(RADIATOR) Can't Install Digest::MD5

Hugh Irvine hugh at open.com.au
Tue Jun 22 18:22:13 CDT 2004 

Hello MJ -

Please note that we are located in Australia and there is a time zone  
difference.

You can try to use Framed-Group, but I don't think it will work  
correctly in your situation (it only works with very small values of  
the NAS-Port attribute). In any case you will need to return it as a  
reply attribute, not as a check attribute as you have it currently (see  
the example in the manual).

Eg:

cyberia User-Password = 1234
	Framed-Group = 1

regards

Hugh


On 22 Jun 2004, at 23:51, MJ wrote:

> Hi Hugh,
> I would appreciate if you can reply to my following email, as I am  
> stuck in
> the middle.
> Thanks,
> MJ
> ----- Original Message -----
> From: "MJ" <php at cyberia.net.sa>
> To: "Hugh Irvine" <hugh at open.com.au>
> Cc: <radiator at open.com.au>
> Sent: Tuesday, June 22, 2004 12:03 PM
> Subject: Re: (RADIATOR) Can't Install Digest::MD5
>
>
>> Hi Hugh,
>> I have added the following in cfg,
>>
>> =======================================
>> <Client DEFAULT>
>>         Secret  cisco
>>         DupInterval 0
>> # This is the base address for Framed-Group = 0
>> FramedGroupBaseAddress  10.0.0.1
>> # This is the base address for Framed-Group = 1
>> FramedGroupBaseAddress  10.0.1.1
>> </Client>
>> =========================================
>>
>> and Following line in the users file
>>
>> ==========================================
>> cyberia   User-Password = "1234", Framed-Group = 1
>> ==========================================
>>
>> but I am getting
>>
>>
> ======================================================================= 
> =====
>> ======
>> DEBUG: Radius::AuthFILE REJECT: Check item Framed-Group expression '1'
> does
>> not match '' in request
>>
> ======================================================================= 
> =====
>> ======
>>
>> When I tried with Authby File and FramedGroup 1, it works fine, but  
>> the
>> problem is that I have single file for two different categories of  
>> users,
>> both type of users are using same realm, and I want based on their  
>> user
> name
>> the radius should decide that from which pool they should get IP.
>>
>> Please help and Thanks for you brilliant support
>> MJ
>>
>>
>> ----- Original Message -----
>> From: "Hugh Irvine" <hugh at open.com.au>
>> To: "MJ" <php at cyberia.net.sa>
>> Cc: <radiator at open.com.au>
>> Sent: Tuesday, June 22, 2004 10:11 AM
>> Subject: Re: (RADIATOR) Can't Install Digest::MD5
>>
>>
>>>
>>> Hello MJ -
>>>
>>> The simplest way to do this is to define the IP address pools on your
>>> NAS equipment directly and return the appropriate Framed-Pool reply
>>> attribute for the correct pool. Otherwise you will need to use an
>>> AddressAllocator SQL clause and an AuthBy DYNADDRESS clause, and you
>>> will find an example of how to do this in the file
>>> "goodies/addressallocator.cfg". See also the relevant section of the
>>> Radiator 3.9 reference manual ("doc/ref.html").
>>>
>>> regards
>>>
>>> Hugh
>>>
>>>
>>> On 22 Jun 2004, at 17:05, MJ wrote:
>>>
>>>> Hi,
>>>> I want to assign IPs from the cfg/user file itself. I have gone
