(RADIATOR) Configuring Radiator Radius server for Cisco AS5300

G. S. Rakhra gsrakhra at fewanet.com.np
Tue Sep 16 06:34:28 CDT 2003 

Dear Sir,

I tried by adding the <Handler Request-Type = Accounting-Request> Handler mentioned by Hugh, but getting following error while restarting the radiusd process:

Tue Sep 16 15:42:27 2003: ERR: Could not load authentication module Radius::AuthINTERNAL: Can't locate Radius/AuthINTERNAL.pm in @INC (@INC contains: . /usr/lib/perl5/5.6.1/i386-linux /usr/lib/perl5/5.6.1 /usr/lib/perl5/site_perl/5.6.1/i386-linux /usr/lib/perl5/site_perl/5.6.1 /usr/lib/perl5/site_perl/5.6.0 /usr/lib/perl5/site_perl /usr/lib/perl5/vendor_perl/5.6.1/i386-linux /usr/lib/perl5/vendor_perl/5.6.1 /usr/lib/perl5/vendor_perl .) at (eval 30) line 3, <FILE> line 153.

Tue Sep 16 15:42:27 2003: ERR: Unknown keyword 'AcctResult' in /usr/local/src/Radiator-2.18.4/goodies/radonlinetest.cfg line 154
Tue Sep 16 15:42:27 2003: INFO: Server started: Radiator 2.18.4 on seti.fewanet.com.np

Even then I tried connecting, but the same problem still persists, i.e. I was able to connect but not able to browse the Internet.

What next we can do?

rgds
G. S. Rakhra

----- Original Message ----- 
From: "Hugh Irvine" <hugh at open.com.au>
To: "G. S. Rakhra" <gsrakhra at fewanet.com.np>
Cc: <radiator at open.com.au>
Sent: Tuesday, September 16, 2003 12:42 PM
Subject: Re: (RADIATOR) Configuring Radiator Radius server for Cisco AS5300


> 
> Hello -
> 
> Thanks for your mail.
> 
> As far as I can see there is nothing wrong with your configuration and 
> the debug trace shows an accounting start for the session that appears 
> to be normal. I do notice that you are not sending a Framed-IP-Netmask, 
> but the radius accounting start shows an IP address so this may not be 
> a problem.
> 
> You should run a debug on the Cisco to see what reply attributes you 
> are getting from the other ISP and then adjust your Radiator 
> configuration file in consequence. Otherwise there may be some 
> difference in the configuration between the Cisco 2511 and the Cisco 
> 5300. You may also have a problem with filters and/or access lists. I 
> notice that you are sending a reply attribute of "Filter-Id = testing" 
> which may be causing problems.
> 
> I also notice you are not processing all radius requests, which is 
> causing a problem:
> 
> Sat Sep 13 10:08:41 2003: DEBUG: Packet dump:
> *** Received from 203.91.140.130 port 1026 ....
> Code:       Accounting-Request
> Identifier: 0
> Authentic:  <178>q<190>}<158><158>m<21>9A<253><193>G<2><208><157>
> Attributes:
> Acct-Session-Id = "00000000"
> NAS-IP-Address = 203.91.140.130
> Acct-Status-Type = Start
> Acct-Delay-Time = 2153826
> 
> Sat Sep 13 10:08:41 2003: DEBUG: Check if Handler 
> Realm=fewanet.com.np,Client-Identifier = NASinternet should be used to 
> handle this request
> Sat Sep 13 10:08:41 2003: DEBUG: Check if Handler Client-Identifier = 
> NASmail should be used to handle this request
> Sat Sep 13 10:08:41 2003: WARNING: Could not find a handler for : 
> request is ignored
> 
> You should set up a Handler to deal with these requests, like this:
> 
> <Handler Request-Type = Accounting-Request>
> <AuthBy INTERNAL>
> AcctResult ACCEPT
> </AuthBy>
> </Handler>
> 
> This Handler should be the last one in your list of Handlers.
> 
> regards
> 
> Hugh
> 
> 
> On Tuesday, Sep 16, 2003, at 16:48 Australia/Melbourne, G. S. Rakhra 
> wrote:
> 
> > Dear Sir,
> > 
> > We have recently got an E1 Line and we are using Cisco AS5300 RAS for 
> > connection. The users are authenticated thru Radiator Radius server 
> > installed on Linux 7.3 on IBM Platform. We have other one Livingston 
> > Portmaster and one Cisco 2511 Router also and both are being used for 
> > client dialup connection. There is no problem with these two devices.
> > 
> > The problem that we are facing with AS5300 is that we are able to 
> > connect but are not able to browse the Net. We have verified that this 
> > problem is related to authentication server by pointing the Radius 
> > server host on the RAS to some other ISP's and we were able to connect 
> > and also we were able to browse the net. If we create a user in the 
> > RAS itself and connect with that username then we were able to connect 
> > as well as ere able to browse the Internet.
> > 
> > Another problem is that if we connect thru our Authentication and 
> > after disconnecting the IP obtained from the RAS is not released in 
> > the PC. But if we connect with the RAS's user then the IP is > released.
> > 
> > I am attaching my radius configuration file as well as a radius debug 
> > file with Trace 4 level. The username tested is demopkr at fewanet.com.np
> > 
> > I hope to get the solution from you asap.
> > 
> > Thanks in Advance
> > G. S. Rakhra
> > Manager(Technical)
> > Fewa Net Pvt. Ltd.
> > Pokhara
> > Nepal
> > <radius.log><radonlinetest.cfg.txt>
> 
> NB: have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
> 
> -- 
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> 
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
> 
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20030916/7a9ad093/attachment.html>

More information about the radiator mailing list