Fwd: Re: (RADIATOR) Undefined attributes in dictionary
Hugh Irvine
hugh at open.com.au
Fri Mar 22 17:19:43 CST 2002
Hello Alan -
You should report the bug to Cisco and see if there is a fix for it.
regards
Hugh
On Sat, 23 Mar 2002 00:41, Alan Attard wrote:
> Hi Mike,
>
> Thanks for your reply. We are using Cisco PIX 525, authenticating and
> accounting HTTP traffic from Inside to Outside zone. What shall I do so
> that Radiator recognizes these attribute (ie. shall I edit the dictionary,
> or something like that???)
>
> Thanking you in advance for your help and support,
>
> Alan
>
> --- Mike McCauley <mikem at open.com.au> wrote:
> >Hello Alan,
> >
> >This Stop packet looks like it came from a broken Radius client. It
> > contains 4 vendor specific attributes with a correct length, but they do
> > not conform to the standard VSA structure. Instead, of vendor ID etc,
> > they contain these strings:
> >
> >
> >
> >Source-IP=192.168.10.20
> >Source-Port=1750
> >Destination-IP=66.39.112.64
> >Destination-Port=80
> >
> >What sort of device sent them?
> >
> >Cheers.
> >
> >On Fri, 22 Mar 2002 14:45, Hugh Irvine wrote:
> >> Mikey -
> >>
> >> Could you take a look at this please?
> >>
> >> thanks
> >>
> >> Hugh
> >>
> >>
> >> ---------- Forwarded Message ----------
> >>
> >> Subject: Re: (RADIATOR) Undefined attributes in dictionary
> >> Date: Thu, 21 Mar 2002 12:59:39 -0800 (PST)
> >> From: Alan Attard <alan.attard at ymcamail.com>
> >> To: hugh at open.com.au;, radiator at open.com.au
> >>
> >> Hi Hugh,
> >>
> >> I'm forwarding you the Hex Dump Trace your asked for. These strange
> >> attribute only appear in Accounting, type STOP.
> >>
> >> Packet length = 177
> >> 04 e3 00 b1 41 8c 3e 83 1d 67 ef 04 98 19 e6 ad
> >> ee 8f 0a f6 28 06 00 00 00 02 04 06 81 01 19 ba
> >> 0e 06 c0 a8 0a 14 10 06 00 00 00 50 2c 0c 30 78
> >> 30 30 30 30 30 32 32 64 01 0a 61 74 74 61 61 30
> >> 32 35 2e 06 00 00 00 0c 2a 06 00 00 07 8c 2b 06
> >> 00 00 03 52 1a 19 53 6f 75 72 63 65 2d 49 50 3d
> >> 31 39 32 2e 31 36 38 2e 31 30 2e 32 30 1a 12 53
> >> 6f 75 72 63 65 2d 50 6f 72 74 3d 31 37 35 30 1a
> >> 1d 44 65 73 74 69 6e 61 74 69 6f 6e 2d 49 50 3d
> >> 36 36 2e 33 39 2e 31 31 32 2e 36 34 1a 15 44 65
> >> 73 74 69 6e 61 74 69 6f 6e 2d 50 6f 72 74 3d 38
> >> 30
> >> Code: Accounting-Request
> >> Identifier: 227
> >> Authentic:
> >> A<140>><131><29>g<239><4><152><25><230><173><238><143><10><246>
> >> Attributes:
> >> Acct-Status-Type = Stop
> >> NAS-IP-Address = 129.1.25.186
> >> Login-IP-Host = 192.168.10.20
> >> Login-TCP-Port = 80
> >> Acct-Session-Id = "0x0000022d"
> >> User-Name = "attaa025"
> >> Acct-Session-Time = 12
> >> Acct-Input-Octets = 1932
> >> Acct-Output-Octets = 850
> >>
> >> Thu Mar 21 21:46:38 2002: DEBUG: Check if Handler
> >> Client-Identifier=Internet_Auth should be used to handle this request
> >> Thu Mar 21 21:46:38 2002: DEBUG: Handling request with Handler
> >> 'Client-Identifier=Internet_Auth' Thu Mar 21 21:46:38 2002: DEBUG:
> >> Deleting session for attaa025, 129.1.25.186, Thu Mar 21 21:46:38 2002:
> >> DEBUG: Handling with Radius::AuthFILE: InternetGroups Thu Mar 21
> >> 21:46:38 2002: DEBUG: Accounting accepted
> >> Thu Mar 21 21:46:38 2002: DEBUG: Packet dump:
> >> *** Sending to 129.1.25.186 port 1646 ....
