(RADIATOR) Redback Static IP Problem
Charles Alexander McCain
mccain at unixatlas.com
Tue Sep 2 08:02:46 CDT 2003
Hugh,
The users file entry looks something like this. I know i'm using mysql to
house the users file, but i just took this entry from the file. It looks
like this in the database. If you need my actual database entry, please
let me know.
user Auth-Type = LDAP, NAS-IP-Address = 1.2.3.5
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 1.2.3.4,
Framed-IP-Netmask = 255.255.255.255,
Idle-Timeout = 0,
Session-Timeout = 0
And, I was wondering why i'm only seeing service type, and framed protocol
?
Thanks,
AL
On Sat, 30 Aug 2003, Hugh Irvine wrote:
>
> Hello AL -
>
> This is what your configuration file is set up to return to the NAS:
>
>
> > *** Sending to 64.91.105.5 port 1812 ....
> > Code: Access-Accept
> > Identifier: 107
> > Authentic: mp}<198><236><229><167>/<153><179>m<189><149>z<31>d
> > Attributes:
> > Service-Type = Framed-User
> > Framed-Protocol = PPP
>
> What other attributes do you want to send? And how do you want to
> manage those attributes?
>
> regards
>
> Hugh
>
>
> On Saturday, Aug 30, 2003, at 06:06 Australia/Melbourne, Charles
> Alexander McCain wrote:
>
> > Hello,
> >
> > I'm having an issue with my redbacks. They cannot allocate ip
> > addresses.
> > In my trace 4, i notice that the user is not getting the attributes
> > they
> > need.
> > How can this be fixed?
> >
> > Here is my config and trace4
> >
> > Thanks,
> > AL
> >
> > ---------
> > Fri Aug 29 14:08:30 2003: DEBUG: Packet dump:
> > *** Received from 1.2.3.4 port 1812 ....
> > Code: Access-Request
> > Identifier: 107
> > Authentic: mp}<198><236><229><167>/<153><179>m<189><149>z<31>d
> > Attributes:
> > User-Name = "user"
> > User-Password =
> > "~~1<223><156><248><145><196><250><0>W<219><246><204><21>:"
> > NAS-Identifier = "rb"
> > NAS-IP-Address = 1.2.3.4
> > RB-NAS-Real-Port = 402850582
> > Service-Type = Framed-User
> > Framed-Protocol = PPP
> > NAS-Port = 3892318919
> > Connect-Info = "ubrc"
> >
> > Fri Aug 29 14:08:30 2003: DEBUG: Rewrote user name to user
> > Fri Aug 29 14:08:30 2003: DEBUG: Rewrote user name to user
> > Fri Aug 29 14:08:30 2003: DEBUG: Rewrote user name to user
> > Fri Aug 29 14:08:30 2003: DEBUG: Rewrote user name to user
> > Fri Aug 29 14:08:30 2003: ERR: Error while rewriting username user:
> > syntax
> > error at (eval 1787) line 2, at EOF
> >
> > Fri Aug 29 14:08:30 2003: DEBUG: Rewrote user name to user
> > Fri Aug 29 14:08:30 2003: ERR: Error in PreHandlerHook(): Can't use
> > string
> > ("") as a subroutine ref while "strict refs" in use at
> > /usr/local/lib/perl5/site_perl/5.6.1/Radius/Client.pm line 338.
> >
> > Fri Aug 29 14:08:30 2003: DEBUG: Handling request with Handler
> > 'Realm=DEFAULT'
> > Fri Aug 29 14:08:30 2003: DEBUG: Rewrote user name to user
> > Fri Aug 29 14:08:30 2003: DEBUG: SQLS Deleting session for user,
> > 1.2.3.4,
> > 3892318919
> > Fri Aug 29 14:08:30 2003: DEBUG: do query is: delete from RADONLINE
> > where
> > USERNAME = 'user' and NASIDENTIFIER='1.2.3.4' and NASPORT='3892318919'
> >
> > Fri Aug 29 14:08:30 2003: DEBUG: Handling with Radius::AuthLDAP2
> > Fri Aug 29 14:08:30 2003: DEBUG: Attempting to bind with
> > uid=searchuser,dc=domain,dc=net, password
> > Fri Aug 29 14:08:30 2003: DEBUG: LDAP got result for
> > uid=user,ou=People,dc=domain,dc=net
> > Fri Aug 29 14:08:30 2003: DEBUG: LDAP got userPassword:
> > {crypt}cgoHd/FmCIXh.
> > Fri Aug 29 14:08:30 2003: DEBUG: LDAP got gidNumber: 3010
> > Fri Aug 29 14:08:30 2003: DEBUG: Radius::AuthLDAP2 looks for match with
> > user
> > Fri Aug 29 14:08:30 2003: DEBUG: Query is: select NASIDENTIFIER,
> > NASPORT,
> > ACCTSESSIONID, FRAMEDIPADDRESS from RADONLINE where USERNAME='user'
> >
> > Fri Aug 29 14:08:30 2003: DEBUG: Radius::AuthLDAP2 ACCEPT:
> > Fri Aug 29 14:08:30 2003: DEBUG: Access accepted for user
> > Fri Aug 29 14:08:30 2003: DEBUG: Packet dump:
> > *** Sending to 64.91.105.5 port 1812 ....
