(RADIATOR) DefaultSimultaneousUse With Cisco

al mccain mccainca at centurytel.net
Tue Jan 20 08:41:50 CST 2004


Hugh,

Thanks for the quick reply! However, I am a little confused.
Are you saying that there is no way to implement this with our cisco
boxes?

Thanks,
Al



On Tue, 20 Jan 2004, Hugh Irvine wrote:

>
> Hello Al -
>
> I'm guessing here, but I suspect the problem is due to your Client
> definitions in the SQL database - specifically the contents of the
> NASTYPE field for at least the NAS in question. As you will see from
> the debug, Radiator is trying to find a module called " Radius/Nas/.pm"
> in the Redback case so this is not correct at all.
>
> The problem with the Cisco is that the NAS-Port attribute is always
> "0", so this will never work in any case.
>
> regards
>
> Hugh
>
>
> On 20 Jan 2004, at 09:04, al mccain wrote:
>
> >
> > Hello Guys,
> >
> > I have yet another problem. We are trying to implement concurrent login
> > checks. I am having trouble using DefaultSimultaneousUse = 1 with our
> > cisco boxes. It works perfectly for our Redbacks equipment. Could
> > someone
> > take a look and let me know what I'm doing wrong? I have attached my
> > config as well as 2 trace 4's. One is the redback (acting perfectly)
> > and
> > one of the cisco (acting no-so-perfectly).
> >
> > Thanks!
> >
> > Al
> >
> >
> > Config
> > --------------------------------------------------------
> >
> > #Foreground
> > #LogStdout
> > LogDir /var/adm/radacct
> > DbDir /etc/raddb
> > PreHandlerHook file:"%D/prehook"
> >
> > SnmpgetProg /usr/local/bin/snmpget
> > Trace 4
> > RewriteUsername         s/^([^@]+)\@centurytel.net/$1/
> > RewriteUsername         s/^([^@]+)\@digisys.net/$1/
> > RewriteUsername         s/\s+//g
> > #RewriteUsername		s/\'//g
> > RewriteUsername         tr/A-Z/a-z/
> > <Client DEFAULT>
> >
> >
> >         Secret letMEin
> >         DupInterval 0
> >
> >
> > </Client>
> >
> > <SessionDatabase SQL>
> >
> >        DBSource dbi:mysql:radius:*******************
> >        DBUsername ******
> >        DBAuth ********
> >         Identifier SQLS
> >
> >                 AddQuery insert into RADONLINE (USERNAME,\
> >                 NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,\
> >                 FRAMEDIPADDRESS, NASPORTTYPE) \
> >                 values ('%n', '%N',\
> >                 '%{NAS-Port}', '%{Acct-Session-Id}', '%o',\
> >                 '%{Framed-IP-Address}', '%{NAS-Port-Type}')
> >
> >
> > DeleteQuery  delete from RADONLINE where NASIDENTIFIER='%1' and
> > NASPORT=0%2
> > ClearNasQuery delete from RADONLINE where NASIDENTIFIER='%0'
> > CountQuery select NASIDENTIFIER, NASPORT, ACCTSESSIONID from RADONLINE
> > \
> > where USERNAME ='%u'
> >
> >
> > </SessionDatabase>
> >
> >
> > <ClientListSQL>
> >
> >         DBSource        dbi:mysql:radius:********************
> >         DBUsername *******
> >         DBAuth *********
> >
> >         select NASIDENTIFIER,SECRET,IGNOREACCTSIGNATURE,DUPINTERVAL, \
> >         DEFAULTREALM,NASTYPE,SNMPCOMMUNITY,LIVINGSTONOFFS, \
> >         LIVINGSTONHOLE,FRAMEDGROUPBASEADDRESS, \
> >         FRAMEDGROUPMAXPORTSPERCLASSC,REWRITEUSERNAME, \
> >         NOIGNOREDUPLICATES from RADCLIENTLIST
> >
> >
> > </ClientListSQL>
> > <AuthBy UNIX>
> >
> > #       DefaultSimultaneousUse 1
> >         Identifier System
> >         Filename /etc/shadow
> >
> > </AuthBy>
> >
> > <AuthBy LDAP2>
> >                DefaultSimultaneousUse 1
> >                 Identifier LDAP
> >                 Host    127.0.0.1
> >                 Port    389
