(RADIATOR) DYNADDRESS & ContinueWhileAccept (Looping)
Hugh Irvine
hugh at open.com.au
Wed Jan 22 02:01:42 CST 2003
Hello Cortney -
This looks very odd.
I notice you do not have the address pools defined in the
AddressAllocator SQL clause, so have you checked the table in the
database to make sure that everything is in order? I also don't
understand the queries that are shown when looking for an address -
what version of Radiator are you running?
We don't really have any hints on doing MLPP other than to check the
incoming requests to see how you can distinguish between the different
access requests and configure your Handlers in consequence.
regards
Hugh
On Wednesday, Jan 22, 2003, at 12:07 Australia/Melbourne, Cortney
Thompson wrote:
> I am trying to set up DYNADDRESS authentication. What am I doing
> wrong? This seems fairly simple It is just loops through all the IP's
> in the pool instead of assigning 1 ip, and coming back accepted. I am
> not sure what is going on.
>
> Also, do you have any hints on making this work correctly with MLPP
> and ISDN customers? Reading through the archives I see it mention but
> never a final howto.
>
> Any help is appreciated.
> Cortney
>
>
> Here is a snip of my config file.
> ---------------------------------------
> CONFIG--------------------------------------------
> <AddressAllocator SQL>
> Identifier radpools
> DBSource dbi:Sybase:XXXXXX
> DBUsername
> DBAuth
>
> DefaultLeasePeriod 604800
> LeaseReclaimInterval 86400
>
> </AddressAllocator>
>
> <Handler NAS-IP-Address=XXX.XXX.XXX.XXX>
> AuthByPolicy ContinueWhileAccept
>
> <AuthBy SQL>
> No Default
>
> DBSource dbi:Sybase:xxxx
> DBUsername
> DBAuth
>
> AuthSelect select PASSWORD, CHECKATTR, REPLYATTR from
> AUTHENTICATION where USERNAME='%n'
>
> RejectEmptyPassword
> Timeout 10
>
> #Put a Defualt Simultaneous Use of 1 so Mulit Link is
> not possible unless it is turned on.
> DefaultSimultaneousUse 1
>
> # For testing
> AddToReply PoolHint="test1"
>
> </AuthBy>
>
> <AuthBy DYNADDRESS>
> AddressAllocator radpools
> PoolHint %{Reply:PoolHint}
> # Because we set it above.
> StripFromReply PoolHint
> </AuthBy>
> </Handler>
> ---------------------------------------
> CONFIG---------------------------------------
>
> I get the following logs.... Trace 4.
>
> -------------------------------------------
> LOG-----------------------------------------
> Tue Jan 21 17:47:45 2003: DEBUG: Packet dump:
> *** Received from XXX.XXX.XXX.XXX port 1147 ....
>
> Packet length = 93
> Code: Access-Request
> Identifier: 133
> Authentic: 1234567890123456
> Attributes:
> User-Name = "jdoe"
> Service-Type = Framed-User
> NAS-IP-Address = XXX
> NAS-Port = 1234
> Called-Station-Id = "123456789"
> Calling-Station-Id = "987654321"
> NAS-Port-Type = Async
> User-Password =
> "<171><178><142><153><11>8m@<22><24><229>?Z.<220><238>"
>
> Tue Jan 21 17:47:45 2003: DEBUG: Handling request with Handler
> 'NAS-IP-Address=XXXXXXX
> Tue Jan 21 17:47:45 2003: DEBUG: SDB1 Deleting session for jdoe,
> XXXXXXXXX, 1234
> Tue Jan 21 17:47:45 2003: DEBUG: do query is: delete from RADONLINE
> where USERNAME='jdoe' and NASIDENTIFIER='XXXXXXX' and NASPORT=1234
>
> Tue Jan 21 17:47:46 2003: DEBUG: Handling with Radius::AuthSQL
> Tue Jan 21 17:47:46 2003: DEBUG: Handling with Radius::AuthSQL:
> Tue Jan 21 17:47:46 2003: DEBUG: Query is: select PASSWORD, CHECKATTR,
> REPLYATTR from AUTHENTICATION where USERNAME='jdoe'
>
> Tue Jan 21 17:47:46 2003: DEBUG: Radius::AuthSQL looks for match with
> jdoe
> Tue Jan 21 17:47:46 2003: DEBUG: Query is: select NASIDENTIFIER,
