(RADIATOR) TotalControlSNMP OID Question.
Jay Pike
jay.pike at corecomm.com
Tue Dec 21 15:06:47 CST 2004
Sorry, forgot to attach the file.
jp
Jay Pike wrote:
> Hugh,
>
> Thanks. Sorry for being so vague. Attached should be our
> config file. Its a little complex. :) I've made some modifications to
> Radiator to support our systems. But, the core is the same.
>
> The problem is this: We've recently upgraded some 3COM Total
> Control boxes to a newer version of firmware (newer meaning that we
> haven't upgraded for almost 4 years due to service contract issues).
> After the upgrade (about a month ago), we have started to notice that
> customers are NOT getting sim-use issues on the pops that we upgraded.
>
> I tracked it back to the snmpget ALWAYS returing an 'Error in
> packet', when it should be seeing a user on that port.
>
> So, I did an SNMP walk starting at enterprises.429.4 and found
> that the username shows up in a completely different place now.
>
> A work college of mine pointed out that the new OID for the snmp
> string is actually the username in decimal....
>
> Here is the stack trace you requested (note: this should have failed since the
> user was already logged on at a different (port,nas,callerid,etc):
>
>
>
> Tue Dec 21 11:33:07 2004: DEBUG: Packet dump:
> *** Received from 216.93.114.83 port 1645 ....
> Code: Access-Request
> Identifier: 52
> Authentic: ,l<133>r<195>?&)<9><217>9t<229><175><22>C
> Attributes:
> User-Name = "socrates at dmci.net"
> User-Password = "<135><213>5c<232><222><163>{<22>U<227>Bu<216>6<18>"
> NAS-IP-Address = 216.93.114.83
> NAS-Identifier = "216.93.114.83"
> NAS-Port = 3078
> Acct-Session-Id = "201655062"
> USR-Interface-Index = 4334
> Tunnel-Supports-Tags = 0
> Service-Type = Framed-User
> Framed-Protocol = PPP
> USR-MP-EDO = "<169>CN<157><138><213>A<224><167><222><30><248><194><23><224><146>"
> MP-EDO = "<169>CN<157><138><213>A<224><167><222><30><248><194><23><224><146>"
> Chassis-Call-Slot = 13
> Chassis-Call-Span = 1
> Chassis-Call-Channel = 6
> Connect-Speed = 1
> Calling-Station-Id = "5173248940"
> Called-Station-Id = "6162241400"
> NAS-Port-Type = Async
>
> Tue Dec 21 11:33:07 2004: DEBUG: Rewrote user name to socrates at dmci.net
> Tue Dec 21 11:33:07 2004: DEBUG: Rewrote user name to socrates at dmci.net
> Tue Dec 21 11:33:07 2004: DEBUG: Rewrote user name to socrates at dmci.net
> Tue Dec 21 11:33:07 2004: DEBUG: Rewrote user name to socrates at dmci.net
> Tue Dec 21 11:33:07 2004: DEBUG: Rewrote user name to socrates at dmci.net
> Tue Dec 21 11:33:07 2004: DEBUG: Rewrote user name to socrates at dmci.net
> Tue Dec 21 11:33:07 2004: DEBUG: Rewrote user name to socrates at dmci.net
> Tue Dec 21 11:33:07 2004: DEBUG: Rewrote user name to socrates at dmci.net
> Tue Dec 21 11:33:07 2004: DEBUG: Handling request with Handler 'Realm = /.*/ '
> Tue Dec 21 11:33:07 2004: DEBUG: Rewrote user name to socrates at dmci.net
> Tue Dec 21 11:33:07 2004: DEBUG: SDB1 Deleting session for socrates at dmci.net, 216.93.114.83, 3078
> Tue Dec 21 11:33:07 2004: DEBUG: do query is: 'delete from RADONLINE where USERNAME='socrates' and NASIDENTIFIER='216.93.114.83' and (NASPORT='3078' or (CALLING_STATION_ID = '5173248940') and (CALLING_STATION_ID != ''))':
>
> Tue Dec 21 11:33:07 2004: DEBUG: Handling with Radius::AuthMagic
> Tue Dec 21 11:33:07 2004: DEBUG: Handling with Radius::AuthMagic: authbymagic
> Tue Dec 21 11:33:07 2004: DEBUG: Client Secret: pap8kn1ght3conn
> Tue Dec 21 11:33:07 2004: DEBUG: Decoded Password : 21noback12
> Tue Dec 21 11:33:07 2004: DEBUG: Query is: 'select ENCRYPTEDPASSWORD, REALM,PROFILE from SUBSCRIBERS where (USERNAME='socrates' and REALM='dmci.net' and FIND_IN_SET('core', ISP)>0) order by realm desc':
>
> Tue Dec 21 11:33:07 2004: DEBUG: Using Encrypted Password
> Tue Dec 21 11:33:07 2004: DEBUG: User Found FQUN : socrates at dmci.net
> Tue Dec 21 11:33:07 2004: DEBUG: account_type : asyncdialup
> Tue Dec 21 11:33:07 2004: DEBUG: Initializing response packet
> Tue Dec 21 11:33:07 2004: DEBUG: Replacing %p with asyncdialup
> Tue Dec 21 11:33:07 2004: DEBUG: Query is: 'select profile, type, attribute, value, uniq from profiles where (profile='asyncdialup' or profile='socrates at dmci.net') order by linenum':
>
> Tue Dec 21 11:33:07 2004: DEBUG: Adding Session-Timeout = 28800
> Tue Dec 21 11:33:07 2004: DEBUG: Adding Ascend-Idle-Limit = 1200
> Tue Dec 21 11:33:07 2004: DEBUG: Adding Service-Type = Framed-User
> Tue Dec 21 11:33:07 2004: DEBUG: Adding Idle-Timeout = 1200
> Tue Dec 21 11:33:07 2004: DEBUG: Adding Framed-Compression = Van-Jacobson-TCP-IP
> Tue Dec 21 11:33:07 2004: DEBUG: Adding Ascend-Maximum-Call-Duration = 28800
> Tue Dec 21 11:33:07 2004: DEBUG: Adding Port-Limit = 1
> Tue Dec 21 11:33:07 2004: DEBUG: Adding Framed-Routing = None
> Tue Dec 21 11:33:07 2004: DEBUG: Adding Framed-Protocol = PPP
> Tue Dec 21 11:33:07 2004: DEBUG: Adding Framed-IP-Address = 255.255.255.254
> Tue Dec 21 11:33:07 2004: DEBUG: Adding Ascend-Maximum-Channels = 1
> Tue Dec 21 11:33:07 2004: DEBUG: Adding Framed-MTU = 1500
> Tue Dec 21 11:33:07 2004: DEBUG: Checking NAS-Port-Type = /Async|Virtual/
> Tue Dec 21 11:33:07 2004: DEBUG: Checking Simultaneous-Use = 1
> Tue Dec 21 11:33:07 2004: DEBUG: Radius::AuthMagic looks for match with socrates at dmci.net
> Tue Dec 21 11:33:07 2004: DEBUG: Query is: 'select NASIDENTIFIER, NASPORT, ACCTSESSIONID from RADONLINE where USERNAME='socrates' and REALM='dmci.net' and NASPORTTYPE != 'Virtual' and (CALLING_STATION_ID = '' or CALLING_STATION_ID != '5173248940')':
>
> Tue Dec 21 11:33:07 2004: DEBUG: Checking if user is still online: TotalControlSNMP, socrates at dmci.net, 216.93.114.83, 2066, 135332523
> Tue Dec 21 11:33:07 2004: DEBUG: Running command `/usr/bin/snmpget -v1 -r0 -t1 -c"v0ya63r" 216.93.114.83 .iso.org.dod.internet.private.enterprises.429.4.2.1.140.1.2.9.49.51.53.51.51.50.53.50.51 2>&1`
> Tue Dec 21 11:33:07 2004: ERR: The command '/usr/bin/snmpget -v1 -r0 -t1 -c"v0ya63r" 216.93.114.83 .iso.org.dod.internet.private.enterprises.429.4.2.1.140.1.2.9.49.51.53.51.51.50.53.50.51 2>&1' failed with an error: Error in packet
> Reason: (noSuchName) There is no such variable name in this MIB.
