(RADIATOR) Multiple Accounting DBs, Single Auth DB.
Frank Danielson
fdanielson at csky.com
Tue Jul 8 17:17:19 CDT 2003
The problem is that you have the two RADIUS servers in seperate AuthBy
RADIUS clauses. The AuthBy RADIUS module will accept more than one host and
try them in the order specified until it gets a response, see section 6.29
in the documentation for more details. Try this->
<AuthBy RADIUS>
# Customer's Primary RADIUS server
Host XXX.XXX.XXX.101
# Customer's Secondary RADIUS server
Host XXX.XXX.XXX.102
Secret sharedsecret
AuthPort 1645
AcctPort 1646
StripFromRequest NAS-Port-Id,NAS-Port-Type
ReplyHook sub { ${$_[1]}->delete_attr('Framed-IP-Address'); }
LocalAddress XX.XX.XX.XXX
</AuthBy>
Then you should be able to use ContinueWhileAccept without a problem.
Frank Danielson
[Infrastructure Architect]
voice:407.515.8633
fax:407.515.9001
ClearSky Mobile Media, Inc.
56 E. Pine St. Suite 200
Orlando, FL 32801
USA
-----Original Message-----
From: Kevin McKee [mailto:kevin at nw-tel.com]
Sent: Tuesday, July 08, 2003 5:18 PM
To: radiator at open.com.au
Subject: (RADIATOR) Multiple Accounting DBs, Single Auth DB.
Hi,
I'm trying to create a handler that will authenticate a user by the first
RADIUS proxy that responds, but then sends Accounting packets to that RADIUS
proxy and an additional SQL server.
I have included the handler I am currently working with. My problem is that
Accounting packets are being caught by the AuthBy SQL clause and are not
passing to the AuthBy RADIUS clauses. If I change the AuthByPolicy to
ContinueWhileAccept, then it will authenticate and send accounting to both
of the AuthBy RADIUS clauses, and I want it to only go out to the first
responding one.
Any ideas how to do this?
Thanks,
------------------------- _ _
Kevin McKee, Network Mgr _ __ | |_(_)
Northwest Telephone, Inc. | '_ \| __| |
Tel: +1 509 661 2000 x112 | | | | |_| |
Fax: +1 509 661 2020 |_| |_|\__|_|
------------------------------------------------------------------------
<Handler Called-Station-Id=/XXXXXX0095|XXXXXX0096/>
#
# Sample Handler
#
MaxSessions 1
AcctLogFileName %L/%Y%m%d-XXXXXX-detail
SessionDatabase XXXX
RejectHasReason
<AuthBy SQL>
# Accounting only Database
# Needs a copy of the Accounting packets
DateFormat %Y-%m-%d %H:%M:%S
DBSource dbi:mysql:XXXXXX:XX.XX.XX.XXX
DBUsername XXXX
DBAuth XXXX
IgnoreAuthentication
AccountingStopsOnly
AccountingTable ACCOUNTING%Y%m
AcctColumnDef USERNAME,User-Name
AcctColumnDef TIME_STAMP,Timestamp,integer-date
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AcctColumnDef NASIPADDRESS,NAS-IP-Address
AcctColumnDef
ASCENDDISCONNECTCAUSE,Ascend-Disconnect-Cause
AcctColumnDef
ASCENDCONNECTPROGRESS,Ascend-Connect-Progress
AcctColumnDef ASCENDXMITRATE,Ascend-Xmit-Rate,Integer
AcctColumnDef ASCENDDATARATE,Ascend-Data-Rate,Integer
AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
AcctColumnDef CALLEDSTATIONID,Called-Station-Id
AcctColumnDef ISP,"XXXXX",literal
AcctFailedLogFileName %L/detail.newdb
</AuthBy>
<AuthBy RADIUS>
# Customer's Primary RADIUS server
Host XXX.XXX.XXX.101
Secret sharedsecret
AuthPort 1645
AcctPort 1646
StripFromRequest NAS-Port-Id,NAS-Port-Type
ReplyHook sub { ${$_[1]}->delete_attr('Framed-IP-Address');
}
LocalAddress XX.XX.XX.XXX
</AuthBy>
<AuthBy RADIUS>
# Customer's Backup RADIUS server
Host XXX.XXX.XXX.102
Secret sharedsecret
AuthPort 1645
AcctPort 1646
StripFromRequest NAS-Port-Id,NAS-Port-Type
ReplyHook sub { ${$_[1]}->delete_attr('Framed-IP-Address');
}
LocalAddress XX.XX.XX.XXX
</AuthBy>
</Handler>
-------------------------------------------------------------
This email and the files transmitted with it are confidential
and intended solely for the use of the individual or entity to
which they are addressed. If you have received this email in
error, please notify the sender.
This footnote also confirms that this email message
and attachments have been scanned for the presence
of computer viruses.
-------------------------------------------------------------
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list