(RADIATOR) DefaultSimultaneousUse With Cisco
DUFOUR Geoffrey
Geoffrey.DUFOUR at staff.win.be
Wed Jan 21 03:23:26 CST 2004
Hello Hugh, Al,
If you cannot rely on NAS-Port, simultaneous use can be based on User-Name/Acct-Session-Id instead of NAS-IP-Address/NAS-Port.
DeleteQuery delete from RADONLINE where USERNAME='%u' and ACCTSESSIONID = %3
For this to work, DeleteQuery must not be executed upon reception of Access-Request.
Of course this is less accurate than NAS-IP-Address/NAS-Port.
Hugh, correct ?
Regards.
Geoffrey
-----Message d'origine-----
De : owner-radiator at open.com.au [mailto:owner-radiator at open.com.au] De la part de Hugh Irvine
Envoyé : mercredi 21 janvier 2004 0:42
À : al mccain
Cc : radiator at open.com.au
Objet : Re: (RADIATOR) DefaultSimultaneousUse With Cisco
Hello Al -
Managing simultaneous use depends on being able to distinguish between
sessions.
If all of the sessions for the Cisco use NAS-Port 0 it is impossible to
know which is which.
You should check with Cisco.
regards
Hugh
On 21 Jan 2004, at 01:41, al mccain wrote:
> Hugh,
>
> Thanks for the quick reply! However, I am a little confused.
> Are you saying that there is no way to implement this with our cisco
> boxes?
>
> Thanks,
> Al
>
>
>
> On Tue, 20 Jan 2004, Hugh Irvine wrote:
>
>>
>> Hello Al -
>>
>> I'm guessing here, but I suspect the problem is due to your Client
>> definitions in the SQL database - specifically the contents of the
>> NASTYPE field for at least the NAS in question. As you will see from
>> the debug, Radiator is trying to find a module called "
>> Radius/Nas/.pm"
>> in the Redback case so this is not correct at all.
>>
>> The problem with the Cisco is that the NAS-Port attribute is always
>> "0", so this will never work in any case.
>>
>> regards
>>
>> Hugh
>>
>>
>> On 20 Jan 2004, at 09:04, al mccain wrote:
>>
>>>
>>> Hello Guys,
>>>
>>> I have yet another problem. We are trying to implement concurrent
>>> login
>>> checks. I am having trouble using DefaultSimultaneousUse = 1 with our
>>> cisco boxes. It works perfectly for our Redbacks equipment. Could
>>> someone
>>> take a look and let me know what I'm doing wrong? I have attached my
>>> config as well as 2 trace 4's. One is the redback (acting perfectly)
>>> and
>>> one of the cisco (acting no-so-perfectly).
>>>
>>> Thanks!
>>>
>>> Al
>>>
>>>
>>> Config
>>> --------------------------------------------------------
>>>
>>> #Foreground
>>> #LogStdout
>>> LogDir /var/adm/radacct
>>> DbDir /etc/raddb
>>> PreHandlerHook file:"%D/prehook"
>>>
>>> SnmpgetProg /usr/local/bin/snmpget
>>> Trace 4
>>> RewriteUsername s/^([^@]+)\@centurytel.net/$1/
>>> RewriteUsername s/^([^@]+)\@digisys.net/$1/
>>> RewriteUsername s/\s+//g
>>> #RewriteUsername s/\'//g
>>> RewriteUsername tr/A-Z/a-z/
>>> <Client DEFAULT>
>>>
>>>
>>> Secret letMEin
>>> DupInterval 0
>>>
>>>
>>> </Client>
>>>
>>> <SessionDatabase SQL>
>>>
>>> DBSource dbi:mysql:radius:*******************
>>> DBUsername ******
>>> DBAuth ********
>>> Identifier SQLS
>>>
>>> AddQuery insert into RADONLINE (USERNAME,\
>>> NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,\
>>> FRAMEDIPADDRESS, NASPORTTYPE) \
>>> values ('%n', '%N',\
>>> '%{NAS-Port}', '%{Acct-Session-Id}', '%o',\
>>> '%{Framed-IP-Address}', '%{NAS-Port-Type}')
>>>
>>>
>>> DeleteQuery delete from RADONLINE where NASIDENTIFIER='%1' and
>>> NASPORT=0%2
>>> ClearNasQuery delete from RADONLINE where NASIDENTIFIER='%0'
>>> CountQuery select NASIDENTIFIER, NASPORT, ACCTSESSIONID from
>>> RADONLINE
>>> \
>>> where USERNAME ='%u'
>>>
>>>
>>> </SessionDatabase>
>>>
>>>
>>> <ClientListSQL>
>>>
>>> DBSource dbi:mysql:radius:********************
>>> DBUsername *******
>>> DBAuth *********
>>>
>>> select NASIDENTIFIER,SECRET,IGNOREACCTSIGNATURE,DUPINTERVAL,
>>> \
>>> DEFAULTREALM,NASTYPE,SNMPCOMMUNITY,LIVINGSTONOFFS, \
>>> LIVINGSTONHOLE,FRAMEDGROUPBASEADDRESS, \
>>> FRAMEDGROUPMAXPORTSPERCLASSC,REWRITEUSERNAME, \
>>> NOIGNOREDUPLICATES from RADCLIENTLIST
>>>
>>>
>>> </ClientListSQL>
>>> <AuthBy UNIX>
>>>
>>> # DefaultSimultaneousUse 1
>>> Identifier System
>>> Filename /etc/shadow
>>>
>>> </AuthBy>
>>>
>>> <AuthBy LDAP2>
>>> DefaultSimultaneousUse 1
>>> Identifier LDAP
>>> Host 127.0.0.1
>>> Port 389
>>> AuthDN uid=searchuser,dc=centurytel,dc=net
>>> AuthPassword ********
>>> BaseDN %0=%1,ou=people,dc=centurytel,dc=net
>>> Scope base
>>> UsernameAttr uid
>>> PasswordAttr userPassword
>>> HoldServerConnection
>>> SearchFilter (&(gecos=active)(uid=%1))
>>> AuthAttrDef gidNumber, gid-attr, request
>>> # DefaultReply
>>> Service-Type=Framed-User,Framed-Protocol=PPP
>>> </AuthBy>
>>> <AuthBy SQL>
>>> # NoDefault
>>> DefaultSimultaneousUse 1
>>> Identifier CheckSQL
>>>
>>> DBSource dbi:mysql:radius:********************
>>> DBUsername ******
>>> DBAuth ********
>>>
>>>
>>> AuthSelect select PASSWORD, CHECKATTR, REPLYATTR \
>>> from SUBSCRIBERS \
>>> where USERNAME=%0
>>>
>>> AuthColumnDef 0, User-Password, check
>>> AuthColumnDef 1, GENERIC, check
>>> AuthColumnDef 2, GENERIC, reply
>>> # DefaultReply
>>> Service-Type=Framed-User,Framed-Protocol=PPP
>>>
>>>
>>> </AuthBy>
>>> <Realm DEFAULT>
>>> RewriteUsername s/^([^@]+).*/$1/
>>>
>>>
>>>
>>> PostAuthHook file:"%D/postHook"
>>> AcctLogFileName %L/%N/detail
>>>
>>>
>>>
>>> #AuthByPolicy ContinueWhileReject
>>> AuthByPolicy ContinueUntilAccept
>>> #AuthBy LDAP
>>> AuthBy CheckSQL
>>> AuthBy System
>>>
>>>
>>> </Realm>
>>>
>>> ----------------------------------------------
>>> End Config
>>>
>>>
>>> Trace 4 Redback
>>> ----------------------------------------------
>>> Mon Jan 19 12:56:10 2004: DEBUG: Packet dump:
>>> *** Received from 209.142.136.22 port 1812 ....
>>> Code: Access-Request
>>> Identifier: 11
>>> Authentic: E<138><164><4>E<130>FE<30><232><199>@<23>j<201><247>
>>> Attributes:
>>> User-Name = "nethelp1"
>>> User-Password = "<187>6<25>L<247><7><5><168><148><235>0 5V<3><199>"
>>> NAS-Identifier = "rb-test.mx"
>>> NAS-IP-Address = 209.142.136.22
>>> RB-NAS-Real-Port = 537067624
>>> Service-Type = Framed-User
>>> Framed-Protocol = PPP
>>> NAS-Port = 3892314117
>>> Connect-Info = "ubrc"
>>>
>>> Mon Jan 19 12:56:10 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:10 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:10 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:10 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:10 2004: DEBUG: Handling request with Handler
>>> 'Realm=DEFAULT'
>>> Mon Jan 19 12:56:10 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:10 2004: DEBUG: SQLS Deleting session for nethelp1,
>>> 209.142.136.22, 3892314117
>>> Mon Jan 19 12:56:10 2004: DEBUG: do query is: 'delete from RADONLINE
>>> where NASIDENTIFIER='209.142.136.22' and NASPORT=03892314117':
>>>
>>> Mon Jan 19 12:56:10 2004: DEBUG: Handling with Radius::AuthSQL
>>> Mon Jan 19 12:56:10 2004: DEBUG: Handling with Radius::AuthSQL:
>>> CheckSQL
>>> Mon Jan 19 12:56:10 2004: DEBUG: Query is: 'select PASSWORD,
>>> CHECKATTR, REPLYATTR from SUBSCRIBERS where USERNAME='nethelp1'':
>>>
>>> Mon Jan 19 12:56:10 2004: DEBUG: Radius::AuthSQL looks for match with
>>> nethelp1
>>> Mon Jan 19 12:56:10 2004: DEBUG: Query is: 'select NASIDENTIFIER,
>>> NASPORT from RADONLINE where USERNAME ='nethelp1'':
>>>
>>> Mon Jan 19 12:56:10 2004: DEBUG: Radius::AuthSQL ACCEPT:
>>> Mon Jan 19 12:56:10 2004: DEBUG: Access accepted for nethelp1
>>> Mon Jan 19 12:56:10 2004: DEBUG: Packet dump:
>>> *** Sending to 209.142.136.22 port 1812 ....
>>> Code: Access-Accept
>>> Identifier: 11
>>> Authentic: E<138><164><4>E<130>FE<30><232><199>@<23>j<201><247>
>>> Attributes:
>>> Framed-IP-Address = 66.112.90.42
>>> Service-Type = Framed-User
>>> Framed-Protocol = PPP
>>> Framed-IP-Netmask = 255.255.255.255
>>> Idle-Timeout = 0
>>> Session-Timeout = 0
>>>
>>> Mon Jan 19 12:56:12 2004: ERR: Attribute number 144 (vendor 2352) is
>>> not defined in your dictionary
>>> Mon Jan 19 12:56:12 2004: DEBUG: Packet dump:
>>> *** Received from 209.142.136.22 port 1812 ....
>>> Code: Accounting-Request
>>> Identifier: 29
>>> Authentic:
>>> <136>}<253><170><198>`<188><251>N<28><253>`<135><232><29>r
>>> Attributes:
>>> User-Name = "nethelp1"
>>> NAS-Identifier = "rb-test.mx"
>>> NAS-IP-Address = 209.142.136.22
>>> Service-Type = Framed-User
>>> Framed-Protocol = PPP
>>> NAS-Port = 3892314117
>>> RB-NAS-Real-Port = 537067624
>>> Acct-Session-Id = "E8000005-400B2C3E"
>>> Acct-Authentic = RADIUS
>>> Connect-Info = "ubrc"
>>> Framed-IP-Address = 66.112.90.42
>>> Acct-Status-Type = Start
>>>
>>> Mon Jan 19 12:56:12 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:12 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:12 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:12 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:12 2004: DEBUG: Handling request with Handler
>>> 'Realm=DEFAULT'
>>> Mon Jan 19 12:56:12 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:12 2004: DEBUG: SQLS Adding session for nethelp1,
>>> 209.142.136.22, 3892314117
>>> Mon Jan 19 12:56:12 2004: DEBUG: do query is: 'delete from RADONLINE
>>> where NASIDENTIFIER='209.142.136.22' and NASPORT=03892314117':
>>>
>>> Mon Jan 19 12:56:12 2004: DEBUG: do query is: 'insert into RADONLINE
>>> (USERNAME,NASIDENTIFIER, NASPORT, ACCTSESSIONID,
>>> TIME_STAMP,FRAMEDIPADDRESS, NASPORTTYPE) values ('nethelp1',
>>> '209.142.136.22','3892314117', 'E8000005-400B2C3E', 'Mon Jan 19
>>> 12:56:12 2004','66.112.90.42', '')':
>>>
>>> Mon Jan 19 12:56:12 2004: DEBUG: Handling with Radius::AuthSQL
>>> Mon Jan 19 12:56:12 2004: DEBUG: Handling accounting with
>>> Radius::AuthSQL
>>> Mon Jan 19 12:56:12 2004: DEBUG: Accounting accepted
>>> Mon Jan 19 12:56:12 2004: DEBUG: Packet dump:
>>> *** Sending to 209.142.136.22 port 1812 ....
>>> Code: Accounting-Response
>>> Identifier: 29
>>> Authentic:
>>> <136>}<253><170><198>`<188><251>N<28><253>`<135><232><29>r
>>> Attributes:
>>>
>>> Mon Jan 19 12:56:13 2004: ERR: Attribute number 144 (vendor 2352) is
>>> not defined in your dictionary
>>> Mon Jan 19 12:56:13 2004: DEBUG: Packet dump:
>>> *** Received from 209.142.136.22 port 1812 ....
>>> Code: Accounting-Request
>>> Identifier: 30
>>> Authentic: g%M<161><249><226><174>'<244>NO<194>5Y<176>s
>>> Attributes:
>>> User-Name = "nethelp1"
>>> NAS-Identifier = "rb-test.mx"
>>> NAS-IP-Address = 209.142.136.22
>>> Service-Type = Framed-User
>>> Framed-Protocol = PPP
>>> NAS-Port = 3892314117
>>> RB-NAS-Real-Port = 537067624
>>> Acct-Session-Id = "E8000005-400B2C3E"
>>> Acct-Authentic = RADIUS
>>> Connect-Info = "ubrc"
>>> Acct-Status-Type = Alive
>>> Framed-IP-Address = 66.112.90.42
>>> Framed-IP-Netmask = 255.255.255.255
>>> RB-Client-DNS-Pri = 209.142.136.85
>>> RB-Client-DNS-Sec = 209.206.199.16
>>> Acct-Input-Octets = 180
>>> Acct-Output-Octets = 0
>>> Acct-Input-Packets = 3
>>> Acct-Output-Packets = 0
>>> Acct-Session-Time = 0
>>> RB-Acct-Input-Octets-64 = 0xb4
>>> RB-Acct-Output-Octets-64 = 0x0
>>> RB-Acct-Input-Packets-64 = 0x3
>>> RB-Acct-Output-Packets-64 = 0x0
>>>
>>> Mon Jan 19 12:56:13 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:13 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:13 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:13 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:13 2004: DEBUG: Handling request with Handler
>>> 'Realm=DEFAULT'
>>> Mon Jan 19 12:56:13 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:13 2004: DEBUG: SQLS Adding session for nethelp1,
>>> 209.142.136.22, 3892314117
>>> Mon Jan 19 12:56:13 2004: DEBUG: do query is: 'delete from RADONLINE
>>> where NASIDENTIFIER='209.142.136.22' and NASPORT=03892314117':
>>>
>>> Mon Jan 19 12:56:13 2004: DEBUG: do query is: 'insert into RADONLINE
>>> (USERNAME,NASIDENTIFIER, NASPORT, ACCTSESSIONID,
>>> TIME_STAMP,FRAMEDIPADDRESS, NASPORTTYPE) values ('nethelp1',
>>> '209.142.136.22','3892314117', 'E8000005-400B2C3E', 'Mon Jan 19
>>> 12:56:13 2004','66.112.90.42', '')':
>>>
>>> Mon Jan 19 12:56:13 2004: DEBUG: Handling with Radius::AuthSQL
>>> Mon Jan 19 12:56:13 2004: DEBUG: Handling accounting with
>>> Radius::AuthSQL
>>> Mon Jan 19 12:56:13 2004: DEBUG: Accounting accepted
>>> Mon Jan 19 12:56:13 2004: DEBUG: Packet dump:
>>> *** Sending to 209.142.136.22 port 1812 ....
>>> Code: Accounting-Response
>>> Identifier: 30
>>> Authentic: g%M<161><249><226><174>'<244>NO<194>5Y<176>s
>>> Attributes:
>>>
>>> Mon Jan 19 12:57:53 2004: DEBUG: Packet dump:
>>> *** Received from 209.142.136.22 port 1812 ....
>>> Code: Access-Request
>>> Identifier: 12
>>> Authentic:
>>> <240><165><246>oN<222><231>t<28><143><163>oA<206><12><203>
>>> Attributes:
>>> User-Name = "nethelp1"
>>> User-Password = ""<4>y<223>1J<218>2<240><239><149><197>I<213>"m"
>>> NAS-Identifier = "rb-test.mx"
>>> NAS-IP-Address = 209.142.136.22
>>> RB-NAS-Real-Port = 537067622
>>> Service-Type = Framed-User
>>> Framed-Protocol = PPP
>>> NAS-Port = 3892314118
>>> Connect-Info = "ubrc"
>>>
>>> Mon Jan 19 12:57:53 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:57:53 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:57:53 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:57:53 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:57:53 2004: DEBUG: Handling request with Handler
>>> 'Realm=DEFAULT'
>>> Mon Jan 19 12:57:53 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:57:53 2004: DEBUG: SQLS Deleting session for nethelp1,
>>> 209.142.136.22, 3892314118
>>> Mon Jan 19 12:57:53 2004: DEBUG: do query is: 'delete from RADONLINE
>>> where NASIDENTIFIER='209.142.136.22' and NASPORT=03892314118':
>>>
>>> Mon Jan 19 12:57:53 2004: DEBUG: Handling with Radius::AuthSQL
>>> Mon Jan 19 12:57:53 2004: DEBUG: Handling with Radius::AuthSQL:
>>> CheckSQL
>>> Mon Jan 19 12:57:53 2004: DEBUG: Query is: 'select PASSWORD,
>>> CHECKATTR, REPLYATTR from SUBSCRIBERS where USERNAME='nethelp1'':
>>>
>>> Mon Jan 19 12:57:53 2004: DEBUG: Radius::AuthSQL looks for match with
>>> nethelp1
>>> Mon Jan 19 12:57:53 2004: DEBUG: Query is: 'select NASIDENTIFIER,
>>> NASPORT from RADONLINE where USERNAME ='nethelp1'':
>>>
>>> Mon Jan 19 12:57:53 2004: DEBUG: Checking if user is still online: ,
>>> nethelp1, 209.142.136.22, 3892314117,
>>> Mon Jan 19 12:57:53 2004: ERR: Could not load NAS-specific module
>>> Radius::Nas::: Can't locate Radius/Nas/.pm in @INC (@INC contains: .
>>> /usr/local/lib/perl5/5.8.0/sun4-solaris /usr/local/lib/perl5/5.8.0
>>> /usr/local/lib/perl5/site_perl/5.8.0/sun4-solaris
>>> /usr/local/lib/perl5/site_perl/5.8.0 /usr/local/lib/perl5/site_perl
>>> .)
>>> at (eval 190) line 3.
>>>
>>> Mon Jan 19 12:57:53 2004: DEBUG: Radius::AuthSQL REJECT:
>>> Simultaneous-Use of 1 exceeded
>>> Mon Jan 19 12:57:53 2004: DEBUG: Query is: 'select PASSWORD,
>>> CHECKATTR, REPLYATTR from SUBSCRIBERS where USERNAME='DEFAULT'':
>>>
>>> Mon Jan 19 12:57:53 2004: DEBUG: Radius::AuthSQL looks for match with
>>> DEFAULT
>>> Mon Jan 19 12:57:53 2004: DEBUG: Handling with Radius::AuthLDAP2:
>>> LDAP
>>> Mon Jan 19 12:57:53 2004: INFO: Connecting to 127.0.0.1, port 389
>>> Mon Jan 19 12:57:53 2004: ERR: Could not open LDAP connection to
>>> 127.0.0.1, port 389. Backing off for 600 seconds.
>>> Mon Jan 19 12:57:53 2004: DEBUG: Radius::AuthSQL IGNORE: User
>>> database
>>> access error
>>> Mon Jan 19 12:57:53 2004: DEBUG: Handling with Radius::AuthUNIX:
>>> System
>>> Mon Jan 19 12:57:53 2004: DEBUG: Radius::AuthUNIX looks for match
>>> with
>>> nethelp1
>>> Mon Jan 19 12:57:53 2004: INFO: Access rejected for nethelp1: No such
>>> user
>>> Mon Jan 19 12:57:53 2004: DEBUG: Packet dump:
>>> *** Sending to 209.142.136.22 port 1812 ....
>>> Code: Access-Reject
>>> Identifier: 12
>>> Authentic:
>>> <240><165><246>oN<222><231>t<28><143><163>oA<206><12><203>
>>> Attributes:
>>> Reply-Message = "choice: "
>>> Reply-Message = "Request Denied"
>>>
>>> -----------------------------------------------
>>> end trace 4 redback
>>>
>>>
>>> Trace 4 cisco
>>> -----------------------------------------------
>>> Mon Jan 19 12:42:45 2004: DEBUG: Packet dump:
>>> *** Received from 209.142.136.170 port 21659 ....
>>> Code: Access-Request
>>> Identifier: 15
>>> Authentic: ,6~<148>$L<139>/<139>hC<142><166><16><184>D
>>> Attributes:
>>> Framed-Protocol = PPP
>>> User-Name = "nethelp1"
>>> User-Password =
>>> "<219>@~<155><31><188><179><167><189><12><204><218><232><31><139>i"
>>> NAS-Port-Type = Virtual
>>> Cisco-NAS-Port = "5/0/0/3.102"
>>> NAS-Port = 0
>>> Service-Type = Framed-User
>>> NAS-IP-Address = 209.142.136.170
>>>
>>> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:42:45 2004: DEBUG: Handling request with Handler
>>> 'Realm=DEFAULT'
>>> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:42:45 2004: DEBUG: SQLS Deleting session for nethelp1,
>>> 209.142.136.170, 0
>>> Mon Jan 19 12:42:45 2004: DEBUG: do query is: 'delete from RADONLINE
>>> where NASIDENTIFIER='209.142.136.170' and NASPORT=00':
>>>
>>> Mon Jan 19 12:42:45 2004: DEBUG: Handling with Radius::AuthSQL
>>> Mon Jan 19 12:42:45 2004: DEBUG: Handling with Radius::AuthSQL:
>>> CheckSQL
>>> Mon Jan 19 12:42:45 2004: DEBUG: Query is: 'select PASSWORD,
>>> CHECKATTR, REPLYATTR from SUBSCRIBERS where USERNAME='nethelp1'':
>>>
>>> Mon Jan 19 12:42:45 2004: DEBUG: Radius::AuthSQL looks for match with
>>> nethelp1
>>> Mon Jan 19 12:42:45 2004: DEBUG: Query is: 'select NASIDENTIFIER,
>>> NASPORT from RADONLINE where USERNAME ='nethelp1'':
>>>
>>> Mon Jan 19 12:42:45 2004: DEBUG: Radius::AuthSQL ACCEPT:
>>> Mon Jan 19 12:42:45 2004: DEBUG: Access accepted for nethelp1
>>> Mon Jan 19 12:42:45 2004: DEBUG: Packet dump:
>>> *** Sending to 209.142.136.170 port 21659 ....
>>> Code: Access-Accept
>>> Identifier: 15
>>> Authentic: ,6~<148>$L<139>/<139>hC<142><166><16><184>D
>>> Attributes:
>>> Framed-IP-Address = 66.112.90.42
>>> Service-Type = Framed-User
>>> Framed-Protocol = PPP
>>> Framed-IP-Netmask = 255.255.255.255
>>> Idle-Timeout = 0
>>> Session-Timeout = 0
>>>
>>> Mon Jan 19 12:42:45 2004: DEBUG: Packet dump:
>>> *** Received from 209.142.136.170 port 21659 ....
>>> Code: Accounting-Request
>>> Identifier: 16
>>> Authentic: <211><202>yl<21>J<178>fh<233><213><244>4<236><236>b
>>> Attributes:
>>> Acct-Session-Id = "00000506"
>>> cisco-avpair = "client-mac-address=0060.0f4e.604e"
>>> Framed-Protocol = PPP
>>> Acct-Authentic = RADIUS
>>> User-Name = "nethelp1"
>>> Acct-Status-Type = Start
>>> NAS-Port-Type = Virtual
>>> Cisco-NAS-Port = "5/0/0/3.102"
>>> NAS-Port = 0
>>> Service-Type = Framed-User
>>> NAS-IP-Address = 209.142.136.170
>>> Acct-Delay-Time = 0
>>>
>>> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:42:45 2004: DEBUG: Handling request with Handler
>>> 'Realm=DEFAULT'
>>> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:42:45 2004: DEBUG: SQLS Adding session for nethelp1,
>>> 209.142.136.170, 0
>>> Mon Jan 19 12:42:45 2004: DEBUG: do query is: 'delete from RADONLINE
>>> where NASIDENTIFIER='209.142.136.170' and NASPORT=00':
>>>
>>> Mon Jan 19 12:42:45 2004: DEBUG: do query is: 'insert into RADONLINE
>>> (USERNAME,NASIDENTIFIER, NASPORT, ACCTSESSIONID,
>>> TIME_STAMP,FRAMEDIPADDRESS, NASPORTTYPE) values ('nethelp1',
>>> '209.142.136.170','0', '00000506', 'Mon Jan 19 12:42:45 2004','',
>>> 'Virtual')':
>>>
>>> Mon Jan 19 12:42:45 2004: DEBUG: Handling with Radius::AuthSQL
>>> Mon Jan 19 12:42:45 2004: DEBUG: Handling accounting with
>>> Radius::AuthSQL
>>> Mon Jan 19 12:42:45 2004: DEBUG: Accounting accepted
>>> Mon Jan 19 12:42:45 2004: DEBUG: Packet dump:
>>> *** Sending to 209.142.136.170 port 21659 ....
>>> Code: Accounting-Response
>>> Identifier: 16
>>> Authentic: <211><202>yl<21>J<178>fh<233><213><244>4<236><236>b
>>> Attributes:
>>>
>>> Mon Jan 19 12:43:46 2004: DEBUG: Packet dump:
>>> *** Received from 209.142.136.170 port 21659 ....
>>> Code: Access-Request
>>> Identifier: 17
>>> Authentic: ~<193>en-4}<12>B<224><28><14>mr<201><0>
>>> Attributes:
>>> Framed-Protocol = PPP
>>> User-Name = "nethelp1"
>>> User-Password =
>>> "<27><217><190>0<243><6>g<208><239><241><24><215><249>_<229>+"
>>> NAS-Port-Type = Virtual
>>> Cisco-NAS-Port = "5/0/0/3.104"
>>> NAS-Port = 0
>>> Service-Type = Framed-User
>>> NAS-IP-Address = 209.142.136.170
>>>
>>> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:43:46 2004: DEBUG: Handling request with Handler
>>> 'Realm=DEFAULT'
>>> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:43:46 2004: DEBUG: SQLS Deleting session for nethelp1,
>>> 209.142.136.170, 0
>>> Mon Jan 19 12:43:46 2004: DEBUG: do query is: 'delete from RADONLINE
>>> where NASIDENTIFIER='209.142.136.170' and NASPORT=00':
>>>
>>> Mon Jan 19 12:43:46 2004: DEBUG: Handling with Radius::AuthSQL
>>> Mon Jan 19 12:43:46 2004: DEBUG: Handling with Radius::AuthSQL:
>>> CheckSQL
>>> Mon Jan 19 12:43:46 2004: DEBUG: Query is: 'select PASSWORD,
>>> CHECKATTR, REPLYATTR from SUBSCRIBERS where USERNAME='nethelp1'':
>>>
>>> Mon Jan 19 12:43:46 2004: DEBUG: Radius::AuthSQL looks for match with
>>> nethelp1
>>> Mon Jan 19 12:43:46 2004: DEBUG: Query is: 'select NASIDENTIFIER,
>>> NASPORT from RADONLINE where USERNAME ='nethelp1'':
>>>
>>> Mon Jan 19 12:43:46 2004: DEBUG: Radius::AuthSQL ACCEPT:
>>> Mon Jan 19 12:43:46 2004: DEBUG: Access accepted for nethelp1
>>> Mon Jan 19 12:43:46 2004: DEBUG: Packet dump:
>>> *** Sending to 209.142.136.170 port 21659 ....
>>> Code: Access-Accept
>>> Identifier: 17
>>> Authentic: ~<193>en-4}<12>B<224><28><14>mr<201><0>
>>> Attributes:
>>> Framed-IP-Address = 66.112.90.42
>>> Service-Type = Framed-User
>>> Framed-Protocol = PPP
>>> Framed-IP-Netmask = 255.255.255.255
>>> Idle-Timeout = 0
>>> Session-Timeout = 0
>>>
>>> Mon Jan 19 12:43:46 2004: DEBUG: Packet dump:
>>> *** Received from 209.142.136.170 port 21659 ....
>>> Code: Accounting-Request
>>> Identifier: 18
>>> Authentic: <223>G<198><10><160>]<178>"<182><166>()<158>PZ<19>
>>> Attributes:
>>> Acct-Session-Id = "00000507"
>>> cisco-avpair = "client-mac-address=0060.0fd5.b0f0"
>>> Framed-Protocol = PPP
>>> Acct-Authentic = RADIUS
>>> User-Name = "nethelp1"
>>> Acct-Status-Type = Start
>>> NAS-Port-Type = Virtual
>>> Cisco-NAS-Port = "5/0/0/3.104"
>>> NAS-Port = 0
>>> Service-Type = Framed-User
>>> NAS-IP-Address = 209.142.136.170
>>> Acct-Delay-Time = 0
>>>
>>> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:43:46 2004: DEBUG: Handling request with Handler
>>> 'Realm=DEFAULT'
>>> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:43:46 2004: DEBUG: SQLS Adding session for nethelp1,
>>> 209.142.136.170, 0
>>> Mon Jan 19 12:43:46 2004: DEBUG: do query is: 'delete from RADONLINE
>>> where NASIDENTIFIER='209.142.136.170' and NASPORT=00':
>>>
>>> Mon Jan 19 12:43:46 2004: DEBUG: do query is: 'insert into RADONLINE
>>> (USERNAME,NASIDENTIFIER, NASPORT, ACCTSESSIONID,
>>> TIME_STAMP,FRAMEDIPADDRESS, NASPORTTYPE) values ('nethelp1',
>>> '209.142.136.170','0', '00000507', 'Mon Jan 19 12:43:46 2004','',
>>> 'Virtual')':
>>>
>>> Mon Jan 19 12:43:46 2004: DEBUG: Handling with Radius::AuthSQL
>>> Mon Jan 19 12:43:46 2004: DEBUG: Handling accounting with
>>> Radius::AuthSQL
>>> Mon Jan 19 12:43:46 2004: DEBUG: Accounting accepted
>>> Mon Jan 19 12:43:46 2004: DEBUG: Packet dump:
>>> *** Sending to 209.142.136.170 port 21659 ....
>>> Code: Accounting-Response
>>> Identifier: 18
>>> Authentic: <223>G<198><10><160>]<178>"<182><166>()<158>PZ<19>
>>> Attributes:
>>>
>>> -------------------------------------------------------------
>>> end trace 4 cisco
>>>
>>> ===
>>> Archive at http://www.open.com.au/archives/radiator/
>>> Announcements on radiator-announce at open.com.au
>>> To unsubscribe, email 'majordomo at open.com.au' with
>>> 'unsubscribe radiator' in the body of the message.
>>>
>>>
>>
>> NB: have you included a copy of your configuration file (no secrets),
>> together with a trace 4 debug showing what is happening?
>>
>> --
>> Radiator: the most portable, flexible and configurable RADIUS server
>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
>> -
>> Nets: internetwork inventory and management - graphical, extensible,
>> flexible with hardware, software, platform and database independence.
>> -
>> CATool: Private Certificate Authority for Unix and Unix-like systems.
>>
>> ===
>> Archive at http://www.open.com.au/archives/radiator/
>> Announcements on radiator-announce at open.com.au
>> To unsubscribe, email 'majordomo at open.com.au' with
>> 'unsubscribe radiator' in the body of the message.
>>
>
>
NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list