> Failed object: SNMPv2-SMI::enterprises.429.4.2.1.140.1.2.9.49.51.53.51.51.50.53.50.51
>
>
> Tue Dec 21 11:33:07 2004: INFO: SDB1 Session for socrates at dmci.net at 216.93.114.83:2066 has gone away
> Tue Dec 21 11:33:07 2004: DEBUG: SDB1 Deleting session for socrates at dmci.net, 216.93.114.83, 2066
> Tue Dec 21 11:33:07 2004: DEBUG: do query is: 'delete from RADONLINE where USERNAME='socrates' and NASIDENTIFIER='216.93.114.83' and (NASPORT='3078' or (CALLING_STATION_ID = '5173248940') and (CALLING_STATION_ID != ''))':
>
> Tue Dec 21 11:33:07 2004: DEBUG: Radius::AuthMagic ACCEPT:
> Tue Dec 21 11:33:07 2004: DEBUG: Access accepted for socrates at dmci.net
> Tue Dec 21 11:33:07 2004: DEBUG: do query is: 'INSERT INTO AUTHLOG (timestamp, username, realm, password, client, status, origusername, sessionid, nasporttype, callerid, calledid, radiusip, radiusidentifier ) VALUES ('1103646787','socrates','dmci.net','21noback12','216.93.114.83','PASS', 'socrates at dmci.net', '201655062', 'Async', '5173248940', '6162241400', '216.93.114.83', 'TotalControl' )':
>
> Tue Dec 21 11:33:07 2004: DEBUG: Packet dump:
> *** Sending to 216.93.114.83 port 1645 ....
> Code: Access-Accept
> Identifier: 52
> Authentic: ,l<133>r<195>?&)<9><217>9t<229><175><22>C
> Attributes:
> Framed-IP-Address = 255.255.255.254
> Session-Timeout = 28800
> Service-Type = Framed-User
> Idle-Timeout = 1200
> Framed-Compression = Van-Jacobson-TCP-IP
> Port-Limit = 1
> Framed-Routing = None
> Framed-Protocol = PPP
> Ascend-Maximum-Channels = 1
> Framed-MTU = 1500
> Class = "socrates at dmci.net:asyncdialup"
> NAS-Port-Type = Async
> NAS-Identifier = "216.93.114.83"
>
> jp
> > Hello Jay -
> >
> > It is not clear to me whether the problem is with the new NAS or the
> > Radiator code?
> >
> > Could you please send me a copy of your configuration file and a trace
> > 4 debug from Radiator showing what is happening?
> >
> > regards
> >
> > Hugh
> >
> >
> > On 22 Dec 2004, at 04:35, Jay Pike wrote:
> >
> > >Hello All,
> > >
> > > We've just upgraded to new USR/3COM Total Control code on a part
> > >of our network, and have noticed a significant OID change, and
> > >computation changes.
> > >
> > > Under our older versions, the OIDs that Radiator would use
> > >snmpget to check would be like:
> > >
> > >enterprises.429.4.2.1.140.1.2.3.97.102
> > >
> > >But, the new version seems to dump out:
> > >
> > >enterprises.429.4.1.7.1.9.32.108.114.115.116.97.109.98.97.117.103.104.6
> > >4.118.111.121.97.103.101.114.46.110.101.116.45.105.112.45.73.52.51.52.5
> > >3
> > >
> > >I don't know how its generating these long strings, or how to fix the
> > >'TotalControlSNMP.pm' file to use these new strings....
> > >
> > >Help?
> > >
> > >jp
> > >
> > >--
> > > __________________________________________________________________
> > > / \
> > >| James J. Pike Jr. Phone: 888.747.4638
> > >|
> > >| Systems Engineer Direct Phone: 517-664-8610
> > >|
> > >| CoreComm Inc. Http: http://www.core.com/
> > >|
> > >| EMail: jay.pike at corecomm.com
> > >|
> > >| PGPKey: http://my.voyager.net/jaypike/pgpkey.txt
> > >|
> > > \ /
> > > ------------------------------------------------------------------
> > >
> > >--
> > >Archive at http://www.open.com.au/archives/radiator/
> > >Announcements on radiator-announce at open.com.au
> > >To unsubscribe, email 'majordomo at open.com.au' with
> > >'unsubscribe radiator' in the body of the message.
> > >
> > >
> >
> > NB:
> >
> > Have you read the reference manual ("doc/ref.html")?
> > Have you searched the mailing list archive
> > (www.open.com.au/archives/radiator)?
> > Have you had a quick look on Google (www.google.com)?
> > Have you included a copy of your configuration file (no secrets),
> > together with a trace 4 debug showing what is happening?
> >
> > --
> > Radiator: the most portable, flexible and configurable RADIUS server
> > anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> > -
> > Nets: internetwork inventory and management - graphical, extensible,
> > flexible with hardware, software, platform and database independence.
> > -
> > CATool: Private Certificate Authority for Unix and Unix-like systems.
