(RADIATOR) Redback Static IP Problem

Hugh Irvine hugh at open.com.au
Fri Aug 29 18:49:54 CDT 2003


Hello AL -

This is what your configuration file is set up to return to the NAS:


> *** Sending to 64.91.105.5 port 1812 ....
> Code:       Access-Accept
> Identifier: 107
> Authentic:  mp}<198><236><229><167>/<153><179>m<189><149>z<31>d
> Attributes:
>         Service-Type = Framed-User
>         Framed-Protocol = PPP

What other attributes do you want to send? And how do you want to  
manage those attributes?

regards

Hugh


On Saturday, Aug 30, 2003, at 06:06 Australia/Melbourne, Charles  
Alexander McCain wrote:

> Hello,
>
> I'm having an issue with my redbacks. They cannot allocate ip  
> addresses.
> In my trace 4, i notice that the user is not getting the attributes  
> they
> need.
> How can this be fixed?
>
> Here is my config and trace4
>
> Thanks,
> AL
>
> ---------
> Fri Aug 29 14:08:30 2003: DEBUG: Packet dump:
> *** Received from 1.2.3.4 port 1812 ....
> Code:       Access-Request
> Identifier: 107
> Authentic:  mp}<198><236><229><167>/<153><179>m<189><149>z<31>d
> Attributes:
>         User-Name = "user"
>         User-Password =
> "~~1<223><156><248><145><196><250><0>W<219><246><204><21>:"
>         NAS-Identifier = "rb"
>         NAS-IP-Address = 1.2.3.4
>         RB-NAS-Real-Port = 402850582
>         Service-Type = Framed-User
>         Framed-Protocol = PPP
>         NAS-Port = 3892318919
>         Connect-Info = "ubrc"
>
> Fri Aug 29 14:08:30 2003: DEBUG: Rewrote user name to user
> Fri Aug 29 14:08:30 2003: DEBUG: Rewrote user name to user
> Fri Aug 29 14:08:30 2003: DEBUG: Rewrote user name to user
> Fri Aug 29 14:08:30 2003: DEBUG: Rewrote user name to user
> Fri Aug 29 14:08:30 2003: ERR: Error while rewriting username user:  
> syntax
> error at (eval 1787) line 2, at EOF
>
> Fri Aug 29 14:08:30 2003: DEBUG: Rewrote user name to user
> Fri Aug 29 14:08:30 2003: ERR: Error in PreHandlerHook(): Can't use  
> string
> ("") as a subroutine ref while "strict refs" in use at
> /usr/local/lib/perl5/site_perl/5.6.1/Radius/Client.pm line 338.
>
> Fri Aug 29 14:08:30 2003: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
> Fri Aug 29 14:08:30 2003: DEBUG: Rewrote user name to user
> Fri Aug 29 14:08:30 2003: DEBUG: SQLS Deleting session for user,  
> 1.2.3.4,
> 3892318919
> Fri Aug 29 14:08:30 2003: DEBUG: do query is: delete from RADONLINE  
> where
> USERNAME = 'user' and NASIDENTIFIER='1.2.3.4' and NASPORT='3892318919'
>
> Fri Aug 29 14:08:30 2003: DEBUG: Handling with Radius::AuthLDAP2
> Fri Aug 29 14:08:30 2003: DEBUG: Attempting to bind with
> uid=searchuser,dc=domain,dc=net, password
> Fri Aug 29 14:08:30 2003: DEBUG: LDAP got result for
> uid=user,ou=People,dc=domain,dc=net
> Fri Aug 29 14:08:30 2003: DEBUG: LDAP got userPassword:
> {crypt}cgoHd/FmCIXh.
> Fri Aug 29 14:08:30 2003: DEBUG: LDAP got gidNumber: 3010
> Fri Aug 29 14:08:30 2003: DEBUG: Radius::AuthLDAP2 looks for match with
> user
> Fri Aug 29 14:08:30 2003: DEBUG: Query is: select NASIDENTIFIER,  
> NASPORT,
> ACCTSESSIONID, FRAMEDIPADDRESS from RADONLINE where USERNAME='user'
>
> Fri Aug 29 14:08:30 2003: DEBUG: Radius::AuthLDAP2 ACCEPT:
> Fri Aug 29 14:08:30 2003: DEBUG: Access accepted for user
> Fri Aug 29 14:08:30 2003: DEBUG: Packet dump:
> *** Sending to 64.91.105.5 port 1812 ....
> Code:       Access-Accept
> Identifier: 107
> Authentic:  mp}<198><236><229><167>/<153><179>m<189><149>z<31>d
> Attributes:
>         Service-Type = Framed-User
>         Framed-Protocol = PPP
>
> ----------------------------------------------------------------------- 
> ----
>
> #Foreground
> #LogStdout
> LogDir /var/adm/radacct
> DbDir /etc/raddb
> PreHandlerHook file:"%D/prehook"
>
> SnmpgetProg /usr/local/bin/snmpget
> Trace 4
> RewriteUsername         s/^([^@]+)\@domain.net/$1/
> RewriteUsername         s/^([^@]+)\@domain.net/$1/
> RewriteUsername         s/\s+//g
> RewriteUsername         tr/A-Z/a-z/
> <Client DEFAULT>
>
>         Secret ******
