(RADIATOR) Can't Install Digest::MD5

MJ php at cyberia.net.sa
Tue Jun 22 04:03:12 CDT 2004


Hi Hugh,
I have added the following in cfg,

=======================================
<Client DEFAULT>
        Secret  cisco
        DupInterval 0
# This is the base address for Framed-Group = 0
FramedGroupBaseAddress  10.0.0.1
# This is the base address for Framed-Group = 1
FramedGroupBaseAddress  10.0.1.1
</Client>
=========================================

and Following line in the users file

==========================================
cyberia   User-Password = "1234", Framed-Group = 1
==========================================

but I am getting

============================================================================
======
DEBUG: Radius::AuthFILE REJECT: Check item Framed-Group expression '1' does
not match '' in request
============================================================================
======

When I tried with Authby File and FramedGroup 1, it works fine, but the
problem is that I have single file for two different categories of users,
both type of users are using same realm, and I want based on their user name
the radius should decide that from which pool they should get IP.

Please help and Thanks for you brilliant support
MJ


----- Original Message ----- 
From: "Hugh Irvine" <hugh at open.com.au>
To: "MJ" <php at cyberia.net.sa>
Cc: <radiator at open.com.au>
Sent: Tuesday, June 22, 2004 10:11 AM
Subject: Re: (RADIATOR) Can't Install Digest::MD5


