(RADIATOR) DefaultSimultaneousUse With Cisco

DUFOUR Geoffrey Geoffrey.DUFOUR at staff.win.be
Wed Jan 21 03:23:26 CST 2004


Hello Hugh, Al,

If you cannot rely on NAS-Port, simultaneous use can be based on User-Name/Acct-Session-Id instead of NAS-IP-Address/NAS-Port. 

DeleteQuery delete from RADONLINE where USERNAME='%u' and ACCTSESSIONID = %3

For this to work, DeleteQuery must not be executed upon reception of Access-Request.

Of course this is less accurate than NAS-IP-Address/NAS-Port.

Hugh, correct ?

Regards.

Geoffrey

-----Message d'origine-----
De : owner-radiator at open.com.au [mailto:owner-radiator at open.com.au] De la part de Hugh Irvine
Envoyé : mercredi 21 janvier 2004 0:42
À : al mccain
Cc : radiator at open.com.au
Objet : Re: (RADIATOR) DefaultSimultaneousUse With Cisco


Hello Al -

Managing simultaneous use depends on being able to distinguish between 
sessions.

If all of the sessions for the Cisco use NAS-Port 0 it is impossible to 
know which is which.

You should check with Cisco.

regards

Hugh


On 21 Jan 2004, at 01:41, al mccain wrote:

> Hugh,
>
> Thanks for the quick reply! However, I am a little confused.
> Are you saying that there is no way to implement this with our cisco
> boxes?
>
> Thanks,
> Al
>
>
>
> On Tue, 20 Jan 2004, Hugh Irvine wrote:
>
>>
>> Hello Al -
>>
>> I'm guessing here, but I suspect the problem is due to your Client
>> definitions in the SQL database - specifically the contents of the
>> NASTYPE field for at least the NAS in question. As you will see from
>> the debug, Radiator is trying to find a module called " 
>> Radius/Nas/.pm"
>> in the Redback case so this is not correct at all.
>>
>> The problem with the Cisco is that the NAS-Port attribute is always
>> "0", so this will never work in any case.
>>
>> regards
>>
>> Hugh
>>
>>
>> On 20 Jan 2004, at 09:04, al mccain wrote:
>>
>>>
>>> Hello Guys,
>>>
>>> I have yet another problem. We are trying to implement concurrent 
>>> login
>>> checks. I am having trouble using DefaultSimultaneousUse = 1 with our
>>> cisco boxes. It works perfectly for our Redbacks equipment. Could
>>> someone
>>> take a look and let me know what I'm doing wrong? I have attached my
>>> config as well as 2 trace 4's. One is the redback (acting perfectly)
>>> and
>>> one of the cisco (acting no-so-perfectly).
>>>
>>> Thanks!
>>>
>>> Al
>>>
>>>
>>> Config
>>> --------------------------------------------------------
>>>
>>> #Foreground
>>> #LogStdout
>>> LogDir /var/adm/radacct
>>> DbDir /etc/raddb
>>> PreHandlerHook file:"%D/prehook"
>>>
>>> SnmpgetProg /usr/local/bin/snmpget
>>> Trace 4
>>> RewriteUsername         s/^([^@]+)\@centurytel.net/$1/
>>> RewriteUsername         s/^([^@]+)\@digisys.net/$1/
>>> RewriteUsername         s/\s+//g
>>> #RewriteUsername		s/\'//g
>>> RewriteUsername         tr/A-Z/a-z/
>>> <Client DEFAULT>
>>>
>>>
>>>         Secret letMEin
>>>         DupInterval 0
>>>
>>>
>>> </Client>
>>>
>>> <SessionDatabase SQL>
>>>
>>>        DBSource dbi:mysql:radius:*******************
>>>        DBUsername ******
>>>        DBAuth ********
>>>         Identifier SQLS
>>>
>>>                 AddQuery insert into RADONLINE (USERNAME,\
>>>                 NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,\
>>>                 FRAMEDIPADDRESS, NASPORTTYPE) \
>>>                 values ('%n', '%N',\
>>>                 '%{NAS-Port}', '%{Acct-Session-Id}', '%o',\
>>>                 '%{Framed-IP-Address}', '%{NAS-Port-Type}')
>>>
>>>
>>> DeleteQuery  delete from RADONLINE where NASIDENTIFIER='%1' and
>>> NASPORT=0%2
>>> ClearNasQuery delete from RADONLINE where NASIDENTIFIER='%0'
>>> CountQuery select NASIDENTIFIER, NASPORT, ACCTSESSIONID from 
>>> RADONLINE
>>> \
>>> where USERNAME ='%u'
>>>
>>>
>>> </SessionDatabase>
>>>
>>>
>>> <ClientListSQL>
>>>
>>>         DBSource        dbi:mysql:radius:********************
>>>         DBUsername *******
>>>         DBAuth *********
>>>
>>>         select NASIDENTIFIER,SECRET,IGNOREACCTSIGNATURE,DUPINTERVAL, 
>>> \
>>>         DEFAULTREALM,NASTYPE,SNMPCOMMUNITY,LIVINGSTONOFFS, \
>>>         LIVINGSTONHOLE,FRAMEDGROUPBASEADDRESS, \
>>>         FRAMEDGROUPMAXPORTSPERCLASSC,REWRITEUSERNAME, \
>>>         NOIGNOREDUPLICATES from RADCLIENTLIST
>>>
>>>
>>> </ClientListSQL>
>>> <AuthBy UNIX>
>>>
>>> #       DefaultSimultaneousUse 1
>>>         Identifier System
>>>         Filename /etc/shadow
>>>
>>> </AuthBy>
>>>
>>> <AuthBy LDAP2>
>>>                DefaultSimultaneousUse 1
>>>                 Identifier LDAP
>>>                 Host    127.0.0.1