> >
>
> --
> __________________________________________________________________
> / \
> | James J. Pike Jr. Phone: 888.747.4638 |
> | Systems Engineer Direct Phone: 517-664-8610 |
> | CoreComm Inc. Http: http://www.core.com/ |
> | EMail: jay.pike at corecomm.com |
> | PGPKey: http://my.voyager.net/jaypike/pgpkey.txt |
> \ /
> ------------------------------------------------------------------
--
__________________________________________________________________
/ \
| James J. Pike Jr. Phone: 888.747.4638 |
| Systems Engineer Direct Phone: 517-664-8610 |
| CoreComm Inc. Http: http://www.core.com/ |
| EMail: jay.pike at corecomm.com |
| PGPKey: http://my.voyager.net/jaypike/pgpkey.txt |
\ /
------------------------------------------------------------------
-------------- next part --------------
Trace 3
PidFile /var/run/radiusd.pid
LogDir /var/log/radius
DbDir /etc/radiator
LogFile %L/radiator.log.%m%d%Y
DictionaryFile %D/dict/dictionary
AuthPort 1645,1812
AcctPort 1646,1813
Include %D/local/global.cfg
SocketQueueLength 1000000
SnmpgetProg /usr/bin/snmpget
# rewrite Username to lowercase if it starts with I or P and has
# additional capitol letters (or other matches) after it
RewriteUsername s/^([IP][A-Z\._\-%&@\s#\\\/\$\*]+)/lc($1)/e
# rewrite Username to lowercase anything unless it starts with I or P
RewriteUsername s/^([IP].*)/ucfirst(lc($1))/e
# rewrite Username to lower case the entire username
RewriteUsername s/^([^IP].*)/lc($1)/e
# rewrite Username to eliminate spaf from NAS
RewriteUsername tr/A-Za-z0-9#\/.&$*_ at -//cd
# Rewrite username to remove spaces and '.p', '.pp', or '.ppp'
RewriteUsername s/\s+|\.p{1,3}(@.+|)$/$1/g
# Rewrite username for ExecPC customers dialing in with their email address
RewriteUsername s/^(P?)([^@]+)\@execpc\.com$/P$2\@execpc.com/
# Rewrite realm for our major realms
RewriteUsername s/^([^\@]+)(\@sat.core.com|\@netops|\@execpc.com|\@coredcs.com|\@net-link.net|\@atx.net|\@voyager.net|\@tdi.net|\@hcv.com|\@ics-online.net|\@livingonline.com|\@freeway.net|\@dmci.net|\@netdirect.net|\@en.com|\@glasscity.net|\@myaxiom.net|\@eurekanet.com|\@richnet.net|\@sota-oh.com|\@erinet.com|\@tdin.com|\@infinet.com|\@choice.com|\@cfanet.com|\@inil.com|\@ais.net|\@stratos.net|\@hsonline.net|\@raex.com|\@core.com|\@michweb.net|\@pclink.com|\@kalamazoo.net|\@myresidentemail.com)*.*$/$1$2/i
<ClientListSQL>
Include %D/local/db.cfg
DBUsername radacct
DBAuth radpass
GetClientQuery select NASIDENTIFIER,SECRET,IGNOREACCTSIGNATURE,DUPINTERVAL,\
DEFAULTREALM,NASTYPE,SNMPCOMMUNITY,LIVINGSTONOFFS,\
LIVINGSTONHOLE,FRAMEDGROUPBASEADDRESS,\
FRAMEDGROUPMAXPORTSPERCLASSC,REWRITEUSERNAME,\
NOIGNOREDUPLICATES,PREHANDLERHOOK,IDENTIFIER,\
DEFAULTREPLY,FRAMEDGROUP,STRIPFROMREPLY,\
ALLOWINREPLY,ADDTOREPLY,ADDTOREPLYIFNOTEXIST,\
DYNAMICREPLY,FLAGNAMES from RADCLIENTLIST
</ClientListSQL>
<Handler Service-Type = Administrative-User>
<AuthBy TEST>
</AuthBy>
</Handler>
<AddressAllocator AuthMagicSQL>
Identifier Level3AA
DBSource dbi:mysql:host=db3.auth.klmz.mi.voyager.net;database=radius
DBUsername radacct
DBAuth radpass
BypassCheckPool
DefaultLeasePeriod 86400
LeaseReclaimInterval 1800
FindQuery SELECT TIME_STAMP, YIADDR, SUBNETMASK, DNSSERVER from RADPOOL \
where POOL='%0' and STATE=0 order by TIME_STAMP limit 1
AllocateQuery UPDATE RADPOOL set STATE=1, TIME_STAMP=%0, \
EXPIRY=%1, USERNAME=%2, CALLEDID='%{Called-Station-Id}', \
CALLERID='%{Calling-Station-Id}', NASIDENTIFIER='%{NAS-Identifier}' \
where YIADDR='%3' and TIME_STAMP %4
CheckPoolQuery SELECT STATE from RADPOOL where YIADDR='%0'
AddAddressQuery INSERT into RADPOOL (STATE, TIME_STAMP, POOL, \
YIADDR, SUBNETMASK, DNSSERVER) values (0, %t, '%0', '%1', \
'%2', '%3')
DeallocateQuery UPDATE RADPOOL set STATE=0, TIME_STAMP=%t where YIADDR='%0'
