(RADIATOR) Re: Radiator on Windows 2000 AuthbyNT hangs (addition)

Hugh Irvine hugh at open.com.au
Sat Feb 22 17:04:06 CST 2003


Hello Nico -

Thanks for keeping us up to date with your testing.

It would be very helpful to see a copy of your configuration file (no  
secrets), together with a more complete trace 4 debug showing what is  
going on with multiple requests and responses.

You should use a packet sniffer to check the actual requests received  
and sent on the wire (I think Windows NT includes one - I don't know  
about 2000).  The port number that is being used by your radius client  
to send the radius request is 49278 as shown below. This is the port  
number that Radiator is sending the response to.

> Sat Feb 22 19:12:16 2003: DEBUG: Packet dump:
> *** Received from 131.211.16.41 port 49278 ....

regards

Hugh


On Sunday, Feb 23, 2003, at 07:01 Australia/Melbourne, Nico de Groot  
wrote:

> First question
>
> I switched to Radiator 3.5 (done a lot of switching lately) This gives  
> some
> more information. And now  Radiator doesn't hang . The logfile records  
> that
> request are received. After that a successful lookup is done en the
> Access-Accept is send (see below). But directly after that new  
> requests are
> received and returned. It seems that the upsteam Radiusserver isn't
> listening or that reverse communication is blocked. Is the port number  
> ok?
> My cfg says 1840.
> Is there anything I can do to to improve or check the reverse  
> communication?
>
> Second question
>
> At least my Radius server is doing the NT lookup correctly. Except, the
> console output gives for a succesfull lookup
>     result  1 error 87
> This error code means ERROR_INVALID_PARAMETER But it is working.
> source :errorcodes
> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/ 
> debug/base/
> system_error_codes.asp
>
> Nico de Groot
> KTU
>
>> From log ----
>
> Sat Feb 22 19:12:16 2003: DEBUG: Packet dump:
> *** Received from 131.211.16.41 port 49278 ....
> Code:       Access-Request
> Identifier: 151
> Authentic:  <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183>
> Attributes:
>  Framed-Protocol = PPP
>  User-Name = "ndegroot at ktu.nl"
>  User-Password =  
> "<157>.<234>.<192><228><1><233><143>+2<3><151><166>4<26>"
>  NAS-Port-Type = Async
>  Calling-Station-Id = "207798110"
>  Called-Station-Id = "877880070"
>  Service-Type = Framed-User
>  NAS-IP-Address = 195.169.131.8
>
> Sat Feb 22 19:12:16 2003: DEBUG: Handling request with Handler
> 'Realm=ktu.nl'
> Sat Feb 22 19:12:16 2003: DEBUG: Rewrote user name to ndegroot
> Sat Feb 22 19:12:16 2003: DEBUG:  Deleting session for ndegroot at ktu.nl,
> 195.169.131.8,
> Sat Feb 22 19:12:16 2003: DEBUG: Handling with Radius::AuthFILE:
> Sat Feb 22 19:12:16 2003: DEBUG: Radius::AuthFILE looks for match with
> ndegroot
> Sat Feb 22 19:12:16 2003: DEBUG: Handling with NT
> Sat Feb 22 19:12:16 2003: DEBUG: Radius::AuthFILE ACCEPT:
> Sat Feb 22 19:12:16 2003: DEBUG: Access accepted for ndegroot
> Sat Feb 22 19:12:16 2003: DEBUG: Packet dump:
> *** Sending to 131.211.16.41 port 49278 ....
> Code:       Access-Accept
> Identifier: 151
> Authentic:  <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183>
> Attributes:
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list