>>>                 Port    389
>>>                 AuthDN  uid=searchuser,dc=centurytel,dc=net
>>>                 AuthPassword    ********
>>>                 BaseDN  %0=%1,ou=people,dc=centurytel,dc=net
>>>                 Scope   base
>>>                 UsernameAttr    uid
>>>                 PasswordAttr    userPassword
>>>                 HoldServerConnection
>>>                 SearchFilter (&(gecos=active)(uid=%1))
>>>                 AuthAttrDef gidNumber, gid-attr, request
>>> #               DefaultReply
>>> Service-Type=Framed-User,Framed-Protocol=PPP
>>> </AuthBy>
>>> <AuthBy SQL>
>>> #       NoDefault
>>>         DefaultSimultaneousUse 1
>>>         Identifier CheckSQL
>>>
>>>         DBSource        dbi:mysql:radius:********************
>>>         DBUsername ******
>>>         DBAuth ********
>>>
>>>
>>>         AuthSelect select PASSWORD, CHECKATTR, REPLYATTR \
>>>        from SUBSCRIBERS \
>>>       where USERNAME=%0
>>>
>>> AuthColumnDef 0, User-Password, check
>>> AuthColumnDef 1, GENERIC, check
>>> AuthColumnDef 2, GENERIC, reply
>>> #               DefaultReply
>>> Service-Type=Framed-User,Framed-Protocol=PPP
>>>
>>>
>>> </AuthBy>
>>> <Realm DEFAULT>
>>> RewriteUsername s/^([^@]+).*/$1/
>>>
>>>
>>>
>>>  PostAuthHook file:"%D/postHook"
>>>         AcctLogFileName %L/%N/detail
>>>
>>>
>>>
>>>         #AuthByPolicy ContinueWhileReject
>>>         AuthByPolicy    ContinueUntilAccept
>>>         #AuthBy LDAP
>>>         AuthBy CheckSQL
>>>         AuthBy System
>>>
>>>
>>> </Realm>
>>>
>>> ----------------------------------------------
>>> End Config
>>>
>>>
>>> Trace 4 Redback
>>> ----------------------------------------------
>>> Mon Jan 19 12:56:10 2004: DEBUG: Packet dump:
>>> *** Received from 209.142.136.22 port 1812 ....
>>> Code:       Access-Request
>>> Identifier: 11
>>> Authentic:  E<138><164><4>E<130>FE<30><232><199>@<23>j<201><247>
>>> Attributes:
>>> 	User-Name = "nethelp1"
>>> 	User-Password = "<187>6<25>L<247><7><5><168><148><235>0 5V<3><199>"
>>> 	NAS-Identifier = "rb-test.mx"
>>> 	NAS-IP-Address = 209.142.136.22
>>> 	RB-NAS-Real-Port = 537067624
>>> 	Service-Type = Framed-User
>>> 	Framed-Protocol = PPP
>>> 	NAS-Port = 3892314117
>>> 	Connect-Info = "ubrc"
>>>
>>> Mon Jan 19 12:56:10 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:10 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:10 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:10 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:10 2004: DEBUG: Handling request with Handler
>>> 'Realm=DEFAULT'
>>> Mon Jan 19 12:56:10 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:10 2004: DEBUG: SQLS Deleting session for nethelp1,
>>> 209.142.136.22, 3892314117
>>> Mon Jan 19 12:56:10 2004: DEBUG: do query is: 'delete from RADONLINE
>>> where NASIDENTIFIER='209.142.136.22' and NASPORT=03892314117':
>>>
>>> Mon Jan 19 12:56:10 2004: DEBUG: Handling with Radius::AuthSQL
>>> Mon Jan 19 12:56:10 2004: DEBUG: Handling with Radius::AuthSQL:
>>> CheckSQL
>>> Mon Jan 19 12:56:10 2004: DEBUG: Query is: 'select PASSWORD,
>>> CHECKATTR, REPLYATTR from SUBSCRIBERS where USERNAME='nethelp1'':
>>>
>>> Mon Jan 19 12:56:10 2004: DEBUG: Radius::AuthSQL looks for match with
>>> nethelp1
>>> Mon Jan 19 12:56:10 2004: DEBUG: Query is: 'select NASIDENTIFIER,
>>> NASPORT from RADONLINE where USERNAME ='nethelp1'':
>>>
>>> Mon Jan 19 12:56:10 2004: DEBUG: Radius::AuthSQL ACCEPT:
>>> Mon Jan 19 12:56:10 2004: DEBUG: Access accepted for nethelp1
