(RADIATOR) Profiles problems

Brandon Lehmann blehmann at glis.cc
Thu Nov 13 00:38:00 CST 2003


Hugh,

    As a reply to this, though I just sent out my last message to you and
the list saying that I fixed it, this was the base hawki.cfg file included
with the Radiator distrobution. As I'm sure you know, its in the "goodies"
folder. However, I will keep your message for future reference.

Thanks,

Brandon

----- Original Message ----- 
From: "Hugh Irvine" <hugh at open.com.au>
To: "Brandon Lehmann" <blehmann at glis.cc>
Cc: <owner-radiator at open.com.au>; <radiator at open.com.au>
Sent: Thursday, November 13, 2003 1:31 AM
Subject: Re: (RADIATOR) Profiles problems


>
> Hello Brandon -
>
> You have set the AuthByPolicy ContinueWhileAccept, but your first
> AuthBy clause has "AuthSelect" to disable authentication.
>
> Why do you have different AuthBy clauses for authentication and
> accounting?
>
> If you want to keep this structure, you will need to use an AuthBy
> GROUP and alter the AuthByPolicy inside it:
>
> <Realm DEFAULT>
>
> .....
>
> # AuthByPolicy to do both accounting and authentication
> AuthByPolicy ContinueAlways
>
> <AuthBy SQL>
> .....
> # disable authentication
> AuthSelect
>
> # do accounting
> .....
> </AuthBy>
>
> #define AuthBy GROUP
> # use different AuthByPolicy
>
> <AuthBy GROUP>
>
> AuthByPolicy ContinueWhileAccept
> <AuthBy SQL>
> # do authentication
> .....
> </AuthBy>
>
> <AuthBy SQL>
> # check time
> .....
> </AuthBy>
>
> </AuthBy>
>
> </Realm>
>
>
> regards
>
> Hugh
>
>
> On 13/11/2003, at 5:03 PM, Brandon Lehmann wrote:
>
> > Hugh,
> >
> >     I just took a look around. Changed it to Time set it correctly in
> > the
> > SQL database, made it a check item. Set to ContinueWhileAccept. Trace
> > -4
> > reveals that "Authentication is Disabled"
> > I'm confused...
> >
> > Brandon
> > ----- Original Message -----
> > From: "Hugh Irvine" <hugh at open.com.au>
> > To: "Brandon Lehmann" <blehmann at glis.cc>
> > Cc: <owner-radiator at open.com.au>; <radiator at open.com.au>
> > Sent: Wednesday, November 12, 2003 11:20 PM
> > Subject: Re: (RADIATOR) Profiles problems
> >
> >
> >>
> >> Hello Brandon -
> >>
> >> Thanks for your mail.
> >>
> >> Unfortunately I meant "a trace 4 debug from Radiator" (not a trace 4
> >> debug from radpwtst).
> >>
> >> In any event, I suspect that at the very least the "TimeOfDay" radius
> >> attribute is not defined in your Radiator dictionary.
> >>
> >> regards
> >>
> >> Hugh
> >>
> >>
> >> On 13/11/2003, at 9:45 AM, Brandon Lehmann wrote:
> >>
> >>> Hugh,
> >>>
> >>>     Note: I don't care that I left my ip address in there or the
> >>> "encrypted"
> >>> password. This is a test server with test data.
> >>>
> >>> Brandon
> >>>
> >>> ----- Original Message -----
> >>> From: "Brandon Lehmann" <blehmann at glis.cc>
> >>> To: "Hugh Irvine" <hugh at open.com.au>
> >>> Cc: <owner-radiator at open.com.au>; <radiator at open.com.au>
> >>> Sent: Wednesday, November 12, 2003 5:43 PM
> >>> Subject: Re: (RADIATOR) Profiles problems
> >>>
> >>>
> >>>> Hugh,
> >>>>
> >>>>     Trace 4 with the config in my original message shows:
> >>>>
> >>>> --- START----
> >>>> Reading dictionary file './dictionary'
> >>>> sending Access-Request...
> >>>> Packet dump:
> >>>> *** Sending to 63.148.117.3 port 1645 ....
> >>>> Code:       Access-Request
> >>>> Identifier: 120
> >>>> Authentic:  1234567890123456
> >>>> Attributes:
> >>>>         User-Name = "brandon"
> >>>>         Service-Type = Framed-User
> >>>>         NAS-IP-Address = 203.63.154.1
> >>>>         NAS-Port = 1234
> >>>>         Called-Station-Id = "123456789"
> >>>>         Calling-Station-Id = "987654321"
> >>>>         NAS-Port-Type = Async
> >>>>         User-Password =
> >>>> ".<255>x]<205>2><212><197><219>Sj<143><221><224><129>"
> >>>>
> >>>> No reply
> >>>> sending Accounting-Request Start...
> >>>> Packet dump:
> >>>> *** Sending to 63.148.117.3 port 1646 ....
> >>>> Code:       Accounting-Request
> >>>> Identifier: 121
> >>>> Authentic:  <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
> >>>> Attributes:
> >>>>         User-Name = "brandon"
> >>>>         Service-Type = Framed-User
> >>>>         NAS-IP-Address = 203.63.154.1
> >>>>         NAS-Port = 1234
> >>>>         NAS-Port-Type = Async
> >>>>         Acct-Session-Id = "00001234"
> >>>>         Acct-Status-Type = Start
> >>>>         Called-Station-Id = "123456789"
> >>>>         Calling-Station-Id = "987654321"
> >>>>         Acct-Delay-Time = 0
> >>>>
> >>>> Packet dump:
> >>>> *** Received from 63.148.117.3 port 1646 ....
> >>>> Code:       Accounting-Response
> >>>> Identifier: 121
> >>>> Authentic:  f>e#O#<156><150>S<239>N<240><234><182><23><229>
> >>>> Attributes:
> >>>>
> >>>> OK
> >>>> sending Accounting-Request Stop...
> >>>> Packet dump:
> >>>> *** Sending to 63.148.117.3 port 1646 ....
> >>>> Code:       Accounting-Request
> >>>> Identifier: 122
> >>>> Authentic:  <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
> >>>> Attributes:
> >>>>         User-Name = "brandon"
> >>>>         Service-Type = Framed-User
> >>>>         NAS-IP-Address = 203.63.154.1
> >>>>         NAS-Port = 1234
> >>>>         NAS-Port-Type = Async
> >>>>         Acct-Session-Id = "00001234"
> >>>>         Acct-Status-Type = Stop
> >>>>         Called-Station-Id = "123456789"
> >>>>         Calling-Station-Id = "987654321"
> >>>>         Acct-Delay-Time = 0
> >>>>         Acct-Session-Time = 1000
> >>>>         Acct-Input-Octets = 20000
> >>>>         Acct-Output-Octets = 30000
> >>>>
> >>>> Packet dump:
> >>>> *** Received from 63.148.117.3 port 1646 ....
> >>>> Code:       Accounting-Response
> >>>> Identifier: 122
> >>>> Authentic:  5Y<2>V<137><180>L<2>R<138>vzai<248><184>
> >>>> Attributes:
> >>>>
> >>>> OK
> >>>> -----END----
> >>>>
> >>>>
> >>>> Chaning AuthByPolicy to ContinueWhileAccept returns this:
> >>>>
> >>>> -----START-----
> >>>> Reading dictionary file './dictionary'
> >>>> sending Access-Request...
> >>>> Packet dump:
> >>>> *** Sending to 63.148.117.3 port 1645 ....
> >>>> Code:       Access-Request
> >>>> Identifier: 81
> >>>> Authentic:  1234567890123456
> >>>> Attributes:
> >>>>  User-Name = "brandon"
> >>>>  Service-Type = Framed-User
> >>>>  NAS-IP-Address = 203.63.154.1
> >>>>  NAS-Port = 1234
> >>>>  Called-Station-Id = "123456789"
> >>>>  Calling-Station-Id = "987654321"
> >>>>  NAS-Port-Type = Async
> >>>>  User-Password =
> >>>> ".<255>x]<205>2><212><197><219>Sj<143><221><224><129>"
> >>>>
> >>>> Packet dump:
> >>>> *** Received from 63.148.117.3 port 1645 ....
> >>>> Code:       Access-Reject
> >>>> Identifier: 81
> >>>> Authentic:  <201>KV<189>Ao<213><235><254>3<22>z>h<239><4>
> >>>> Attributes:
> >>>>  Reply-Message = "Request Denied"
> >>>>
> >>>> Rejected: Request Denied
> >>>> sending Accounting-Request Start...
