Fwd: Re: (RADIATOR) Undefined attributes in dictionary

Ronan Eckelberry radiator at gowebco.com
Fri Mar 22 14:32:48 CST 2002


Alan,

	Try adding these to your config on the Cisco PIX.

radius-server vsa send accounting
radius-server vsa send authentication

-Ronan


-----Original Message-----
From: owner-radiator at open.com.au [mailto:owner-radiator at open.com.au] On
Behalf Of Alan Attard
Sent: Friday, 22 March, 2002 08:42
To: Mike McCauley; radiator at open.com.au
Subject: Re: Fwd: Re: (RADIATOR) Undefined attributes in dictionary


Hi Mike, 

Thanks for your reply. We are using Cisco PIX 525, authenticating and
accounting HTTP traffic from Inside to Outside zone. What shall I do so
that Radiator recognizes these attribute (ie. shall I edit the
dictionary, or something like that???)

Thanking you in advance for your help and support,

Alan

--- Mike McCauley <mikem at open.com.au> wrote:
>Hello Alan,
>
>This Stop packet looks like it came from a broken Radius client. It
contains 
>4 vendor specific attributes with a correct length, but they do not
conform 
>to the standard VSA structure. Instead, of vendor ID etc, they contain
these 
>strings:
>
>
>
>Source-IP=192.168.10.20
>Source-Port=1750
>Destination-IP=66.39.112.64
>Destination-Port=80
>
>What sort of device sent them?
>
>Cheers.
>
>On Fri, 22 Mar 2002 14:45, Hugh Irvine wrote:
>> Mikey -
>>
>> Could you take a look at this please?
>>
>> thanks
>>
>> Hugh
>>
>>
>> ----------  Forwarded Message  ----------
>>
>> Subject: Re: (RADIATOR) Undefined attributes in dictionary
>> Date: Thu, 21 Mar 2002 12:59:39 -0800 (PST)
>> From: Alan Attard <alan.attard at ymcamail.com>
>> To: hugh at open.com.au;, radiator at open.com.au
>>
>> Hi Hugh,
>>
>> I'm forwarding you the Hex Dump Trace your asked for. These strange
>> attribute only appear in Accounting, type STOP.
>>
>> Packet length = 177
>> 04 e3 00 b1 41 8c 3e 83 1d 67 ef 04 98 19 e6 ad
>> ee 8f 0a f6 28 06 00 00 00 02 04 06 81 01 19 ba
>> 0e 06 c0 a8 0a 14 10 06 00 00 00 50 2c 0c 30 78
>> 30 30 30 30 30 32 32 64 01 0a 61 74 74 61 61 30
>> 32 35 2e 06 00 00 00 0c 2a 06 00 00 07 8c 2b 06
>> 00 00 03 52 1a 19 53 6f 75 72 63 65 2d 49 50 3d
>> 31 39 32 2e 31 36 38 2e 31 30 2e 32 30 1a 12 53
>> 6f 75 72 63 65 2d 50 6f 72 74 3d 31 37 35 30 1a
>> 1d 44 65 73 74 69 6e 61 74 69 6f 6e 2d 49 50 3d
>> 36 36 2e 33 39 2e 31 31 32 2e 36 34 1a 15 44 65
>> 73 74 69 6e 61 74 69 6f 6e 2d 50 6f 72 74 3d 38
>> 30
>> Code:       Accounting-Request
>> Identifier: 227
>> Authentic:
A<140>><131><29>g<239><4><152><25><230><173><238><143><10><246>
>> Attributes:
>> 	Acct-Status-Type = Stop
>> 	NAS-IP-Address = 129.1.25.186
>> 	Login-IP-Host = 192.168.10.20
>> 	Login-TCP-Port = 80
>> 	Acct-Session-Id = "0x0000022d"
>> 	User-Name = "attaa025"
>> 	Acct-Session-Time = 12
>> 	Acct-Input-Octets = 1932
>> 	Acct-Output-Octets = 850
>>
>> Thu Mar 21 21:46:38 2002: DEBUG: Check if Handler
>>  Client-Identifier=Internet_Auth should be used to handle this
request Thu
>>  Mar 21 21:46:38 2002: DEBUG: Handling request with Handler
>>  'Client-Identifier=Internet_Auth' Thu Mar 21 21:46:38 2002: DEBUG: 
>> Deleting session for attaa025, 129.1.25.186, Thu Mar 21 21:46:38
2002:
>> DEBUG: Handling with Radius::AuthFILE: InternetGroups Thu Mar 21
21:46:38
>> 2002: DEBUG: Accounting accepted
>> Thu Mar 21 21:46:38 2002: DEBUG: Packet dump:
>> *** Sending to 129.1.25.186 port 1646 ....
>>
>> Packet length = 20
>> 05 e3 00 14 ed 4c a2 a6 d4 bc 5a 23 5a cf f2 30
>> 92 25 df 45
>> Code:       Accounting-Response
>> Identifier: 227
