(RADIATOR) Old Ascend NAS support
Patrik Forsberg
patrik.forsberg at dataphone.net
Mon Jun 7 11:34:15 CDT 2004
> You mention an AuthBy FILE - can you explain more about what you want
> to do?
Yea,
aculy I got this working by patching Configure.pm and the dictionary
file.. but it would be nice if I could use the stock Radiator for later
upgrades without modifications :)
anyways..
I wish to establish l2tp tunnels from my portmaster3 NASes. These expect
the "Tunnel-Password" to be sent to it as clear text, non-encrypted, and
also do not want tagged- Tunnel-Media-Type and so on. The only way I've
got this working right now is by patching Configure.pm so it doesn't use
encrypt_tunnel_password on the attribute "Tunnel-Password".
I'm using <AuthBy FILE> to authenticate the initial user. From what I
can see there is a value for <AuthBy RADIATOR> where you can set
"ClearTextTunnelPassword" which probably would solve this problem from
stock.
The dictionary thing is OK because I would guess most modern NASes uses
the tag thing. The dictionary.ascend2 has the correct attribute settings
for this NAS so its basicly just the Cleartext tunnel password that is a
issue.
Perhaps in a later release of radiator the ClearTextTunnelPassword could
be specified for any "AuthBy" clause ?
Configure.pm patch:
<patch>
*** old/Configurable.pm Mon Jun 7 18:17:15 2004
--- new/Configurable.pm Mon Jun 7 18:17:32 2004
***************
*** 575,587 ****
if ($value =~ /^(\d+):(.*)/)
{
# Tagged
! $value = $p->encode_tunnel_password
! ($2, $p->{Client}->{Secret}, $1);
}
else
{
! $value = $p->encode_tunnel_password
! ($value, $p->{Client}->{Secret});
}
}
elsif ($name eq 'MS-MPPE-Send-Key'
--- 575,587 ----
if ($value =~ /^(\d+):(.*)/)
{
# Tagged
! #$value = $p->encode_tunnel_password
! # ($2, $p->{Client}->{Secret}, $1);
}
else
{
! #$value = $p->encode_tunnel_password
! # ($value, $p->{Client}->{Secret});
}
}
elsif ($name eq 'MS-MPPE-Send-Key'
</patch>
and dictionary:
<patch>
*** old/dictionary Mon Jun 7 18:19:09 2004
--- new/dictionary Mon Jun 7 18:19:19 2004
***************
*** 94,105 ****
# must _always_ have a 0 octet at the beginning, eg:
# Tunnel-Server-Endpoint "\000203.63.154.22 fr:20"
! ATTRIBUTE Tunnel-Type 64 tagged-integer
! ATTRIBUTE Tunnel-Medium-Type 65 tagged-integer
! ATTRIBUTE Tunnel-Client-Endpoint 66 tagged-string
! ATTRIBUTE Tunnel-Server-Endpoint 67 tagged-string
! ATTRIBUTE Acct-Tunnel-Connection 68
tagged-string
! ATTRIBUTE Tunnel-ID 68 tagged-string
# Tunnel-Password is really tagged, but we have special internal code
# to handle it
--- 94,105 ----
# must _always_ have a 0 octet at the beginning, eg:
# Tunnel-Server-Endpoint "\000203.63.154.22 fr:20"
! ATTRIBUTE Tunnel-Type 64 integer
! ATTRIBUTE Tunnel-Medium-Type 65 integer
! ATTRIBUTE Tunnel-Client-Endpoint 66 string
! ATTRIBUTE Tunnel-Server-Endpoint 67 string
! ATTRIBUTE Acct-Tunnel-Connection 68 string
! ATTRIBUTE Tunnel-ID 68 string
# Tunnel-Password is really tagged, but we have special internal code
# to handle it
</patch>
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list