(RADIATOR) Redback Static IP Problem
Hugh Irvine
hugh at open.com.au
Fri Aug 29 18:49:54 CDT 2003
Hello AL -
This is what your configuration file is set up to return to the NAS:
> *** Sending to 64.91.105.5 port 1812 ....
> Code: Access-Accept
> Identifier: 107
> Authentic: mp}<198><236><229><167>/<153><179>m<189><149>z<31>d
> Attributes:
> Service-Type = Framed-User
> Framed-Protocol = PPP
What other attributes do you want to send? And how do you want to
manage those attributes?
regards
Hugh
On Saturday, Aug 30, 2003, at 06:06 Australia/Melbourne, Charles
Alexander McCain wrote:
> Hello,
>
> I'm having an issue with my redbacks. They cannot allocate ip
> addresses.
> In my trace 4, i notice that the user is not getting the attributes
> they
> need.
> How can this be fixed?
>
> Here is my config and trace4
>
> Thanks,
> AL
>
> ---------
> Fri Aug 29 14:08:30 2003: DEBUG: Packet dump:
> *** Received from 1.2.3.4 port 1812 ....
> Code: Access-Request
> Identifier: 107
> Authentic: mp}<198><236><229><167>/<153><179>m<189><149>z<31>d
> Attributes:
> User-Name = "user"
> User-Password =
> "~~1<223><156><248><145><196><250><0>W<219><246><204><21>:"
> NAS-Identifier = "rb"
> NAS-IP-Address = 1.2.3.4
> RB-NAS-Real-Port = 402850582
> Service-Type = Framed-User
> Framed-Protocol = PPP
> NAS-Port = 3892318919
> Connect-Info = "ubrc"
>
> Fri Aug 29 14:08:30 2003: DEBUG: Rewrote user name to user
> Fri Aug 29 14:08:30 2003: DEBUG: Rewrote user name to user
> Fri Aug 29 14:08:30 2003: DEBUG: Rewrote user name to user
> Fri Aug 29 14:08:30 2003: DEBUG: Rewrote user name to user
> Fri Aug 29 14:08:30 2003: ERR: Error while rewriting username user:
> syntax
> error at (eval 1787) line 2, at EOF
>
> Fri Aug 29 14:08:30 2003: DEBUG: Rewrote user name to user
> Fri Aug 29 14:08:30 2003: ERR: Error in PreHandlerHook(): Can't use
> string
> ("") as a subroutine ref while "strict refs" in use at
> /usr/local/lib/perl5/site_perl/5.6.1/Radius/Client.pm line 338.
>
> Fri Aug 29 14:08:30 2003: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
> Fri Aug 29 14:08:30 2003: DEBUG: Rewrote user name to user
> Fri Aug 29 14:08:30 2003: DEBUG: SQLS Deleting session for user,
> 1.2.3.4,
> 3892318919
> Fri Aug 29 14:08:30 2003: DEBUG: do query is: delete from RADONLINE
> where
> USERNAME = 'user' and NASIDENTIFIER='1.2.3.4' and NASPORT='3892318919'
>
> Fri Aug 29 14:08:30 2003: DEBUG: Handling with Radius::AuthLDAP2
> Fri Aug 29 14:08:30 2003: DEBUG: Attempting to bind with
> uid=searchuser,dc=domain,dc=net, password
> Fri Aug 29 14:08:30 2003: DEBUG: LDAP got result for
> uid=user,ou=People,dc=domain,dc=net
> Fri Aug 29 14:08:30 2003: DEBUG: LDAP got userPassword:
> {crypt}cgoHd/FmCIXh.
> Fri Aug 29 14:08:30 2003: DEBUG: LDAP got gidNumber: 3010
> Fri Aug 29 14:08:30 2003: DEBUG: Radius::AuthLDAP2 looks for match with
> user
> Fri Aug 29 14:08:30 2003: DEBUG: Query is: select NASIDENTIFIER,
> NASPORT,
> ACCTSESSIONID, FRAMEDIPADDRESS from RADONLINE where USERNAME='user'
>
> Fri Aug 29 14:08:30 2003: DEBUG: Radius::AuthLDAP2 ACCEPT:
> Fri Aug 29 14:08:30 2003: DEBUG: Access accepted for user
> Fri Aug 29 14:08:30 2003: DEBUG: Packet dump:
> *** Sending to 64.91.105.5 port 1812 ....
