(RADIATOR) IOS 12.3 POD
Hugh Irvine
hugh at open.com.au
Thu Nov 27 00:20:43 CST 2003
Hello Rabbie -
What version of Radiator are you using? There was a recent patch for
this.
Current version is Radiator 3.7.1 (plus patches).
This has also been discussed on the mailing list.
www.open.com.au/archives/radiator
regards
Hugh
On 27/11/2003, at 3:14 PM, Rabbie Zalaf wrote:
> Hi All,
>
>
>
> We just installed 12.3 on our 7206VXR following advice from CISCO.
>
>
>
> Here is the config on the 7206.
>
>
>
> tried
>
>
>
> aaa pod server clients xxx.xxx.xx.x auth-type any server-key secretxyz
>
>
>
> and
>
>
>
> aaa pod server clients xxx.xxx.xx.x auth-type any server-key secretxyz
>
>
>
> ver 12.3(5)
>
>
>
> radius config
>
>
>
> aaa group server radius rad-group
>
> ip radius source-interface Loopback0
>
> radius-server host xxx.xxx.xx.x auth-port 1812 acct-port 1813 key 7
> 6542AB4565123A radius-server key 7 6542AB4565123A
>
>
>
> debug
>
>
>
>
>
> Nov 2715:01:20AEDT: POD: xxx.xxx.xx.x request queued
>
> Nov 27 15:01:20 AEDT: POD: Illegal authenticator in POD from
> xxx.xxx.xx.x Nov 27 15:01:20 AEDT: POD: xxx.xxx.xx.x user RABBIERULES
> 0.0.0.0 sessid 0x0 key 0x0 DROPPED Nov 27 15:01:20 AEDT: POD: Sending
> NAK from port 1700 to xxx.xxx.xx.x/39403
>
>
>
>
>
> Here is the command I am sending:
>
>
>
> [root at rad root]# radpwtst -trace 4 -acct_port 1700 -secret secretxyz
> -s xxx.xxx.xxx.xxx -noauth -noacct -code Disconnect-Request
> -dictionary /etc/radiator/dictionary "User-Name=RABBIERULES"
> "Acct-Session-Id=0000393B" "Ascend-Session-Svr-Key=F26F9E54"
>
> sending Disconnect-Request...
>
> Packet dump:
>
> *** Sending to xxx.xxx.xxx.xxx port 1700 ....
>
> Code: Disconnect-Request
>
> Identifier: 66
>
> Authentic: 1234567890123456
>
> Attributes:
>
> User-Name = "RABBIERULES"
>
> Acct-Session-Id = "0000393B"
>
> Ascend-Session-Svr-Key = "F26F9E54"
>
>
>
> Packet dump:
>
> *** Received from xxx.xxx.xxx.xxx port 1700 ....
>
> Code: Disconnect-Request-NAKed
>
> Identifier: 66
>
> Authentic: T<180><182><228>$<193>F<191>LO<202>)<206><222>{<153>
>
> Attributes:
>
> Reply-Message = "Invalid Authenticator"
>
>
>
> OK
>
> [root at rad root]#
>
>
>
> I know that I probably only need one of the three attributes since we
> have set auth-type to any but that doesn't work either.
>
>
>
> Has anyone got the POD working on the 12.3 IOS yet?
>
>
>
> Any help would be most appreciated.
>
>
>
> Kind Regards,
>
> Rabbie Zalaf
> Network Consultant
> Leading Edge Internet
> 02 9497 4024
> http://www.leadingedgeinternet.net.au
>
> -----BEGIN GEEK CODE BLOCK-----
> VERSION: 3.1
> GIT d++ s:>s-:- a22 C++++ L U+++
> P+ L+++>$L+++++ E--- W+++ w-- M--
> t+++ G++
> -----END GEEK CODE BLOCK-----
>
> This document together with any attachments is confidential and is
> intended for the named recipient only. It can not be copied,
> disclosed, passed on or duplicated in any way shape or form, without
> the prior permission of the author. If you are not the intended
> recipient please contact the author immediately and destroy the
> message. All parties acknowledge that any breach of confidence or
> disclosures made by any party, (including their employees, agents and
> contracted service providers such as solicitors, accountants, auditors
> and others), which may result in a commercial loss to Leading Edge
> Group, may result in Leading Edge Group exercising such rights as are
> available to them in connection with that loss.
>
>
>
>
>
NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list