(RADIATOR) Re: Framed-IP-Address in start record.
Hugh Irvine
hugh at open.com.au
Thu May 15 03:19:34 CDT 2003
Hello Rabbie -
Either you or the other ISP can use the Class attribute to carry a copy
of the Framed-IP-Address, then you can use a hook to add the
Framed-IP-Address to the accounting requests if required. There is an
example in the file "goodies/hooks.txt" which does a similar thing with
the User-Name and you can easily modify it for this purpose.
regards
Hugh
On Thursday, May 15, 2003, at 15:00 Australia/Melbourne, Rabbie Zalaf
wrote:
> Hello All,
>
>
>
> We are using Optus virtual ports and have a Proxy RADIUS server
> authenticating to other ISP's. (I have included configs and pasted
> logs below).
>
>
>
> My problem is that when the ISP sends back a Framed-IP-Address, we
> accept it and forward it back to Optus where it gets accepted, but I
> need the same IP to go back to the ISP in the Start record!
>
>
>
> Currently, the ISP wont see the Framed-Ip-Address come back to them
> until the first live packet (accounting packet) comes back, 15 minutes
> into the connection.
>
>
>
> Any help would be greately appreciated.
>
>
>
> Thanks.
>
>
>
> Kind Regards,
>
> Rabbie Zalaf
>
> Network Consultant
>
> Leading Edge Internet
>
> 02 9497 4024
>
> http://www.leadingedgeinternet.net.au
>
>
>
>
>
>
>
> Tue May 1309:11:372003: WARNING: Unknown reply received in AuthRADIUS
> for request 117 from 202.129.116.51:1813
>
> Tue May 1309:11:382003: DEBUG: Packet dump:
>
> *** Received from 202.78.47.254 port 1645 ....
>
> Code: Access-Request
>
> Identifier: 236
>
> Authentic: <244>y,C<163>!<174>}y<189><194>uL<160><3><29>
>
> Attributes:
>
> NAS-IP-Address = 202.78.47.254
>
> NAS-Port = 10
>
> NAS-Port-Type = Virtual
>
> User-Name = "rabbieihug at leadingedgeinternet.com.au"
>
> Called-Station-Id = "0198331390"
>
> Calling-Station-Id = "0297857745"
>
> CHAP-Password =
> <14><252>M<151><127>:<184>U<211>,w<152>/<4><236><156><10>
>
> Service-Type = Framed-User
>
> Framed-Protocol = PPP
>
>
>
> Tue May 1309:11:382003: DEBUG: Handling request with Handler
> 'Client-Identifier=Optus'
>
> Tue May 1309:11:382003: DEBUG: optusonline Deleting session for
> rabbieihug at leadingedgeinternet.com.au, 202.78.47.254, 10
>
> Tue May 1309:11:382003: DEBUG: do query is: delete from optusONLINE
> where USERNAME='rabbieihug at leadingedgeinternet.com.au' and NASIDENT
>
> IFIER='202.78.47.254' and NASPORT='10'
>
>
>
> Tue May 1309:11:382003: DEBUG: Handling with Radius::AuthRADIUS
>
> Tue May 1309:11:382003: DEBUG: Query is: SELECT HOST1, SECRET,
> AUTHPORT, ACCTPORT, RETRIES, RETRYTIMEOUT, USEOLDASCENDPASSWORDS, > SERVE
>
> RHASBROKENPORTNUMBERS, SERVERHASBROKENADDRESSES, IGNOREREPLYSIGNATURE,
> FAILUREPOLICY FROM RADSQLRADIUS_REALM WHERE REALM = 'leadinge
>
> dgeinternet.com.au'
>
>
>
> Tue May 1309:11:382003: DEBUG: Packet dump:
>
> *** Sending to 203.220.22.200 port 1812 ....
>
> Code: Access-Request
>
> Identifier: 229
>
> Authentic: <244>y,C<163>!<174>}y<189><194>uL<160><3><29>
>
> Attributes:
>
> NAS-IP-Address = 202.78.47.254
>
> NAS-Port = 10
>
> NAS-Port-Type = Virtual
>
> User-Name = "rabbieihug at leadingedgeinternet.com.au"
>
> Called-Station-Id = "0198331390"
>
> Calling-Station-Id = "0297857745"
>
> CHAP-Password =
> <14><252>M<151><127>:<184>U<211>,w<152>/<4><236><156><10>
>
> Service-Type = Framed-User
>
> Framed-Protocol = PPP
>
>
>
>
>
> Tue May 1309:11:382003: DEBUG: Packet dump:
>
> *** Received from 203.220.22.200 port 1812 ....