> Code: Access-Accept
> Identifier: 107
> Authentic: mp}<198><236><229><167>/<153><179>m<189><149>z<31>d
> Attributes:
> Service-Type = Framed-User
> Framed-Protocol = PPP
>
> -----------------------------------------------------------------------
> ----
>
> #Foreground
> #LogStdout
> LogDir /var/adm/radacct
> DbDir /etc/raddb
> PreHandlerHook file:"%D/prehook"
>
> SnmpgetProg /usr/local/bin/snmpget
> Trace 4
> RewriteUsername s/^([^@]+)\@domain.net/$1/
> RewriteUsername s/^([^@]+)\@domain.net/$1/
> RewriteUsername s/\s+//g
> RewriteUsername tr/A-Z/a-z/
> <Client DEFAULT>
>
> Secret ******
> DupInterval 0
>
> </Client>
>
> <SessionDatabase SQL>
>
> DBSource dbi:mysql:radius:host
> DBUsername radtest
> DBAuth ******
> Identifier SQLS
>
> AddQuery insert into RADONLINE (USERNAME,\
> NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,\
> FRAMEDIPADDRESS, NASPORTTYPE, SERVICETYPE,DNIS) \
> values ('%n', '%N',\
> '%{NAS-Port}', '%{Acct-Session-Id}', '%o',\
> '%{Framed-IP-Address}', '%{NAS-Port-Type}',\
> '%{Service-Type}','%{Called-Station-Id}')
>
>
> DeleteQuery delete from RADONLINE where \
> USERNAME = '%n' and NASIDENTIFIER='%N' \
> and NASPORT='%{NAS-Port}'
>
> ClearNasQuery delete from RADONLINE where NASIDENTIFIER='%N'
>
> CountQuery select NASIDENTIFIER, NASPORT, ACCTSESSIONID from RADONLINE
> \
> where ACCTSESSIONID = '%{Acct-Session-Id}'
>
>
> </SessionDatabase>
>
>
> <ClientListSQL>
>
> DBSource dbi:mysql:radius
> DBUsername radtest
> DBAuth ******
>
> select NASIDENTIFIER,SECRET,IGNOREACCTSIGNATURE,DUPINTERVAL, \
> DEFAULTREALM,NASTYPE,SNMPCOMMUNITY,LIVINGSTONOFFS, \
> LIVINGSTONHOLE,FRAMEDGROUPBASEADDRESS, \
> FRAMEDGROUPMAXPORTSPERCLASSC,REWRITEUSERNAME, \
> NOIGNOREDUPLICATES from RADCLIENTLIST
>
>
> </ClientListSQL>
> <AuthBy UNIX>
>
> DefaultSimultaneousUse 1
> Identifier System
> Filename /etc/shadow
>
> </AuthBy>
>
> <AuthBy LDAP2>
> DefaultSimultaneousUse 1
> Identifier LDAP
> Host 127.0.0.1
> Port 389
> AuthDN uid=searchuser,dc=domain,dc=net
> AuthPassword *****
> BaseDN %0=%1,ou=people,dc=domain,dc=net
> Scope base
> UsernameAttr uid
> PasswordAttr userPassword
> HoldServerConnection
> SearchFilter (&(gecos=active)(uid=%1))
> AuthAttrDef gidNumber, gid-attr, request
> DefaultReply
> Service-Type=Framed-User,Framed-Protocol=PPP
> </AuthBy>
> <AuthBy SQL>
> NoDefault
> DefaultSimultaneousUse 1
> Identifier CheckSQL
>
> DBSource dbi:mysql:radius:domain
> DBUsername radtest
> DBAuth *******
>
>
> AccountingTable ACCOUNTING
> AcctColumnDef USERNAME,User-Name
> AcctColumnDef TIME_STAMP,Timestamp,integer
> AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
> AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
> AcctColumnDef
> ACCTINPUTOCTETS,Acct-Input-Octets,integer
> AcctColumnDef
> ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
> AcctColumnDef ACCTSESSIONID,Acct-Session-Id
> AcctColumnDef
> ACCTSESSIONTIME,Acct-Session-Time,integer
> AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
> AcctColumnDef NASIDENTIFIER,NAS-Identifier
> AcctColumnDef NASPORT,NAS-Port,integer
> AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
>
> AuthSelect select PASSWORD, CHECKATTR, REPLYATTR \
> from SUBSCRIBERS \
> where USERNAME=%0
>
> AuthColumnDef 0, User-Password, check
> AuthColumnDef 1, GENERIC, check
> AuthColumnDef 2, GENERIC, reply
> DefaultReply
> Service-Type=Framed-User,Framed-Protocol=PPP
>
>
> </AuthBy>
> <Realm DEFAULT>
> RewriteUsername s/^([^@]+).*/$1/
>
>
> PostAuthHook file:"%D/postHook"
> AcctLogFileName %L/%N/detail
>
>
>
> #AuthByPolicy ContinueWhileReject
> AuthByPolicy ContinueUntilAccept
> AuthBy LDAP
> AuthBy CheckSQL
> AuthBy System
>
>
> </Realm>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>
NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list