>>> Mon Jan 19 12:56:10 2004: DEBUG: Packet dump:
>>> *** Sending to 209.142.136.22 port 1812 ....
>>> Code:       Access-Accept
>>> Identifier: 11
>>> Authentic:  E<138><164><4>E<130>FE<30><232><199>@<23>j<201><247>
>>> Attributes:
>>> 	Framed-IP-Address = 66.112.90.42
>>> 	Service-Type = Framed-User
>>> 	Framed-Protocol = PPP
>>> 	Framed-IP-Netmask = 255.255.255.255
>>> 	Idle-Timeout = 0
>>> 	Session-Timeout = 0
>>>
>>> Mon Jan 19 12:56:12 2004: ERR: Attribute number 144 (vendor 2352) is
>>> not defined in your dictionary
>>> Mon Jan 19 12:56:12 2004: DEBUG: Packet dump:
>>> *** Received from 209.142.136.22 port 1812 ....
>>> Code:       Accounting-Request
>>> Identifier: 29
>>> Authentic:  
>>> <136>}<253><170><198>`<188><251>N<28><253>`<135><232><29>r
>>> Attributes:
>>> 	User-Name = "nethelp1"
>>> 	NAS-Identifier = "rb-test.mx"
>>> 	NAS-IP-Address = 209.142.136.22
>>> 	Service-Type = Framed-User
>>> 	Framed-Protocol = PPP
>>> 	NAS-Port = 3892314117
>>> 	RB-NAS-Real-Port = 537067624
>>> 	Acct-Session-Id = "E8000005-400B2C3E"
>>> 	Acct-Authentic = RADIUS
>>> 	Connect-Info = "ubrc"
>>> 	Framed-IP-Address = 66.112.90.42
>>> 	Acct-Status-Type = Start
>>>
>>> Mon Jan 19 12:56:12 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:12 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:12 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:12 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:12 2004: DEBUG: Handling request with Handler
>>> 'Realm=DEFAULT'
>>> Mon Jan 19 12:56:12 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:12 2004: DEBUG: SQLS Adding session for nethelp1,
>>> 209.142.136.22, 3892314117
>>> Mon Jan 19 12:56:12 2004: DEBUG: do query is: 'delete from RADONLINE
>>> where NASIDENTIFIER='209.142.136.22' and NASPORT=03892314117':
>>>
>>> Mon Jan 19 12:56:12 2004: DEBUG: do query is: 'insert into RADONLINE
>>> (USERNAME,NASIDENTIFIER, NASPORT, ACCTSESSIONID,
>>> TIME_STAMP,FRAMEDIPADDRESS, NASPORTTYPE) values ('nethelp1',
>>> '209.142.136.22','3892314117', 'E8000005-400B2C3E', 'Mon Jan 19
>>> 12:56:12 2004','66.112.90.42', '')':
>>>
>>> Mon Jan 19 12:56:12 2004: DEBUG: Handling with Radius::AuthSQL
>>> Mon Jan 19 12:56:12 2004: DEBUG: Handling accounting with
>>> Radius::AuthSQL
>>> Mon Jan 19 12:56:12 2004: DEBUG: Accounting accepted
>>> Mon Jan 19 12:56:12 2004: DEBUG: Packet dump:
>>> *** Sending to 209.142.136.22 port 1812 ....
>>> Code:       Accounting-Response
>>> Identifier: 29
>>> Authentic:  
>>> <136>}<253><170><198>`<188><251>N<28><253>`<135><232><29>r
>>> Attributes:
>>>
>>> Mon Jan 19 12:56:13 2004: ERR: Attribute number 144 (vendor 2352) is
>>> not defined in your dictionary
>>> Mon Jan 19 12:56:13 2004: DEBUG: Packet dump:
>>> *** Received from 209.142.136.22 port 1812 ....
>>> Code:       Accounting-Request
>>> Identifier: 30
>>> Authentic:  g%M<161><249><226><174>'<244>NO<194>5Y<176>s
>>> Attributes:
>>> 	User-Name = "nethelp1"
>>> 	NAS-Identifier = "rb-test.mx"
>>> 	NAS-IP-Address = 209.142.136.22
>>> 	Service-Type = Framed-User
>>> 	Framed-Protocol = PPP
>>> 	NAS-Port = 3892314117
>>> 	RB-NAS-Real-Port = 537067624
>>> 	Acct-Session-Id = "E8000005-400B2C3E"
>>> 	Acct-Authentic = RADIUS
>>> 	Connect-Info = "ubrc"
>>> 	Acct-Status-Type = Alive
>>> 	Framed-IP-Address = 66.112.90.42
>>> 	Framed-IP-Netmask = 255.255.255.255
>>> 	RB-Client-DNS-Pri = 209.142.136.85
>>> 	RB-Client-DNS-Sec = 209.206.199.16
>>> 	Acct-Input-Octets = 180
