(RADIATOR) ipass problem

Hugh Irvine hugh at open.com.au
Thu Nov 28 16:28:04 CST 2002 

Hello Tunde -

I will need to see a trace 4 debug from Radiator showing what happens 
in both cases.

regards

Hugh


On Friday, Nov 29, 2002, at 07:08 Australia/Melbourne, Ayotunde Itayemi 
wrote:

> Hi Hugh, Hi All,
>  
> I am testing my config for ipass. I have used ipass' own config checker
> from the prompt of my radiator server, and I was able to authenticate 
> the
> username/password given to me by ipass.
>  
> But dialing into one of the NASes on my network with the same 
> credentials
> results in a "request denied" . Any help would be appreciated.
>  
> My config:
>  
> =======================================<Client 80.4.4.30>
>         Secret asecret
>         DupInterval 0
>  NasType Patton
>  SNMPCommunity patt222
>         Identifier viruse1
>  IdenticalClients 80.4.4.61 80.4.4.92
>  RewriteUsername s/^IPASS\/([^@]+)\@([^@]+)$/IPASS\/$1#$2\@myipass/
> </Client>
> <Client localhost>
> # ipass client for VNAS (incoming roamers)
>  Secret asecret
>  Identifier ipassclient
>  IdenticalClients 63.4.4.212
>  RewriteUsername s/^IPASS\/([^@]+)\@([^@]+)$/IPASS\/$1#$2\@myipass/
> </Client>
> # =================== AUTH BYs =================================
> ###### proxy radius for IPASS
> <AuthBy RADIUS>
>         Identifier      ipassNetserver
>         Host            63.4.4.212
>         Secret          asecret
>         AuthPort        11812
>         AcctPort        11813
> #        AddToRequest NAS-IP-Address=%N
>  AddToRequest Called-Station-Id=%{Called-Station-Id}, NAS-IP-Address=%N
> </AuthBy>
> #=================== HANDLERs   ================================
> <Handler Realm=myipass>
>  AcctLogFileName  %L/ipass/detail
>  RewriteUsername  s/^IPASS\/([^#]+)\#([^@]+)\@myipass$/IPASS\/$1\@$2/
> # MaxSessions 1
>  AuthBy ipassNetserver
> </Handler>
> <Handler Client-Identifier=ipassclient>
>         AuthByPolicy ContinueWhileAccept
>         RewriteUsername s/^([^@]+).*/$1/
>         RewriteUsername tr/A-Z/a-z/
>         UsernameCharset a-zA-Z0-9\._ at -
>         AcctLogFileName         %L/account.log
>         PasswordLogFileName     %L/password.log
>         SessionDatabase SDB1
>         AuthBy SQLClientauth
> StripFromReply Framed-IP-Address
> </Handler>
> <Handler Client-Identifier=viruse1>
>         AuthByPolicy ContinueWhileAccept
>         RewriteUsername s/^([^@]+).*/$1/
> RewriteUsername tr/A-Z/a-z/
>         UsernameCharset a-zA-Z0-9\._ at -
> #        MaxSessions 1
> # Show rejection reason to users
>         RejectHasReason
>         AcctLogFileName         %L/account.log
>         PasswordLogFileName     %L/password.log
>         SessionDatabase SDB1
>         AuthBy SQLClientauth
> # AuthBy pattonIPADDRESSauth
> </Handler>
>  
>  
>

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list