(RADIATOR) radpwtst question
Forbes Mike
Mike.Forbes at Colorado.EDU
Tue Mar 19 18:50:52 CST 2002
I am having problems with the following radpwtst line and the following
config:
radpwtst -nas_ip_address 128.138.x.x -user unix-tmp -password xxxxxx
-noacct -secret ccccc -auth_port 1647
It should use Realm=MODEMS,NAS-Port-Type=Async,NAS-IP-Address=128.138.x.x,
but as you can see below it does not work. Is this because I am mixing
realms and handlers? I am not really mixing them in the config, just by
client.
Thanks,
Mike
Tue Mar 19 17:45:52
2002: DEBUG: Packet dump: *** Received from 127.0.0.1 port 53857 ....
Code: Access-Request
Identifier: 112
Authentic: 1234567890123456
Attributes:
User-Name = "unix-tmp"
Service-Type = Framed-User
NAS-IP-Address = 128.138.x.x
NAS-Port = 1234
Called-Station-Id = "123456789"
Calling-Station-Id = "987654321"
NAS-Port-Type = Async
User-Password = "xxxx"
Tue Mar 19 17:45:52 2002: DEBUG: Check if Handler
Realm=MODEMS,NAS-Port-Type=Async,NAS-IP-Address=128.138.x.x should be
used to handle this request
Tue Mar 19 17:45:52 2002: DEBUG: Check if Handler
Realm=MODEMS,NAS-Port-Type=Virtual should be used to handle this request
Tue Mar 19 17:45:52 2002: DEBUG: Check if Handler Realm=MODEMS should be
used to handle this request
Tue Mar 19 17:45:52 2002: DEBUG: Check if Handler Realm=Off_Campus_VPN
should be used to handle this request
Tue Mar 19 17:45:52 2002: DEBUG: Check if Handler Realm=Backbone_Devices
should be used to handle this request
Tue Mar 19 17:45:52 2002: DEBUG: Check if Handler Realm=Datacomm_Devices
should be used to handle this request
Tue Mar 19 17:45:52 2002: WARNING: Could not find a handler for unix-tmp:
request is ignored
>
> #LogStdout
> LogDir /usr/local/radiator/log
> DbDir /usr/local/radiator/etc
> # Use a low trace level in production systems. Increase
> # it to 4 or 5 for debugging, or use the -trace flag to radiusd
> Trace 4
>
> AuthPort 1647
> AcctPort 1648
>
> #<SNMPAgent>
> # ROCommunit xxxx
> #</SNMPAgent>
>
> # You will probably want to add other Clients to suit your site,
> # one for each NAS you want to work with
> <Client DEFAULT>
> Secret XXX
> DupInterval 0
> DefaultRealm Datacomm_devices
> </Client>
>
> <AuthLog FILE>
> Identifier Modem_Login_Failures
> Filename %L/Modem_Login_Failures
> LogFailure 1
> FailureFormat %l:NAS %N
> User:%U:%T:%{NAS-Port-Type}:%{Calling-Station-Id}:%1:Fail
> </Authlog>
>
> <AuthLog FILE>
> Identifier Backbone_Login_Failures
> Filename %L/Backbone_Login_Failures
> LogFailure 1
> FailureFormat %l:NAS %N User:%U:%T:%{NAS-Port-Type}:From
> %{Calling-Station-Id}:%1:Fail
> </Authlog>
>
> <AuthLog FILE>
> Identifier Datacomm_Login_Failures
> Filename %L/Datacomm_Login_Failures
> LogFailure 1
> FailureFormat %l:NAS %N
> User:%U:%T:%{NAS-Port-Type}:%{Calling-Station-Id}:%1:Fail
> </Authlog>
>
> <AuthLog FILE>
> Identifier VPN_Login_Failures
> Filename %L/VPN_Login_Failures
> LogFailure 1
> FailureFormat %l:NAS %N User:%U:%T:%{NAS-Port-Type}:From
> %{Calling-Station-Id}:%1:Fail
> </Authlog>
>
>