ReclaimQuery UPDATE RADPOOL set STATE=0 where STATE!=0 and EXPIRY < %0
# Atlanta Level3 Market
<AddressPool Atlanta>
Subnetmask 255.255.255.255
Range 4.124.32.0/24
</AddressPool>
# Baltimore Level3 Market
<AddressPool Baltimore>
Subnetmask 255.255.255.255
Range 4.124.33.0/24
</AddressPool>
# Boston Level3 Market
<AddressPool Boston>
Subnetmask 255.255.255.255
Range 4.124.34.0/24
</AddressPool>
# Chicago Level3 Market
<AddressPool Chicago>
Subnetmask 255.255.255.255
Range 4.124.0.0/19
</AddressPool>
# Cincinatti Level3 Market
<AddressPool Cincinatti>
Subnetmask 255.255.255.255
Range 4.124.64.0/19
</AddressPool>
# Dallas Level3 Market
<AddressPool Dallas>
Subnetmask 255.255.255.255
Range 4.124.35.0/24
</AddressPool>
# Denver Level3 Market
<AddressPool Denver>
Subnetmask 255.255.255.255
Range 4.124.36.0/24
</AddressPool>
# Detroit Level3 Market
<AddressPool Detroit>
Subnetmask 255.255.255.255
Range 4.124.96.0/19
</AddressPool>
# Houston Level3 Market
<AddressPool Houston>
Subnetmask 255.255.255.255
Range 4.124.37.0/24
</AddressPool>
# LosAngeles Level3 Market
<AddressPool LosAngeles>
Subnetmask 255.255.255.255
Range 4.124.38.0/24
</AddressPool>
# LoasAngeles800 Level3 Market
<AddressPool LosAngeles800>
Subnetmask 255.255.255.255
Range 4.124.39.0/24
</AddressPool>
# Manchester Level3 Market
<AddressPool Manchester>
Subnetmask 255.255.255.255
Range 4.124.40.0/24
</AddressPool>
# Miami Level3 Market
<AddressPool Miami>
Subnetmask 255.255.255.255
Range 4.124.41.0/24
</AddressPool>
# NewYork Level3 Market
<AddressPool NewYork>
Subnetmask 255.255.255.255
Range 4.124.42.0/24
</AddressPool>
# Orlando Level3 Market
<AddressPool Orlando>
Subnetmask 255.255.255.255
Range 4.124.43.0/24
</AddressPool>
# Philadelphia Level3 Market
<AddressPool Philadelphia>
Subnetmask 255.255.255.255
Range 4.124.44.0/24
</AddressPool>
# Phoenix Level3 Market
<AddressPool Phoenix>
Subnetmask 255.255.255.255
Range 4.124.45.0/24
</AddressPool>
# Providence Level3 Market
<AddressPool Providence>
Subnetmask 255.255.255.255
Range 4.124.46.0/24
</AddressPool>
# SanDiego Level3 Market
<AddressPool SanDiego>
Subnetmask 255.255.255.255
Range 4.124.47.0/24
</AddressPool>
# SanFrancisco Level3 Market
<AddressPool SanFrancisco>
Subnetmask 255.255.255.255
Range 4.124.48.0/24
</AddressPool>
# SanJose Level3 Market
<AddressPool SanJose>
Subnetmask 255.255.255.255
Range 4.124.49.0/24
</AddressPool>
# Seattle Level3 Market
<AddressPool Seattle>
Subnetmask 255.255.255.255
Range 4.124.50.0/24
</AddressPool>
# Stamford Level3 Market
<AddressPool Stamford>
Subnetmask 255.255.255.255
Range 4.124.51.0/24
</AddressPool>
# StLouis Level3 Market
<AddressPool StLouis>
Subnetmask 255.255.255.255
Range 4.124.52.0/24
</AddressPool>
# Tampa Level3 Market
<AddressPool Tampa>
Subnetmask 255.255.255.255
Range 4.124.53.0/24
</AddressPool>
# WashingtonDC Level3 Market
<AddressPool WashingtonDC>
Subnetmask 255.255.255.255
Range 4.124.54.0/24
</AddressPool>
# Weehawken Level3 Market
<AddressPool Weehawken>
Subnetmask 255.255.255.255
Range 4.124.55.0/24
</AddressPool>
</AddressAllocator>
<AuthBy Magic>
#
# authbymagic is used to authenticate PAP users.
#
Identifier authbymagic
Include %D/local/db.cfg
DBUsername radacct
DBAuth radpass
AddToReplyIfNotExist NAS-Port-Type = %{NAS-Port-Type}, \
NAS-Identifier = %N
# StripFromReply Session-Timeout, Idle-Timeout
RealmAuthSelect select ENCRYPTEDPASSWORD, \
REALM,PROFILE from SUBSCRIBERS where (USERNAME='%U' and REALM='%R' and FIND_IN_SET('%{Handler:Identifier}', ISP)>0) \
order by realm desc
UserAuthSelect select ENCRYPTEDPASSWORD, \
REALM,PROFILE from SUBSCRIBERS where (USERNAME='%U' and FIND_IN_SET('%{Handler:Identifier}', ISP)>0)
ProfileSelect select profile, type, attribute, value, uniq from profiles \
where (profile='%p' or profile='%n') order by linenum
# UseLegacyAttrs
# UseNewProfiles
RecordDuplicates 1
AuthMagicSkipRealm members.core.com
AuthColumnDef 0, Encrypted-Password, check
EncryptedPassword
Timeout 10
FailureBackoffTime 30
</AuthBy>
<AuthBy Magic>
#
# authbymagiccleartext is used to authenticate CHAP users.
#
Identifier authbymagiccleartext
Include %D/local/db.cfg
DBUsername radacct
DBAuth radpass
AddToReplyIfNotExist NAS-Port-Type = %{NAS-Port-Type}, \
NAS-Identifier = %N
# StripFromReply Session-Timeout, Idle-Timeout
RealmAuthSelect select CLEARTEXTPASSWORD, \
REALM,PROFILE from SUBSCRIBERS where (USERNAME='%U' and REALM='%R' and FIND_IN_SET('%{Handler:Identifier}', ISP)>0) \
order by realm desc
UserAuthSelect select CLEARTEXTPASSWORD, \
REALM,PROFILE from SUBSCRIBERS where (USERNAME='%U' and FIND_IN_SET('%{Handler:Identifier}', ISP)>0)
ProfileSelect select profile, type, attribute, value, uniq from profiles \
where (profile='%p' or profile='%n') order by linenum
# UseLegacyAttrs
# UseNewProfiles
RecordDuplicates 1
AuthMagicSkipRealm members.core.com
AuthColumnDef 0, User-Password, check
# EncryptedPassword
Timeout 10
FailureBackoffTime 30
</AuthBy>
<AuthBy Magic>
#
# authbymagic is used to authenticate PAP users.
#
Identifier authbymagicglobalpops
Include %D/local/db.cfg
DBUsername radacct
DBAuth radpass
AddToReplyIfNotExist NAS-Port-Type = %{NAS-Port-Type}
AddToReply Ascend-Data-Filter = "ip in forward tcp est" \
Ascend-Data-Filter = "ip in forward dstip 216.93.66.70" \
Ascend-Data-Filter = "ip in drop tcp dstport = 25" \
Ascend-Data-Filter = "ip in forward"
StripFromReply NAS-Identifier, Framed-Routing
RealmAuthSelect select ENCRYPTEDPASSWORD, \
REALM,PROFILE from SUBSCRIBERS where (USERNAME='%U' and REALM='%R' and FIND_IN_SET('%{Handler:Identifier}', ISP)>0) \
order by realm desc
UserAuthSelect select ENCRYPTEDPASSWORD, \
REALM,PROFILE from SUBSCRIBERS where (USERNAME='%U' and FIND_IN_SET('%{Handler:Identifier}', ISP)>0)
ProfileSelect select profile, type, attribute, value, uniq from profiles \
where (profile='%p' or profile='%n') order by linenum
# UseLegacyAttrs
# UseNewProfiles
RecordDuplicates 1
AuthMagicSkipRealm members.core.com
AuthColumnDef 0, Encrypted-Password, check
EncryptedPassword
Timeout 10
FailureBackoffTime 30
</AuthBy>
<AuthBy Magic>
#
# authbymagiccleartext is used to authenticate CHAP users.
#
Identifier authbymagiccleartextglobalpops
Include %D/local/db.cfg
DBUsername radacct
DBAuth radpass
AddToReplyIfNotExist NAS-Port-Type = %{NAS-Port-Type}
AddToReply Ascend-Data-Filter = "ip in forward tcp est" \
Ascend-Data-Filter = "ip in forward dstip 216.93.66.70" \
Ascend-Data-Filter = "ip in drop tcp dstport = 25" \
Ascend-Data-Filter = "ip in forward"
StripFromReply NAS-Identifier, Framed-Routing
RealmAuthSelect select CLEARTEXTPASSWORD, \
REALM,PROFILE from SUBSCRIBERS where (USERNAME='%U' and REALM='%R' and FIND_IN_SET('%{Handler:Identifier}', ISP)>0) \
order by realm desc
UserAuthSelect select CLEARTEXTPASSWORD, \
REALM,PROFILE from SUBSCRIBERS where (USERNAME='%U' and FIND_IN_SET('%{Handler:Identifier}', ISP)>0)
ProfileSelect select profile, type, attribute, value, uniq from profiles \
where (profile='%p' or profile='%n') order by linenum
# UseLegacyAttrs
# UseNewProfiles
RecordDuplicates 1
AuthMagicSkipRealm members.core.com
AuthColumnDef 0, User-Password, check
# EncryptedPassword
Timeout 10
FailureBackoffTime 30
</AuthBy>
<AuthBy Magic>
#
# authbymagic888users is used to authenticate PAP users that are 888 service enabled.
#
Identifier authbymagic888users
Include %D/local/db.cfg
DBUsername radacct
DBAuth radpass
AddToReplyIfNotExist NAS-Port-Type = %{NAS-Port-Type}, \
NAS-Identifier = %N
# StripFromReply Session-Timeout, Idle-Timeout
RealmAuthSelect select ENCRYPTEDPASSWORD, \
REALM,PROFILE from SUBSCRIBERS where (USERNAME='%U' and REALM='%R' and FIND_IN_SET('%{Handler:Identifier}', ISP)>0 and TFSERVICE = 1) \
order by realm desc
UserAuthSelect select ENCRYPTEDPASSWORD, \
REALM,PROFILE from SUBSCRIBERS where (USERNAME='%U' and FIND_IN_SET('%{Handler:Identifier}', ISP)>0 and TFSERVICE = 1)
