(RADIATOR) Alcatel SMC proxy radius -->Radiator issue (fwd)

Mon Jan 20 20:09:09 CST 2003

Indeed, it works smoothly.
Radiator  is incredibly adaptative to cover a lot of possible situations
Thanks Hugh for your fine support as always.

Best regards
--Abel

On Fri, 17 Jan 2003, Hugh Irvine wrote:

>
> Hello Abel -
>
> Your problem is due to your use of "DefaultReply" which only adds the
> attributes if there are *none* there already.
>
> You should use "AddToReply" instead.
>
> <AuthBy FILE>
>        Identifier DBcustomer
>        Filename %D/db/users-customer
>
>        AddToReply Service-Type=Framed-User,Framed-Protocol=PPP
>
>        RejectEmptyPassword
>        DefaultSimultaneousUse 1
> </AuthBy>
>
>
> regards
>
> Hugh
>
>
> On Thursday, Jan 16, 2003, at 23:37 Australia/Melbourne, Abel Lucano
> wrote:
>
> >
> > Hi all,
> > I'm  trying to debug the following:
> > One proxy-radius (Alcatel-SMC) that forwarding radius authentication
> > and
> > accounting packets to Radiator.
> >
> > The whole conversation is configured to use 1645/1646 ports.
> >
> > When Alcatel-SMC's proxy radius  send  access-request to Radiator
> > this latter sees the packet coming from 1800 or 4248 port(?); radiator
> > return this request from 1645 to 1800 or 4248 port.
> >
> > The SMC side claims that they just are receiving from Radiator the
> > Proxy-State (33 binary) attribute but they cannot see basic attributes
> > 6 and
> > 7 (Service-Type and Framed-Protocol), and then the ppp connnection
> > drops.
> >
> > The basic <Handler> includes "DefaultReply" too and the rest is very
> > basic
> > working configuration talking with other systems
> >
> > <AuthBy FILE>
> >       Identifier DBcustomer
> >       Filename %D/db/users-customer
> >       DefaultReply Service-Type=Framed-User,Framed-Protocol=PPP
> >       RejectEmptyPassword
> >       DefaultSimultaneousUse 1
> > </AuthBy>
> >
> >
> > Somebody has seen this kind of problems? (I've not found it searching
> > the
> > list archives )
> >
> >
> > I'm including a tcpdump extract of the basic conversation
> > (sorry for the XXs, YYs and ZZs; i'm doing a consulting job to others
> > and
> > they've not authorized me to show their data)
> >
> >
> > 19:04:46.311731 200.XX.XX.XX.4248 > 200.YY.YY.YY.1645:  rad-access-req
> > 129
> > [id 11] Attr[  Proxy_state{....} NAS_ipaddr{200.ZZ.ZZ.ZZ} NAS_port{65}
> > NAS_port_type{Sync} User{prueba} [|radius]
> >
> > 19:04:46.381731 200.YY.YY.YY.1645 > 200.XX.XX.XX.4248:
> > rad-access-accept 26
> > [id 11] Attr[  Proxy_state{....} ] (DF)
> >
> > 19:05:43.641731 200.XX.XX.XX.4248 > 200.YY.YY.YY.1645:  rad-access-req
> > 127
> > [id 12] Attr[  Proxy_state{....} NAS_ipaddr{200.ZZ.ZZ.ZZ} NAS_port{66}
> > NAS_port_type{Sync} User{prueba} [|radius]
> >
> > 19:05:44.351731 200.YY.YY.YY.1645 > 200.XX.XX.XX.4248:
> > rad-access-accept 26
> > [id 12] Attr[  Proxy_state{....} ] (DF)
> >
> > Thanks in advance,
> > Best regards
> >
> >
> > -----------------------------------------------------------------------
> > -----
> > Abel Lucano
> > DECODE SA
> > Av Independencia 1355 2B
> > TE/FAX +5411 4383 1161
> > abel at decode.com.ar
> >
> > ===
> > Archive at http://www.open.com.au/archives/radiator/
> > Announcements on radiator-announce at open.com.au
> > To unsubscribe, email 'majordomo at open.com.au' with
> > 'unsubscribe radiator' in the body of the message.
> >
> >
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.