>
> Code: Access-Accept
>
> Identifier: 229
>
> Authentic: <230><165>l{[K<169><181>j|A<12><215>$n)
>
> Attributes:
>
> Service-Type = Framed-User
>
> Framed-IP-Address = 203.109.184.17
>
> Framed-IP-Netmask = 255.255.255.248
>
> Framed-Protocol = PPP
>
> Framed-MTU = 1500
>
> Framed-Compression = Van-Jacobson-TCP-IP
>
>
>
> Tue May 1309:11:382003: DEBUG: Received reply in AuthRADIUS for req
> 229 from 203.220.22.200:1812
>
> Tue May 1309:11:382003: DEBUG: Using Identifier AllocateIPAddress
>
> Tue May 1309:11:382003: DEBUG: Found AuthBy with Identifier
> AllocateIPAddress
>
> Tue May 1309:11:382003: DEBUG: Handling with Radius::AuthDYNADDRESS
>
> Tue May 1309:11:382003: DEBUG: Access accepted for
> rabbieihug at leadingedgeinternet.com.au
>
> Tue May 1309:11:382003: DEBUG: Packet dump:
>
> *** Sending to 202.78.47.254 port 1645 ....
>
> Code: Access-Accept
>
> Identifier: 236
>
> Authentic: <244>y,C<163>!<174>}y<189><194>uL<160><3><29>
>
> Attributes:
>
> Service-Type = Framed-User
>
> Framed-IP-Address = 203.109.184.17
>
> Framed-IP-Netmask = 255.255.255.248
>
> Framed-Protocol = PPP
>
> Framed-MTU = 1500
>
> Framed-Compression = Van-Jacobson-TCP-IP
>
>
>
> Tue May 1309:11:382003: DEBUG: Packet dump:
>
> *** Received from 202.78.47.254 port 1646 ....
>
> Code: Accounting-Request
>
> Identifier: 237
>
> Authentic: <23>Et;<172>,<210><24><17><5>><147><204><194>G<24>
>
> Attributes:
>
> NAS-IP-Address = 202.78.47.254
>
> NAS-Port = 10
>
> NAS-Port-Type = Virtual
>
> User-Name = "rabbieihug at leadingedgeinternet.com.au"
>
> Called-Station-Id = "0198331390"
>
> Calling-Station-Id = "0297857745"
>
> Acct-Status-Type = Start
>
> Acct-Authentic = RADIUS
>
> Service-Type = Framed-User
>
> Acct-Session-Id = "0000399F"
>
> Framed-Protocol = PPP
>
> Tunnel-Server-Endpoint = 54:1.88.141.190
>
> Tunnel-Client-Endpoint = 50:11.28.101.254
>
> Tunnel-Client-Auth-ID = 76:EI7206-1
>
> Tunnel-Server-Auth-ID = 111:ptlei90
>
> Tunnel-ID = 55:
>
> Acct-Delay-Time = 0
>
>
>
> Tue May 1309:11:382003: DEBUG: Handling request with Handler
> 'Client-Identifier=Optus'
>
> Tue May 1309:11:382003: DEBUG: optusonline Adding session for
> rabbieihug at leadingedgeinternet.com.au, 202.78.47.254, 10
>
> Tue May 1309:11:382003: DEBUG: do query is: delete from optusONLINE
> where USERNAME='rabbieihug at leadingedgeinternet.com.au' and NASIDENT
>
> IFIER='202.78.47.254' and NASPORT='10'
>
>
>
> Tue May 1309:11:382003: DEBUG: do query is: insert into optusONLINE
> (USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID, FRAMEDADDRESS, Ac
>
> cInputOctets, AccOutputOctets, SERVICETYPE,NASPortDNIS,REALM,CallerID)
> values ('rabbieihug at leadingedgeinternet.com.au', '202.78.47.254',
>
> 10, '0000399F', '','','',
> 'Framed-User','0198331390','leadingedgeinternet.com.au','0297857745')
>
>
>
> Tue May 1309:11:382003: DEBUG: Handling with Radius::AuthRADIUS
>
> Tue May 1309:11:382003: DEBUG: Query is: SELECT HOST1, SECRET,
> AUTHPORT, ACCTPORT, RETRIES, RETRYTIMEOUT, USEOLDASCENDPASSWORDS, > SERVE
>
> RHASBROKENPORTNUMBERS, SERVERHASBROKENADDRESSES, IGNOREREPLYSIGNATURE,
> FAILUREPOLICY FROM RADSQLRADIUS_REALM WHERE REALM = 'leadinge
>
> dgeinternet.com.au'
>
>
>
> Tue May 1309:11:382003: DEBUG: Packet dump:
>
> *** Sending to 203.220.22.200 port 1813 ....
