(RADIATOR) AuthLog not logging password

Hugh Irvine hugh at open.com.au
Thu Oct 2 05:59:57 CDT 2003 

Hello Herman -

I will need to see a trace 4 debug to be sure, but I suspect you are 
using CHAP (or MS-CHAP) passwords which cannot be decrypted.

regards

Hugh


On Thursday, Oct 2, 2003, at 20:32 Australia/Melbourne, Herman 
verschooten wrote:

> Hi,
>
> I am trying to log the password in an AuthLog FILE-clausule, but the
> field is left blank?
>
> What I get in the log.txt-file is
>
> FAIL:Thu Oct  2 12:31:06 2003:A03245014::FAIL
> FAIL:Thu Oct  2 12:31:15 2003:A03266007::FAIL
>
> Any help would be appreciated.
>
> Herman
>
>
>
> # Radius.cfg
> #
> #	N	E	T	4	A	L	L
> #
>
> Foreground
> LogStdout
> LogDir          d:/radius/log
> DbDir		c:/Program Files/Radiator
>
> BindAddress     XX.YY.96.20
> AuthPort        1812,1645
> AcctPort        1813,1646
>
> LogFile		%L/log%Y%m%d.log
>
> Trace 4
>
> SnmpgetProg	c:/Program Files/Radiator/net-snmp/snmpget.exe
>
> #Strip realm
> RewriteUsername s/^([^@]+).*/$1/
>
> # Allow only these chars in the username
> #UsernameCharset a-zA-Z0-9\.-_@
>
> # You will probably want to change this to suit your site.
> <Client XX.YY.96.128>
> 	# Cisco 5300 & Ras
> 	Identifier 		DIALUP
> 	Secret			
> 	DupInterval 	10
> #	NasType	   		Cisco
> 	IdenticalClients XX.YY.96.5
> 	IdenticalClients XX.YY.96.3
> </Client>
> <Client XX.YY.ZZ.249>
> 	# Scarlet DSL
> 	Identifier 2UDSL
> 	Secret	
> 	DupInterval 10
> 	IdenticalClients XX.YY.ZZ.241
> </Client>
>
> <Handler Client-Identifier=DIALUP>
> 	AcctLogFileName %L/%Y%m%d.log
> 	AuthByPolicy 	ContinueWhileAccept
> 	SessionDatabase	DIAL
> 	<AuthBy SQL>
> 		DBSource	dbi:ODBC:Radiator
> 		DBUsername	
> 		DBAuth		
> 		AuthSelect	select PASSWORD,CHECKATTR, REPLYATTR
>> From SUBSCRIBERS where USERNAME=%0
> 		DefaultSimultaneousUse	1
> #		Accounting
> 		DateFormat  %b %e, %Y %H:%M:%S
> 		AccountingTable	Calls
> 		AcctColumnDef	NASIdentifier,NAS-Identifier
> 		AcctColumnDef	NASIdentifier,NAS-IP-Address
> 		AcctColumnDef	NASPort,NAS-Port,integer
> 		AcctColumnDef	AcctSessionId,Acct-Session-Id
> 		AcctColumnDef	AcctStatusType,Acct-Status-Type,integer
> 		AcctColumnDef	CallDate,Timestamp,integer-date
> 		AcctColumnDef	UserName,User-Name
> 		AcctColumnDef	AcctDelayTime,Acct-Delay-Time,integer
> 		AcctColumnDef
> AcctSessionTime,Acct-Session-Time,integer
> 		AcctColumnDef	FramedAddress,Framed-IP-Address
> 		AcctColumnDef
> AcctTerminateCause,Acct-Terminate-Cause,integer
> 		AcctColumnDef	ConnectInfo,Connect-Info,string
> 		AcctColumnDef	CallerID,Calling-Station-Id,string
> 		AcctColumnDef
> AcctInputOctets,Acct-Input-Octets,integer
> 		AcctColumnDef
> AcctOutputOctets,Acct-Output-Octets,integer
> 		AcctColumnDef
> AcctInputOctets,RB-Acct-Input-Octets-64,integer
> 		AcctColumnDef
> AcctOutputOctets,RB-Acct-Output-Octets-64,integer
> 	</AuthBy>
> 	<AuthBy FILE>
> 		Filename %D/Profile.cfg
> 		StripFromReply Profile
> 	</AuthBy>
> 	<AuthLog FILE>
> 		Filename 	D:/radius/log.Txt
> 		LogFailure 	1
> 		FailureFormat	FAIL:%l:%n:%P:FAIL
> 	</AuthLog FILE>
> 	<AuthLog REMOTESYSLOG>
>                 SysLogHost XX.YY.ZZ.8
> 		LogSuccess 1
> 		LogFailure 1
> 		FailureFormat	FAIL:%l:%n:%P:FAIL
> 	</AuthLog>
> 	<AuthLog SQL>
> 		DBSource	dbi:ODBC:Radiator
> 		DBUsername	
> 		DBAuth		
> 		LogSuccess	1
> 		LogFailure 	1