>>>> through faqs
>>>> and manual, I am confused as there are multiple ways to do it. Would
>>>> you
>>>> please give me some hints. I will work on oracle issue later on.
>>>>
>>>> Thanks
>>>>
>>>> ----- Original Message -----
>>>> From: "Hugh Irvine" <hugh at open.com.au>
>>>> To: "MJ" <php at cyberia.net.sa>
>>>> Cc: <radiator at open.com.au>
>>>> Sent: Monday, June 21, 2004 7:45 AM
>>>> Subject: Re: (RADIATOR) Can't Install Digest::MD5
>>>>
>>>>
>>>>>
>>>>> Hello MJ -
>>>>>
>>>>> For point 1 how and where are you going to define the IP address
>>>>> pools?
>>>>> The usual way to indicate which IP address pool to use is by
> returning
>>>>> a Framed-Pool reply attribute according to which category a user
>>>>> belongs to.
>>>>>
>>>>> For point 2 you should use an AuthBy SQL clause instead of an  
>>>>> AuthBy
>>>>> FILE clause which you would set up for Oracle.
>>>>>
>>>>> There is an example table creation script in  
>>>>> "goodies/ansiCreate.sql"
>>>>> and an exampe configuration file in "goodies/sql.cfg" that you may
>>>>> find
>>>>> useful. There is also an FAQ item in "doc/faq.html".
>>>>>
>>>>> regards
>>>>>
>>>>> Hugh
>>>>>
>>>>>
>>>>> On 21 Jun 2004, at 00:12, MJ wrote:
>>>>>
>>>>>> Many thanks It work! Now I have two more things
>>>>>>
>>>>>> 1- We have two different categories of dsl users, "Home" and
> "Office"
>>>>>> both
>>>>>> are using  similar realm. We want that each category of user  
>>>>>> should
>>>>>> get IP
>>>>>> from different network block reserved for this category means home
>>>>>> users
>>>>>> should get IP from "Home IP pool", and office users should get IP
>>>>>> from
>>>>>> "Office IP pool", so that we can control bandwidth.
>>>>>>
>>>>>> 2- For testing purposes I am using flat file for authentication  
>>>>>> but
>>>>>> for
>>>>>> production we need to connect radiator to Oracle database.
>>>>>>
>>>>>> Please help me in achieving these two tasks.
>>>>>>
>>>>>> MJ
>>>>>> ----- Original Message -----
>>>>>> From: "Hugh Irvine" <hugh at open.com.au>
>>>>>> To: "MJ" <php at cyberia.net.sa>
>>>>>> Cc: <radiator at open.com.au>
>>>>>> Sent: Friday, June 18, 2004 8:42 AM
>>>>>> Subject: Re: (RADIATOR) Can't Install Digest::MD5
>>>>>>
>>>>>>
>>>>>>>
>>>>>>> Hello MJ -
>>>>>>>
>>>>>>> You have a typo in the configuration file.
>>>>>>>
>>>>>>>
>>>>>>> <Handler Client-Indentifier=dialup>
>>>>>>>
>>>>>>> should be
>>>>>>>
>>>>>>> <Handler Client-Identifier=dialup>
>>>>>>>
>>>>>>>
>>>>>>> regards
>>>>>>>
>>>>>>> Hugh
>>>>>>>
>>>>>>>
>>>>>>> On 16 Jun 2004, at 23:27, MJ wrote:
>>>>>>>
>>>>>>>> Probably I sent wrong config file to you as I am using one very
>>>>>>>> similar to
>>>>>>>> your example. Sorry for that. I am sending you correct cfg file
> and
>>>>>>>> todays'
>>>>>>>> log file. please have a look.
>>>>>>>> Thanks for the marvelous support of Hugh Irvine and Stefan.
>>>>>>>> MJ
>>>>>>>> ----- Original Message -----
>>>>>>>> From: "Hugh Irvine" <hugh at open.com.au>
>>>>>>>> To: "MJ" <php at cyberia.net.sa>
>>>>>>>> Cc: <radiator at open.com.au>
>>>>>>>> Sent: Wednesday, June 16, 2004 2:54 PM
>>>>>>>> Subject: Re: (RADIATOR) Can't Install Digest::MD5