> > Code: Access-Accept
> > Identifier: 107
> > Authentic: mp}<198><236><229><167>/<153><179>m<189><149>z<31>d
> > Attributes:
> > Service-Type = Framed-User
> > Framed-Protocol = PPP
> >
> > -----------------------------------------------------------------------
> > ----
> >
> > #Foreground
> > #LogStdout
> > LogDir /var/adm/radacct
> > DbDir /etc/raddb
> > PreHandlerHook file:"%D/prehook"
> >
> > SnmpgetProg /usr/local/bin/snmpget
> > Trace 4
> > RewriteUsername s/^([^@]+)\@domain.net/$1/
> > RewriteUsername s/^([^@]+)\@domain.net/$1/
> > RewriteUsername s/\s+//g
> > RewriteUsername tr/A-Z/a-z/
> > <Client DEFAULT>
> >
> > Secret ******
> > DupInterval 0
> >
> > </Client>
> >
> > <SessionDatabase SQL>
> >
> > DBSource dbi:mysql:radius:host
> > DBUsername radtest
> > DBAuth ******
> > Identifier SQLS
> >
> > AddQuery insert into RADONLINE (USERNAME,\
> > NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,\
> > FRAMEDIPADDRESS, NASPORTTYPE, SERVICETYPE,DNIS) \
> > values ('%n', '%N',\
> > '%{NAS-Port}', '%{Acct-Session-Id}', '%o',\
> > '%{Framed-IP-Address}', '%{NAS-Port-Type}',\
> > '%{Service-Type}','%{Called-Station-Id}')
> >
> >
> > DeleteQuery delete from RADONLINE where \
> > USERNAME = '%n' and NASIDENTIFIER='%N' \
> > and NASPORT='%{NAS-Port}'
> >
> > ClearNasQuery delete from RADONLINE where NASIDENTIFIER='%N'
> >
> > CountQuery select NASIDENTIFIER, NASPORT, ACCTSESSIONID from RADONLINE
> > \
> > where ACCTSESSIONID = '%{Acct-Session-Id}'
> >
> >
> > </SessionDatabase>
> >
> >
> > <ClientListSQL>
> >
> > DBSource dbi:mysql:radius
> > DBUsername radtest
> > DBAuth ******
> >
> > select NASIDENTIFIER,SECRET,IGNOREACCTSIGNATURE,DUPINTERVAL, \
> > DEFAULTREALM,NASTYPE,SNMPCOMMUNITY,LIVINGSTONOFFS, \
> > LIVINGSTONHOLE,FRAMEDGROUPBASEADDRESS, \
> > FRAMEDGROUPMAXPORTSPERCLASSC,REWRITEUSERNAME, \
> > NOIGNOREDUPLICATES from RADCLIENTLIST
> >
> >
> > </ClientListSQL>
> > <AuthBy UNIX>
> >
> > DefaultSimultaneousUse 1
> > Identifier System
> > Filename /etc/shadow
> >
> > </AuthBy>
> >
> > <AuthBy LDAP2>
> > DefaultSimultaneousUse 1
> > Identifier LDAP
> > Host 127.0.0.1
> > Port 389
> > AuthDN uid=searchuser,dc=domain,dc=net
> > AuthPassword *****
> > BaseDN %0=%1,ou=people,dc=domain,dc=net
> > Scope base
> > UsernameAttr uid
> > PasswordAttr userPassword
> > HoldServerConnection
> > SearchFilter (&(gecos=active)(uid=%1))
> > AuthAttrDef gidNumber, gid-attr, request
> > DefaultReply
> > Service-Type=Framed-User,Framed-Protocol=PPP
> > </AuthBy>
> > <AuthBy SQL>
> > NoDefault
> > DefaultSimultaneousUse 1
> > Identifier CheckSQL
> >
> > DBSource dbi:mysql:radius:domain
> > DBUsername radtest
> > DBAuth *******
> >
> >
> > AccountingTable ACCOUNTING
> > AcctColumnDef USERNAME,User-Name
> > AcctColumnDef TIME_STAMP,Timestamp,integer
> > AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
> > AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
> > AcctColumnDef
> > ACCTINPUTOCTETS,Acct-Input-Octets,integer
> > AcctColumnDef
> > ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
> > AcctColumnDef ACCTSESSIONID,Acct-Session-Id
> > AcctColumnDef
> > ACCTSESSIONTIME,Acct-Session-Time,integer
> > AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
> > AcctColumnDef NASIDENTIFIER,NAS-Identifier
> > AcctColumnDef NASPORT,NAS-Port,integer
> > AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
> >
> > AuthSelect select PASSWORD, CHECKATTR, REPLYATTR \
> > from SUBSCRIBERS \
> > where USERNAME=%0
> >
> > AuthColumnDef 0, User-Password, check
> > AuthColumnDef 1, GENERIC, check
> > AuthColumnDef 2, GENERIC, reply
> > DefaultReply
> > Service-Type=Framed-User,Framed-Protocol=PPP
> >
> >
> > </AuthBy>
> > <Realm DEFAULT>
> > RewriteUsername s/^([^@]+).*/$1/
> >
> >
> > PostAuthHook file:"%D/postHook"
> > AcctLogFileName %L/%N/detail
> >
> >
> >
> > #AuthByPolicy ContinueWhileReject
> > AuthByPolicy ContinueUntilAccept
> > AuthBy LDAP
> > AuthBy CheckSQL
> > AuthBy System
> >
> >
> > </Realm>
> >
> > ===
> > Archive at http://www.open.com.au/archives/radiator/
> > Announcements on radiator-announce at open.com.au
> > To unsubscribe, email 'majordomo at open.com.au' with
> > 'unsubscribe radiator' in the body of the message.
> >
> >
>
> NB: have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
>
>
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list