(RADIATOR) multiple cisco-avpair problem
mikem at open.com.au
Mon Jun 2 18:18:09 CDT 2003
I have just tested your config here with Radaitor 3.6 and it works fine: both
cisco-avpairs get into the reply and are returned to the client. What version
of Radiator are you on?
On Tue, 3 Jun 2003 01:03 am, Igor Briski wrote:
> Hi all!
> I've been having problems using cisco-avpair reply attributes in my
> radiator config. I've read all the notes, searched the archives but
> still can't get the bloody thing to work.
> This is my current config:
> <AuthBy FILE>
> Identifier AuthUsersFilter
> Filename %D/users
> AddToReplyIfNotExist Service-Type=Framed-User, \
> Framed-Protocol=PPP, \
> Framed-IP-Address=255.255.255.254, \
> Framed-IP-Netmask=255.255.255.255, \
> Framed-Routing=None, \
> AddToReply \
> cisco-avpair = "ip:inacl#5=permit ip any 18.104.22.168
> 0.0.0.255", \
> cisco-avpair = "ip:inacl#99=deny ip any any"
> This returns only the first cisco-avpair attribute, the second one gets
> lost. I've also tried to add this cisco-avpair attributes to my users
> file and still the same.
> The reply I get from radpwtest is:
> Code: Access-Accept
> Identifier: 147
> Authentic: $?i@<143><175><214><221><178>x<205><3>9<247>$<166>
> cisco-avpair = "ip:inacl#5=permit ip any 22.214.171.124 0.0.0.255"
> Service-Type = Framed-User
> Framed-Protocol = PPP
> Framed-IP-Address = 255.255.255.254
> Framed-IP-Netmask = 255.255.255.255
> Framed-Routing = None
> Framed-Compression = Van-Jacobson-TCP-IP
> Framed-MTU = 1500
> As you can see, the second attribute did not get to my client (or is it
> stripped by radpwtst?).
> Has anyone used cisco ACLs with Radiator? How could this be fixed? Is
> there any way to get Radiator to send both attributes regardles of the
> fact that they have the same name?
Mike McCauley mikem at open.com.au
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP etc on Unix, Windows, MacOS etc.
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator