(RADIATOR) IOS 12.3 POD

Hugh Irvine hugh at open.com.au
Thu Nov 27 00:20:43 CST 2003


Hello Rabbie -

What version of Radiator are you using? There was a recent patch for 
this.

Current version is Radiator 3.7.1 (plus patches).

This has also been discussed on the mailing list.

	www.open.com.au/archives/radiator

regards

Hugh


On 27/11/2003, at 3:14 PM, Rabbie Zalaf wrote:

> Hi All,
>
>  
>
> We just installed 12.3 on our 7206VXR following advice from CISCO.
>
>  
>
> Here is the config on the 7206.
>
>  
>
> tried
>
>  
>
> aaa pod server clients xxx.xxx.xx.x auth-type any server-key secretxyz
>
>  
>
> and
>
>  
>
> aaa pod server clients xxx.xxx.xx.x auth-type any server-key secretxyz
>
>  
>
> ver 12.3(5)
>
>  
>
> radius config
>
>  
>
> aaa group server radius rad-group
>
> ip radius source-interface Loopback0
>
> radius-server host xxx.xxx.xx.x auth-port 1812 acct-port 1813 key 7 
> 6542AB4565123A radius-server key 7 6542AB4565123A
>
>  
>
> debug
>
>  
>
>  
>
> Nov 2715:01:20AEDT: POD: xxx.xxx.xx.x request queued
>
> Nov 27 15:01:20 AEDT: POD: Illegal authenticator in POD from 
> xxx.xxx.xx.x Nov 27 15:01:20 AEDT: POD: xxx.xxx.xx.x user RABBIERULES 
> 0.0.0.0 sessid 0x0 key 0x0 DROPPED Nov 27 15:01:20 AEDT: POD: Sending 
> NAK from port 1700 to xxx.xxx.xx.x/39403
>
>  
>
>  
>
> Here is the command I am sending:
>
>  
>
> [root at rad root]# radpwtst -trace 4 -acct_port 1700 -secret secretxyz 
> -s xxx.xxx.xxx.xxx -noauth -noacct -code Disconnect-Request 
> -dictionary /etc/radiator/dictionary "User-Name=RABBIERULES" 
> "Acct-Session-Id=0000393B" "Ascend-Session-Svr-Key=F26F9E54"
>
> sending Disconnect-Request...
>
> Packet dump:
>
> *** Sending to xxx.xxx.xxx.xxx port 1700 ....
>
> Code:       Disconnect-Request
>
> Identifier: 66
>
> Authentic:  1234567890123456
>
> Attributes:
>
>         User-Name = "RABBIERULES"
>
>         Acct-Session-Id = "0000393B"
>
>         Ascend-Session-Svr-Key = "F26F9E54"
>
>        
>
> Packet dump:
>
> *** Received from xxx.xxx.xxx.xxx port 1700 ....
>
> Code:       Disconnect-Request-NAKed
>
> Identifier: 66
>
> Authentic:  T<180><182><228>$<193>F<191>LO<202>)<206><222>{<153>
>
> Attributes:
>
>         Reply-Message = "Invalid Authenticator"
>
>  
>
> OK
>
> [root at rad root]#
>
>  
>
> I know that I probably only need one of the three attributes since we 
> have set auth-type to any but that doesn't work either.
>
>  
>
> Has anyone got the POD working on the 12.3 IOS yet?
>
>  
>
> Any help would be most appreciated.
>
>  
>
> Kind Regards,
>
> Rabbie Zalaf
> Network Consultant
> Leading Edge Internet
> 02 9497 4024
> http://www.leadingedgeinternet.net.au
>
> -----BEGIN GEEK CODE BLOCK-----
> VERSION: 3.1
> GIT d++ s:>s-:- a22 C++++ L U+++
> P+ L+++>$L+++++ E--- W+++ w-- M--
> t+++ G++
> -----END GEEK CODE BLOCK-----
>
> This document together with any attachments is confidential and is 
> intended for the named recipient only. It can not be copied, 
> disclosed, passed on or duplicated in any way shape or form, without 
> the prior permission of the author. If you are not the intended 
> recipient please contact the author immediately and destroy the 
> message. All parties acknowledge that any breach of confidence or 
> disclosures made by any party, (including their employees, agents and 
> contracted service providers such as solicitors, accountants, auditors 
> and others), which may result in a commercial loss to Leading Edge 
> Group, may result in Leading Edge Group exercising such rights as are 
> available to them in connection with that loss.
>
>  
>
>  
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list