>>> 	Acct-Output-Octets = 0
>>> 	Acct-Input-Packets = 3
>>> 	Acct-Output-Packets = 0
>>> 	Acct-Session-Time = 0
>>> 	RB-Acct-Input-Octets-64 = 0xb4
>>> 	RB-Acct-Output-Octets-64 = 0x0
>>> 	RB-Acct-Input-Packets-64 = 0x3
>>> 	RB-Acct-Output-Packets-64 = 0x0
>>>
>>> Mon Jan 19 12:56:13 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:13 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:13 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:13 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:13 2004: DEBUG: Handling request with Handler
>>> 'Realm=DEFAULT'
>>> Mon Jan 19 12:56:13 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:56:13 2004: DEBUG: SQLS Adding session for nethelp1,
>>> 209.142.136.22, 3892314117
>>> Mon Jan 19 12:56:13 2004: DEBUG: do query is: 'delete from RADONLINE
>>> where NASIDENTIFIER='209.142.136.22' and NASPORT=03892314117':
>>>
>>> Mon Jan 19 12:56:13 2004: DEBUG: do query is: 'insert into RADONLINE
>>> (USERNAME,NASIDENTIFIER, NASPORT, ACCTSESSIONID,
>>> TIME_STAMP,FRAMEDIPADDRESS, NASPORTTYPE) values ('nethelp1',
>>> '209.142.136.22','3892314117', 'E8000005-400B2C3E', 'Mon Jan 19
>>> 12:56:13 2004','66.112.90.42', '')':
>>>
>>> Mon Jan 19 12:56:13 2004: DEBUG: Handling with Radius::AuthSQL
>>> Mon Jan 19 12:56:13 2004: DEBUG: Handling accounting with
>>> Radius::AuthSQL
>>> Mon Jan 19 12:56:13 2004: DEBUG: Accounting accepted
>>> Mon Jan 19 12:56:13 2004: DEBUG: Packet dump:
>>> *** Sending to 209.142.136.22 port 1812 ....
>>> Code:       Accounting-Response
>>> Identifier: 30
>>> Authentic:  g%M<161><249><226><174>'<244>NO<194>5Y<176>s
>>> Attributes:
>>>
>>> Mon Jan 19 12:57:53 2004: DEBUG: Packet dump:
>>> *** Received from 209.142.136.22 port 1812 ....
>>> Code:       Access-Request
>>> Identifier: 12
>>> Authentic:  
>>> <240><165><246>oN<222><231>t<28><143><163>oA<206><12><203>
>>> Attributes:
>>> 	User-Name = "nethelp1"
>>> 	User-Password = ""<4>y<223>1J<218>2<240><239><149><197>I<213>"m"
>>> 	NAS-Identifier = "rb-test.mx"
>>> 	NAS-IP-Address = 209.142.136.22
>>> 	RB-NAS-Real-Port = 537067622
>>> 	Service-Type = Framed-User
>>> 	Framed-Protocol = PPP
>>> 	NAS-Port = 3892314118
>>> 	Connect-Info = "ubrc"
>>>
>>> Mon Jan 19 12:57:53 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:57:53 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:57:53 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:57:53 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:57:53 2004: DEBUG: Handling request with Handler
>>> 'Realm=DEFAULT'
>>> Mon Jan 19 12:57:53 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:57:53 2004: DEBUG: SQLS Deleting session for nethelp1,
>>> 209.142.136.22, 3892314118
>>> Mon Jan 19 12:57:53 2004: DEBUG: do query is: 'delete from RADONLINE
>>> where NASIDENTIFIER='209.142.136.22' and NASPORT=03892314118':
>>>
>>> Mon Jan 19 12:57:53 2004: DEBUG: Handling with Radius::AuthSQL
>>> Mon Jan 19 12:57:53 2004: DEBUG: Handling with Radius::AuthSQL:
>>> CheckSQL
>>> Mon Jan 19 12:57:53 2004: DEBUG: Query is: 'select PASSWORD,
>>> CHECKATTR, REPLYATTR from SUBSCRIBERS where USERNAME='nethelp1'':
>>>
>>> Mon Jan 19 12:57:53 2004: DEBUG: Radius::AuthSQL looks for match with
>>> nethelp1
>>> Mon Jan 19 12:57:53 2004: DEBUG: Query is: 'select NASIDENTIFIER,
>>> NASPORT from RADONLINE where USERNAME ='nethelp1'':
>>>
>>> Mon Jan 19 12:57:53 2004: DEBUG: Checking if user is still online: ,
>>> nethelp1, 209.142.136.22, 3892314117,
