(RADIATOR) howto duplicate auth patckets

Thu Sep 19 01:28:37 CDT 2002

Salut Herve -

Ca va la vie?

You should change the order of your AuthBy clauses, so the last AuthBy 
gives the authentication response.

So in your case, you should do this:

<Handler>

         AuthByPolicy ContinueAlways

         <AuthBy SQL>
         Identifier MySQL
         DBSource        dbi:mysql:radius
         DBUsername      xxxxxx
         DBAuth          xxxxxx
         AuthSelect
         AccountingTable ACCOUNTING
         AcctColumnDef USERNAME,User-Name
         AcctColumnDef TIME_STAMP,Timestamp,integer
         AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
         AcctColumnDef ACCTDELAYTIME, Ascend-PreSession-Time,integer
         AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
         AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
         AcctColumnDef ACCTSESSIONID,Acct-Session-Id
         AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
         AcctColumnDef ACCTTERMINATECAUSE,Ascend-Disconnect-Cause
         AcctColumnDef NASIDENTIFIER,NAS-IP-Address
         AcctColumnDef NASPORT,NAS-Port,integer
         AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
         AcctColumnDef CALLERID,Calling-Station-Id
         </AuthBy>

	  <AuthBy RADIUS>
         Secret xxxxxx
         #server1
         <Host 192.168.0.1 >
         AcctPort 1646
         </Host>
         #server2
         <Host 192.168.0.2>
         AcctPort 1646
         </Host>
         StripFromRequest Calling-Station-Id,Ascend-PreSession-Time
         IgnoreReject
         AccountingStopsOnly
         </AuthBy>

         <AuthBy FILE>
         AcceptIfMissing
         Filename %D/users
         </AuthBy>

</Handler>

A+

Hugues

On Wednesday, September 18, 2002, at 08:01 PM, DANG Herve wrote:

> Hi,
>
> Here are my actual-settings :
>
> 1- authentificaton: accept anything  ( authby file )
> 2- local SQL Accounting  ( authby SQL )
> 3- Forward ACCOUNTING STOP packets to clients radius server for log 
> purposes
> ( authby RADIUS )
>
> Everything works fine
>
> Now i'd like to send  auth packets to clients radius server ( that's 
> only
> for logging
> purpose , we don't need any ACK from this radius server )
>
> 1 - authentificaton: accept anything  ( authby file )
> 1bis - forward/duplicate auth packet to clients radius server for log
> purposes ( ??? )
> 2 - local SQL Accounting  ( authby SQL )
> 3 - Forward ACCOUNTING STOP packets to client's radius server for log
> purposes ( authby RADIUS )
>
> if i delete the "NoForwardAuthentication" in my authby RADIUS clause, 
> and
> then forward Authentification
> will it be ok ??
>
> Thx
> Herve
>
> <Handler>
>         AuthByPolicy ContinueAlways
>         <AuthBy FILE>
>         AcceptIfMissing
>         Filename %D/users
>         </AuthBy>
>
>         <AuthBy SQL>
>         Identifier MySQL
>         DBSource        dbi:mysql:radius
>         DBUsername      xxxxxx
>         DBAuth          xxxxxx
>         AuthSelect
>         AccountingTable ACCOUNTING
>         AcctColumnDef USERNAME,User-Name
>         AcctColumnDef TIME_STAMP,Timestamp,integer
>         AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
>         AcctColumnDef ACCTDELAYTIME, Ascend-PreSession-Time,integer
>         AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
>         AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
>         AcctColumnDef ACCTSESSIONID,Acct-Session-Id
>         AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
>         AcctColumnDef ACCTTERMINATECAUSE,Ascend-Disconnect-Cause
>         AcctColumnDef NASIDENTIFIER,NAS-IP-Address
>         AcctColumnDef NASPORT,NAS-Port,integer
>         AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
>         AcctColumnDef CALLERID,Calling-Station-Id
>         </AuthBy>
>
> 	  <AuthBy RADIUS>
>         Secret xxxxxx
>         #server1
>         <Host 192.168.0.1 >
>         AcctPort 1646
>         </Host>
>         #server2
>         <Host 192.168.0.2>
>         AcctPort 1646
>         </Host>
>         StripFromRequest Calling-Station-Id,Ascend-PreSession-Time
>         IgnoreReject
>         NoForwardAuthentication
>         AccountingStopsOnly
>         </AuthBy>
> </Handler>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.