(RADIATOR) ascend data filter problems

troy chaney troy at superheronetworks.com
Wed Sep 8 12:32:02 CDT 2004 

We have a pass thru radius customer that is having a lot of problems sending
us their ascend data filters. I have not been able to find a definitive
answer in the archives. They are attempting to send their filters as an
AddToReply. We use a user database to perform this function and I am unsure
as to if the filters can be passed this away and if so what the proper
syntax would be to do so. 

AddToReply Service-Type = Framed-User,Framed-Protocol =
PPP,Framed-IP-Address = 255.255.255.254,Framed-IP-Netmask =
255.255.255.255,Session-Timeout = 14400,Idle-Timeout =
900,Ascend-Data-Filter = ip in forward tcp est,Ascend-Data-Filter = ip in
forward dstip 66.210.32.128/27,Ascend-Data-Filter = ip in forward dstip
207.27.152.9/24,Ascend-Data-Filter = ip in drop tcp dstport =
25,Ascend-Data-Filter = ip in forward

 

 

When ever I run radtest I get the following

rad_recv: Access-Accept packet from host 66.210.32.156:1645, id=151,
length=216

        Service-Type = Framed-User

        Framed-Protocol = PPP

        Framed-IP-Address = 255.255.255.254

        Framed-IP-Netmask = 255.255.255.255

        Session-Timeout = 14400

        Idle-Timeout = 900

        Ascend-Data-Filter = "ip input forward tcp est"

        Ascend-Data-Filter = "ip input forward 0 dstip 66.210.32.128/27"

        Ascend-Data-Filter = "ip input forward 0 dstip 207.27.152.9/24"

        Ascend-Data-Filter = "ip input drop tcp dstport = 25"

        Ascend-Data-Filter = "ip input forward 0"

 

 

When looked at from Radar

 

*** Sending to 66.210.32.156 port 1645 ....

Code:       Access-Request

Identifier: 58

Authentic:  1234567890123456

Attributes:

            User-Name = "sensley at afo.net"

            Service-Type = Framed-User

            NAS-IP-Address = 192.168.12.10

            NAS-Port = 1

            Called-Station-Id = "123456789"

            Calling-Station-Id = "987654321"

            NAS-Port-Type = Async

            User-Password =
"<221><15>J<156><181><247><232><255><135>n{<168><29>><142><156>"

 

Wed Sep  8 10:25:58 2004: DEBUG: Access accepted for sensley at afo.net

Wed Sep  8 10:25:58 2004: DEBUG: Packet dump:

*** Sending to 65.167.179.3 port 3177 ....

Code:       Access-Accept

Identifier: 94

Authentic:  1234567890123456

Attributes:

            Service-Type = Framed-User

            Framed-Protocol = PPP

            Framed-IP-Address = 255.255.255.254

            Framed-IP-Netmask = 255.255.255.255

            Session-Timeout = 14400

            Idle-Timeout = 900

My question is if the ascend-data-filters can be passed successfully as
AddToReply and if so what the correct syntax would be and if not what is the
best way to get them to successfully pass their ascend data filters?

 

 

Troy

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20040908/53c8d90d/attachment.html>

More information about the radiator mailing list