> NASPORT, ACCTSESSIONID from RADONLINE where USERNAME='jdoe'
>
> Tue Jan 21 17:47:46 2003: DEBUG: Radius::AuthSQL ACCEPT:
> Tue Jan 21 17:47:46 2003: DEBUG: Handling with Radius::AuthDYNADDRESS
> Tue Jan 21 17:47:46 2003: DEBUG: Query is: Select TOP 1 time_stamp,
> yiaddr, subnetmask, dnsserver from radpool where pool='test1' and
> state=0 order by time_stamp
>
> Tue Jan 21 17:47:46 2003: DEBUG: do query is: update radpool set
> state=1,time_stamp=1043196466, expiry=1043801266, username='jdoe'
> where YIaddr='204.XXX.XXX.16' and time_stamp is NULL
>
> Tue Jan 21 17:47:47 2003: DEBUG: Query is: Select TOP 1 time_stamp,
> yiaddr, subnetmask, dnsserver from radpool where pool='test1' and
> state=0 order by time_stamp
>
> Tue Jan 21 17:47:47 2003: DEBUG: do query is: update radpool set
> state=1,time_stamp=1043196467, expiry=1043801267, username='jdoe'
> where YIaddr='204.XXX.XXX.17' and time_stamp is NULL
>
> Tue Jan 21 17:47:47 2003: DEBUG: Query is: Select TOP 1 time_stamp,
> yiaddr, subnetmask, dnsserver from radpool where pool='test1' and
> state=0 order by time_stamp
>
> Tue Jan 21 17:47:47 2003: DEBUG: do query is: update radpool set
> state=1,time_stamp=1043196467, expiry=1043801267, username='jdoe'
> where YIaddr='204.XXX.XXX.18' and time_stamp is NULL
>
> Tue Jan 21 17:47:47 2003: DEBUG: Query is: Select TOP 1 time_stamp,
> yiaddr, subnetmask, dnsserver from radpool where pool='test1' and
> state=0 order by time_stamp
>
> Tue Jan 21 17:47:47 2003: DEBUG: do query is: update radpool set
> state=1,time_stamp=1043196467, expiry=1043801267, username='jdoe'
> where YIaddr='204.XXX.XXX.19' and time_stamp is NULL
>
> Tue Jan 21 17:47:47 2003: DEBUG: Query is: Select TOP 1 time_stamp,
> yiaddr, subnetmask, dnsserver from radpool where pool='test1' and
> state=0 order by time_stamp
>
> Tue Jan 21 17:47:47 2003: DEBUG: do query is: update radpool set
> state=1,time_stamp=1043196467, expiry=1043801267, username='jdoe'
> where YIaddr='204.XXX.XXX.20' and time_stamp is NULL
>
> Tue Jan 21 17:47:47 2003: DEBUG: Query is: Select TOP 1 time_stamp,
> yiaddr, subnetmask, dnsserver from radpool where pool='test1' and
> state=0 order by time_stamp
>
> Tue Jan 21 17:47:47 2003: DEBUG: do query is: update radpool set
> state=1,time_stamp=1043196467, expiry=1043801267, username='jdoe'
> where YIaddr='204.XXX.XXX.21' and time_stamp is NULL
>
> Tue Jan 21 17:47:47 2003: DEBUG: Query is: Select TOP 1 time_stamp,
> yiaddr, subnetmask, dnsserver from radpool where pool='test1' and
> state=0 order by time_stamp
>
> Tue Jan 21 17:47:47 2003: DEBUG: do query is: update radpool set
> state=1,time_stamp=1043196467, expiry=1043801267, username='jdoe'
> where YIaddr='204.XXX.XXX.22' and time_stamp is NULL
>
> Tue Jan 21 17:47:48 2003: DEBUG: Query is: Select TOP 1 time_stamp,
> yiaddr, subnetmask, dnsserver from radpool where pool='test1' and
> state=0 order by time_stamp
>
> Tue Jan 21 17:47:48 2003: INFO: Access rejected for jdoe: No available
> addresses
> Tue Jan 21 17:47:48 2003: WARNING: No such attribute PoolHint
> Tue Jan 21 17:47:48 2003: DEBUG: Packet dump:
> *** Sending to 192.168.2.114 port 1147 ....
>
> Packet length = 36
> Code: Access-Reject
> Identifier: 133
> Authentic: 1234567890123456
> Attributes:
> PoolHint = test1
> Reply-Message = "Request Denied"
> ---------------------------------LOG---------------------------------
>
>
>
>
> Cortney Thompson
> Cortney at wyoming.com
>
> Opinions are mine and do not necessarily reflect
> those of wyoming.com LLC
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list