Dupe Proxy-State Attribs in access request packet
Jason Gaddis
jasong at pngcom.com
Wed Mar 13 20:34:06 CST 2002
Hey Everyone,
We are attempting to use radiator in a proxy enviroment. We have
everything working perfectly, except when we try to pass the proxy-state
attribute across, it gets doubled on the way back to the other end.
Radiator is the middle proxy server. We are using Radiator 2.17.1
Heres what the debug looks like:
Wed Mar 13 15:22:15 2002: DEBUG: Packet dump:
*** Received from x.x.x.27 port 57388 ....
Packet length = 69
01 4b 00 45 d2 90 ff 62 35 3b b1 3a 90 05 38 d2
32 30 0c 8e 01 0b 75 73 69 62 2f 74 65 73 74 02
12 30 5b ab d3 ad 72 a1 b9 55 17 51 64 74 96 fe
a3 05 06 00 00 00 0a 20 09 52 61 64 54 65 73 74
21 05 ab 00 ef
Code: Access-Request
Identifier: 75
Authentic: <210><144><255>b5;<177>:<144><5>8<210>20<12><142>
Attributes:
User-Name = "usib/test"
User-Password =
"0[<171><211><173>r<161><185>U<23>Qdt<150><254><163>"
NAS-Port = 10
NAS-Identifier = "RadTest"
Proxy-State = <171><0><239>
Wed Mar 13 15:22:15 2002: DEBUG: Check if Handler Prefix = "zz" should be
used to handle this request
Wed Mar 13 15:22:15 2002: DEBUG: Check if Handler User-Name = /^zz/ should
be used to handle this request
Wed Mar 13 15:22:15 2002: DEBUG: Check if Handler User-Name = /^usi/
should be used to handle this request
Wed Mar 13 15:22:15 2002: DEBUG: Handling request with Handler 'User-Name
= /^usi/'
Wed Mar 13 15:22:15 2002: DEBUG: Deleting session for usib/test,
209.211.205.27, 10
Wed Mar 13 15:22:15 2002: DEBUG: do query is: delete from RADONLINE where
NASIDENTIFIER='x.x.x.27' and NASPORT=010
Wed Mar 13 15:22:15 2002: DEBUG: Handling with Radius::AuthRADIUS
Wed Mar 13 15:22:15 2002: DEBUG: Packet dump:
*** Sending to x.x.x.121 port 1645 ....
Code: Access-Request
Identifier: 2
Authentic: <210><144><255>b5;<177>:<144><5>8<210>20<12><142>
Attributes:
User-Name = "usib/test"
User-Password =
"<127><151><241><16><7><206>i<184><216><25><138><135><141> <127><225>"
NAS-Port = 10
NAS-Identifier = "RadTest"
Proxy-State = <171><0><239>
Wed Mar 13 15:22:15 2002: DEBUG: Packet dump:
*** Received from x.x.x.121 port 1645 ....
Packet length = 25
03 02 00 19 4b 57 e3 08 b1 36 ca 3f a0 8b 91 b3
fe 09 4c 07 21 05 ab 00 ef
Code: Access-Reject
Identifier: 2
Authentic: KW<227><8><177>6<202>?<160><139><145><179><254><9>L<7>
Attributes:
Proxy-State = <171><0><239>
Wed Mar 13 15:22:15 2002: DEBUG: Received reply in AuthRADIUS for req 2
from 216.17.3.121:1645
Wed Mar 13 15:22:15 2002: DEBUG: Packet dump:
*** Sending to x.x.x.27 port 57388 ....
Code: Access-Reject
Identifier: 75
Authentic: <210><144><255>b5;<177>:<144><5>8<210>20<12><142>
Attributes:
Proxy-State = <171><0><239>
Proxy-State = <171><0><239>
As you can see, Radiator is adding another Proxy state attrib to the
resent packet. Is there a way to have it not do this?
tia
-Jason
--
Jason Gaddis
IP Network Implementation and Management Group
PowerNet Global Communications
Cincinnati, Ohio
-------------------------------------------------------
--
Mike McCauley mikem at open.com.au
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc
on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list