> >>>> Packet dump:
> >>>> *** Sending to 63.148.117.3 port 1646 ....
> >>>> Code:       Accounting-Request
> >>>> Identifier: 82
> >>>> Authentic:  <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
> >>>> Attributes:
> >>>>  User-Name = "brandon"
> >>>>  Service-Type = Framed-User
> >>>>  NAS-IP-Address = 203.63.154.1
> >>>>  NAS-Port = 1234
> >>>>  NAS-Port-Type = Async
> >>>>  Acct-Session-Id = "00001234"
> >>>>  Acct-Status-Type = Start
> >>>>  Called-Station-Id = "123456789"
> >>>>  Calling-Station-Id = "987654321"
> >>>>  Acct-Delay-Time = 0
> >>>>
> >>>> Packet dump:
> >>>> *** Received from 63.148.117.3 port 1646 ....
> >>>> Code:       Accounting-Response
> >>>> Identifier: 82
> >>>> Authentic:
> >>>> <237><157><221><24><8><3><11><235><207><167>t<226>SVQ<227>
> >>>> Attributes:
> >>>>
> >>>> OK
> >>>> sending Accounting-Request Stop...
> >>>> Packet dump:
> >>>> *** Sending to 63.148.117.3 port 1646 ....
> >>>> Code:       Accounting-Request
> >>>> Identifier: 83
> >>>> Authentic:  <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
> >>>> Attributes:
> >>>>  User-Name = "brandon"
> >>>>  Service-Type = Framed-User
> >>>>  NAS-IP-Address = 203.63.154.1
> >>>>  NAS-Port = 1234
> >>>>  NAS-Port-Type = Async
> >>>>  Acct-Session-Id = "00001234"
> >>>>  Acct-Status-Type = Stop
> >>>>  Called-Station-Id = "123456789"
> >>>>  Calling-Station-Id = "987654321"
> >>>>  Acct-Delay-Time = 0
> >>>>  Acct-Session-Time = 1000
> >>>>  Acct-Input-Octets = 20000
> >>>>  Acct-Output-Octets = 30000
> >>>>
> >>>> Packet dump:
> >>>> *** Received from 63.148.117.3 port 1646 ....
> >>>> Code:       Accounting-Response
> >>>> Identifier: 83
> >>>> Authentic:  <4>\<212>g'`<252><214><23><246>>A]<136><172><174>
> >>>> Attributes:
> >>>>
> >>>> OK
> >>>>
> >>>> ----END-----
> >>>>
> >>>> Removing the Authby clause for the profile & timeofday returns this
> >>>> (with
> >>>> ContinueWhileAccept):
> >>>>
> >>>> ----START------
> >>>> Reading dictionary file './dictionary'
> >>>> sending Access-Request...
> >>>> Packet dump:
> >>>> *** Sending to 63.148.117.3 port 1645 ....
> >>>> Code:       Access-Request
> >>>> Identifier: 251
> >>>> Authentic:  1234567890123456
> >>>> Attributes:
> >>>>  User-Name = "brandon"
> >>>>  Service-Type = Framed-User
> >>>>  NAS-IP-Address = 203.63.154.1
> >>>>  NAS-Port = 1234
> >>>>  Called-Station-Id = "123456789"
> >>>>  Calling-Station-Id = "987654321"
> >>>>  NAS-Port-Type = Async
> >>>>  User-Password =
> >>>> ".<255>x]<205>2><212><197><219>Sj<143><221><224><129>"
> >>>>
> >>>> Packet dump:
> >>>> *** Received from 63.148.117.3 port 1645 ....
> >>>> Code:       Access-Reject
> >>>> Identifier: 251
> >>>> Authentic:  <2>I<24> <180>7<222><164><151>k<213><22>O<15><255>N
> >>>> Attributes:
> >>>>  Reply-Message = "Request Denied"
> >>>>
> >>>> Rejected: Request Denied
> >>>> sending Accounting-Request Start...
> >>>> Packet dump:
> >>>> *** Sending to 63.148.117.3 port 1646 ....