> >                 AuthDN  uid=searchuser,dc=centurytel,dc=net
> >                 AuthPassword    ********
> >                 BaseDN  %0=%1,ou=people,dc=centurytel,dc=net
> >                 Scope   base
> >                 UsernameAttr    uid
> >                 PasswordAttr    userPassword
> >                 HoldServerConnection
> >                 SearchFilter (&(gecos=active)(uid=%1))
> >                 AuthAttrDef gidNumber, gid-attr, request
> > #               DefaultReply
> > Service-Type=Framed-User,Framed-Protocol=PPP
> > </AuthBy>
> > <AuthBy SQL>
> > #       NoDefault
> >         DefaultSimultaneousUse 1
> >         Identifier CheckSQL
> >
> >         DBSource        dbi:mysql:radius:********************
> >         DBUsername ******
> >         DBAuth ********
> >
> >
> >         AuthSelect select PASSWORD, CHECKATTR, REPLYATTR \
> >        from SUBSCRIBERS \
> >       where USERNAME=%0
> >
> > AuthColumnDef 0, User-Password, check
> > AuthColumnDef 1, GENERIC, check
> > AuthColumnDef 2, GENERIC, reply
> > #               DefaultReply
> > Service-Type=Framed-User,Framed-Protocol=PPP
> >
> >
> > </AuthBy>
> > <Realm DEFAULT>
> > RewriteUsername s/^([^@]+).*/$1/
> >
> >
> >
> >  PostAuthHook file:"%D/postHook"
> >         AcctLogFileName %L/%N/detail
> >
> >
> >
> >         #AuthByPolicy ContinueWhileReject
> >         AuthByPolicy    ContinueUntilAccept
> >         #AuthBy LDAP
> >         AuthBy CheckSQL
> >         AuthBy System
> >
> >
> > </Realm>
> >
> > ----------------------------------------------
> > End Config
> >
> >
> > Trace 4 Redback
> > ----------------------------------------------
> > Mon Jan 19 12:56:10 2004: DEBUG: Packet dump:
> > *** Received from 209.142.136.22 port 1812 ....
> > Code:       Access-Request
> > Identifier: 11
> > Authentic:  E<138><164><4>E<130>FE<30><232><199>@<23>j<201><247>
> > Attributes:
> > 	User-Name = "nethelp1"
> > 	User-Password = "<187>6<25>L<247><7><5><168><148><235>0 5V<3><199>"
> > 	NAS-Identifier = "rb-test.mx"
> > 	NAS-IP-Address = 209.142.136.22
> > 	RB-NAS-Real-Port = 537067624
> > 	Service-Type = Framed-User
> > 	Framed-Protocol = PPP
> > 	NAS-Port = 3892314117
> > 	Connect-Info = "ubrc"
> >
> > Mon Jan 19 12:56:10 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:56:10 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:56:10 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:56:10 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:56:10 2004: DEBUG: Handling request with Handler
> > 'Realm=DEFAULT'
> > Mon Jan 19 12:56:10 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:56:10 2004: DEBUG: SQLS Deleting session for nethelp1,
> > 209.142.136.22, 3892314117
> > Mon Jan 19 12:56:10 2004: DEBUG: do query is: 'delete from RADONLINE
> > where NASIDENTIFIER='209.142.136.22' and NASPORT=03892314117':
> >
> > Mon Jan 19 12:56:10 2004: DEBUG: Handling with Radius::AuthSQL
> > Mon Jan 19 12:56:10 2004: DEBUG: Handling with Radius::AuthSQL:
> > CheckSQL
> > Mon Jan 19 12:56:10 2004: DEBUG: Query is: 'select PASSWORD,
> > CHECKATTR, REPLYATTR from SUBSCRIBERS where USERNAME='nethelp1'':
> >
> > Mon Jan 19 12:56:10 2004: DEBUG: Radius::AuthSQL looks for match with
> > nethelp1
> > Mon Jan 19 12:56:10 2004: DEBUG: Query is: 'select NASIDENTIFIER,
> > NASPORT from RADONLINE where USERNAME ='nethelp1'':
> >
> > Mon Jan 19 12:56:10 2004: DEBUG: Radius::AuthSQL ACCEPT:
> > Mon Jan 19 12:56:10 2004: DEBUG: Access accepted for nethelp1
> > Mon Jan 19 12:56:10 2004: DEBUG: Packet dump:
> > *** Sending to 209.142.136.22 port 1812 ....