>     </AuthLog>
> </Handler>
> <Handler>
> 	AcctLogFileName %L/%Y%m%d.log
> 	AuthByPolicy 	ContinueWhileAccept
> 	SessionDatabase	ADSL
> 	<AuthBy SQL>
> 		DBSource	dbi:ODBC:Radiator
> 		DBUsername	
> 		DBAuth		
> 		AuthSelect	select PASSWORD,CHECKATTR, REPLYATTR
>> From SUBSCRIBERS where USERNAME=%0
> 		DefaultSimultaneousUse	1
> #		Accounting
> 		DateFormat  %b %e, %Y %H:%M:%S
> 		AccountingTable	Calls
> 		AcctColumnDef	NASIdentifier,NAS-Identifier
> 		AcctColumnDef	NASIdentifier,NAS-IP-Address
> 		AcctColumnDef	NASPort,NAS-Port,integer
> 		AcctColumnDef	AcctSessionId,Acct-Session-Id
> 		AcctColumnDef	AcctStatusType,Acct-Status-Type,integer
> 		AcctColumnDef	CallDate,Timestamp,integer-date
> 		AcctColumnDef	UserName,User-Name
> 		AcctColumnDef	AcctDelayTime,Acct-Delay-Time,integer
> 		AcctColumnDef
> AcctSessionTime,Acct-Session-Time,integer
> 		AcctColumnDef	FramedAddress,Framed-IP-Address
> 		AcctColumnDef
> AcctTerminateCause,Acct-Terminate-Cause,integer
> 		AcctColumnDef	ConnectInfo,Connect-Info,string
> 		AcctColumnDef	CallerID,Calling-Station-Id,string
> 		AcctColumnDef
> AcctInputOctets,Acct-Input-Octets,integer
> 		AcctColumnDef
> AcctOutputOctets,Acct-Output-Octets,integer
> 		AcctColumnDef
> AcctInputOctets,RB-Acct-Input-Octets-64,integer
> 		AcctColumnDef
> AcctOutputOctets,RB-Acct-Output-Octets-64,integer
> 	</AuthBy>
> 	<AuthBy FILE>
> 		Filename %D/Profile.cfg
> 		StripFromReply Profile
> 	</AuthBy>
> 	<AuthLog FILE>
> 		Filename 	D:/radius/log.Txt
> 		LogFailure 	1
> 		FailureFormat	FAIL:%l:%n:%P:FAIL
> 	</AuthLog FILE>
> 	<AuthLog REMOTESYSLOG>
>                 SysLogHost XX.YY.ZZ.8
> 		LogSuccess 1
> 		LogFailure 1
> 		FailureFormat	FAIL:%l:%n:%P:FAIL
> 	</AuthLog>
> 	<AuthLog SQL>
> 		DBSource	dbi:ODBC:Radiator
> 		DBUsername	sa
> 		DBAuth		velvet
> 		LogSuccess	1
> 		LogFailure 	1
>     </AuthLog>
> </Handler>
>
> <Log REMOTESYSLOG>
>         SysLogHost XX.YY.ZZ.8
> 	Trace 3
> </Log>
> <Log SQL>
> 	DBSource	dbi:ODBC:Radiator
> 	DBUsername	
> 	DBAuth		
> 	Trace		3	
> <Monitor>
> 	Username	
> 	Password	
> </Monitor>
> <SessionDatabase SQL>
> 	Identifier	DIAL
> 	DBSource	dbi:ODBC:Radiator
> 	DBUsername	
> 	DBAuth		
> 	AddQuery	insert into RADONLINE (USERNAME, NASIDENTIFIER,
> NASPORT, ACCTSESSIONID, TIME_STAMP, FRAMEDIPADDRESS, NASPORTTYPE,
> SERVICETYPE, CALLERID) 			values ('%n','%N', 0%{NAS-Port},
> '%{Acct-Session-Id}', %{Timestamp}, '%{Framed-IP-Address}',
> '%{NAS-Port-Type}','%{Service-Type}', '%{Calling-Station-Id}')
> #	DeleteQuery delete from RADONLINE where NASIDENTIFIER = '%1' AND
> NASPORT = %2
> </SessionDatabase>
> <SessionDatabase SQL>
> 	Identifier	ADSL
> 	DBSource	dbi:ODBC:Radiator
> 	DBUsername	
> 	DBAuth		
> 	AddQuery	insert into RADONLINE (USERNAME, NASIDENTIFIER,
> NASPORT, ACCTSESSIONID, TIME_STAMP, FRAMEDIPADDRESS, NASPORTTYPE,
> SERVICETYPE, CALLERID) 			values ('%n','%N', 0%{NAS-Port},
> '%{Acct-Session-Id}', %{Timestamp}, '%{Framed-IP-Address}',
> '%{NAS-Port-Type}','%{Service-Type}', '%{Calling-Station-Id}')
> 	DeleteQuery	delete from RADONLINE where NASIDENTIFIER = '%1'
> AND CALLERID = '%{Calling-Station-Id}'
> 	CountQuery	select NASIDENTIFIER, NASPORT, ACCTSESSIONID
> from RADONLINE where USERNAME='%n' and not(CALLERID =
> '%{Calling-Station-Id}')
> </SessionDatabase>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list