>>>>>>>>
>>>>>>>>
>>>>>>>>>
>>>>>>>>> Hello MJ -
>>>>>>>>>
>>>>>>>>> Your configuration file is incorrect. You cannot have AuthBy
>>>>>>>>> clauses
>>>>>>>>> inside Client clauses.
>>>>>>>>>
>>>>>>>>> It should look like this (as shown in my previous example).
>>>>>>>>>
>>>>>>>>> Foreground
>>>>>>>>> LogStdout
>>>>>>>>> LogDir          .
>>>>>>>>> DbDir           .
>>>>>>>>> # User a lower trace level in production systems:
>>>>>>>>> Trace           4
>>>>>>>>>
>>>>>>>>> # You will probably want to add other Clients to suit your  
>>>>>>>>> site,
>>>>>>>>> # one for each NAS you want to work with
>>>>>>>>>
>>>>>>>>> <Client 212.119.67.21>
>>>>>>>>>          Identifier Dialup
>>>>>>>>>          Secret  cisco
>>>>>>>>>          DupInterval 0
>>>>>>>>> </Client>
>>>>>>>>>
>>>>>>>>> <Client 212.119.67.23>
>>>>>>>>>          Identifier Roaming
>>>>>>>>>          Secret cisco
>>>>>>>>>          DupInterval 0
>>>>>>>>> </Client>
>>>>>>>>>
>>>>>>>>> <Handler Client-Identifier = Dialup>
>>>>>>>>>          <AuthBy FILE>
>>>>>>>>>                  Filename        ./dialup
>>>>>>>>>          </AuthBy>
>>>>>>>>> </Handler>
>>>>>>>>>
>>>>>>>>> <Handler Client-Identifier = Roaming>
>>>>>>>>>          <AuthBy FILE>
>>>>>>>>>                  Filename        ./roaming
>>>>>>>>>          </AuthBy>
>>>>>>>>> </Handler>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> regards
>>>>>>>>>
>>>>>>>>> Hugh
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On 15 Jun 2004, at 17:58, MJ wrote:
>>>>>>>>>
>>>>>>>>>> Thanks, both files are attached. Please ignore log events  
>>>>>>>>>> older
>>>>>>>>>> than
>>>>>>>>>> 15
>>>>>>>>>> June. you may find some successful attempts also as I told it
>>>>>>>>>> works
>>>>>>>>>> fine
>>>>>>>>>> with first nas in cfg file, so I was testing with changing the
>>>>>>>>>> nases
>>>>>>>>>> order
>>>>>>>>>> in cfg file.
>>>>>>>>>>
>>>>>>>>>> MJ
>>>>>>>>>> ----- Original Message -----
>>>>>>>>>> From: "Hugh Irvine" <hugh at open.com.au>
>>>>>>>>>> To: "MJ" <php at cyberia.net.sa>
>>>>>>>>>> Cc: <radiator at open.com.au>
>>>>>>>>>> Sent: Tuesday, June 15, 2004 6:38 PM
>>>>>>>>>> Subject: Re: (RADIATOR) Can't Install Digest::MD5
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Hello MJ -
>>>>>>>>>>
>>>>>>>>>> Please send me a copy of the configuration file that you are
>>>>>>>>>> using
>>>>>>>>>> together with a trace 4 debug from that instance of Radiator
>>>>>>>>>> showing
>>>>>>>>>> exactly what is happening.
>>>>>>>>>>
>>>>>>>>>> In what you show below, Radiator is telling you that it can't
>>>>>>>>>> find
>>>>>>>>>> a
>>>>>>>>>> Handler to process this radius request. I am guessing this is
>>>>>>>>>> because
>>>>>>>>>> your Client definitions are not correct, but without seeing  
>>>>>>>>>> your
>>>>>>>>>> configuration file it is impossible to tell.
>>>>>>>>>>
>>>>>>>>>> regards
>>>>>>>>>>
>>>>>>>>>> Hugh
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On 15 Jun 2004, at 16:44, MJ wrote:
>>>>>>>>>>
>>>>>>>>>>> Hi,
>>>>>>>>>>> I created new cfg file exactly same as per your example but I
> am
>>>>>>>>>>> getting following error, while I am connecting from second  
