(RADIATOR) Radiator & Cisco 5350

Bobby Brown, Jr. bobby at superiorsites.net
Fri Aug 6 20:01:44 CDT 2004 

I have my Cisco 5350 authenticating off of my installation of Radiator which
uses MySQL.  My users can connect without any problem, but for some odd
reason they can't get to anything.  They can't get on the web, check mail,
or anything else.  I have tried modifying my REPLYATTR by removing one entry
at a time, but still no luck.  Does anyone have a clue what i've done wrong?

Here is a list of my cfg, ATTR's, and logs to help out.

radius.cfg
------------------------------

LogDir  /var/log/radius
DbDir  /etc/radiator
Trace  5

<Client DEFAULT>
 Secret XXXXXXXXXX
 DupInterval 0
 SNMPCommunity ssinternet
 NasType Cisco
</Client>

<Realm DEFAULT>
    <AuthBy SQL>
 # Adjust DBSource, DBUsername, DBAuth to suit your DB
 DBSource dbi:mysql:radius
 DBUsername XXXXX
 DBAuth  XXXXXXXXXXX

 # Coded from OSC to use MAXLOGINS and STATUS fields
 AuthSelect select PASSWORD, MAXLOGINS, CHECKATTR, REPLYATTR \
  from SUBSCRIBERS \
  where USERNAME=%0 \
  and STATUS=1
  AuthColumnDef 0, Password, check
  AuthColumnDef 1, Simultaneous-Use, check
  AuthColumnDef 2, GENERIC, check
  AuthColumnDef 3, GENERIC, reply


 # You may want to tailor these for your ACCOUNTING table
 # You can add your own columns to store whatever you like
 AccountingTable ACCOUNTING
  AcctColumnDef USERNAME,User-Name
  AcctColumnDef TIME_STAMP,Timestamp,integer
  AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
  AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
  AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
  AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
  AcctColumnDef ACCTSESSIONID,Acct-Session-Id
  AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
  AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
  AcctColumnDef NASIDENTIFIER,NAS-Identifier
  AcctColumnDef NASPORT,NAS-Port,integer
  AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address

 # You can arrange to log accounting to a file if the
 # SQL insert fails with AcctFailedLogFileName
 # That way you could recover from a broken SQL
 # server
 #AcctFailedLogFileName /etc/radiator/AcctFailedLogFile

 # Alternatively, you can arrange to save failed SQL accounting insert
queries to a text
 # file with SQLRecoveryFile
 SQLRecoveryFile /etc/radiator/SQLRecoveryFile
    </AuthBy>
</Realm>

--------------------------------

here is what is in my CHECKATTR and REPLYATTR fields in the SUBSCRIBERS
table

--------------------------------

CHECKATTR
Service-Type = Framed-User

REPLYATTR
Framed-Protocol = PPP,Framed-IP-Netmask = 255.255.255.255,Framed-Routing =
None,Framed-MTU = 1500,Framed-Compression = Van-Jacobson-TCP-IP

---------------------------------

here is my log file when i connect a user

---------------------------------

Fri Aug  6 19:57:43 2004: DEBUG: Packet dump:
*** Received from 64.217.179.126 port 1645 ....

Packet length = 88
01 0b 00 58 7c 81 19 0f c3 6c 0b e1 f7 a2 2d 60
07 20 4f fd 07 06 00 00 00 01 01 07 6d 69 6b 65
6d 03 13 01 d5 4c c3 07 56 0a fb 55 22 40 aa c9
34 c0 24 8d 1e 0c 39 30 33 35 37 35 31 30 39 35
05 06 00 00 00 e8 3d 06 00 00 00 00 06 06 00 00
00 02 04 06 40 d9 b3 7e
Code:       Access-Request
Identifier: 11
Authentic:  |<129><25><15><195>l<11><225><247><162>-`<7> O<253>
Attributes:
 Framed-Protocol = PPP
 User-Name = "mikem"
 CHAP-Password = <1><213>L<195><7>V<10><251>U"@<170><201>4<192>$<141>
 Called-Station-Id = "9035751095"
 NAS-Port = 232
 NAS-Port-Type = Async
 Service-Type = Framed-User
 NAS-IP-Address = 64.217.179.126