> >>>> Code:       Accounting-Request
> >>>> Identifier: 252
> >>>> Authentic:  <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
> >>>> Attributes:
> >>>>  User-Name = "brandon"
> >>>>  Service-Type = Framed-User
> >>>>  NAS-IP-Address = 203.63.154.1
> >>>>  NAS-Port = 1234
> >>>>  NAS-Port-Type = Async
> >>>>  Acct-Session-Id = "00001234"
> >>>>  Acct-Status-Type = Start
> >>>>  Called-Station-Id = "123456789"
> >>>>  Calling-Station-Id = "987654321"
> >>>>  Acct-Delay-Time = 0
> >>>>
> >>>> Packet dump:
> >>>> *** Received from 63.148.117.3 port 1646 ....
> >>>> Code:       Accounting-Response
> >>>> Identifier: 252
> >>>> Authentic:  <203>r<199><16>8<247>G<146><29>fe<135>`<20><133>Q
> >>>> Attributes:
> >>>>
> >>>> OK
> >>>> sending Accounting-Request Stop...
> >>>> Packet dump:
> >>>> *** Sending to 63.148.117.3 port 1646 ....
> >>>> Code:       Accounting-Request
> >>>> Identifier: 253
> >>>> Authentic:  <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
> >>>> Attributes:
> >>>>  User-Name = "brandon"
> >>>>  Service-Type = Framed-User
> >>>>  NAS-IP-Address = 203.63.154.1
> >>>>  NAS-Port = 1234
> >>>>  NAS-Port-Type = Async
> >>>>  Acct-Session-Id = "00001234"
> >>>>  Acct-Status-Type = Stop
> >>>>  Called-Station-Id = "123456789"
> >>>>  Calling-Station-Id = "987654321"
> >>>>  Acct-Delay-Time = 0
> >>>>  Acct-Session-Time = 1000
> >>>>  Acct-Input-Octets = 20000
> >>>>  Acct-Output-Octets = 30000
> >>>>
> >>>> Packet dump:
> >>>> *** Received from 63.148.117.3 port 1646 ....
> >>>> Code:       Accounting-Response
> >>>> Identifier: 253
> >>>> Authentic:  TZ<243><171><164><236><146>h<14>+<186>)<190><14><<197>
> >>>> Attributes:
> >>>>
> >>>> OK
> >>>> ----------END---------
> >>>>
> >>>> And with the authbyclaus for timeofday removed and the policy set to
> >>>> ContinueAlways:
> >>>>
> >>>> --------START---------
> >>>> Reading dictionary file './dictionary'
> >>>> sending Access-Request...
> >>>> Packet dump:
> >>>> *** Sending to 63.148.117.3 port 1645 ....
> >>>> Code:       Access-Request
> >>>> Identifier: 62
> >>>> Authentic:  1234567890123456
> >>>> Attributes:
> >>>>  User-Name = "brandon"
> >>>>  Service-Type = Framed-User
> >>>>  NAS-IP-Address = 203.63.154.1
> >>>>  NAS-Port = 1234
> >>>>  Called-Station-Id = "123456789"
> >>>>  Calling-Station-Id = "987654321"
> >>>>  NAS-Port-Type = Async
> >>>>  User-Password =
> >>>> ".<255>x]<205>2><212><197><219>Sj<143><221><224><129>"
> >>>>
> >>>> Packet dump:
> >>>> *** Received from 63.148.117.3 port 1645 ....
> >>>> Code:       Access-Accept
> >>>> Identifier: 62
> >>>> Authentic:
> >>>> 9<165>Y<201><211><140><2>u<210><251><161><200>3<149><179><1>
> >>>> Attributes:
> >>>>  Service-Type = Framed-User
> >>>>  Session-Timeout = 18000
> >>>>  Idle-Timeout = 1740
> >>>>  Framed-IP-Netmask = 255.255.255.255
> >>>>  Port-Limit = 3
> >>>>
> >>>> OK
> >>>> sending Accounting-Request Start...
> >>>> Packet dump:
> >>>> *** Sending to 63.148.117.3 port 1646 ....