ProfileSelect select profile, type, attribute, value, uniq from profiles \
where (profile='%p' or profile='%n') order by linenum
# UseLegacyAttrs
# UseNewProfiles
RecordDuplicates 1
AuthMagicSkipRealm members.core.com
AuthColumnDef 0, Encrypted-Password, check
EncryptedPassword
Timeout 10
FailureBackoffTime 30
</AuthBy>
<AuthBy Magic>
#
# authdisabled is used to authenticate users who have a '!' prepended to their encrypted password.
#
Identifier authdisabled
Include %D/local/db.cfg
DBUsername radacct
DBAuth radpass
AddToReplyIfNotExist NAS-Port-Type = %{NAS-Port-Type}, \
NAS-Identifier = %N
# StripFromReply Session-Timeout, Idle-Timeout
RealmAuthSelect select IGHT(ENCRYPTEDPASSWORD, LENGTH(ENCRYPTEDPASSWORD) -1 ), \
REALM,PROFILE from SUBSCRIBERS where (USERNAME='%U' and REALM='%R' and FIND_IN_SET('core', ISP)>0) \
order by realm desc
UserAuthSelect select IGHT(ENCRYPTEDPASSWORD, LENGTH(ENCRYPTEDPASSWORD) -1 ), \
REALM,PROFILE from SUBSCRIBERS where (USERNAME='%U' and FIND_IN_SET('core', ISP)>0)
ProfileSelect select profile, type, attribute, value, uniq from profiles \
where (profile='%p' or profile='%n') order by linenum
# UseLegacyAttrs
# UseNewProfiles
RecordDuplicates 1
AuthMagicSkipRealm members.core.com
AuthColumnDef 0, Encrypted-Password, check
EncryptedPassword
Timeout 10
FailureBackoffTime 30
</AuthBy>
<AuthBy Magic>
Fork
Identifier acctbymagic
DBSource dbi:mysql:database=radius;host=acctdb.voyager.net
DBUsername radacct
DBAuth radpass
AuxDBSource dbi:mysql:database=radius;host=authdb.voyager.net
AuxDBUsername radacct
AuxDBAuth radpass
AuxSQLStatement UPDATE profiles SET value = (value - %{Acct-Session-Time}) WHERE \
profile = '%n' AND attribute = 'Session-Timeout'
AuxTrigger 10hrplan
AuxTrigger 15hrplan
AuxTrigger 15hrisdn
AuxTrigger 30hrplan
AuxTrigger 60hrplan
AuxTrigger 325hrplan
AuxTrigger daytime15hr
AuxTrigger prepaid
AuxTrigger 5hrplan-mth
RealmAuthSelect select ENCRYPTEDPASSWORD, \
REALM,PROFILE from SUBSCRIBERS where (USERNAME='%U' and REALM='%R') \
order by realm desc
UserAuthSelect select ENCRYPTEDPASSWORD, \
REALM,PROFILE from SUBSCRIBERS where USERNAME='%U'
ProfileSelect select profile, type, attribute, value, uniq from profiles \
where (profile='%p' or profile='%n') order by linenum
# UseLegacyAttrs
# UseNewProfiles
AuthColumnDef 0, Encrypted-Password, check
EncryptedPassword
Timeout 10
FailureBackoffTime 30
AccountingTable ACCOUNTING%m%d%Y
AcctColumnDef USERNAME,User-Name
AcctColumnDef TIME_STAMP,Timestamp,integer
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef ACCTTERMINATECAUSE,Ascend-Disconnect-Cause
AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
AcctColumnDef NASIDENTIFIER,NAS-IP-Address
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AcctColumnDef CLIENT_ID,NAS-Identifier
AcctColumnDef NASPORTTYPE,NAS-Port-Type
AcctColumnDef USR_MODEMTRAININGTIME,USR-Modem-Training-Time,integer
AcctColumnDef CHASSISCALLSLOT,Chassis-Call-Slot,integer
AcctColumnDef CHASSISCALLSPAN,Chassis-Call-Span,integer
AcctColumnDef CHASSISCALLCHANNEL,Chassis-Call-Channel,integer
AcctColumnDef CALLING_STATION_ID,Calling-Station-Id
AcctColumnDef CALLED_STATION_ID,Called-Station-Id
AcctColumnDef MODULATIONTYPE,Modulation-Type
AcctColumnDef CONNECTSPEED,Connect-Speed
AcctColumnDef RADIUSIP,%{Client:Name},formatted
AcctColumnDef RADIUSIDENTIFIER,%{Client:Identifier},formatted
</AuthBy>
<AuthBy Magic>
Fork
Identifier acctbymagicnohourly
DBSource dbi:mysql:database=radius;host=acctdb.voyager.net
DBUsername radacct
DBAuth radpass
AuxDBSource dbi:mysql:database=radius;host=authdb.voyager.net
AuxDBUsername radacct
AuxDBAuth radpass
AuxSQLStatement UPDATE profiles SET value = (value - %{Acct-Session-Time}) WHERE \
profile = '%n' AND attribute = 'Session-Timeout'
AuxTrigger noprofilename
RealmAuthSelect select ENCRYPTEDPASSWORD, \
REALM,PROFILE from SUBSCRIBERS where (USERNAME='%U' and REALM='%R') \
order by realm desc
UserAuthSelect select ENCRYPTEDPASSWORD, \
REALM,PROFILE from SUBSCRIBERS where USERNAME='%U'
ProfileSelect select profile, type, attribute, value, uniq from profiles \
where (profile='%p' or profile='%n') order by linenum
# UseLegacyAttrs
# UseNewProfiles
AuthColumnDef 0, Encrypted-Password, check
EncryptedPassword
Timeout 10
FailureBackoffTime 30
AccountingTable ACCOUNTING%m%d%Y
AcctColumnDef USERNAME,User-Name
AcctColumnDef TIME_STAMP,Timestamp,integer
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef ACCTTERMINATECAUSE,Ascend-Disconnect-Cause
AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
AcctColumnDef NASIDENTIFIER,NAS-IP-Address
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AcctColumnDef CLIENT_ID,NAS-Identifier
AcctColumnDef NASPORTTYPE,NAS-Port-Type
AcctColumnDef USR_MODEMTRAININGTIME,USR-Modem-Training-Time,integer
AcctColumnDef CHASSISCALLSLOT,Chassis-Call-Slot,integer
AcctColumnDef CHASSISCALLSPAN,Chassis-Call-Span,integer
AcctColumnDef CHASSISCALLCHANNEL,Chassis-Call-Channel,integer
AcctColumnDef CALLING_STATION_ID,Calling-Station-Id
AcctColumnDef CALLED_STATION_ID,Called-Station-Id
AcctColumnDef MODULATIONTYPE,Modulation-Type
AcctColumnDef CONNECTSPEED,Connect-Speed
AcctColumnDef RADIUSIP,%{Client:Name},formatted
AcctColumnDef RADIUSIDENTIFIER,%{Client:Identifier},formatted
</AuthBy>
<AuthBy MagicDynAddress>
Identifier Level3AAAccounting
AddressAllocator Level3AA
</AuthBy>
<AuthBy MagicDynAddress>
Identifier Level3AAAtlanta
AddressAllocator Level3AA
PoolHint Atlanta
</AuthBy>
<AuthBy MagicDynAddress>
Identifier Level3AABaltimore
AddressAllocator Level3AA
PoolHint Baltimore
</AuthBy>
<AuthBy MagicDynAddress>
Identifier Level3AABoston
AddressAllocator Level3AA
PoolHint Boston
</AuthBy>
<AuthBy MagicDynAddress>
Identifier Level3AAChicago
AddressAllocator Level3AA
PoolHint Chicago
</AuthBy>
<AuthBy MagicDynAddress>
Identifier Level3AACincinatti
AddressAllocator Level3AA
PoolHint Cincinatti
</AuthBy>
<AuthBy MagicDynAddress>
Identifier Level3AADallas
AddressAllocator Level3AA
PoolHint Dallas
</AuthBy>
<AuthBy MagicDynAddress>
Identifier Level3AADenver
AddressAllocator Level3AA
PoolHint Denver
</AuthBy>
<AuthBy MagicDynAddress>
Identifier Level3AADetroit
AddressAllocator Level3AA
PoolHint Detroit
</AuthBy>
<AuthBy MagicDynAddress>
Identifier Level3AAHouston
AddressAllocator Level3AA
PoolHint Houston
</AuthBy>
<AuthBy MagicDynAddress>
Identifier Level3AALosAngeles
AddressAllocator Level3AA
PoolHint LosAngeles
</AuthBy>
<AuthBy MagicDynAddress>
Identifier Level3AALosAngeles800
AddressAllocator Level3AA
PoolHint LosAngeles800
</AuthBy>
<AuthBy MagicDynAddress>
Identifier Level3AAManchester
AddressAllocator Level3AA
PoolHint Manchester
</AuthBy>
<AuthBy MagicDynAddress>
Identifier Level3AAMiami
AddressAllocator Level3AA
PoolHint Miami