Fri Aug  6 19:57:43 2004: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Fri Aug  6 19:57:43 2004: DEBUG:  Deleting session for mikem,
64.217.179.126, 232
Fri Aug  6 19:57:43 2004: DEBUG: Handling with Radius::AuthSQL
Fri Aug  6 19:57:43 2004: DEBUG: Handling with Radius::AuthSQL:
Fri Aug  6 19:57:43 2004: DEBUG: Query is: 'select PASSWORD, MAXLOGINS,
CHECKATTR, REPLYATTR from SUBSCRIBERS where USERNAME='mikem' and STATUS=1':

Fri Aug  6 19:57:43 2004: DEBUG: Radius::AuthSQL looks for match with mikem
Fri Aug  6 19:57:43 2004: DEBUG: Radius::AuthSQL ACCEPT:
Fri Aug  6 19:57:43 2004: DEBUG: Access accepted for mikem
Fri Aug  6 19:57:43 2004: DEBUG: Packet dump:
*** Sending to 64.217.179.126 port 1645 ....

Packet length = 50
02 0b 00 32 74 6d 43 09 69 1a 0c 79 32 2a 34 62
57 24 d5 ce 07 06 00 00 00 01 09 06 ff ff ff ff
0a 06 00 00 00 00 0c 06 00 00 05 dc 0d 06 00 00
00 01
Code:       Access-Accept
Identifier: 11
Authentic:  |<129><25><15><195>l<11><225><247><162>-`<7> O<253>
Attributes:
 Framed-Protocol = PPP
 Framed-IP-Netmask = 255.255.255.255
 Framed-Routing = None
 Framed-MTU = 1500
 Framed-Compression = Van-Jacobson-TCP-IP

Fri Aug  6 19:57:43 2004: DEBUG: Packet dump:
*** Received from 64.217.179.126 port 1646 ....

Packet length = 123
04 12 00 7b b2 f6 89 56 02 7d e1 ee 84 34 b1 9a
93 e9 59 d1 2c 0a 30 30 30 30 30 30 31 41 07 06
00 00 00 01 4d 1a 32 34 30 30 30 2f 32 36 34 30
30 20 56 33 34 2f 56 34 34 2f 4c 41 50 4d 2d 06
00 00 00 01 01 07 6d 69 6b 65 6d 28 06 00 00 00
01 1e 0c 39 30 33 35 37 35 31 30 39 35 05 06 00
00 00 e8 3d 06 00 00 00 00 06 06 00 00 00 02 04
06 40 d9 b3 7e 29 06 00 00 00 00
Code:       Accounting-Request
Identifier: 18
Authentic:  <178><246><137>V<2>}<225><238><132>4<177><154><147><233>Y<209>
Attributes:
 Acct-Session-Id = "0000001A"
 Framed-Protocol = PPP
 Connect-Info = "24000/26400 V34/V44/LAPM"
 Acct-Authentic = RADIUS
 User-Name = "mikem"
 Acct-Status-Type = Start
 Called-Station-Id = "9035751095"
 NAS-Port = 232
 NAS-Port-Type = Async
 Service-Type = Framed-User
 NAS-IP-Address = 64.217.179.126
 Acct-Delay-Time = 0

Fri Aug  6 19:57:43 2004: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Fri Aug  6 19:57:43 2004: DEBUG:  Adding session for mikem, 64.217.179.126,
232
Fri Aug  6 19:57:43 2004: DEBUG: Handling with Radius::AuthSQL
Fri Aug  6 19:57:43 2004: DEBUG: Handling accounting with Radius::AuthSQL
Fri Aug  6 19:57:43 2004: DEBUG: do query is: 'insert into ACCOUNTING
(ACCTDELAYTIME,ACCTSESSIONID,ACCTSTATUSTYPE,NASPORT,TIME_STAMP,USERNAME)
values (0,'0000001A','Start',232,1091840263,'mikem')':

Fri Aug  6 19:57:43 2004: DEBUG: Accounting accepted
Fri Aug  6 19:57:43 2004: DEBUG: Packet dump:
*** Sending to 64.217.179.126 port 1646 ....