>>> Mon Jan 19 12:57:53 2004: ERR: Could not load NAS-specific module
>>> Radius::Nas::: Can't locate Radius/Nas/.pm in @INC (@INC contains: .
>>> /usr/local/lib/perl5/5.8.0/sun4-solaris /usr/local/lib/perl5/5.8.0
>>> /usr/local/lib/perl5/site_perl/5.8.0/sun4-solaris
>>> /usr/local/lib/perl5/site_perl/5.8.0 /usr/local/lib/perl5/site_perl 
>>> .)
>>> at (eval 190) line 3.
>>>
>>> Mon Jan 19 12:57:53 2004: DEBUG: Radius::AuthSQL REJECT:
>>> Simultaneous-Use of 1 exceeded
>>> Mon Jan 19 12:57:53 2004: DEBUG: Query is: 'select PASSWORD,
>>> CHECKATTR, REPLYATTR from SUBSCRIBERS where USERNAME='DEFAULT'':
>>>
>>> Mon Jan 19 12:57:53 2004: DEBUG: Radius::AuthSQL looks for match with
>>> DEFAULT
>>> Mon Jan 19 12:57:53 2004: DEBUG: Handling with Radius::AuthLDAP2: 
>>> LDAP
>>> Mon Jan 19 12:57:53 2004: INFO: Connecting to 127.0.0.1, port 389
>>> Mon Jan 19 12:57:53 2004: ERR: Could not open LDAP connection to
>>> 127.0.0.1, port 389. Backing off for 600 seconds.
>>> Mon Jan 19 12:57:53 2004: DEBUG: Radius::AuthSQL IGNORE: User 
>>> database
>>> access error
>>> Mon Jan 19 12:57:53 2004: DEBUG: Handling with Radius::AuthUNIX: 
>>> System
>>> Mon Jan 19 12:57:53 2004: DEBUG: Radius::AuthUNIX looks for match 
>>> with
>>> nethelp1
>>> Mon Jan 19 12:57:53 2004: INFO: Access rejected for nethelp1: No such
>>> user
>>> Mon Jan 19 12:57:53 2004: DEBUG: Packet dump:
>>> *** Sending to 209.142.136.22 port 1812 ....
>>> Code:       Access-Reject
>>> Identifier: 12
>>> Authentic:  
>>> <240><165><246>oN<222><231>t<28><143><163>oA<206><12><203>
>>> Attributes:
>>> 	Reply-Message = "choice: "
>>> 	Reply-Message = "Request Denied"
>>>
>>> -----------------------------------------------
>>> end trace 4 redback
>>>
>>>
>>> Trace 4 cisco
>>> -----------------------------------------------
>>> Mon Jan 19 12:42:45 2004: DEBUG: Packet dump:
>>> *** Received from 209.142.136.170 port 21659 ....
>>> Code:       Access-Request
>>> Identifier: 15
>>> Authentic:  ,6~<148>$L<139>/<139>hC<142><166><16><184>D
>>> Attributes:
>>> 	Framed-Protocol = PPP
>>> 	User-Name = "nethelp1"
>>> 	User-Password =
>>> "<219>@~<155><31><188><179><167><189><12><204><218><232><31><139>i"
>>> 	NAS-Port-Type = Virtual
>>> 	Cisco-NAS-Port = "5/0/0/3.102"
>>> 	NAS-Port = 0
>>> 	Service-Type = Framed-User
>>> 	NAS-IP-Address = 209.142.136.170
>>>
>>> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:42:45 2004: DEBUG: Handling request with Handler
>>> 'Realm=DEFAULT'
>>> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:42:45 2004: DEBUG: SQLS Deleting session for nethelp1,
>>> 209.142.136.170, 0
>>> Mon Jan 19 12:42:45 2004: DEBUG: do query is: 'delete from RADONLINE
>>> where NASIDENTIFIER='209.142.136.170' and NASPORT=00':
>>>
>>> Mon Jan 19 12:42:45 2004: DEBUG: Handling with Radius::AuthSQL
>>> Mon Jan 19 12:42:45 2004: DEBUG: Handling with Radius::AuthSQL:
>>> CheckSQL
>>> Mon Jan 19 12:42:45 2004: DEBUG: Query is: 'select PASSWORD,
>>> CHECKATTR, REPLYATTR from SUBSCRIBERS where USERNAME='nethelp1'':
>>>
>>> Mon Jan 19 12:42:45 2004: DEBUG: Radius::AuthSQL looks for match with
>>> nethelp1
>>> Mon Jan 19 12:42:45 2004: DEBUG: Query is: 'select NASIDENTIFIER,
>>> NASPORT from RADONLINE where USERNAME ='nethelp1'':
>>>
>>> Mon Jan 19 12:42:45 2004: DEBUG: Radius::AuthSQL ACCEPT:
>>> Mon Jan 19 12:42:45 2004: DEBUG: Access accepted for nethelp1
>>> Mon Jan 19 12:42:45 2004: DEBUG: Packet dump:
>>> *** Sending to 209.142.136.170 port 21659 ....
>>> Code:       Access-Accept