</AuthBy>
<AuthBy MagicDynAddress>
Identifier Level3AAOrlando
AddressAllocator Level3AA
PoolHint Orlando
</AuthBy>
<AuthBy MagicDynAddress>
Identifier Level3AAPhiladelphia
AddressAllocator Level3AA
PoolHint Philadelphia
</AuthBy>
<AuthBy MagicDynAddress>
Identifier Level3AAPhoenix
AddressAllocator Level3AA
PoolHint Phoenix
</AuthBy>
<AuthBy MagicDynAddress>
Identifier Level3AAProvidence
AddressAllocator Level3AA
PoolHint Providence
</AuthBy>
<AuthBy MagicDynAddress>
Identifier Level3AASanDiego
AddressAllocator Level3AA
PoolHint SanDiego
</AuthBy>
<AuthBy MagicDynAddress>
Identifier Level3AASanFrancisco
AddressAllocator Level3AA
PoolHint SanFrancisco
</AuthBy>
<AuthBy MagicDynAddress>
Identifier Level3AASanJose
AddressAllocator Level3AA
PoolHint SanJose
</AuthBy>
<AuthBy MagicDynAddress>
Identifier Level3AASeattle
AddressAllocator Level3AA
PoolHint Seattle
</AuthBy>
<AuthBy MagicDynAddress>
Identifier Level3AAStamford
AddressAllocator Level3AA
PoolHint Stamford
</AuthBy>
<AuthBy MagicDynAddress>
Identifier Level3AAStLouis
AddressAllocator Level3AA
PoolHint StLouis
</AuthBy>
<AuthBy MagicDynAddress>
Identifier Level3AATampa
AddressAllocator Level3AA
PoolHint Tampa
</AuthBy>
<AuthBy MagicDynAddress>
Identifier Level3AAWashingtonDC
AddressAllocator Level3AA
PoolHint WashingtonDC
</AuthBy>
<AuthBy MagicDynAddress>
Identifier Level3AAWeehawken
AddressAllocator Level3AA
PoolHint Weehawken
</AuthBy>
<SessionDatabase Magic>
DBSource dbi:mysql:host=sessdb.voyager.net;database=radius
DBUsername radacct
DBAuth radpass
Identifier SDB1
ReplaceQuery replace into RADONLINE (NASIDENTIFIER, NASPORT, \
ACCTSESSIONID, TIME_STAMP, FRAMEDIPADDRESS, NASPORTTYPE, \
SERVICETYPE, CHASSISCALLSLOT, CHASSISCALLSPAN, CHASSISCALLCHANNEL, \
CALLING_STATION_ID, CALLED_STATION_ID, MODULATIONTYPE, CONNECTSPEED, USERNAME, REALM ) \
values ('%N', '%{NAS-Port}', '%{Acct-Session-Id}', \
%{Timestamp}, '%{Framed-IP-Address}', '%{NAS-Port-Type}', '%{Service-Type}', \
'%{Chassis-Call-Slot}','%{Chassis-Call-Span}','%{Chassis-Call-Channel}', \
'%{Calling-Station-Id}','%{Called-Station-Id}','%{Modulation-Type}', \
'%{Connect-Speed}', '%U', '%R' )
DeleteQuery delete from RADONLINE where USERNAME='%U' and \
NASIDENTIFIER='%N' and (NASPORT='%{NAS-Port}' or \
(CALLING_STATION_ID = '%{Calling-Station-Id}') and (CALLING_STATION_ID != ''))
ClearNasQuery delete from RADONLINE where NASIDENTIFIER='%N'
CountQuery select NASIDENTIFIER, NASPORT, ACCTSESSIONID from RADONLINE \
where USERNAME='%U' and REALM='%R' and NASPORTTYPE != 'Virtual' and \
(CALLING_STATION_ID = '' or CALLING_STATION_ID != '%{Calling-Station-Id}')
</SessionDatabase>
<SessionDatabase Magic>
DBSource dbi:mysql:host=sessdb.voyager.net;database=radius
DBUsername radacct
DBAuth radpass
Identifier SDB2
ReplaceQuery replace into RADONLINE (NASIDENTIFIER, NASPORT, \
ACCTSESSIONID, TIME_STAMP, FRAMEDIPADDRESS, NASPORTTYPE, \
SERVICETYPE, CHASSISCALLSLOT, CHASSISCALLSPAN, CHASSISCALLCHANNEL, \
CALLING_STATION_ID, CALLED_STATION_ID, MODULATIONTYPE, CONNECTSPEED, USERNAME, REALM ) \
values ('%{Client:Name}', '%{NAS-Port}', '%{Acct-Session-Id}', \
%{Timestamp}, '%{Framed-IP-Address}', '%{NAS-Port-Type}', '%{Service-Type}', \
'%{Chassis-Call-Slot}','%{Chassis-Call-Span}','%{Chassis-Call-Channel}', \
'%{Calling-Station-Id}','%{Called-Station-Id}','%{Modulation-Type}', \
'%{Connect-Speed}', '%U', '%R' )
DeleteQuery delete from RADONLINE where USERNAME='%U' and \
NASIDENTIFIER='%{Client:Name}' and (NASPORT='%{NAS-Port}' or \
(CALLING_STATION_ID = '%{Calling-Station-Id}') and (CALLING_STATION_ID != ''))
ClearNasQuery delete from RADONLINE where NASIDENTIFIER='%{Client:Name}'
CountQuery select NASIDENTIFIER, NASPORT, ACCTSESSIONID from RADONLINE \
where USERNAME='%U' and REALM='%R' and NASPORTTYPE = 'Virtual' and \
(CALLING_STATION_ID = '' or CALLING_STATION_ID != '%{Calling-Station-Id}')
</SessionDatabase>
<SessionDatabase Magic>
DBSource dbi:mysql:host=sessdb.voyager.net;database=radius
DBUsername radacct
DBAuth radpass
Identifier SDB3
ReplaceQuery replace into RADONLINE (NASIDENTIFIER, NASPORT, CLIENT_ID,\
ACCTSESSIONID, TIME_STAMP, FRAMEDIPADDRESS, NASPORTTYPE, \
SERVICETYPE, CHASSISCALLSLOT, CHASSISCALLSPAN, CHASSISCALLCHANNEL, \
CALLING_STATION_ID, CALLED_STATION_ID, MODULATIONTYPE, CONNECTSPEED, USERNAME, REALM ) \
values ('%{Client:Name}', '%{NAS-Port}', '%{NAS-Identifier}', '%{Acct-Session-Id}', \
%{Timestamp}, '%{Framed-IP-Address}', '%{NAS-Port-Type}', '%{Service-Type}', \
'%{Chassis-Call-Slot}','%{Chassis-Call-Span}','%{Chassis-Call-Channel}', \
'%{Calling-Station-Id}','%{Called-Station-Id}','%{Modulation-Type}', \
'%{Connect-Speed}', '%U', '%R' )
DeleteQuery delete from RADONLINE where USERNAME='%U' and \
NASIDENTIFIER='%{Client:Name}' and (NASPORT='%{NAS-Port}' or \
(CALLING_STATION_ID = '%{Calling-Station-Id}') and (CALLING_STATION_ID != ''))
ClearNasQuery delete from RADONLINE where NASIDENTIFIER='%{Client:Name}'
CountQuery select NASIDENTIFIER, NASPORT, ACCTSESSIONID from RADONLINE \
where USERNAME='%U' and REALM='%R' and NASPORTTYPE != 'Virtual' and \
(CALLING_STATION_ID = '' or CALLING_STATION_ID != '%{Calling-Station-Id}')
</SessionDatabase>
<Log SQL>
DBSource dbi:mysql:host=acctdb.voyager.net;database=radius
DBUsername radacct
DBAuth radpass
Table RADLOG
Trace 3
</Log>
<AuthLog SQL>
Identifier myauthlogger
DBSource dbi:mysql:host=acctdb.voyager.net;database=radius
DBUsername radacct
DBAuth radpass
Table AUTHLOG
SuccessQuery INSERT INTO AUTHLOG (timestamp, username, realm, password, \
client, status, origusername, sessionid, nasporttype, callerid, \
calledid, radiusip, radiusidentifier ) \
VALUES ('%t','%U','%R','%P','%c','PASS', '%u', '%{Acct-Session-Id}', \
'%{NAS-Port-Type}', '%{Calling-Station-Id}', '%{Called-Station-Id}', \
'%{Client:Name}', '%{Client:Identifier}' )
FailureQuery INSERT INTO AUTHLOG (timestamp, username, realm, password, \
client, status, origusername, sessionid, nasporttype, callerid, \
calledid, radiusip, radiusidentifier ) \
VALUES ('%t','%U','%R','%P','%c','FAIL', '%u', '%{Acct-Session-Id}', \
'%{NAS-Port-Type}', '%{Calling-Station-Id}', '%{Called-Station-Id}', \
'%{Client:Name}', '%{Client:Identifier}' )
LogSuccess 1
LogFailure 1
</AuthLog>
<Monitor>
Port 9048
Include %D/local/monitor.cfg
# BindAddress 172.16.38.10
# TraceOnly
Username monitor
Password localonly
</Monitor>
# Disabled per Garth R on 12/28/2000
<Handler User-Name = /^c\/.+/>
<AuthBy FILE>
Filename /dev/null
</AuthBy>
AuthLog myauthlogger
</Handler>
<Handler Acct-Status-Type = /.+/, Client-Identifier = /^(SuperNews|L2TPServer)$/ >
SessionDatabase SDB2
Identifier core
RewriteUsername s/\@norealm//
AuthBy acctbymagicnohourly
AuthLog myauthlogger
</Handler>