> >>
> >> Packet length = 20
> >> 05 e3 00 14 ed 4c a2 a6 d4 bc 5a 23 5a cf f2 30
> >> 92 25 df 45
> >> Code: Accounting-Response
> >> Identifier: 227
> >> Authentic:
> >> A<140>><131><29>g<239><4><152><25><230><173><238><143><10><246>
> >> Attributes:
> >>
> >> Thu Mar 21 21:46:38 2002: ERR: Attribute number 99 (vendor 1399813490)
> >> is not defined in your dictionary Thu Mar 21 21:46:38 2002: ERR:
> >> Attribute number 99 (vendor 1399813490) is not defined in your
> >> dictionary Thu Mar 21 21:46:38 2002: ERR: Attribute number 105 (vendor
> >> 1147499380) is not defined in your dictionary Thu Mar 21 21:46:38 2002:
> >> ERR: Attribute number 105 (vendor 1147499380) is not defined in your
> >> dictionary Thu Mar 21 21:46:38 2002: DEBUG: Packet dump:
> >>
> >> Regards,
> >> Alan
> >>
> >> --- Hugh Irvine <hugh at open.com.au> wrote:
> >> >Hello Alan -
> >> >
> >> >These look like broken radius attributes to me.
> >> >
> >> >Can you please send me a trace 5 (hex dump) of some of the requests
> >> > that cause these errors? I suspect it is a bug in the Cisco IOS
> >> > software.
> >> >
> >> >thanks
> >> >
> >> >Hugh
> >> >
> >> >On Fri, 22 Mar 2002 01:08, Alan Attard wrote:
> >> >> Hi,
> >> >>
> >> >> I'd like to ask if anyone knows what the following attributes are:
> >> >>
> >> >> Attribute number 99 (vender 1399813490)
> >> >> Attribute number 105 (vender 1147499380)
> >> >>
> >> >> I'm using Cisco PIX 525 as a NAS.
> >> >>
> >> >> Regards,
> >> >> Alan
> >> >>
> >> >> _____________________________________________________________
> >> >> YMCAMAIL YOUR MAIL COMING SOON --->
> >> >>
> >> >> _____________________________________________________________
> >> >> Run a small business? Then you need professional email like
> >> >> you at yourbiz.com from Everyone.net http://www.everyone.net?tag ===
> >> >> Archive at http://www.open.com.au/archives/radiator/
> >> >> Announcements on radiator-announce at open.com.au
> >> >> To unsubscribe, email 'majordomo at open.com.au' with
> >> >> 'unsubscribe radiator' in the body of the message.
> >> >
> >> >--
> >> >Radiator: the most portable, flexible and configurable RADIUS server
> >> >anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> >> >-
> >> >Nets: internetwork inventory and management - graphical, extensible,
> >> >flexible with hardware, software, platform and database independence.
> >>
> >> _____________________________________________________________
> >> YMCAMAIL YOUR MAIL COMING SOON --->
> >>
> >> _____________________________________________________________
> >> Run a small business? Then you need professional email like
> >> you at yourbiz.com from Everyone.net http://www.everyone.net?tag ===
> >> Archive at http://www.open.com.au/archives/radiator/
> >> Announcements on radiator-announce at open.com.au
> >> To unsubscribe, email 'majordomo at open.com.au' with
> >> 'unsubscribe radiator' in the body of the message.
> >>
> >> -------------------------------------------------------
> >
> >--
> >Mike McCauley mikem at open.com.au
> >Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
> >24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
> >Phone +61 3 9598-0985 Fax +61 3 9598-0955
> >
> >Radiator: the most portable, flexible and configurable RADIUS server
> >anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> >Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc
> >on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X etc etc
>
> _____________________________________________________________
> YMCAMAIL YOUR MAIL COMING SOON --->
>
> _____________________________________________________________
> Run a small business? Then you need professional email like you at yourbiz.com
> from Everyone.net http://www.everyone.net?tag ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list