>
> Hello MJ -
>
> The simplest way to do this is to define the IP address pools on your
> NAS equipment directly and return the appropriate Framed-Pool reply
> attribute for the correct pool. Otherwise you will need to use an
> AddressAllocator SQL clause and an AuthBy DYNADDRESS clause, and you
> will find an example of how to do this in the file
> "goodies/addressallocator.cfg". See also the relevant section of the
> Radiator 3.9 reference manual ("doc/ref.html").
>
> regards
>
> Hugh
>
>
> On 22 Jun 2004, at 17:05, MJ wrote:
>
> > Hi,
> > I want to assign IPs from the cfg/user file itself. I have gone
> > through faqs
> > and manual, I am confused as there are multiple ways to do it. Would
> > you
> > please give me some hints. I will work on oracle issue later on.
> >
> > Thanks
> >
> > ----- Original Message -----
> > From: "Hugh Irvine" <hugh at open.com.au>
> > To: "MJ" <php at cyberia.net.sa>
> > Cc: <radiator at open.com.au>
> > Sent: Monday, June 21, 2004 7:45 AM
> > Subject: Re: (RADIATOR) Can't Install Digest::MD5
> >
> >
> >>
> >> Hello MJ -
> >>
> >> For point 1 how and where are you going to define the IP address
> >> pools?
> >> The usual way to indicate which IP address pool to use is by returning
> >> a Framed-Pool reply attribute according to which category a user
> >> belongs to.
> >>
> >> For point 2 you should use an AuthBy SQL clause instead of an AuthBy
> >> FILE clause which you would set up for Oracle.
> >>
> >> There is an example table creation script in "goodies/ansiCreate.sql"
> >> and an exampe configuration file in "goodies/sql.cfg" that you may
> >> find
> >> useful. There is also an FAQ item in "doc/faq.html".
> >>
> >> regards
> >>
> >> Hugh
> >>
> >>
> >> On 21 Jun 2004, at 00:12, MJ wrote:
> >>
> >>> Many thanks It work! Now I have two more things
> >>>
> >>> 1- We have two different categories of dsl users, "Home" and "Office"
> >>> both
> >>> are using  similar realm. We want that each category of user should
> >>> get IP
> >>> from different network block reserved for this category means home
> >>> users
> >>> should get IP from "Home IP pool", and office users should get IP
> >>> from
> >>> "Office IP pool", so that we can control bandwidth.
> >>>
> >>> 2- For testing purposes I am using flat file for authentication but
> >>> for
> >>> production we need to connect radiator to Oracle database.
> >>>
> >>> Please help me in achieving these two tasks.
> >>>
> >>> MJ
> >>> ----- Original Message -----
> >>> From: "Hugh Irvine" <hugh at open.com.au>
> >>> To: "MJ" <php at cyberia.net.sa>
> >>> Cc: <radiator at open.com.au>
> >>> Sent: Friday, June 18, 2004 8:42 AM
> >>> Subject: Re: (RADIATOR) Can't Install Digest::MD5
> >>>
> >>>
> >>>>
> >>>> Hello MJ -
> >>>>
> >>>> You have a typo in the configuration file.
> >>>>
> >>>>
> >>>> <Handler Client-Indentifier=dialup>
> >>>>
> >>>> should be
> >>>>
> >>>> <Handler Client-Identifier=dialup>
> >>>>
> >>>>
> >>>> regards
> >>>>
> >>>> Hugh
> >>>>
> >>>>
> >>>> On 16 Jun 2004, at 23:27, MJ wrote:
> >>>>
> >>>>> Probably I sent wrong config file to you as I am using one very
> >>>>> similar to
> >>>>> your example. Sorry for that. I am sending you correct cfg file and
> >>>>> todays'
> >>>>> log file. please have a look.
> >>>>> Thanks for the marvelous support of Hugh Irvine and Stefan.
> >>>>> MJ
> >>>>> ----- Original Message -----
> >>>>> From: "Hugh Irvine" <hugh at open.com.au>
> >>>>> To: "MJ" <php at cyberia.net.sa>
> >>>>> Cc: <radiator at open.com.au>
> >>>>> Sent: Wednesday, June 16, 2004 2:54 PM
> >>>>> Subject: Re: (RADIATOR) Can't Install Digest::MD5
> >>>>>
> >>>>>
> >>>>>>
> >>>>>> Hello MJ -
> >>>>>>
> >>>>>> Your configuration file is incorrect. You cannot have AuthBy
> >>>>>> clauses
> >>>>>> inside Client clauses.
> >>>>>>
> >>>>>> It should look like this (as shown in my previous example).
> >>>>>>
> >>>>>> Foreground
> >>>>>> LogStdout
> >>>>>> LogDir          .
> >>>>>> DbDir           .