# Level3 Market Accounting
<Handler Acct-Status-Type = /.+/, Client-Identifier = /^Level3$/>
SessionDatabase SDB3
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy acctbymagic
AuthBy Level3AAAccounting
</Handler>
<Handler Acct-Status-Type = /.+/>
SessionDatabase SDB1
RewriteUsername s/\@norealm//
AuthBy acctbymagic
</Handler>
# Level3 Atlanta Market
<Handler Client-Identifier = /^Level3$/, CHAP-Password = /.+/, NAS-Identifier = /\.(2ga1|atl1|bir1|clt1|gbo1|gnv1|nvl1|ngu1|ral1|rch1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagiccleartext
AuthBy Level3AAAtlanta
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^Level3$/, NAS-Identifier = /\.(2ga1|atl1|bir1|clt1|gbo1|gnv1|nvl1|ngu1|ral1|rch1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagic
AuthBy Level3AAAtlanta
AuthLog myauthlogger
</Handler>
# Level3 Baltimore Market
<Handler Client-Identifier = /^Level3$/, CHAP-Password = /.+/, NAS-Identifier = /\.(bal1|pit1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagiccleartext
AuthBy Level3AABaltimore
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^Level3$/, NAS-Identifier = /\.(bal1|pit1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagic
AuthBy Level3AABaltimore
AuthLog myauthlogger
</Handler>
# Level3 Boston Market
<Handler Client-Identifier = /^Level3$/, CHAP-Password = /.+/, NAS-Identifier = /\.(alb1|bos1|buf1|2ma1|2ny1|roc1|syr1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagiccleartext
AuthBy Level3AABoston
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^Level3$/, NAS-Identifier = /\.(alb1|bos1|buf1|2ma1|2ny1|roc1|syr1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagic
AuthBy Level3AABoston
AuthLog myauthlogger
</Handler>
# Level3 Chicago Market
<Handler Client-Identifier = /^Level3$/, CHAP-Password = /.+/, NAS-Identifier = /\.(cle1|grp1|2ia1|mlw1|min1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagiccleartext
AuthBy Level3AAChicago
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^Level3$/, NAS-Identifier = /\.(cle1|grp1|2ia1|mlw1|min1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagic
AuthBy Level3AAChicago
AuthLog myauthlogger
</Handler>
# Level3 Cincinatti Market
<Handler Client-Identifier = /^Level3$/, CHAP-Password = /.+/, NAS-Identifier = /\.(cin1|clb1|day1|2in1|ind1|lou1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagiccleartext
AuthBy Level3AACincinatti
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^Level3$/, NAS-Identifier = /\.(cin1|clb1|day1|2in1|ind1|lou1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagic
AuthBy Level3AACincinatti
AuthLog myauthlogger
</Handler>
# Level3 Dallas Market
<Handler Client-Identifier = /^Level3$/, CHAP-Password = /.+/, NAS-Identifier = /\.(2ar1|dal1|ftw1|mem1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagiccleartext
AuthBy Level3AADallas
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^Level3$/, NAS-Identifier = /\.(2ar1|dal1|ftw1|mem1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagic
AuthBy Level3AADallas
AuthLog myauthlogger
</Handler>
# Level3 Denver Market
<Handler Client-Identifier = /^Level3$/, CHAP-Password = /.+/, NAS-Identifier = /\.(2co1|den1|lvg1|2mt1|oma1|slc1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagiccleartext
AuthBy Level3AADenver
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^Level3$/, NAS-Identifier = /\.(2co1|den1|lvg1|2mt1|oma1|slc1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagic
AuthBy Level3AADenver
AuthLog myauthlogger
</Handler>
# Level3 Detroit Market
<Handler Client-Identifier = /^Level3$/, CHAP-Password = /.+/, NAS-Identifier = /\.(2mi1|akn1|det1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagiccleartext
AuthBy Level3AADetroit
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^Level3$/, NAS-Identifier = /\.(2mi1|akn1|det1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagic
AuthBy Level3AADetroit
AuthLog myauthlogger
</Handler>
# Level3 Houston Market
<Handler Client-Identifier = /^Level3$/, CHAP-Password = /.+/, NAS-Identifier = /\.(aus1|hou1|2la1|nor1|sat1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagiccleartext
AuthBy Level3AAHouston
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^Level3$/, NAS-Identifier = /\.(aus1|hou1|2la1|nor1|sat1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagic
AuthBy Level3AAHouston
AuthLog myauthlogger
</Handler>
# Level3 LosAngeles Market
<Handler Client-Identifier = /^Level3$/, CHAP-Password = /.+/, NAS-Identifier = /\.(lax1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagiccleartext
AuthBy Level3AALosAngeles
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^Level3$/, NAS-Identifier = /\.(lax1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagic
AuthBy Level3AALosAngeles
AuthLog myauthlogger
</Handler>
# Level3 LosAngeles800 Market
<Handler Client-Identifier = /^Level3$/, CHAP-Password = /.+/, NAS-Identifier = /\.(laz1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagiccleartext
AuthBy Level3AALosAngeles800
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^Level3$/, NAS-Identifier = /\.(laz1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagic
AuthBy Level3AALosAngeles800
AuthLog myauthlogger
</Handler>
# Level3 Manchester Market
<Handler Client-Identifier = /^Level3$/, CHAP-Password = /.+/, NAS-Identifier = /\.(mch1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagiccleartext
AuthBy Level3AAManchester
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^Level3$/, NAS-Identifier = /\.(mch1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagic
AuthBy Level3AAManchester
AuthLog myauthlogger
</Handler>
# Level3 Miami Market
<Handler Client-Identifier = /^Level3$/, CHAP-Password = /.+/, NAS-Identifier = /\.(mia1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagiccleartext
AuthBy Level3AAMiami
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^Level3$/, NAS-Identifier = /\.(mia1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagic
AuthBy Level3AAMiami
AuthLog myauthlogger
</Handler>
# Level3 Orlando Market
<Handler Client-Identifier = /^Level3$/, CHAP-Password = /.+/, NAS-Identifier = /\.(2fl1|jax1|orl1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagiccleartext
AuthBy Level3AAOrlando
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^Level3$/, NAS-Identifier = /\.(2fl1|jax1|orl1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagic
AuthBy Level3AAOrlando
AuthLog myauthlogger
</Handler>
# Level3 Philadelphia Market
<Handler Client-Identifier = /^Level3$/, CHAP-Password = /.+/, NAS-Identifier = /\.(2pa1|phi1|prn1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagiccleartext
AuthBy Level3AAPhiladelphia
