(RADIATOR) radpwtst question
Hugh Irvine
hugh at open.com.au
Wed Mar 20 03:28:58 CST 2002
Hello Mike -
The problem is that you are receiving the request from localhost, which
should be the <Client DEFAULT> clause as far as I can see, so the realm will
not be set to MODEMS.
regards
Hugh
On Wed, 20 Mar 2002 11:50, Forbes Mike wrote:
> I am having problems with the following radpwtst line and the following
> config:
> radpwtst -nas_ip_address 128.138.x.x -user unix-tmp -password xxxxxx
> -noacct -secret ccccc -auth_port 1647
>
>
> It should use Realm=MODEMS,NAS-Port-Type=Async,NAS-IP-Address=128.138.x.x,
> but as you can see below it does not work. Is this because I am mixing
> realms and handlers? I am not really mixing them in the config, just by
> client.
>
> Thanks,
>
> Mike
>
>
> Tue Mar 19 17:45:52
> 2002: DEBUG: Packet dump: *** Received from 127.0.0.1 port 53857 ....
> Code: Access-Request
> Identifier: 112
> Authentic: 1234567890123456
> Attributes:
> User-Name = "unix-tmp"
> Service-Type = Framed-User
> NAS-IP-Address = 128.138.x.x
> NAS-Port = 1234
> Called-Station-Id = "123456789"
> Calling-Station-Id = "987654321"
> NAS-Port-Type = Async
> User-Password = "xxxx"
>
> Tue Mar 19 17:45:52 2002: DEBUG: Check if Handler
> Realm=MODEMS,NAS-Port-Type=Async,NAS-IP-Address=128.138.x.x should be
> used to handle this request
> Tue Mar 19 17:45:52 2002: DEBUG: Check if Handler
> Realm=MODEMS,NAS-Port-Type=Virtual should be used to handle this request
> Tue Mar 19 17:45:52 2002: DEBUG: Check if Handler Realm=MODEMS should be
> used to handle this request
> Tue Mar 19 17:45:52 2002: DEBUG: Check if Handler Realm=Off_Campus_VPN
> should be used to handle this request
> Tue Mar 19 17:45:52 2002: DEBUG: Check if Handler Realm=Backbone_Devices
> should be used to handle this request
> Tue Mar 19 17:45:52 2002: DEBUG: Check if Handler Realm=Datacomm_Devices
> should be used to handle this request
> Tue Mar 19 17:45:52 2002: WARNING: Could not find a handler for unix-tmp:
> request is ignored
>
> > #LogStdout
> > LogDir /usr/local/radiator/log
> > DbDir /usr/local/radiator/etc
> > # Use a low trace level in production systems. Increase
> > # it to 4 or 5 for debugging, or use the -trace flag to radiusd
> > Trace 4
> >
> > AuthPort 1647
> > AcctPort 1648
> >
> > #<SNMPAgent>
> > # ROCommunit xxxx
> > #</SNMPAgent>
> >
> > # You will probably want to add other Clients to suit your site,
> > # one for each NAS you want to work with
> > <Client DEFAULT>
> > Secret XXX
> > DupInterval 0
> > DefaultRealm Datacomm_devices
> > </Client>
> >
> > <AuthLog FILE>
> > Identifier Modem_Login_Failures
> > Filename %L/Modem_Login_Failures
> > LogFailure 1
> > FailureFormat %l:NAS %N
> > User:%U:%T:%{NAS-Port-Type}:%{Calling-Station-Id}:%1:Fail
> > </Authlog>
> >
> > <AuthLog FILE>
> > Identifier Backbone_Login_Failures
> > Filename %L/Backbone_Login_Failures
> > LogFailure 1
> > FailureFormat %l:NAS %N User:%U:%T:%{NAS-Port-Type}:From
> > %{Calling-Station-Id}:%1:Fail
> > </Authlog>
> >
> > <AuthLog FILE>
> > Identifier Datacomm_Login_Failures
> > Filename %L/Datacomm_Login_Failures
> > LogFailure 1
> > FailureFormat %l:NAS %N
> > User:%U:%T:%{NAS-Port-Type}:%{Calling-Station-Id}:%1:Fail
> > </Authlog>
> >
> > <AuthLog FILE>
> > Identifier VPN_Login_Failures
> > Filename %L/VPN_Login_Failures
> > LogFailure 1
> > FailureFormat %l:NAS %N User:%U:%T:%{NAS-Port-Type}:From