>
> Code: Accounting-Request
>
> Identifier: 29
>
> Authentic: <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>
> Attributes:
>
> NAS-IP-Address = 202.78.47.254
>
> NAS-Port = 10
>
> NAS-Port-Type = Virtual
>
> User-Name = "rabbieihug at leadingedgeinternet.com.au"
>
> Called-Station-Id = "0198331390"
>
> Calling-Station-Id = "0297857745"
>
> Acct-Status-Type = Start
>
> Acct-Authentic = RADIUS
>
> Service-Type = Framed-User
>
> Acct-Session-Id = "0000399F"
>
> Framed-Protocol = PPP
>
> Tunnel-Server-Endpoint = 54:1.88.141.190
>
> Tunnel-Client-Endpoint = 50:11.28.101.254
>
> Tunnel-Client-Auth-ID = 76:EI7206-1
>
> Tunnel-Server-Auth-ID = 111:ptlei90
>
> Tunnel-ID = 55:
>
> Acct-Delay-Time = 0
>
> Timestamp = 1052781098
>
>
>
> Tue May 1309:11:382003: DEBUG: Packet dump:
>
> *** Received from 203.220.22.200 port 1813 ....
>
> Code: Accounting-Response
>
> Identifier: 29
>
> Authentic: <150><10><193>Q[<206>U<219>~He5<215>W<150><225>
>
> Attributes:
>
>
>
> Tue May 1309:11:382003: DEBUG: Received reply in AuthRADIUS for req 29
> from 203.220.22.200:1813
>
> Tue May 1309:11:382003: DEBUG: Using Identifier AllocateIPAddress
>
> Tue May 1309:11:382003: DEBUG: Found AuthBy with Identifier
> AllocateIPAddress
>
> Tue May 1309:11:382003: DEBUG: Handling with Radius::AuthDYNADDRESS
>
> Tue May 1309:11:382003: DEBUG: Accounting accepted
>
> Tue May 1309:11:382003: DEBUG: Packet dump:
>
> *** Sending to 202.78.47.254 port 1646 ....
>
> Code: Accounting-Response
>
> Identifier: 237
>
> Authentic: <23>Et;<172>,<210><24><17><5>><147><204><194>G<24>
>
> Attributes:
>
> Service-Type = Framed-User
>
> Framed-Protocol = PPP
>
>
>
>
>
>
>
>
>
> Rabbie Zalaf
>
> Network Consultant
>
> Leading Edge Internet
>
> 02 9497 4024
>
> http://www.leadingedgeinternet.net.au
>
>
>
> This document together with any attachments is confidential and is
> intended for the named recipient only. It can not be copied,
> disclosed, passed on or duplicated in any way shape or form, without
> the prior permission of the author. If you are not the intended
> recipient please contact the author immediately and destroy the
> message. All parties acknowledge that any breach of confidence or
> disclosures made by any party, (including their employees, agents and
> contracted service providers such as solicitors, accountants, auditors
> and others), which may result in a commercial loss to Leading Edge
> Group, may result in Leading Edge Group exercising such rights as are
> available to them in connection with that loss.
>
>
>
> <AllocateIPAddressOnReplyFromProxy><radiusflow.cfg>
NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/enriched
Size: 22102 bytes
Desc: not available
URL: <http://www.open.com.au/pipermail/radiator/attachments/20030515/53067c2e/attachment.bin>
More information about the radiator
mailing list