>>>>>>>>>>> NAS
>>>>>>>>>>> (which
>>>>>>>>>>> appear 2nd in cfg file). It works fine if I connect from  
>>>>>>>>>>> first
>>>>>>>>>>> NAS
>>>>>>>>>>> (which appears), I tried to change order of NASes in the cfg
>>>>>>>>>>> file,
>>>>>>>>>>> it
>>>>>>>>>>> always works fine with first client set. Any idea?
>>>>>>>>>>> MJ
>>>>>>>>>>> *** Received from 212.119.67.23 port 1645 ....
>>>>>>>>>>> Code: Access-Request
>>>>>>>>>>> Identifier: 77
>>>>>>>>>>> Authentic:
>>>>>>>>>>> <225>p<227>[c<138><130>s<131><190><250><227><171><156>D<242>
>>>>>>>>>>> Attributes:
>>>>>>>>>>> Framed-Protocol = PPP
>>>>>>>>>>> User-Name = "roaming"
>>>>>>>>>>> User-Password =
>>>>>>>>>>> "f<25><160><231><211>u<18><176>D<165><158>6<0>!I<166>"
>>>>>>>>>>> NAS-Port-Type = Virtual
>>>>>>>>>>> NAS-Port = 80
>>>>>>>>>>> Calling-Station-Id = "14647114"
>>>>>>>>>>> Called-Station-Id = "3010"
>>>>>>>>>>> Service-Type = Framed-User
>>>>>>>>>>> NAS-IP-Address = 212.119.67.23
>>>>>>>>>>>
>>>>>>>>>>> Tue Jun 15 16:49:37 2004: WARNING: Could not find a handler  
>>>>>>>>>>> for
>>>>>>>>>>> roaming: request is ignored
>>>>>>>>>>> ----- Original Message -----
>>>>>>>>>>>  From: "Hugh Irvine" <hugh at open.com.au>
>>>>>>>>>>> To: "MJ" <php at cyberia.net.sa>
>>>>>>>>>>> Cc: <radiator at open.com.au>; <elias at tmnet.com.my>; "Stefan
>>>>>>>>>>> Riegelnik"
>>>>>>>>>>> <sriegelnik at netway.at>
>>>>>>>>>>> Sent: Monday, June 14, 2004 6:17 PM
>>>>>>>>>>> Subject: Re: (RADIATOR) Can't Install Digest::MD5
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> NB: have you included a copy of your configuration file (no
>>>>>>>>>> secrets),
>>>>>>>>>> together with a trace 4 debug showing what is happening?
>>>>>>>>>>
>>>>>>>>>> -- 
>>>>>>>>>> Radiator: the most portable, flexible and configurable RADIUS
>>>>>>>>>> server
>>>>>>>>>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
>>>>>>>>>> -
>>>>>>>>>> Nets: internetwork inventory and management - graphical,
>>>>>>>>>> extensible,
>>>>>>>>>> flexible with hardware, software, platform and database
>>>>>>>>>> independence.
>>>>>>>>>> -
>>>>>>>>>> CATool: Private Certificate Authority for Unix and Unix-like
>>>>>>>>>> systems.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> NB: have you included a copy of your configuration file (no
>>>>>>>>>> secrets),
>>>>>>>>>> together with a trace 4 debug showing what is happening?
>>>>>>>>>>
>>>>>>>>>> -- 
>>>>>>>>>> Radiator: the most portable, flexible and configurable RADIUS
>>>>>>>>>> server
>>>>>>>>>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
>>>>>>>>>> -
>>>>>>>>>> Nets: internetwork inventory and management - graphical,
>>>>>>>>>> extensible,
>>>>>>>>>> flexible with hardware, software, platform and database
>>>>>>>>>> independence.
>>>>>>>>>> -
>>>>>>>>>> CATool: Private Certificate Authority for Unix and Unix-like
>>>>>>>>>> systems.
>>>>>>>>>>
>>>>>>>>>> <logfile.log><simple1.cfg>
>>>>>>>>>
>>>>>>>>> NB: have you included a copy of your configuration file (no
>>>>>>>>> secrets),
>>>>>>>>> together with a trace 4 debug showing what is happening?
>>>>>>>>>
>>>>>>>>> -- 
>>>>>>>>> Radiator: the most portable, flexible and configurable RADIUS
