(RADIATOR) Multiple Accounting DBs, Single Auth DB.

Tue Jul 8 17:17:19 CDT 2003

The problem is that you have the two RADIUS servers in seperate AuthBy
RADIUS clauses. The AuthBy RADIUS module will accept more than one host and
try them in the order specified until it gets a response, see section 6.29
in the documentation for more details. Try this->

<AuthBy RADIUS>
	#  Customer's Primary RADIUS server
	Host XXX.XXX.XXX.101
	#  Customer's Secondary RADIUS server
	Host XXX.XXX.XXX.102
	Secret sharedsecret
	AuthPort 1645 
	AcctPort 1646 
	StripFromRequest NAS-Port-Id,NAS-Port-Type
	ReplyHook sub { ${$_[1]}->delete_attr('Framed-IP-Address'); }
	LocalAddress XX.XX.XX.XXX
</AuthBy>

Then you should be able to use ContinueWhileAccept without a problem.

Frank Danielson
[Infrastructure Architect]

voice:407.515.8633
fax:407.515.9001

ClearSky Mobile Media, Inc.
56 E. Pine St. Suite 200
Orlando, FL 32801
USA

-----Original Message-----
From: Kevin McKee [mailto:kevin at nw-tel.com]
Sent: Tuesday, July 08, 2003 5:18 PM
To: radiator at open.com.au
Subject: (RADIATOR) Multiple Accounting DBs, Single Auth DB.

Hi,

I'm trying to create a handler that will authenticate a user by the first
RADIUS proxy that responds, but then sends Accounting packets to that RADIUS
proxy and an additional SQL server.

I have included the handler I am currently working with.  My problem is that
Accounting packets are being caught by the AuthBy SQL clause and are not
passing to the AuthBy RADIUS clauses.  If I change the AuthByPolicy to
ContinueWhileAccept, then it will authenticate and send accounting to both
of the AuthBy RADIUS clauses, and I want it to only go out to the first
responding one.

Any ideas how to do this?

Thanks,

-------------------------        _   _
Kevin McKee, Network Mgr   _ __ | |_(_)
Northwest Telephone, Inc. | '_ \| __| |
Tel: +1 509 661 2000 x112 | | | | |_| |
Fax: +1 509 661 2020      |_| |_|\__|_|

------------------------------------------------------------------------

<Handler Called-Station-Id=/XXXXXX0095|XXXXXX0096/>
        #
        # Sample Handler
        #
        MaxSessions 1
        AcctLogFileName %L/%Y%m%d-XXXXXX-detail
        SessionDatabase XXXX
        RejectHasReason
        <AuthBy SQL>
                #  Accounting only Database
                #  Needs a copy of the Accounting packets
                DateFormat %Y-%m-%d %H:%M:%S
                DBSource dbi:mysql:XXXXXX:XX.XX.XX.XXX
                DBUsername XXXX
                DBAuth XXXX
                IgnoreAuthentication
                AccountingStopsOnly
                AccountingTable  ACCOUNTING%Y%m
                AcctColumnDef    USERNAME,User-Name
                AcctColumnDef    TIME_STAMP,Timestamp,integer-date
                AcctColumnDef    ACCTSTATUSTYPE,Acct-Status-Type
                AcctColumnDef    ACCTDELAYTIME,Acct-Delay-Time,integer
                AcctColumnDef    ACCTINPUTOCTETS,Acct-Input-Octets,integer
                AcctColumnDef    ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
                AcctColumnDef    ACCTSESSIONID,Acct-Session-Id
                AcctColumnDef    ACCTSESSIONTIME,Acct-Session-Time,integer
                AcctColumnDef    NASPORT,NAS-Port,integer
                AcctColumnDef    FRAMEDIPADDRESS,Framed-IP-Address
                AcctColumnDef    NASIPADDRESS,NAS-IP-Address
                AcctColumnDef
ASCENDDISCONNECTCAUSE,Ascend-Disconnect-Cause
                AcctColumnDef
ASCENDCONNECTPROGRESS,Ascend-Connect-Progress
                AcctColumnDef    ASCENDXMITRATE,Ascend-Xmit-Rate,Integer
                AcctColumnDef    ASCENDDATARATE,Ascend-Data-Rate,Integer
                AcctColumnDef    CALLINGSTATIONID,Calling-Station-Id
                AcctColumnDef    CALLEDSTATIONID,Called-Station-Id
                AcctColumnDef    ISP,"XXXXX",literal
                AcctFailedLogFileName %L/detail.newdb
        </AuthBy>        
        <AuthBy RADIUS>
                #  Customer's Primary RADIUS server
                Host XXX.XXX.XXX.101
                Secret sharedsecret
                AuthPort 1645 
                AcctPort 1646 
                StripFromRequest NAS-Port-Id,NAS-Port-Type
                ReplyHook sub { ${$_[1]}->delete_attr('Framed-IP-Address');
}
                LocalAddress XX.XX.XX.XXX
        </AuthBy>
       <AuthBy RADIUS>
                #  Customer's Backup RADIUS server
                Host XXX.XXX.XXX.102
                Secret sharedsecret
                AuthPort 1645
                AcctPort 1646
                StripFromRequest NAS-Port-Id,NAS-Port-Type
                ReplyHook sub { ${$_[1]}->delete_attr('Framed-IP-Address');
}
                LocalAddress XX.XX.XX.XXX
        </AuthBy>
</Handler>

-------------------------------------------------------------
This email and the files transmitted with it are confidential
and intended solely for the use of the individual or entity to 
which they are addressed. If you have received this email in
error, please notify the sender.

This footnote also confirms that this email message
and attachments have been scanned for the presence 
of computer viruses.
-------------------------------------------------------------

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.