>> Authentic:
A<140>><131><29>g<239><4><152><25><230><173><238><143><10><246>
>> Attributes:
>>
>> Thu Mar 21 21:46:38 2002: ERR: Attribute number 99 (vendor
1399813490) is
>> not defined in your dictionary Thu Mar 21 21:46:38 2002: ERR:
Attribute
>> number 99 (vendor 1399813490) is not defined in your dictionary Thu
Mar 21
>> 21:46:38 2002: ERR: Attribute number 105 (vendor 1147499380) is not
defined
>> in your dictionary Thu Mar 21 21:46:38 2002: ERR: Attribute number
105
>> (vendor 1147499380) is not defined in your dictionary Thu Mar 21
21:46:38
>> 2002: DEBUG: Packet dump:
>>
>> Regards,
>> Alan
>>
>> --- Hugh Irvine <hugh at open.com.au> wrote:
>> >Hello Alan -
>> >
>> >These look like broken radius attributes to me.
>> >
>> >Can you please send me a trace 5 (hex dump) of some of the requests
that
>> >cause these errors? I suspect it is a bug in the Cisco IOS software.
>> >
>> >thanks
>> >
>> >Hugh
>> >
>> >On Fri, 22 Mar 2002 01:08, Alan Attard wrote:
>> >> Hi,
>> >>
>> >> I'd like to ask if anyone knows what the following attributes are:
>> >>
>> >> Attribute number 99 (vender 1399813490)
>> >> Attribute number 105 (vender 1147499380)
>> >>
>> >> I'm using Cisco PIX 525 as a NAS.
>> >>
>> >> Regards,
>> >> Alan
>> >>
>> >> _____________________________________________________________
>> >> YMCAMAIL • YOUR MAIL COMING SOON --->
>> >>
>> >> _____________________________________________________________
>> >> Run a small business? Then you need professional email like
>> >> you at yourbiz.com from Everyone.net  http://www.everyone.net?tag ===
>> >> Archive at http://www.open.com.au/archives/radiator/
>> >> Announcements on radiator-announce at open.com.au
>> >> To unsubscribe, email 'majordomo at open.com.au' with
>> >> 'unsubscribe radiator' in the body of the message.
>> >
>> >--
>> >Radiator: the most portable, flexible and configurable RADIUS server
>> >anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
>> >-
>> >Nets: internetwork inventory and management - graphical, extensible,
>> >flexible with hardware, software, platform and database
independence.
>>
>> _____________________________________________________________
>> YMCAMAIL • YOUR MAIL COMING SOON --->
>>
>> _____________________________________________________________
>> Run a small business? Then you need professional email like
you at yourbiz.com
>>  from Everyone.net  http://www.everyone.net?tag ===
>> Archive at http://www.open.com.au/archives/radiator/
>> Announcements on radiator-announce at open.com.au
>> To unsubscribe, email 'majordomo at open.com.au' with
>> 'unsubscribe radiator' in the body of the message.
>>
>> -------------------------------------------------------
>
>-- 
>Mike McCauley                               mikem at open.com.au
>Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
>24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
>Phone +61 3 9598-0985                       Fax   +61 3 9598-0955
>
>Radiator: the most portable, flexible and configurable RADIUS server 
>anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
>Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc 
>on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X etc etc

_____________________________________________________________
YMCAMAIL • YOUR MAIL COMING SOON --->

_____________________________________________________________
Run a small business? Then you need professional email like
you at yourbiz.com from Everyone.net  http://www.everyone.net?tag
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list