(RADIATOR) Alcatel SMC proxy radius -->Radiator issue (fwd)

Thu Jan 16 16:42:33 CST 2003

Hello Abel -

Your problem is due to your use of "DefaultReply" which only adds the  
attributes if there are *none* there already.

You should use "AddToReply" instead.

<AuthBy FILE>
       Identifier DBcustomer
       Filename %D/db/users-customer

       AddToReply Service-Type=Framed-User,Framed-Protocol=PPP

       RejectEmptyPassword
       DefaultSimultaneousUse 1
</AuthBy>

regards

Hugh

On Thursday, Jan 16, 2003, at 23:37 Australia/Melbourne, Abel Lucano  
wrote:

>
> Hi all,
> I'm  trying to debug the following:
> One proxy-radius (Alcatel-SMC) that forwarding radius authentication  
> and
> accounting packets to Radiator.
>
> The whole conversation is configured to use 1645/1646 ports.
>
> When Alcatel-SMC's proxy radius  send  access-request to Radiator
> this latter sees the packet coming from 1800 or 4248 port(?); radiator
> return this request from 1645 to 1800 or 4248 port.
>
> The SMC side claims that they just are receiving from Radiator the
> Proxy-State (33 binary) attribute but they cannot see basic attributes  
> 6 and
> 7 (Service-Type and Framed-Protocol), and then the ppp connnection  
> drops.
>
> The basic <Handler> includes "DefaultReply" too and the rest is very  
> basic
> working configuration talking with other systems
>
> <AuthBy FILE>
>       Identifier DBcustomer
>       Filename %D/db/users-customer
>       DefaultReply Service-Type=Framed-User,Framed-Protocol=PPP
>       RejectEmptyPassword
>       DefaultSimultaneousUse 1
> </AuthBy>
>
>
> Somebody has seen this kind of problems? (I've not found it searching  
> the
> list archives )
>
>
> I'm including a tcpdump extract of the basic conversation
> (sorry for the XXs, YYs and ZZs; i'm doing a consulting job to others  
> and
> they've not authorized me to show their data)
>
>
> 19:04:46.311731 200.XX.XX.XX.4248 > 200.YY.YY.YY.1645:  rad-access-req  
> 129
> [id 11] Attr[  Proxy_state{....} NAS_ipaddr{200.ZZ.ZZ.ZZ} NAS_port{65}
> NAS_port_type{Sync} User{prueba} [|radius]
>
> 19:04:46.381731 200.YY.YY.YY.1645 > 200.XX.XX.XX.4248:   
> rad-access-accept 26
> [id 11] Attr[  Proxy_state{....} ] (DF)
>
> 19:05:43.641731 200.XX.XX.XX.4248 > 200.YY.YY.YY.1645:  rad-access-req  
> 127
> [id 12] Attr[  Proxy_state{....} NAS_ipaddr{200.ZZ.ZZ.ZZ} NAS_port{66}
> NAS_port_type{Sync} User{prueba} [|radius]
>
> 19:05:44.351731 200.YY.YY.YY.1645 > 200.XX.XX.XX.4248:   
> rad-access-accept 26
> [id 12] Attr[  Proxy_state{....} ] (DF)
>
> Thanks in advance,
> Best regards
>
>
> ----------------------------------------------------------------------- 
> -----
> Abel Lucano
> DECODE SA
> Av Independencia 1355 2B
> TE/FAX +5411 4383 1161
> abel at decode.com.ar
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.