> > Code:       Access-Accept
> > Identifier: 11
> > Authentic:  E<138><164><4>E<130>FE<30><232><199>@<23>j<201><247>
> > Attributes:
> > 	Framed-IP-Address = 66.112.90.42
> > 	Service-Type = Framed-User
> > 	Framed-Protocol = PPP
> > 	Framed-IP-Netmask = 255.255.255.255
> > 	Idle-Timeout = 0
> > 	Session-Timeout = 0
> >
> > Mon Jan 19 12:56:12 2004: ERR: Attribute number 144 (vendor 2352) is
> > not defined in your dictionary
> > Mon Jan 19 12:56:12 2004: DEBUG: Packet dump:
> > *** Received from 209.142.136.22 port 1812 ....
> > Code:       Accounting-Request
> > Identifier: 29
> > Authentic:  <136>}<253><170><198>`<188><251>N<28><253>`<135><232><29>r
> > Attributes:
> > 	User-Name = "nethelp1"
> > 	NAS-Identifier = "rb-test.mx"
> > 	NAS-IP-Address = 209.142.136.22
> > 	Service-Type = Framed-User
> > 	Framed-Protocol = PPP
> > 	NAS-Port = 3892314117
> > 	RB-NAS-Real-Port = 537067624
> > 	Acct-Session-Id = "E8000005-400B2C3E"
> > 	Acct-Authentic = RADIUS
> > 	Connect-Info = "ubrc"
> > 	Framed-IP-Address = 66.112.90.42
> > 	Acct-Status-Type = Start
> >
> > Mon Jan 19 12:56:12 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:56:12 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:56:12 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:56:12 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:56:12 2004: DEBUG: Handling request with Handler
> > 'Realm=DEFAULT'
> > Mon Jan 19 12:56:12 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:56:12 2004: DEBUG: SQLS Adding session for nethelp1,
> > 209.142.136.22, 3892314117
> > Mon Jan 19 12:56:12 2004: DEBUG: do query is: 'delete from RADONLINE
> > where NASIDENTIFIER='209.142.136.22' and NASPORT=03892314117':
> >
> > Mon Jan 19 12:56:12 2004: DEBUG: do query is: 'insert into RADONLINE
> > (USERNAME,NASIDENTIFIER, NASPORT, ACCTSESSIONID,
> > TIME_STAMP,FRAMEDIPADDRESS, NASPORTTYPE) values ('nethelp1',
> > '209.142.136.22','3892314117', 'E8000005-400B2C3E', 'Mon Jan 19
> > 12:56:12 2004','66.112.90.42', '')':
> >
> > Mon Jan 19 12:56:12 2004: DEBUG: Handling with Radius::AuthSQL
> > Mon Jan 19 12:56:12 2004: DEBUG: Handling accounting with
> > Radius::AuthSQL
> > Mon Jan 19 12:56:12 2004: DEBUG: Accounting accepted
> > Mon Jan 19 12:56:12 2004: DEBUG: Packet dump:
> > *** Sending to 209.142.136.22 port 1812 ....
> > Code:       Accounting-Response
> > Identifier: 29
> > Authentic:  <136>}<253><170><198>`<188><251>N<28><253>`<135><232><29>r
> > Attributes:
> >
> > Mon Jan 19 12:56:13 2004: ERR: Attribute number 144 (vendor 2352) is
> > not defined in your dictionary
> > Mon Jan 19 12:56:13 2004: DEBUG: Packet dump:
> > *** Received from 209.142.136.22 port 1812 ....
> > Code:       Accounting-Request
> > Identifier: 30
> > Authentic:  g%M<161><249><226><174>'<244>NO<194>5Y<176>s
> > Attributes:
> > 	User-Name = "nethelp1"
> > 	NAS-Identifier = "rb-test.mx"
> > 	NAS-IP-Address = 209.142.136.22
> > 	Service-Type = Framed-User
> > 	Framed-Protocol = PPP
> > 	NAS-Port = 3892314117
> > 	RB-NAS-Real-Port = 537067624
> > 	Acct-Session-Id = "E8000005-400B2C3E"
> > 	Acct-Authentic = RADIUS
> > 	Connect-Info = "ubrc"
> > 	Acct-Status-Type = Alive
> > 	Framed-IP-Address = 66.112.90.42
> > 	Framed-IP-Netmask = 255.255.255.255
> > 	RB-Client-DNS-Pri = 209.142.136.85
> > 	RB-Client-DNS-Sec = 209.206.199.16
> > 	Acct-Input-Octets = 180
> > 	Acct-Output-Octets = 0
> > 	Acct-Input-Packets = 3
> > 	Acct-Output-Packets = 0
> > 	Acct-Session-Time = 0
> > 	RB-Acct-Input-Octets-64 = 0xb4
> > 	RB-Acct-Output-Octets-64 = 0x0
> > 	RB-Acct-Input-Packets-64 = 0x3
> > 	RB-Acct-Output-Packets-64 = 0x0
> >
> > Mon Jan 19 12:56:13 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:56:13 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:56:13 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:56:13 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:56:13 2004: DEBUG: Handling request with Handler
> > 'Realm=DEFAULT'
> > Mon Jan 19 12:56:13 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:56:13 2004: DEBUG: SQLS Adding session for nethelp1,
> > 209.142.136.22, 3892314117
> > Mon Jan 19 12:56:13 2004: DEBUG: do query is: 'delete from RADONLINE
> > where NASIDENTIFIER='209.142.136.22' and NASPORT=03892314117':
> >
> > Mon Jan 19 12:56:13 2004: DEBUG: do query is: 'insert into RADONLINE
> > (USERNAME,NASIDENTIFIER, NASPORT, ACCTSESSIONID,
> > TIME_STAMP,FRAMEDIPADDRESS, NASPORTTYPE) values ('nethelp1',
> > '209.142.136.22','3892314117', 'E8000005-400B2C3E', 'Mon Jan 19
> > 12:56:13 2004','66.112.90.42', '')':
> >
> > Mon Jan 19 12:56:13 2004: DEBUG: Handling with Radius::AuthSQL
> > Mon Jan 19 12:56:13 2004: DEBUG: Handling accounting with
> > Radius::AuthSQL
> > Mon Jan 19 12:56:13 2004: DEBUG: Accounting accepted
> > Mon Jan 19 12:56:13 2004: DEBUG: Packet dump:
> > *** Sending to 209.142.136.22 port 1812 ....
> > Code:       Accounting-Response
> > Identifier: 30
> > Authentic:  g%M<161><249><226><174>'<244>NO<194>5Y<176>s
> > Attributes:
> >
> > Mon Jan 19 12:57:53 2004: DEBUG: Packet dump:
> > *** Received from 209.142.136.22 port 1812 ....
> > Code:       Access-Request
> > Identifier: 12
> > Authentic:  <240><165><246>oN<222><231>t<28><143><163>oA<206><12><203>
> > Attributes:
> > 	User-Name = "nethelp1"
> > 	User-Password = ""<4>y<223>1J<218>2<240><239><149><197>I<213>"m"
> > 	NAS-Identifier = "rb-test.mx"
> > 	NAS-IP-Address = 209.142.136.22
> > 	RB-NAS-Real-Port = 537067622
> > 	Service-Type = Framed-User
> > 	Framed-Protocol = PPP
> > 	NAS-Port = 3892314118
> > 	Connect-Info = "ubrc"
> >
> > Mon Jan 19 12:57:53 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:57:53 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:57:53 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:57:53 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:57:53 2004: DEBUG: Handling request with Handler
> > 'Realm=DEFAULT'
> > Mon Jan 19 12:57:53 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:57:53 2004: DEBUG: SQLS Deleting session for nethelp1,
> > 209.142.136.22, 3892314118
> > Mon Jan 19 12:57:53 2004: DEBUG: do query is: 'delete from RADONLINE
> > where NASIDENTIFIER='209.142.136.22' and NASPORT=03892314118':
> >
> > Mon Jan 19 12:57:53 2004: DEBUG: Handling with Radius::AuthSQL
> > Mon Jan 19 12:57:53 2004: DEBUG: Handling with Radius::AuthSQL:
> > CheckSQL
> > Mon Jan 19 12:57:53 2004: DEBUG: Query is: 'select PASSWORD,
> > CHECKATTR, REPLYATTR from SUBSCRIBERS where USERNAME='nethelp1'':
> >
> > Mon Jan 19 12:57:53 2004: DEBUG: Radius::AuthSQL looks for match with
> > nethelp1
> > Mon Jan 19 12:57:53 2004: DEBUG: Query is: 'select NASIDENTIFIER,
> > NASPORT from RADONLINE where USERNAME ='nethelp1'':
> >
> > Mon Jan 19 12:57:53 2004: DEBUG: Checking if user is still online: ,
> > nethelp1, 209.142.136.22, 3892314117,
> > Mon Jan 19 12:57:53 2004: ERR: Could not load NAS-specific module
> > Radius::Nas::: Can't locate Radius/Nas/.pm in @INC (@INC contains: .
> > /usr/local/lib/perl5/5.8.0/sun4-solaris /usr/local/lib/perl5/5.8.0
> > /usr/local/lib/perl5/site_perl/5.8.0/sun4-solaris
> > /usr/local/lib/perl5/site_perl/5.8.0 /usr/local/lib/perl5/site_perl .)
> > at (eval 190) line 3.
> >
> > Mon Jan 19 12:57:53 2004: DEBUG: Radius::AuthSQL REJECT:
> > Simultaneous-Use of 1 exceeded
> > Mon Jan 19 12:57:53 2004: DEBUG: Query is: 'select PASSWORD,
> > CHECKATTR, REPLYATTR from SUBSCRIBERS where USERNAME='DEFAULT'':
> >
> > Mon Jan 19 12:57:53 2004: DEBUG: Radius::AuthSQL looks for match with
> > DEFAULT
> > Mon Jan 19 12:57:53 2004: DEBUG: Handling with Radius::AuthLDAP2: LDAP
> > Mon Jan 19 12:57:53 2004: INFO: Connecting to 127.0.0.1, port 389
> > Mon Jan 19 12:57:53 2004: ERR: Could not open LDAP connection to
> > 127.0.0.1, port 389. Backing off for 600 seconds.
> > Mon Jan 19 12:57:53 2004: DEBUG: Radius::AuthSQL IGNORE: User database
> > access error
> > Mon Jan 19 12:57:53 2004: DEBUG: Handling with Radius::AuthUNIX: System
> > Mon Jan 19 12:57:53 2004: DEBUG: Radius::AuthUNIX looks for match with
> > nethelp1
> > Mon Jan 19 12:57:53 2004: INFO: Access rejected for nethelp1: No such
> > user
> > Mon Jan 19 12:57:53 2004: DEBUG: Packet dump:
> > *** Sending to 209.142.136.22 port 1812 ....
> > Code:       Access-Reject
> > Identifier: 12
> > Authentic:  <240><165><246>oN<222><231>t<28><143><163>oA<206><12><203>
> > Attributes:
> > 	Reply-Message = "choice: "
> > 	Reply-Message = "Request Denied"
> >
> > -----------------------------------------------
> > end trace 4 redback
> >
> >
> > Trace 4 cisco
> > -----------------------------------------------
> > Mon Jan 19 12:42:45 2004: DEBUG: Packet dump:
> > *** Received from 209.142.136.170 port 21659 ....
> > Code:       Access-Request
> > Identifier: 15
> > Authentic:  ,6~<148>$L<139>/<139>hC<142><166><16><184>D
> > Attributes:
> > 	Framed-Protocol = PPP
> > 	User-Name = "nethelp1"
> > 	User-Password =
> > "<219>@~<155><31><188><179><167><189><12><204><218><232><31><139>i"
> > 	NAS-Port-Type = Virtual
> > 	Cisco-NAS-Port = "5/0/0/3.102"
> > 	NAS-Port = 0
> > 	Service-Type = Framed-User
> > 	NAS-IP-Address = 209.142.136.170
> >
> > Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:42:45 2004: DEBUG: Handling request with Handler
> > 'Realm=DEFAULT'
> > Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:42:45 2004: DEBUG: SQLS Deleting session for nethelp1,
> > 209.142.136.170, 0
> > Mon Jan 19 12:42:45 2004: DEBUG: do query is: 'delete from RADONLINE
> > where NASIDENTIFIER='209.142.136.170' and NASPORT=00':
> >
> > Mon Jan 19 12:42:45 2004: DEBUG: Handling with Radius::AuthSQL
> > Mon Jan 19 12:42:45 2004: DEBUG: Handling with Radius::AuthSQL:
> > CheckSQL
> > Mon Jan 19 12:42:45 2004: DEBUG: Query is: 'select PASSWORD,
> > CHECKATTR, REPLYATTR from SUBSCRIBERS where USERNAME='nethelp1'':
> >
> > Mon Jan 19 12:42:45 2004: DEBUG: Radius::AuthSQL looks for match with
> > nethelp1
> > Mon Jan 19 12:42:45 2004: DEBUG: Query is: 'select NASIDENTIFIER,
> > NASPORT from RADONLINE where USERNAME ='nethelp1'':
> >
> > Mon Jan 19 12:42:45 2004: DEBUG: Radius::AuthSQL ACCEPT:
> > Mon Jan 19 12:42:45 2004: DEBUG: Access accepted for nethelp1
> > Mon Jan 19 12:42:45 2004: DEBUG: Packet dump:
> > *** Sending to 209.142.136.170 port 21659 ....
> > Code:       Access-Accept
> > Identifier: 15
> > Authentic:  ,6~<148>$L<139>/<139>hC<142><166><16><184>D
> > Attributes:
> > 	Framed-IP-Address = 66.112.90.42
> > 	Service-Type = Framed-User
> > 	Framed-Protocol = PPP
> > 	Framed-IP-Netmask = 255.255.255.255
> > 	Idle-Timeout = 0
> > 	Session-Timeout = 0
> >
> > Mon Jan 19 12:42:45 2004: DEBUG: Packet dump:
> > *** Received from 209.142.136.170 port 21659 ....
> > Code:       Accounting-Request
> > Identifier: 16
> > Authentic:  <211><202>yl<21>J<178>fh<233><213><244>4<236><236>b
> > Attributes:
> > 	Acct-Session-Id = "00000506"
> > 	cisco-avpair = "client-mac-address=0060.0f4e.604e"
> > 	Framed-Protocol = PPP
> > 	Acct-Authentic = RADIUS
> > 	User-Name = "nethelp1"
> > 	Acct-Status-Type = Start
> > 	NAS-Port-Type = Virtual
> > 	Cisco-NAS-Port = "5/0/0/3.102"
> > 	NAS-Port = 0
> > 	Service-Type = Framed-User
> > 	NAS-IP-Address = 209.142.136.170
> > 	Acct-Delay-Time = 0
> >
> > Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:42:45 2004: DEBUG: Handling request with Handler
> > 'Realm=DEFAULT'
> > Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:42:45 2004: DEBUG: SQLS Adding session for nethelp1,
> > 209.142.136.170, 0
> > Mon Jan 19 12:42:45 2004: DEBUG: do query is: 'delete from RADONLINE
> > where NASIDENTIFIER='209.142.136.170' and NASPORT=00':
> >
> > Mon Jan 19 12:42:45 2004: DEBUG: do query is: 'insert into RADONLINE
> > (USERNAME,NASIDENTIFIER, NASPORT, ACCTSESSIONID,
> > TIME_STAMP,FRAMEDIPADDRESS, NASPORTTYPE) values ('nethelp1',
> > '209.142.136.170','0', '00000506', 'Mon Jan 19 12:42:45 2004','',
> > 'Virtual')':
> >
> > Mon Jan 19 12:42:45 2004: DEBUG: Handling with Radius::AuthSQL
> > Mon Jan 19 12:42:45 2004: DEBUG: Handling accounting with
> > Radius::AuthSQL
> > Mon Jan 19 12:42:45 2004: DEBUG: Accounting accepted
> > Mon Jan 19 12:42:45 2004: DEBUG: Packet dump:
> > *** Sending to 209.142.136.170 port 21659 ....
> > Code:       Accounting-Response
> > Identifier: 16
> > Authentic:  <211><202>yl<21>J<178>fh<233><213><244>4<236><236>b
> > Attributes:
> >
> > Mon Jan 19 12:43:46 2004: DEBUG: Packet dump:
> > *** Received from 209.142.136.170 port 21659 ....
> > Code:       Access-Request
> > Identifier: 17
> > Authentic:  ~<193>en-4}<12>B<224><28><14>mr<201><0>
> > Attributes:
> > 	Framed-Protocol = PPP
> > 	User-Name = "nethelp1"
> > 	User-Password =
> > "<27><217><190>0<243><6>g<208><239><241><24><215><249>_<229>+"
> > 	NAS-Port-Type = Virtual
> > 	Cisco-NAS-Port = "5/0/0/3.104"
> > 	NAS-Port = 0
> > 	Service-Type = Framed-User
> > 	NAS-IP-Address = 209.142.136.170
> >
> > Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:43:46 2004: DEBUG: Handling request with Handler
> > 'Realm=DEFAULT'
> > Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:43:46 2004: DEBUG: SQLS Deleting session for nethelp1,
> > 209.142.136.170, 0
> > Mon Jan 19 12:43:46 2004: DEBUG: do query is: 'delete from RADONLINE
> > where NASIDENTIFIER='209.142.136.170' and NASPORT=00':
> >
> > Mon Jan 19 12:43:46 2004: DEBUG: Handling with Radius::AuthSQL
> > Mon Jan 19 12:43:46 2004: DEBUG: Handling with Radius::AuthSQL:
> > CheckSQL
> > Mon Jan 19 12:43:46 2004: DEBUG: Query is: 'select PASSWORD,
> > CHECKATTR, REPLYATTR from SUBSCRIBERS where USERNAME='nethelp1'':
> >
> > Mon Jan 19 12:43:46 2004: DEBUG: Radius::AuthSQL looks for match with
> > nethelp1
> > Mon Jan 19 12:43:46 2004: DEBUG: Query is: 'select NASIDENTIFIER,
> > NASPORT from RADONLINE where USERNAME ='nethelp1'':
> >
> > Mon Jan 19 12:43:46 2004: DEBUG: Radius::AuthSQL ACCEPT:
> > Mon Jan 19 12:43:46 2004: DEBUG: Access accepted for nethelp1
> > Mon Jan 19 12:43:46 2004: DEBUG: Packet dump:
> > *** Sending to 209.142.136.170 port 21659 ....