Packet length = 20
05 12 00 14 a6 72 c5 e4 91 af c6 d0 43 4a a8 a1
d8 b3 6e 6e
Code:       Accounting-Response
Identifier: 18
Authentic:  <178><246><137>V<2>}<225><238><132>4<177><154><147><233>Y<209>
Attributes:

---------------------------------

here is my log when I disconnect

---------------------------------

Fri Aug  6 19:59:42 2004: DEBUG: Packet dump:
*** Received from 64.217.179.126 port 1646 ....

Packet length = 165
04 13 00 a5 c3 c8 43 2e 04 73 18 08 b9 32 6a 94
4e b5 05 81 2c 0a 30 30 30 30 30 30 31 41 07 06
00 00 00 01 08 06 40 d9 b3 81 2d 06 00 00 00 01
2e 06 00 00 00 78 4d 1a 32 34 30 30 30 2f 32 36
34 30 30 20 56 33 34 2f 56 34 34 2f 4c 41 50 4d
2a 06 00 00 05 74 2b 06 00 00 00 9a 2f 06 00 00
00 0f 30 06 00 00 00 08 31 06 00 00 00 01 01 07
6d 69 6b 65 6d 28 06 00 00 00 02 1e 0c 39 30 33
35 37 35 31 30 39 35 05 06 00 00 00 e8 3d 06 00
00 00 00 06 06 00 00 00 02 04 06 40 d9 b3 7e 29
06 00 00 00 00
Code:       Accounting-Request
Identifier: 19
Authentic:  <195><200>C.<4>s<24><8><185>2j<148>N<181><5><129>
Attributes:
 Acct-Session-Id = "0000001A"
 Framed-Protocol = PPP
 Framed-IP-Address = 64.217.179.129
 Acct-Authentic = RADIUS
 Acct-Session-Time = 120
 Connect-Info = "24000/26400 V34/V44/LAPM"
 Acct-Input-Octets = 1396
 Acct-Output-Octets = 154
 Acct-Input-Packets = 15
 Acct-Output-Packets = 8
 Acct-Terminate-Cause = User-Request
 User-Name = "mikem"
 Acct-Status-Type = Stop
 Called-Station-Id = "9035751095"
 NAS-Port = 232
 NAS-Port-Type = Async
 Service-Type = Framed-User
 NAS-IP-Address = 64.217.179.126
 Acct-Delay-Time = 0

Fri Aug  6 19:59:42 2004: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Fri Aug  6 19:59:42 2004: DEBUG:  Deleting session for mikem,
64.217.179.126, 232
Fri Aug  6 19:59:42 2004: DEBUG: Handling with Radius::AuthSQL
Fri Aug  6 19:59:42 2004: DEBUG: Handling accounting with Radius::AuthSQL
Fri Aug  6 19:59:42 2004: DEBUG: do query is: 'insert into ACCOUNTING
(ACCTDELAYTIME,ACCTINPUTOCTETS,ACCTOUTPUTOCTETS,ACCTSESSIONID,ACCTSESSIONTIM
E,ACCTSTATUSTYPE,ACCTTERMINATECAUSE,FRAMEDIPADDRESS,NASPORT,TIME_STAMP,USERN
AME) values
(0,1396,154,'0000001A',120,'Stop','User-Request','64.217.179.129',232,109184
0382,'mikem')':

Fri Aug  6 19:59:42 2004: DEBUG: Accounting accepted
Fri Aug  6 19:59:42 2004: DEBUG: Packet dump:
*** Sending to 64.217.179.126 port 1646 ....

Packet length = 20
05 13 00 14 22 42 1e 9f 6a 65 cf ec 32 99 05 d3
47 83 86 76
Code:       Accounting-Response
Identifier: 19
Authentic:  <195><200>C.<4>s<24><8><185>2j<148>N<181><5><129>
Attributes:



--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list