Antw: Re: (RADIATOR) Enless-Loop when wrong passwd and AuthBySQL

Hugh Irvine hugh at open.com.au
Wed Apr 23 18:04:24 CDT 2003 

Hello Ronald -

The problem here is due to the multiple cisco-avpair's in the 
accounting request, and Radiator will only use the first one.

I suggest you set up a seperate Handler for accounting:

<Handler Request-Type = Accounting-Request, Realm = /uva.nl/i>
	....
</Handler>

.....

regards

Hugh


On Wednesday, Apr 23, 2003, at 19:51 Australia/Melbourne, Boontje, R. 
wrote:

>
> Mike,
>
> I use the next handler (in Radiator 3.6) based upon the ssid for
> the Outer authentication:
>
>
> <Handler cisco-avpair="ssid=uva", Realm=/uva.nl/i>
>         # strip off possible windows domain name
>         RewriteUsername s/^.*\\//
>         RewriteUsername s/^([^@]+).*/$1/
>         # strip off the realm
>         RewriteUsername tr/A-Z/a-z/
>         AcctLogFileName %L/wireless-%Y-%m-%d.detail
>         <AuthBy FILE>
>                 Filename /usr/local/etc/rad-users
>                 EAPType TTLS
>
> This works fine for the authentication request, however the accounting 
> requests
> fail (see below) with this specific handler.
>
>
> Wed Apr 23 11:36:01 2003: DEBUG: Packet dump:
> *** Received from 145.18.2.101 port 1042 ....
> Code:       Accounting-Request
> Identifier: 18
> Authentic:  
> <244><177><221>SR<183><231><153><241><172><173>vl<249><246><31>
> Attributes:
>         Acct-Status-Type = Start
>         User-Name = "rboontj1 at uva.nl"
>         Acct-Session-Id = " 1f00002"
>         Acct-Authentic = RADIUS
>         NAS-Port = 37
>         Calling-Station-Id = "000b46ebd524"
>         NAS-Identifier = "bg1-ap3"
>         NAS-IP-Address = 145.18.2.101
>         cisco-avpair = "vlan-id=20"
>         cisco-avpair = "nas-location=[231] Turfdraagsterpad 9 "
>         cisco-avpair = "auth-algo-type=type=21"
>         cisco-avpair = "ssid=uva"
>         Acct-Delay-Time = 0
>
> Wed Apr 23 11:36:01 2003: WARNING: Could not find a handler for 
> rboontj1 at uva.nl: request is ignored
>
> Do you have any suggestions?
>
> Thanks in advance,
>
> Ronald Boontje
> Universiteit van Amsterdam
> Informatiseringscentrum / Data&Telecommunicatie
> Turfdraagsterpad 9
> 1012 XT Amsterdam
> Tel: 020-5254892
> Fax: 020-5252084
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list