>>>>>>>>> server
>>>>>>>>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
>>>>>>>>> -
>>>>>>>>> Nets: internetwork inventory and management - graphical,
>>>>>>>>> extensible,
>>>>>>>>> flexible with hardware, software, platform and database
>>>>>>>>> independence.
>>>>>>>>> -
>>>>>>>>> CATool: Private Certificate Authority for Unix and Unix-like
>>>>>>>>> systems.
>>>>>>>>>
>>>>>>>>>
>>>>>>>> <logfile><simple1.cfg>
>>>>>>>
>>>>>>> NB: have you included a copy of your configuration file (no
>>>>>>> secrets),
>>>>>>> together with a trace 4 debug showing what is happening?
>>>>>>>
>>>>>>> -- 
>>>>>>> Radiator: the most portable, flexible and configurable RADIUS
> server
>>>>>>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
>>>>>>> -
>>>>>>> Nets: internetwork inventory and management - graphical,
> extensible,
>>>>>>> flexible with hardware, software, platform and database
>>>>>>> independence.
>>>>>>> -
>>>>>>> CATool: Private Certificate Authority for Unix and Unix-like
>>>>>>> systems.
>>>>>>>
>>>>>>> --
>>>>>>> Archive at http://www.open.com.au/archives/radiator/
>>>>>>> Announcements on radiator-announce at open.com.au
>>>>>>> To unsubscribe, email 'majordomo at open.com.au' with
>>>>>>> 'unsubscribe radiator' in the body of the message.
>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>> NB: have you included a copy of your configuration file (no  
>>>>> secrets),
>>>>> together with a trace 4 debug showing what is happening?
>>>>>
>>>>> -- 
>>>>> Radiator: the most portable, flexible and configurable RADIUS  
>>>>> server
>>>>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
>>>>> -
>>>>> Nets: internetwork inventory and management - graphical,  
>>>>> extensible,
>>>>> flexible with hardware, software, platform and database  
>>>>> independence.
>>>>> -
>>>>> CATool: Private Certificate Authority for Unix and Unix-like  
>>>>> systems.
>>>>>
>>>>> --
>>>>> Archive at http://www.open.com.au/archives/radiator/
>>>>> Announcements on radiator-announce at open.com.au
>>>>> To unsubscribe, email 'majordomo at open.com.au' with
>>>>> 'unsubscribe radiator' in the body of the message.
>>>>>
>>>>
>>>>
>>>
>>> NB: have you included a copy of your configuration file (no secrets),
>>> together with a trace 4 debug showing what is happening?
>>>
>>> -- 
>>> Radiator: the most portable, flexible and configurable RADIUS server
>>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
>>> -
>>> Nets: internetwork inventory and management - graphical, extensible,
>>> flexible with hardware, software, platform and database independence.
>>> -
>>> CATool: Private Certificate Authority for Unix and Unix-like systems.
>>>
>>> --
>>> Archive at http://www.open.com.au/archives/radiator/
>>> Announcements on radiator-announce at open.com.au
>>> To unsubscribe, email 'majordomo at open.com.au' with
>>> 'unsubscribe radiator' in the body of the message.
>>>
>>
>>
>> --
>> Archive at http://www.open.com.au/archives/radiator/
>> Announcements on radiator-announce at open.com.au
>> To unsubscribe, email 'majordomo at open.com.au' with
>> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list