(RADIATOR) Different NAS types.

Hugh Irvine hugh at open.com.au
Tue Feb 24 15:42:06 CST 2004 

Hello Ricardo -

You should replace your <Realm DEFAULT> by <Handler ...> as shown below:

<Client .....>
	Identifier = SomeTag
	....
</Client>

<Client .....>
	Identifier = SomeTag
	....
</Client>

<Client .....>
	Identifier = AnotherTag
	....
</Client>

.....

<Handler Request-Type = Accounting-Request>
	.....
</Handler>

<Handler Client-Identifier = SomeTag>
	.....
</Handler>

<Handler Client-Identifier = AnotherTag>
	.....
</Handler>

.....

<Handler>
	.....
</Handler>


This topic has been discussed many times on the mailing list:

	www.open.com.au/archives/radiator

regards

Hugh


On 25 Feb 2004, at 02:44, Ricardo Martinez wrote:

> Hi.
> I'm tryin to treat different type of RADIUS message in my configuration
> file.  I have around 7 different NAS devices, all sending accounting
> information to my Radiator Server, the accounting information is all  
> treated
> by the Realm DEFAULT, as you can see in part of my radius.cfg file:
>
>
> <Realm DEFAULT>
>         # Look up user details in a flat file
>         <AuthBy SQL>
>                 DBSource        dbi:Oracle:desadb
>                 DBUsername      radius
>                 DBAuth          radius
>
>                 AccountingTable ACCOUNTING
>                 AcctColumnDef   FECHA,%F
>                 AcctColumnDef   CALLLEGSETUPTIME,cisco-h323-setup-time
>                 AcctColumnDef   GATEWAYIDENTIFIER,cisco-h323-gw-id
>                 AcctColumnDef   CONNECTIONID,cisco-h323-conf-id
>                 AcctColumnDef   CALLLEGDIRECTION,cisco-h323-call-origin
>                 AcctColumnDef   CALLLEGTYPE,cisco-h323-call-type
>                 AcctColumnDef    
> CALLLEGCONNECTTIME,cisco-h323-connect-time
>                 AcctColumnDef
> CALLLEGDISCONNECTTIME,cisco-h323-disconnect-time
>                 AcctColumnDef
> CALLLEGDISCONNECTCAUSE,cisco-h323-disconnect-cause
>                 AcctColumnDef   REMOTEGATEWAYIPADDRESS,NAS-IP-Address
>                 AcctColumnDef   VOICEQUALITY,cisco-h323-voice-quality
>                 AcctColumnDef   USERNAME,User-Name
>                 AcctColumnDef   NASPORTTYPE,Nas-Port-Type
>                 AcctColumnDef   CALLINGSTATIONID,Calling-Station-Id
>                 AcctColumnDef   CALLEDSTATIONID,Called-Station-Id
>                 AcctColumnDef   ACCTSTATUSTYPE,Acct-Status-Type
>                 AcctColumnDef   ACCTSESSIONID,Acct-Session-Id
>                 AcctColumnDef    
> ACCTSESSIONTIME,Acct-Session-Time,integer
>                 AcctColumnDef   ACCTINPUTOCT,Acct-Input-Octets,integer
>                 AcctColumnDef    
> ACCTOUTPUTOCT,Acct-Output-Octets,integer
>                 AcctColumnDef    
> ACCTINPUTPKTS,Acct-Input-Packets,integer
>                 AcctColumnDef    
> ACCTOUTPUTPKTS,Acct-Output-Packets,integer
>         </AuthBy>
>
>         # Log accounting to a detail file. %D is replaced by DbDir  
> above
>         AcctLogFileFormat %i/%g/%f,%H:%M:%S,%{cisco-h323-setup-time},\
> %{cisco-h323-gw-id},%{cisco-h323-conf-id},%{cisco-h323-call- 
> origin},%{cisco-
> h323-call-type},%{cisco-h323-connect-time}\
> %{cisco-h323-disconnect-time},%{cisco-h323-disconnect-cause},%{NAS-IP- 
> Addres
> s},%{cisco-h323-voice-quality},%{User-Name},\
> %{Nas-Port-Type},%{Calling-Station-Id},%{Called-Station-Id},%{Acct- 
> Status-Ty
> pe},%{Acct-Session-Id},%{Acct-Session-Time}\
> ,%{Acct-Output-Octets},%{Acct-Input-Octets},%{Acct-Ouput- 
> Packets},%{Acct-Inp
> ut-Packets}
>         AcctLogFileName logs/%Y/%q-%d-%v-%Y.csv
> </Realm>
>
> As  i mentioned,  the NAS devices sends the accounting information to  
> the
> Radiator Server, but also when one of this devices is accessed by  
> telnet, it
> sends login information in the Authentication and Authorization Radius
> packets.  So, what i want to do is have different treatment for the two
> types of messages (maybe two REALMS??).  One for the Authentication  
> (when a
> NAS is accessed by telnet) and one for the Accounting. (the users  
> reporting
> to the NAS).
> I was thinking in use maybe a HADLER? , how can i create a hadler that  
> only
> accept 5 or 6 different NAS-IP-Address ???
>
> How can i accomplish these task?
>
> Thanks in advance
>
>> Ricardo Martinez Ogalde
>>
>>
>>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list