> >>>>>> # User a lower trace level in production systems:
> >>>>>> Trace           4
> >>>>>>
> >>>>>> # You will probably want to add other Clients to suit your site,
> >>>>>> # one for each NAS you want to work with
> >>>>>>
> >>>>>> <Client 212.119.67.21>
> >>>>>>          Identifier Dialup
> >>>>>>          Secret  cisco
> >>>>>>          DupInterval 0
> >>>>>> </Client>
> >>>>>>
> >>>>>> <Client 212.119.67.23>
> >>>>>>          Identifier Roaming
> >>>>>>          Secret cisco
> >>>>>>          DupInterval 0
> >>>>>> </Client>
> >>>>>>
> >>>>>> <Handler Client-Identifier = Dialup>
> >>>>>>          <AuthBy FILE>
> >>>>>>                  Filename        ./dialup
> >>>>>>          </AuthBy>
> >>>>>> </Handler>
> >>>>>>
> >>>>>> <Handler Client-Identifier = Roaming>
> >>>>>>          <AuthBy FILE>
> >>>>>>                  Filename        ./roaming
> >>>>>>          </AuthBy>
> >>>>>> </Handler>
> >>>>>>
> >>>>>>
> >>>>>> regards
> >>>>>>
> >>>>>> Hugh
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>> On 15 Jun 2004, at 17:58, MJ wrote:
> >>>>>>
> >>>>>>> Thanks, both files are attached. Please ignore log events older
> >>>>>>> than
> >>>>>>> 15
> >>>>>>> June. you may find some successful attempts also as I told it
> >>>>>>> works
> >>>>>>> fine
> >>>>>>> with first nas in cfg file, so I was testing with changing the
> >>>>>>> nases
> >>>>>>> order
> >>>>>>> in cfg file.
> >>>>>>>
> >>>>>>> MJ
> >>>>>>> ----- Original Message -----
> >>>>>>> From: "Hugh Irvine" <hugh at open.com.au>
> >>>>>>> To: "MJ" <php at cyberia.net.sa>
> >>>>>>> Cc: <radiator at open.com.au>
> >>>>>>> Sent: Tuesday, June 15, 2004 6:38 PM
> >>>>>>> Subject: Re: (RADIATOR) Can't Install Digest::MD5
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>> Hello MJ -
> >>>>>>>
> >>>>>>> Please send me a copy of the configuration file that you are
> >>>>>>> using
> >>>>>>> together with a trace 4 debug from that instance of Radiator
> >>>>>>> showing
> >>>>>>> exactly what is happening.
> >>>>>>>
> >>>>>>> In what you show below, Radiator is telling you that it can't
> >>>>>>> find
> >>>>>>> a
> >>>>>>> Handler to process this radius request. I am guessing this is
> >>>>>>> because
> >>>>>>> your Client definitions are not correct, but without seeing your
> >>>>>>> configuration file it is impossible to tell.
> >>>>>>>
> >>>>>>> regards
> >>>>>>>
> >>>>>>> Hugh
> >>>>>>>
> >>>>>>>
> >>>>>>> On 15 Jun 2004, at 16:44, MJ wrote:
> >>>>>>>
> >>>>>>>> Hi,
> >>>>>>>> I created new cfg file exactly same as per your example but I am
> >>>>>>>> getting following error, while I am connecting from second NAS
> >>>>>>>> (which
> >>>>>>>> appear 2nd in cfg file). It works fine if I connect from first
> >>>>>>>> NAS
> >>>>>>>> (which appears), I tried to change order of NASes in the cfg
> >>>>>>>> file,
> >>>>>>>> it
> >>>>>>>> always works fine with first client set. Any idea?
> >>>>>>>> MJ
> >>>>>>>> *** Received from 212.119.67.23 port 1645 ....
> >>>>>>>> Code: Access-Request
> >>>>>>>> Identifier: 77
> >>>>>>>> Authentic:
> >>>>>>>> <225>p<227>[c<138><130>s<131><190><250><227><171><156>D<242>
> >>>>>>>> Attributes:
> >>>>>>>> Framed-Protocol = PPP
> >>>>>>>> User-Name = "roaming"
> >>>>>>>> User-Password =
> >>>>>>>> "f<25><160><231><211>u<18><176>D<165><158>6<0>!I<166>"
> >>>>>>>> NAS-Port-Type = Virtual
> >>>>>>>> NAS-Port = 80
> >>>>>>>> Calling-Station-Id = "14647114"
> >>>>>>>> Called-Station-Id = "3010"
> >>>>>>>> Service-Type = Framed-User
> >>>>>>>> NAS-IP-Address = 212.119.67.23
> >>>>>>>>
> >>>>>>>> Tue Jun 15 16:49:37 2004: WARNING: Could not find a handler for
> >>>>>>>> roaming: request is ignored
> >>>>>>>> ----- Original Message -----
> >>>>>>>>  From: "Hugh Irvine" <hugh at open.com.au>
> >>>>>>>> To: "MJ" <php at cyberia.net.sa>
> >>>>>>>> Cc: <radiator at open.com.au>; <elias at tmnet.com.my>; "Stefan
> >>>>>>>> Riegelnik"
> >>>>>>>> <sriegelnik at netway.at>
> >>>>>>>> Sent: Monday, June 14, 2004 6:17 PM