> <Handler Realm=MODEMS,NAS-Port-Type=Async,NAS-IP-Address=x.x.x.x>
> RewriteUsername s/^([^@]+).*/$1/
> <AuthBy GROUP>
> AuthByPolicy ContinueUntilReject
> <AuthBy PAM>
> Service radiusd
> </AuthBy>
> <AuthBy FILE>
> Filename %D/backbone_users
> </AuthBy>
> </AuthBy>
> AuthLog Modem_Login_Failures
> # Log accounting to a detail file
> AcctLogFileName %L/modem_pool_backbone_users
> </Handler>
>
> <Handler Realm=MODEMS,NAS-Port-Type=Virtual>
> RewriteUsername s/^([^@]+).*/$1/
> <AuthBy GROUP>
> AuthByPolicy ContinueUntilReject
> <AuthBy PAM>
> Service radiusd
> </AuthBy>
>
> <AuthBy FILE>
> Filename %D/backbone_users
> </AuthBy>
> </AuthBy>
> AuthLog Backbone_Login_Failures
> # Log accounting to a detail file
> AcctLogFileName %L/modems_backbone_users
> </Handler>
>
> <Handler Realm=MODEMS>
> RewriteUsername s/^([^@]+).*/$1/
> <AuthBy GROUP>
> AuthByPolicy ContinueUntilReject
> <AuthBy PAM>
> Service radiusd
> </AuthBy>
> <AuthBy LDAP2>
> Host ggggg
> Port 389
> AuthDN
> uid=xx,ou=xx,ou=xx,dc=xx,dc=xx
> AuthPassword xxxxxx
> BaseDN dc=xx,dc=xx
> NoDefault
> UsernameAttr uid
> SearchFilter
> (&(edupersonprimaryaffiliation=xxx)(uid=%1))
> Debug 255
> </AuthBy>
> </AuthBy>
> AuthLog Modem_Login_Failures
> AcctLogFileName %L/Modems
> </Handler>
>
>
> <Handler Realm=Off_Campus_VPN>
> RewriteUsername s/^([^@]+).*/$1/
> <AuthBy GROUP>
> AuthByPolicy ContinueUntilReject
> <AuthBy PAM>
> Service radiusd
> </AuthBy>
> <AuthBy LDAP2>
> Host ggggg
> Port 389
> AuthDN
> uid=xx,ou=xx,ou=xx,dc=xx,dc=xx
> AuthPassword xxxxxx
> BaseDN dc=xx,dc=xx
> NoDefault
> UsernameAttr uid
> SearchFilter
> (&(edupersonprimaryaffiliation=xx)(uid=%1))
> Debug 255
> </AuthBy>
> </AuthBy>
> AuthLog VPN_Login_Failures
> AcctLogFileName %L/Off_Campus_VPN
> </Handler>
>
> <Handler Realm=Backbone_Devices>
> RewriteUsername s/^([^@]+).*/$1/
> <AuthBy GROUP>
> AuthByPolicy ContinueUntilReject
> <AuthBy PAM>
> Service radiusd
> </AuthBy>
>
> <AuthBy FILE>
> Filename %D/backbone_users
> </AuthBy>
> </AuthBy>
> AuthLog Backbone_Login_Failures
> # Log accounting to a detail file
> AcctLogFileName %L/backbone_devices
> </Handler>
>
> <Handler Realm=Datacomm_Devices>
> RewriteUsername s/^([^@]+).*/$1/
> <AuthBy GROUP>
> AuthByPolicy ContinueUntilReject
> <AuthBy PAM>
> Service radiusd
> </AuthBy>
>
> <AuthBy FILE>
> Filename %D/backbone_users
> </AuthBy>
> </AuthBy>
> AuthLog Datacomm_Login_Failures
> # Log accounting to a detail file
> AcctLogFileName %L/datacomm_devices
> </Handler>
>
>
> <Client x.x.x.x>
> Secret YYY
> DefaultRealm MODEMS
> </Client>
>
> <Client x.x.x.x>
> Secret ZZZ
> DupInterval 0
> DefaultRealm BACKBONE
> </Client>
>
> <Client x.x.x.x>
> Secret ZZZ
> DupInterval 0
> DefaultRealm Off_Campus_VPN
> </Client>
>
> <Client x.x.x.x>
> Secret ZZZ
> DupInterval 0
> DefaultRealm BACKBONE
> </Client>
>
> <Client x.x.x.x>
> Secret YYYY
> DefaultRealm MODEMS
> </Client>
>
> <Client x.x.x.x>
> Secret ZZZZZ
> DupInterval 0
> DefaultRealm Backbone_Devices
> </Client>
>
>
>
>
>
>
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list