>>> Identifier: 15
>>> Authentic:  ,6~<148>$L<139>/<139>hC<142><166><16><184>D
>>> Attributes:
>>> 	Framed-IP-Address = 66.112.90.42
>>> 	Service-Type = Framed-User
>>> 	Framed-Protocol = PPP
>>> 	Framed-IP-Netmask = 255.255.255.255
>>> 	Idle-Timeout = 0
>>> 	Session-Timeout = 0
>>>
>>> Mon Jan 19 12:42:45 2004: DEBUG: Packet dump:
>>> *** Received from 209.142.136.170 port 21659 ....
>>> Code:       Accounting-Request
>>> Identifier: 16
>>> Authentic:  <211><202>yl<21>J<178>fh<233><213><244>4<236><236>b
>>> Attributes:
>>> 	Acct-Session-Id = "00000506"
>>> 	cisco-avpair = "client-mac-address=0060.0f4e.604e"
>>> 	Framed-Protocol = PPP
>>> 	Acct-Authentic = RADIUS
>>> 	User-Name = "nethelp1"
>>> 	Acct-Status-Type = Start
>>> 	NAS-Port-Type = Virtual
>>> 	Cisco-NAS-Port = "5/0/0/3.102"
>>> 	NAS-Port = 0
>>> 	Service-Type = Framed-User
>>> 	NAS-IP-Address = 209.142.136.170
>>> 	Acct-Delay-Time = 0
>>>
>>> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:42:45 2004: DEBUG: Handling request with Handler
>>> 'Realm=DEFAULT'
>>> Mon Jan 19 12:42:45 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:42:45 2004: DEBUG: SQLS Adding session for nethelp1,
>>> 209.142.136.170, 0
>>> Mon Jan 19 12:42:45 2004: DEBUG: do query is: 'delete from RADONLINE
>>> where NASIDENTIFIER='209.142.136.170' and NASPORT=00':
>>>
>>> Mon Jan 19 12:42:45 2004: DEBUG: do query is: 'insert into RADONLINE
>>> (USERNAME,NASIDENTIFIER, NASPORT, ACCTSESSIONID,
>>> TIME_STAMP,FRAMEDIPADDRESS, NASPORTTYPE) values ('nethelp1',
>>> '209.142.136.170','0', '00000506', 'Mon Jan 19 12:42:45 2004','',
>>> 'Virtual')':
>>>
>>> Mon Jan 19 12:42:45 2004: DEBUG: Handling with Radius::AuthSQL
>>> Mon Jan 19 12:42:45 2004: DEBUG: Handling accounting with
>>> Radius::AuthSQL
>>> Mon Jan 19 12:42:45 2004: DEBUG: Accounting accepted
>>> Mon Jan 19 12:42:45 2004: DEBUG: Packet dump:
>>> *** Sending to 209.142.136.170 port 21659 ....
>>> Code:       Accounting-Response
>>> Identifier: 16
>>> Authentic:  <211><202>yl<21>J<178>fh<233><213><244>4<236><236>b
>>> Attributes:
>>>
>>> Mon Jan 19 12:43:46 2004: DEBUG: Packet dump:
>>> *** Received from 209.142.136.170 port 21659 ....
>>> Code:       Access-Request
>>> Identifier: 17
>>> Authentic:  ~<193>en-4}<12>B<224><28><14>mr<201><0>
>>> Attributes:
>>> 	Framed-Protocol = PPP
>>> 	User-Name = "nethelp1"
>>> 	User-Password =
>>> "<27><217><190>0<243><6>g<208><239><241><24><215><249>_<229>+"
>>> 	NAS-Port-Type = Virtual
>>> 	Cisco-NAS-Port = "5/0/0/3.104"
>>> 	NAS-Port = 0
>>> 	Service-Type = Framed-User
>>> 	NAS-IP-Address = 209.142.136.170
>>>
>>> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:43:46 2004: DEBUG: Handling request with Handler
>>> 'Realm=DEFAULT'
>>> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:43:46 2004: DEBUG: SQLS Deleting session for nethelp1,
>>> 209.142.136.170, 0
>>> Mon Jan 19 12:43:46 2004: DEBUG: do query is: 'delete from RADONLINE
>>> where NASIDENTIFIER='209.142.136.170' and NASPORT=00':
>>>
>>> Mon Jan 19 12:43:46 2004: DEBUG: Handling with Radius::AuthSQL
>>> Mon Jan 19 12:43:46 2004: DEBUG: Handling with Radius::AuthSQL:
>>> CheckSQL
>>> Mon Jan 19 12:43:46 2004: DEBUG: Query is: 'select PASSWORD,
>>> CHECKATTR, REPLYATTR from SUBSCRIBERS where USERNAME='nethelp1'':
>>>
>>> Mon Jan 19 12:43:46 2004: DEBUG: Radius::AuthSQL looks for match with
>>> nethelp1
>>> Mon Jan 19 12:43:46 2004: DEBUG: Query is: 'select NASIDENTIFIER,
>>> NASPORT from RADONLINE where USERNAME ='nethelp1'':