> >>>>>>>> Subject: Re: (RADIATOR) Can't Install Digest::MD5
> >>>>>>>>
> >>>>>>>>
> >>>>>>>
> >>>>>>> NB: have you included a copy of your configuration file (no
> >>>>>>> secrets),
> >>>>>>> together with a trace 4 debug showing what is happening?
> >>>>>>>
> >>>>>>> -- 
> >>>>>>> Radiator: the most portable, flexible and configurable RADIUS
> >>>>>>> server
> >>>>>>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> >>>>>>> -
> >>>>>>> Nets: internetwork inventory and management - graphical,
> >>>>>>> extensible,
> >>>>>>> flexible with hardware, software, platform and database
> >>>>>>> independence.
> >>>>>>> -
> >>>>>>> CATool: Private Certificate Authority for Unix and Unix-like
> >>>>>>> systems.
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>> NB: have you included a copy of your configuration file (no
> >>>>>>> secrets),
> >>>>>>> together with a trace 4 debug showing what is happening?
> >>>>>>>
> >>>>>>> -- 
> >>>>>>> Radiator: the most portable, flexible and configurable RADIUS
> >>>>>>> server
> >>>>>>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> >>>>>>> -
> >>>>>>> Nets: internetwork inventory and management - graphical,
> >>>>>>> extensible,
> >>>>>>> flexible with hardware, software, platform and database
> >>>>>>> independence.
> >>>>>>> -
> >>>>>>> CATool: Private Certificate Authority for Unix and Unix-like
> >>>>>>> systems.
> >>>>>>>
> >>>>>>> <logfile.log><simple1.cfg>
> >>>>>>
> >>>>>> NB: have you included a copy of your configuration file (no
> >>>>>> secrets),
> >>>>>> together with a trace 4 debug showing what is happening?
> >>>>>>
> >>>>>> -- 
> >>>>>> Radiator: the most portable, flexible and configurable RADIUS
> >>>>>> server
> >>>>>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> >>>>>> -
> >>>>>> Nets: internetwork inventory and management - graphical,
> >>>>>> extensible,
> >>>>>> flexible with hardware, software, platform and database
> >>>>>> independence.
> >>>>>> -
> >>>>>> CATool: Private Certificate Authority for Unix and Unix-like
> >>>>>> systems.
> >>>>>>
> >>>>>>
> >>>>> <logfile><simple1.cfg>
> >>>>
> >>>> NB: have you included a copy of your configuration file (no
> >>>> secrets),
> >>>> together with a trace 4 debug showing what is happening?
> >>>>
> >>>> -- 
> >>>> Radiator: the most portable, flexible and configurable RADIUS server
> >>>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> >>>> -
> >>>> Nets: internetwork inventory and management - graphical, extensible,
> >>>> flexible with hardware, software, platform and database
> >>>> independence.
> >>>> -
> >>>> CATool: Private Certificate Authority for Unix and Unix-like
> >>>> systems.
> >>>>
> >>>> --
> >>>> Archive at http://www.open.com.au/archives/radiator/
> >>>> Announcements on radiator-announce at open.com.au
> >>>> To unsubscribe, email 'majordomo at open.com.au' with
> >>>> 'unsubscribe radiator' in the body of the message.
> >>>>
> >>>
> >>>
> >>
> >> NB: have you included a copy of your configuration file (no secrets),
> >> together with a trace 4 debug showing what is happening?
> >>
> >> -- 
> >> Radiator: the most portable, flexible and configurable RADIUS server
> >> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> >> -
> >> Nets: internetwork inventory and management - graphical, extensible,
> >> flexible with hardware, software, platform and database independence.
> >> -
> >> CATool: Private Certificate Authority for Unix and Unix-like systems.
> >>
> >> --
> >> Archive at http://www.open.com.au/archives/radiator/
> >> Announcements on radiator-announce at open.com.au
> >> To unsubscribe, email 'majordomo at open.com.au' with
> >> 'unsubscribe radiator' in the body of the message.
> >>
> >
> >
>
> NB: have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
>
> -- 
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> -
> CATool: Private Certificate Authority for Unix and Unix-like systems.
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list