> > Code:       Access-Accept
> > Identifier: 17
> > Authentic:  ~<193>en-4}<12>B<224><28><14>mr<201><0>
> > Attributes:
> > 	Framed-IP-Address = 66.112.90.42
> > 	Service-Type = Framed-User
> > 	Framed-Protocol = PPP
> > 	Framed-IP-Netmask = 255.255.255.255
> > 	Idle-Timeout = 0
> > 	Session-Timeout = 0
> >
> > Mon Jan 19 12:43:46 2004: DEBUG: Packet dump:
> > *** Received from 209.142.136.170 port 21659 ....
> > Code:       Accounting-Request
> > Identifier: 18
> > Authentic:  <223>G<198><10><160>]<178>"<182><166>()<158>PZ<19>
> > Attributes:
> > 	Acct-Session-Id = "00000507"
> > 	cisco-avpair = "client-mac-address=0060.0fd5.b0f0"
> > 	Framed-Protocol = PPP
> > 	Acct-Authentic = RADIUS
> > 	User-Name = "nethelp1"
> > 	Acct-Status-Type = Start
> > 	NAS-Port-Type = Virtual
> > 	Cisco-NAS-Port = "5/0/0/3.104"
> > 	NAS-Port = 0
> > 	Service-Type = Framed-User
> > 	NAS-IP-Address = 209.142.136.170
> > 	Acct-Delay-Time = 0
> >
> > Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:43:46 2004: DEBUG: Handling request with Handler
> > 'Realm=DEFAULT'
> > Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
> > Mon Jan 19 12:43:46 2004: DEBUG: SQLS Adding session for nethelp1,
> > 209.142.136.170, 0
> > Mon Jan 19 12:43:46 2004: DEBUG: do query is: 'delete from RADONLINE
> > where NASIDENTIFIER='209.142.136.170' and NASPORT=00':
> >
> > Mon Jan 19 12:43:46 2004: DEBUG: do query is: 'insert into RADONLINE
> > (USERNAME,NASIDENTIFIER, NASPORT, ACCTSESSIONID,
> > TIME_STAMP,FRAMEDIPADDRESS, NASPORTTYPE) values ('nethelp1',
> > '209.142.136.170','0', '00000507', 'Mon Jan 19 12:43:46 2004','',
> > 'Virtual')':
> >
> > Mon Jan 19 12:43:46 2004: DEBUG: Handling with Radius::AuthSQL
> > Mon Jan 19 12:43:46 2004: DEBUG: Handling accounting with
> > Radius::AuthSQL
> > Mon Jan 19 12:43:46 2004: DEBUG: Accounting accepted
> > Mon Jan 19 12:43:46 2004: DEBUG: Packet dump:
> > *** Sending to 209.142.136.170 port 21659 ....
> > Code:       Accounting-Response
> > Identifier: 18
> > Authentic:  <223>G<198><10><160>]<178>"<182><166>()<158>PZ<19>
> > Attributes:
> >
> > -------------------------------------------------------------
> > end trace 4 cisco
> >
> > ===
> > Archive at http://www.open.com.au/archives/radiator/
> > Announcements on radiator-announce at open.com.au
> > To unsubscribe, email 'majordomo at open.com.au' with
> > 'unsubscribe radiator' in the body of the message.
> >
> >
>
> NB: have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> -
> CATool: Private Certificate Authority for Unix and Unix-like systems.
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list