>>>
>>> Mon Jan 19 12:43:46 2004: DEBUG: Radius::AuthSQL ACCEPT:
>>> Mon Jan 19 12:43:46 2004: DEBUG: Access accepted for nethelp1
>>> Mon Jan 19 12:43:46 2004: DEBUG: Packet dump:
>>> *** Sending to 209.142.136.170 port 21659 ....
>>> Code:       Access-Accept
>>> Identifier: 17
>>> Authentic:  ~<193>en-4}<12>B<224><28><14>mr<201><0>
>>> Attributes:
>>> 	Framed-IP-Address = 66.112.90.42
>>> 	Service-Type = Framed-User
>>> 	Framed-Protocol = PPP
>>> 	Framed-IP-Netmask = 255.255.255.255
>>> 	Idle-Timeout = 0
>>> 	Session-Timeout = 0
>>>
>>> Mon Jan 19 12:43:46 2004: DEBUG: Packet dump:
>>> *** Received from 209.142.136.170 port 21659 ....
>>> Code:       Accounting-Request
>>> Identifier: 18
>>> Authentic:  <223>G<198><10><160>]<178>"<182><166>()<158>PZ<19>
>>> Attributes:
>>> 	Acct-Session-Id = "00000507"
>>> 	cisco-avpair = "client-mac-address=0060.0fd5.b0f0"
>>> 	Framed-Protocol = PPP
>>> 	Acct-Authentic = RADIUS
>>> 	User-Name = "nethelp1"
>>> 	Acct-Status-Type = Start
>>> 	NAS-Port-Type = Virtual
>>> 	Cisco-NAS-Port = "5/0/0/3.104"
>>> 	NAS-Port = 0
>>> 	Service-Type = Framed-User
>>> 	NAS-IP-Address = 209.142.136.170
>>> 	Acct-Delay-Time = 0
>>>
>>> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:43:46 2004: DEBUG: Handling request with Handler
>>> 'Realm=DEFAULT'
>>> Mon Jan 19 12:43:46 2004: DEBUG: Rewrote user name to nethelp1
>>> Mon Jan 19 12:43:46 2004: DEBUG: SQLS Adding session for nethelp1,
>>> 209.142.136.170, 0
>>> Mon Jan 19 12:43:46 2004: DEBUG: do query is: 'delete from RADONLINE
>>> where NASIDENTIFIER='209.142.136.170' and NASPORT=00':
>>>
>>> Mon Jan 19 12:43:46 2004: DEBUG: do query is: 'insert into RADONLINE
>>> (USERNAME,NASIDENTIFIER, NASPORT, ACCTSESSIONID,
>>> TIME_STAMP,FRAMEDIPADDRESS, NASPORTTYPE) values ('nethelp1',
>>> '209.142.136.170','0', '00000507', 'Mon Jan 19 12:43:46 2004','',
>>> 'Virtual')':
>>>
>>> Mon Jan 19 12:43:46 2004: DEBUG: Handling with Radius::AuthSQL
>>> Mon Jan 19 12:43:46 2004: DEBUG: Handling accounting with
>>> Radius::AuthSQL
>>> Mon Jan 19 12:43:46 2004: DEBUG: Accounting accepted
>>> Mon Jan 19 12:43:46 2004: DEBUG: Packet dump:
>>> *** Sending to 209.142.136.170 port 21659 ....
>>> Code:       Accounting-Response
>>> Identifier: 18
>>> Authentic:  <223>G<198><10><160>]<178>"<182><166>()<158>PZ<19>
>>> Attributes:
>>>
>>> -------------------------------------------------------------
>>> end trace 4 cisco
>>>
>>> ===
>>> Archive at http://www.open.com.au/archives/radiator/
>>> Announcements on radiator-announce at open.com.au
>>> To unsubscribe, email 'majordomo at open.com.au' with
>>> 'unsubscribe radiator' in the body of the message.
>>>
>>>
>>
>> NB: have you included a copy of your configuration file (no secrets),
>> together with a trace 4 debug showing what is happening?
>>
>> --
>> Radiator: the most portable, flexible and configurable RADIUS server
>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
>> -
>> Nets: internetwork inventory and management - graphical, extensible,
>> flexible with hardware, software, platform and database independence.
>> -
>> CATool: Private Certificate Authority for Unix and Unix-like systems.
>>
>> ===
>> Archive at http://www.open.com.au/archives/radiator/
>> Announcements on radiator-announce at open.com.au
>> To unsubscribe, email 'majordomo at open.com.au' with
>> 'unsubscribe radiator' in the body of the message.
>>
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list