> >>>> Code:       Accounting-Request
> >>>> Identifier: 63
> >>>> Authentic:  <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
> >>>> Attributes:
> >>>>  User-Name = "brandon"
> >>>>  Service-Type = Framed-User
> >>>>  NAS-IP-Address = 203.63.154.1
> >>>>  NAS-Port = 1234
> >>>>  NAS-Port-Type = Async
> >>>>  Acct-Session-Id = "00001234"
> >>>>  Acct-Status-Type = Start
> >>>>  Called-Station-Id = "123456789"
> >>>>  Calling-Station-Id = "987654321"
> >>>>  Acct-Delay-Time = 0
> >>>>
> >>>> Packet dump:
> >>>> *** Received from 63.148.117.3 port 1646 ....
> >>>> Code:       Accounting-Response
> >>>> Identifier: 63
> >>>> Authentic:  <1>.<245><190>|!.1g<201>0<201><148><229><234>%
> >>>> Attributes:
> >>>>
> >>>> OK
> >>>> sending Accounting-Request Stop...
> >>>> Packet dump:
> >>>> *** Sending to 63.148.117.3 port 1646 ....
> >>>> Code:       Accounting-Request
> >>>> Identifier: 64
> >>>> Authentic:  <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
> >>>> Attributes:
> >>>>  User-Name = "brandon"
> >>>>  Service-Type = Framed-User
> >>>>  NAS-IP-Address = 203.63.154.1
> >>>>  NAS-Port = 1234
> >>>>  NAS-Port-Type = Async
> >>>>  Acct-Session-Id = "00001234"
> >>>>  Acct-Status-Type = Stop
> >>>>  Called-Station-Id = "123456789"
> >>>>  Calling-Station-Id = "987654321"
> >>>>  Acct-Delay-Time = 0
> >>>>  Acct-Session-Time = 1000
> >>>>  Acct-Input-Octets = 20000
> >>>>  Acct-Output-Octets = 30000
> >>>>
> >>>> Packet dump:
> >>>> *** Received from 63.148.117.3 port 1646 ....
> >>>> Code:       Accounting-Response
> >>>> Identifier: 64
> >>>> Authentic:  <237><203>Z_<169><202>Um#&<241><136><29>8<145><23>
> >>>> Attributes:
> >>>>
> >>>> OK
> >>>> --------END----------
> >>>>
> >>>> As for a crash course in TimeOfDay, its a radius attribute that is
> >>>> used to
> >>>> define when a user can login. Say 7:30am to 3:30pm etc ->
> >>>> "07:30-15:30" or
> >>>> cannot login "!00:00-02:00" -> midnight to 2am. It is pretty similar
> >>>> to
> >>> the
> >>>> Radiator Time attribute. However I have tried changing the columndef
> >>>> to
> >>>> "AuthColumnDef 0,Time,reply" and adding "Al" to the front of the
> >>>> field to
> >>>> apply for all days as the radiator manual shows. What I need to do
> >>>> is
> >>> limit
> >>>> a few users to only login during certain hours (at their bosses
> >>>> request).
> >>>> For now I have just added a stored procedure to my SQL server and a
> >>>> job to
> >>>> turn the account on and off at the specified time however that will
> >>>> not
> >>> work
> >>>> forever.
> >>>>
> >>>> Thanks for the help,
> >>>>
> >>>> Brandon
> >>>>
> >>>> Note: This is running Radiator 3.7.1 on Windows 2000 SP4, w/
> >>>> activestate
> >>>> perl 5.6.1 using a 3com total control.
> >>>>
> >>>> ----- Original Message -----
> >>>> From: "Hugh Irvine" <hugh at open.com.au>
> >>>> To: "Brandon Lehmann" <blehmann at glis.cc>
> >>>> Cc: <owner-radiator at open.com.au>; <radiator at open.com.au>
> >>>> Sent: Wednesday, November 12, 2003 5:03 PM
> >>>> Subject: Re: (RADIATOR) Profiles problems
> >>>>
> >>>>
> >>>>>
> >>>>> Hello Brandon -
> >>>>>
> >>>>> Could you please send me a trace 4 debug showing what is happening,
> >>>>> and
> >>>>> a bit more detail on what exactly you are wanting to have happen? I
> >>>>> am
> >>>>> not clear on what the TimeOfDay reply item is meant to do.