>         DupInterval 0
>
> </Client>
>
> <SessionDatabase SQL>
>
>        DBSource dbi:mysql:radius:host
>        DBUsername radtest
>        DBAuth ******
>         Identifier SQLS
>
>                 AddQuery insert into RADONLINE (USERNAME,\
>                 NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,\
>                 FRAMEDIPADDRESS, NASPORTTYPE, SERVICETYPE,DNIS) \
>                 values ('%n', '%N',\
>                 '%{NAS-Port}', '%{Acct-Session-Id}', '%o',\
>                 '%{Framed-IP-Address}', '%{NAS-Port-Type}',\
>                 '%{Service-Type}','%{Called-Station-Id}')
>
>
>            DeleteQuery delete from RADONLINE where \
>                  USERNAME = '%n' and NASIDENTIFIER='%N' \
>                  and NASPORT='%{NAS-Port}'
>
> ClearNasQuery delete from RADONLINE where NASIDENTIFIER='%N'
>
> CountQuery select NASIDENTIFIER, NASPORT, ACCTSESSIONID from RADONLINE  
> \
> where ACCTSESSIONID = '%{Acct-Session-Id}'
>
>
> </SessionDatabase>
>
>
> <ClientListSQL>
>
>         DBSource        dbi:mysql:radius
>         DBUsername radtest
>         DBAuth ******
>
>         select NASIDENTIFIER,SECRET,IGNOREACCTSIGNATURE,DUPINTERVAL, \
>         DEFAULTREALM,NASTYPE,SNMPCOMMUNITY,LIVINGSTONOFFS, \
>         LIVINGSTONHOLE,FRAMEDGROUPBASEADDRESS, \
>         FRAMEDGROUPMAXPORTSPERCLASSC,REWRITEUSERNAME, \
>         NOIGNOREDUPLICATES from RADCLIENTLIST
>
>
> </ClientListSQL>
> <AuthBy UNIX>
>
>         DefaultSimultaneousUse 1
>         Identifier System
>         Filename /etc/shadow
>
> </AuthBy>
>
> <AuthBy LDAP2>
>                 DefaultSimultaneousUse 1
>                 Identifier LDAP
>                 Host    127.0.0.1
>                 Port    389
>                 AuthDN  uid=searchuser,dc=domain,dc=net
>                 AuthPassword    *****
>                 BaseDN  %0=%1,ou=people,dc=domain,dc=net
>                 Scope   base
>                 UsernameAttr    uid
>                 PasswordAttr    userPassword
>                 HoldServerConnection
>                 SearchFilter (&(gecos=active)(uid=%1))
>                 AuthAttrDef gidNumber, gid-attr, request
>                 DefaultReply  
> Service-Type=Framed-User,Framed-Protocol=PPP
> </AuthBy>
> <AuthBy SQL>
>         NoDefault
>         DefaultSimultaneousUse 1
>         Identifier CheckSQL
>
>         DBSource        dbi:mysql:radius:domain
>         DBUsername radtest
>         DBAuth *******
>
>
>                 AccountingTable ACCOUNTING
>                 AcctColumnDef   USERNAME,User-Name
>                 AcctColumnDef   TIME_STAMP,Timestamp,integer
>                 AcctColumnDef   ACCTSTATUSTYPE,Acct-Status-Type
>                 AcctColumnDef   ACCTDELAYTIME,Acct-Delay-Time,integer
>                 AcctColumnDef    
> ACCTINPUTOCTETS,Acct-Input-Octets,integer
>                 AcctColumnDef
> ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
>                 AcctColumnDef   ACCTSESSIONID,Acct-Session-Id
>                 AcctColumnDef    
> ACCTSESSIONTIME,Acct-Session-Time,integer
>                 AcctColumnDef   ACCTTERMINATECAUSE,Acct-Terminate-Cause
>                 AcctColumnDef   NASIDENTIFIER,NAS-Identifier
>                 AcctColumnDef   NASPORT,NAS-Port,integer
>                 AcctColumnDef   FRAMEDIPADDRESS,Framed-IP-Address
>
>         AuthSelect select PASSWORD, CHECKATTR, REPLYATTR \
>        from SUBSCRIBERS \
>       where USERNAME=%0
>
> AuthColumnDef 0, User-Password, check
> AuthColumnDef 1, GENERIC, check
> AuthColumnDef 2, GENERIC, reply
>                DefaultReply  
> Service-Type=Framed-User,Framed-Protocol=PPP
>
>
> </AuthBy>
> <Realm DEFAULT>
> RewriteUsername s/^([^@]+).*/$1/
>
>
>  PostAuthHook file:"%D/postHook"
>         AcctLogFileName %L/%N/detail
>
>
>
>         #AuthByPolicy ContinueWhileReject
>         AuthByPolicy    ContinueUntilAccept
>         AuthBy LDAP
>         AuthBy CheckSQL
>         AuthBy System
>
>
> </Realm>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list