> > %{Calling-Station-Id}:%1:Fail
> > </Authlog>
> >
> >
> > <Handler Realm=MODEMS,NAS-Port-Type=Async,NAS-IP-Address=x.x.x.x>
> > RewriteUsername s/^([^@]+).*/$1/
> > <AuthBy GROUP>
> > AuthByPolicy ContinueUntilReject
> > <AuthBy PAM>
> > Service radiusd
> > </AuthBy>
> > <AuthBy FILE>
> > Filename %D/backbone_users
> > </AuthBy>
> > </AuthBy>
> > AuthLog Modem_Login_Failures
> > # Log accounting to a detail file
> > AcctLogFileName %L/modem_pool_backbone_users
> > </Handler>
> >
> > <Handler Realm=MODEMS,NAS-Port-Type=Virtual>
> > RewriteUsername s/^([^@]+).*/$1/
> > <AuthBy GROUP>
> > AuthByPolicy ContinueUntilReject
> > <AuthBy PAM>
> > Service radiusd
> > </AuthBy>
> >
> > <AuthBy FILE>
> > Filename %D/backbone_users
> > </AuthBy>
> > </AuthBy>
> > AuthLog Backbone_Login_Failures
> > # Log accounting to a detail file
> > AcctLogFileName %L/modems_backbone_users
> > </Handler>
> >
> > <Handler Realm=MODEMS>
> > RewriteUsername s/^([^@]+).*/$1/
> > <AuthBy GROUP>
> > AuthByPolicy ContinueUntilReject
> > <AuthBy PAM>
> > Service radiusd
> > </AuthBy>
> > <AuthBy LDAP2>
> > Host ggggg
> > Port 389
> > AuthDN
> > uid=xx,ou=xx,ou=xx,dc=xx,dc=xx
> > AuthPassword xxxxxx
> > BaseDN dc=xx,dc=xx
> > NoDefault
> > UsernameAttr uid
> > SearchFilter
> > (&(edupersonprimaryaffiliation=xxx)(uid=%1))
> > Debug 255
> > </AuthBy>
> > </AuthBy>
> > AuthLog Modem_Login_Failures
> > AcctLogFileName %L/Modems
> > </Handler>
> >
> >
> > <Handler Realm=Off_Campus_VPN>
> > RewriteUsername s/^([^@]+).*/$1/
> > <AuthBy GROUP>
> > AuthByPolicy ContinueUntilReject
> > <AuthBy PAM>
> > Service radiusd
> > </AuthBy>
> > <AuthBy LDAP2>
> > Host ggggg
> > Port 389
> > AuthDN
> > uid=xx,ou=xx,ou=xx,dc=xx,dc=xx
> > AuthPassword xxxxxx
> > BaseDN dc=xx,dc=xx
> > NoDefault
> > UsernameAttr uid
> > SearchFilter
> > (&(edupersonprimaryaffiliation=xx)(uid=%1))
> > Debug 255
> > </AuthBy>
> > </AuthBy>
> > AuthLog VPN_Login_Failures
> > AcctLogFileName %L/Off_Campus_VPN
> > </Handler>
> >
> > <Handler Realm=Backbone_Devices>
> > RewriteUsername s/^([^@]+).*/$1/
> > <AuthBy GROUP>
> > AuthByPolicy ContinueUntilReject
> > <AuthBy PAM>
> > Service radiusd
> > </AuthBy>
> >
> > <AuthBy FILE>
> > Filename %D/backbone_users
> > </AuthBy>
> > </AuthBy>
> > AuthLog Backbone_Login_Failures
> > # Log accounting to a detail file
> > AcctLogFileName %L/backbone_devices
> > </Handler>
> >
> > <Handler Realm=Datacomm_Devices>
> > RewriteUsername s/^([^@]+).*/$1/
> > <AuthBy GROUP>
> > AuthByPolicy ContinueUntilReject
> > <AuthBy PAM>
> > Service radiusd
> > </AuthBy>
> >
> > <AuthBy FILE>
> > Filename %D/backbone_users
> > </AuthBy>
> > </AuthBy>
> > AuthLog Datacomm_Login_Failures
> > # Log accounting to a detail file
> > AcctLogFileName %L/datacomm_devices
> > </Handler>
> >
> >
> > <Client x.x.x.x>
> > Secret YYY
> > DefaultRealm MODEMS
> > </Client>
> >
> > <Client x.x.x.x>
> > Secret ZZZ
> > DupInterval 0
> > DefaultRealm BACKBONE
> > </Client>
> >
> > <Client x.x.x.x>
> > Secret ZZZ
> > DupInterval 0
> > DefaultRealm Off_Campus_VPN
> > </Client>
> >
> > <Client x.x.x.x>
> > Secret ZZZ
> > DupInterval 0
> > DefaultRealm BACKBONE
> > </Client>
> >
> > <Client x.x.x.x>
> > Secret YYYY
> > DefaultRealm MODEMS
> > </Client>
> >
> > <Client x.x.x.x>
> > Secret ZZZZZ
> > DupInterval 0
> > DefaultRealm Backbone_Devices
> > </Client>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list