x.x" with the AddToReply String. But that
>doesn't help me
>to solve this problem, because i won't use a "static" configuration but DB.
>
>Furthermore I tried to use a partial configuration, that means that in the
>AddToReply i specified
>only Protocol PPP,and Service-type and contemporanealy i tried to assign
>the IP through SQL.
>Same thing as before. (Radius doesn't send the Attrib's back to Cisco)
>
>As i don't really have any further idea, i'd like to know, that the reason
>of
>this strange problem could also be, because i am using a Radiator 3.1 DEMO
>Version?
>
>>I am still curious to understand why your configuration file is not
>working.
>
>Hugh, i can ensure you, that you'r not the only one:)
>
>
>and NEIL: thanks for your suggestions, but i'm using C3660. Reloads i did
>make
>periodically and without any success, but anyways i don't believe that
>Cisco
>would be the problem.
>
>Any of you with an idea?
>
>Have a nice day, and again i'd thank you just in advance for your help,
>Kind regards,
>Christian

-- 

NB: I am travelling this week, so there may be delays in our correspondence.

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list