> >>>>>
> >>>>> regards
> >>>>>
> >>>>> Hugh
> >>>>>
> >>>>>
> >>>>> On 13/11/2003, at 7:10 AM, Brandon Lehmann wrote:
> >>>>>
> >>>>>> Hi List,
> >>>>>>
> >>>>>> I cannot get the radius server to return the profile while using
> >>>>>> the following configuration:
> >>>>>>
> >>>>>> ------START-----
> >>>>>> LogStdout   c:/radiator/stdout.txt
> >>>>>> LogDir c:/radiator
> >>>>>> DbDir c:/radiator.
> >>>>>>
> >>>>>> <Client DEFAULT>
> >>>>>>      Secret !removed for my protection!
> >>>>>>      DupInterval 0
> >>>>>> </Client>
> >>>>>>
> >>>>>> <Realm DEFAULT>
> >>>>>>
> >>>>>>      AuthByPolicy ContinueAlways
> >>>>>>
> >>>>>>      <AuthBy SQL>
> >>>>>>           Identifier ACCT1
> >>>>>>           DBSource dbi:ODBC:!removed for my protection!
> >>>>>>           DBUsername !removed for my protection!
> >>>>>>           DBAuth !removed for my protection!
> >>>>>>
> >>>>>>           AuthSelect
> >>>>>>
> >>>>>>           AccountingTable radacct1
> >>>>>>           AcctColumnDef UserName,User-Name
> >>>>>>           AcctColumnDef LogDateTime,Timestamp,integer-date
> >>>>>>           AcctColumnDef AcctStatusType,Acct-Status-Type
> >>>>>>           AcctColumnDef AcctDelayTime,Acct-Delay-Time,integer
> >>>>>>           AcctColumnDef AcctInputOctets,Acct-Input-Octets,integer
> >>>>>>           AcctColumnDef
> >>>>>> AcctOutputOctets,Acct-Output-Octets,integer
> >>>>>>           AcctColumnDef
> >>>>>> AcctInputPackets,Acct-Input-Packets,integer
> >>>>>>           AcctColumnDef
> >>>>>> AcctOutputPackets,Acct-Output-Packets,integer
> >>>>>>           AcctColumnDef AcctSessionTime,Acct-Session-Time,integer
> >>>>>>           AcctColumnDef AcctTerminateCause,Acct-Terminate-Cause
> >>>>>>           AcctColumnDef NasIPAddress,NAS-IP-Address
> >>>>>>           AcctColumnDef NasIdentifier,NAS-Identifier
> >>>>>>           AcctColumnDef NasPortId,NAS-Port,integer
> >>>>>>           AcctColumnDef NasPortType,NAS-Port-Type,integer
> >>>>>>           AcctColumnDef ConnectInfo,Connect-Info
> >>>>>>           AcctColumnDef ServiceType,Service-Type
> >>>>>>           AcctColumnDef FramedProtocol,Framed-Protocol
> >>>>>>           AcctColumnDef FramedAddress,Framed-IP-Address
> >>>>>>           AcctColumnDef CallingStationId,Calling-Station-Id
> >>>>>>      </AuthBy>
> >>>>>>
> >>>>>>      <AuthBy SQL>
> >>>>>>           Identifier AUTH1
> >>>>>>           DBSource dbi:ODBC:!removed for my protection!
> >>>>>>           DBUsername !removed for my protection!
> >>>>>>           DBAuth  !removed for my protection!
> >>>>>>
> >>>>>>           AuthSelect select
> >>>>>> ClearTextPassword,ServiceType,SessionLimit, \
> >>>>>>               IdleLimit,StaticIP,IPNetmask,FramedRoute,PortLimit,
> >>>>>> \
> >>>>>>               PortLimit,ProfileID from Customers where
> >>>>>> CustomerID=%0 \
> >>>>>>               and Disable is null
> >>>>>>           AuthColumnDef 0,Password,check
> >>>>>>           AuthColumnDef 1,Service-Type,reply
> >>>>>>           AuthColumnDef 2,Session-Timeout,reply
> >>>>>>           AuthColumnDef 3,Idle-Timeout,reply
> >>>>>>           AuthColumnDef 4,Framed-IP-Address,reply
> >>>>>>           AuthColumnDef 5,Framed-IP-Netmask,reply
> >>>>>>           AuthColumnDef 6,Framed-Route,reply
> >>>>>>           AuthColumnDef 7,Port-Limit,reply
> >>>>>>           AuthColumnDef 8,Simultaneous-Use,check
> >>>>>>           AuthColumnDef 9,Profile,reply
> >>>>>>      </AuthBy>
> >>>>>>      <AuthBy SQL>
> >>>>>>          DBSource dbi:ODBC:!removed for my protection!