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^Level3$/, NAS-Identifier = /\.(2pa1|phi1|prn1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagic
AuthBy Level3AAPhiladelphia
AuthLog myauthlogger
</Handler>
# Level3 Phoenix Market
<Handler Client-Identifier = /^Level3$/, CHAP-Password = /.+/, NAS-Identifier = /\.(aqq1|2az1|elp1|phx1|tcs1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagiccleartext
AuthBy Level3AAPhoenix
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^Level3$/, NAS-Identifier = /\.(aqq1|2az1|elp1|phx1|tcs1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagic
AuthBy Level3AAPhoenix
AuthLog myauthlogger
</Handler>
# Level3 Providence Market
<Handler Client-Identifier = /^Level3$/, CHAP-Password = /.+/, NAS-Identifier = /\.(prv1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagiccleartext
AuthBy Level3AAProvidence
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^Level3$/, NAS-Identifier = /\.(prv1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagic
AuthBy Level3AAProvidence
AuthLog myauthlogger
</Handler>
# Level3 SanDiego Market
<Handler Client-Identifier = /^Level3$/, CHAP-Password = /.+/, NAS-Identifier = /\.(sdg1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagiccleartext
AuthBy Level3AASanDiego
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^Level3$/, NAS-Identifier = /\.(sdg1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagic
AuthBy Level3AASanDiego
AuthLog myauthlogger
</Handler>
# Level3 SanFrancisco Market
<Handler Client-Identifier = /^Level3$/, CHAP-Password = /.+/, NAS-Identifier = /\.(sfo1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagiccleartext
AuthBy Level3AASanFrancisco
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^Level3$/, NAS-Identifier = /\.(sfo1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagic
AuthBy Level3AASanFrancisco
AuthLog myauthlogger
</Handler>
# Level3 SanJose Market
<Handler Client-Identifier = /^Level3$/, CHAP-Password = /.+/, NAS-Identifier = /\.(2ca1|frn1|sac1|sjo1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagiccleartext
AuthBy Level3AASanJose
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^Level3$/, NAS-Identifier = /\.(2ca1|frn1|sac1|sjo1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagic
AuthBy Level3AASanJose
AuthLog myauthlogger
</Handler>
# Level3 Seattle Market
<Handler Client-Identifier = /^Level3$/, CHAP-Password = /.+/, NAS-Identifier = /\.(2id1|por1|sea1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagiccleartext
AuthBy Level3AASeattle
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^Level3$/, NAS-Identifier = /\.(2id1|por1|sea1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagic
AuthBy Level3AASeattle
AuthLog myauthlogger
</Handler>
# Level3 Stamford Market
<Handler Client-Identifier = /^Level3$/, CHAP-Password = /.+/, NAS-Identifier = /\.(stm1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagiccleartext
AuthBy Level3AAStamford
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^Level3$/, NAS-Identifier = /\.(stm1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagic
AuthBy Level3AAStamford
AuthLog myauthlogger
</Handler>
# Level3 StLouis Market
<Handler Client-Identifier = /^Level3$/, CHAP-Password = /.+/, NAS-Identifier = /\.(2ks1|okc1|stl1|tul1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagiccleartext
AuthBy Level3AAStLouis
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^Level3$/, NAS-Identifier = /\.(2ks1|okc1|stl1|tul1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagic
AuthBy Level3AAStLouis
AuthLog myauthlogger
</Handler>
# Level3 Tampa Market
<Handler Client-Identifier = /^Level3$/, CHAP-Password = /.+/, NAS-Identifier = /\.(tmp1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagiccleartext
AuthBy Level3AATampa
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^Level3$/, NAS-Identifier = /\.(tmp1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagic
AuthBy Level3AATampa
AuthLog myauthlogger
</Handler>
# Level3 WashingtonDC Market
<Handler Client-Identifier = /^Level3$/, CHAP-Password = /.+/, NAS-Identifier = /\.(2md1|wdc2)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagiccleartext
AuthBy Level3AAWashingtonDC
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^Level3$/, NAS-Identifier = /\.(2md1|wdc2)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagic
AuthBy Level3AAWashingtonDC
AuthLog myauthlogger
</Handler>
# Level3 Weehawken Market
<Handler Client-Identifier = /^Level3$/, CHAP-Password = /.+/, NAS-Identifier = /\.(wee1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagiccleartext
AuthBy Level3AAWeehawken
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^Level3$/, NAS-Identifier = /\.(wee1)\./ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthByPolicy ContinueWhileAccept
AuthBy authbymagic
AuthBy Level3AAWeehawken
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^(Level3)$/, CHAP-Password = /.+/ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthBy authbymagiccleartext
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^(Level3)$/ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthBy authbymagic
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^(GlobalPOPs)$/, CHAP-Password = /.+/ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthBy authbymagiccleartextglobalpops
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^(GlobalPOPs)$/ >
SessionDatabase SDB3
Identifier core
RewriteUsername s/\@norealm//
AuthBy authbymagicglobalpops
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier=888Server >
SessionDatabase SDB1
Identifier core
RewriteUsername s/\@norealm//
AuthBy authbymagic888users
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier=Quikcat >
SessionDatabase SDB1
Identifier quikcat
RewriteUsername s/\@norealm//
AuthBy authbymagic
AuthLog myauthlogger
</Handler>
<Handler Client-Identifier = /^(SuperNews|L2TPServer)$/ >
SessionDatabase SDB2
Identifier core
RewriteUsername s/\@norealm//
AuthBy authbymagic
AuthLog myauthlogger
</Handler>
<Handler CHAP-Password = /.+/>
SessionDatabase SDB1
Identifier core
RewriteUsername s/\@norealm//
AuthBy authbymagiccleartext
AuthLog myauthlogger
</Handler>
<Handler Realm = coredcs.com>
RewriteUsername s/^([^@@]+).*/$1/
SessionDatabase SDB1
Identifier core
RewriteUsername s/\@norealm//
AuthBy authbymagic
AuthLog myauthlogger
</Handler>
<Handler Realm = netops>
AuthBy authbymagic
Identifier core
</Handler>
<Handler Realm = sat.core.com>
<AuthBy RADIUS>
AuthPort 1645
AcctPort 1646
Host 216.53.136.112
Secret 2Lg57R
</AuthBy>
</Handler>
<Handler Realm = /.*/ >
SessionDatabase SDB1
Identifier core
RewriteUsername s/\@norealm//
AuthBy authbymagic
AuthLog myauthlogger
</Handler>
More information about the radiator
mailing list