> >>>>>>          DBUsername !removed for my protection!
> >>>>>>          DBAuth !removed for my protection!
> >>>>>>
> >>>>>>          AuthSelect      SELECT timeofday FROM profiles WHERE \
> >>>>>>             [profile]='%{Reply:Profile}'
> >>>>>>          AuthColumnDef 0,TimeOfDay,reply
> >>>>>>
> >>>>>>          StripFromReply Profile
> >>>>>>      </AuthBy>
> >>>>>>
> >>>>>>      SessionDatabase SDB1
> >>>>>>
> >>>>>> </Realm>
> >>>>>>
> >>>>>> <SessionDatabase SQL>
> >>>>>>      Identifier SDB1
> >>>>>>      DBSource dbi:ODBC:!removed for my protection!
> >>>>>>      DBUsername !removed for my protection!
> >>>>>>      DBAuth  !removed for my protection!
> >>>>>> </SessionDatabase>
> >>>>>> -------END----
> >>>>>>
> >>>>>> If I change "AuthByPolicy ContinueAlways" to "AuthByPolicy
> >>>>>> ContinueWhileAccept" then the server always returns "Request
> >>>>>> Denied".
> >>>>>> Any
> >>>>>> input would be greatly appreciated. Note: I have already searched
> >>>>>> the
> >>>>>> list
> >>>>>> archives, nothing seems to work.
> >>>>>>
> >>>>>> Thank you,
> >>>>>>
> >>>>>> Brandon Lehmann
> >>>>>> Network Administrator
> >>>>>> Great Lakes Internet Service, LLC.
> >>>>>> The Computer Loft, Inc.
> >>>>>> 218 Justice St
> >>>>>> Fremont, Ohio 43420
> >>>>>> 419.332.3553
> >>>>>> blehmann at glis.cc
> >>>>>>
> >>>>>> ===
> >>>>>> Archive at http://www.open.com.au/archives/radiator/
> >>>>>> Announcements on radiator-announce at open.com.au
> >>>>>> To unsubscribe, email 'majordomo at open.com.au' with
> >>>>>> 'unsubscribe radiator' in the body of the message.
> >>>>>>
> >>>>>>
> >>>>>
> >>>>> NB: have you included a copy of your configuration file (no
> >>>>> secrets),
> >>>>> together with a trace 4 debug showing what is happening?
> >>>>>
> >>>>> -- 
> >>>>> Radiator: the most portable, flexible and configurable RADIUS
> >>>>> server
> >>>>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> >>>>> -
> >>>>> Nets: internetwork inventory and management - graphical,
> >>>>> extensible,
> >>>>> flexible with hardware, software, platform and database
> >>>>> independence.
> >>>>> -
> >>>>> CATool: Private Certificate Authority for Unix and Unix-like
> >>>>> systems.
> >>>>>
> >>>>>
> >>>>
> >>>
> >>> ===
> >>> Archive at http://www.open.com.au/archives/radiator/
> >>> Announcements on radiator-announce at open.com.au
> >>> To unsubscribe, email 'majordomo at open.com.au' with
> >>> 'unsubscribe radiator' in the body of the message.
> >>>
> >>>
> >>
> >> NB: have you included a copy of your configuration file (no secrets),
> >> together with a trace 4 debug showing what is happening?
> >>
> >> -- 
> >> Radiator: the most portable, flexible and configurable RADIUS server
> >> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> >> -
> >> Nets: internetwork inventory and management - graphical, extensible,
> >> flexible with hardware, software, platform and database independence.
> >> -
> >> CATool: Private Certificate Authority for Unix and Unix-like systems.
> >>
> >> ===
> >> Archive at http://www.open.com.au/archives/radiator/
> >> Announcements on radiator-announce at open.com.au
> >> To unsubscribe, email 'majordomo at open.com.au' with
> >> 'unsubscribe radiator' in the body of the message.
> >>
> >
> >
>
> NB: have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
>
> -- 
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> -
> CATool: Private Certificate Authority for Unix and Unix-like systems.
>
>

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list