(RADIATOR)

frank.messie at osix.nl frank.messie at osix.nl
Fri Apr 15 07:04:10 CDT 2005 

Hi all,

In our evaluation we are now trying to authenticate against a Postgres 
database.
We are using the database as created by the Radiator provided script.

We adapted the sql.cfg sample to use TTLS.

At the bottom of this email we include the text of our radius.cfg.



During authentication we get the error 
ERROR
**************************************************************************************************
Fri Apr 15 13:52:48 2005: ERR: Could not connect to SQL database with 
DBI->connect dbi:Pg:radius, radiator, security:  missing "=" after 
"radius" in connection info string
********************************************************************************
For your information we also include a bigger piece of the log.
I hope you can see what is causing this error.


 
LOGFILE
****************************************************************************************************
*** Received from 192.168.210.10 port 21645 ....
Code:       Access-Request
Identifier: 146
Authentic:  f<190>[<22>^<205><213>7Vjz<8><150>A<210>q
Attributes:
        User-Name = "frank"
        Framed-MTU = 1400
        Called-Station-Id = "0012.dab6.a210"
        Calling-Station-Id = "0010.c62b.9515"
        Message-Authenticator = 
<20>><142><0>r<131><169>_<216><197>Ep<200><207><223><130>
        EAP-Message = <2><5><0><196><21><128><0><0><0><186><23><3><1><0> 
<194><31><169><176><171>PW<208><155><242><21><167><228>_y<154>P<188><197><163><130><215><143>}Y<25><237><24>id<167><177><23><3><1><0><144>4d/D]<255>0hN<12>\<27><220><157>t<149><210><127><182><236><236><156>{<145><178><2><245><171><27><135><216>gA|<172><132><139><188><183><16>Z<235><201><229><190><131><2><184><202><171><200>b;<5>u=R<204><216><162><15><253><145><250><178>:Q<164>9<15><245>S<192>Y<148><255><186><143><189><161>m<128><252><185><214><26>x5 
<240>NwT<237><212>5<186>J<162><14><224>h<152>i<240><251>`=91<181><162><22><4><23><138>>%?<17><150>w<205><239>,<193><169><238><145><208><249>(<235><171><175><177>.<173><172><0><213>P<186>n
        NAS-Port-Type = Wireless-IEEE-802-11
        NAS-Port = 354
        Service-Type = Framed-User
        NAS-IP-Address = 192.168.210.10
        NAS-Identifier = "ap1"

Fri Apr 15 13:52:48 2005: DEBUG: Handling request with Handler 
'Realm=DEFAULT'
Fri Apr 15 13:52:48 2005: DEBUG:  Deleting session for frank, 
192.168.210.10, 354
Fri Apr 15 13:52:48 2005: DEBUG: Handling with Radius::AuthSQL
Fri Apr 15 13:52:48 2005: DEBUG: Handling with Radius::AuthSQL: 
Fri Apr 15 13:52:48 2005: DEBUG: Handling with EAP: code 2, 5, 196
Fri Apr 15 13:52:48 2005: DEBUG: Response type 21
Fri Apr 15 13:52:48 2005: DEBUG: EAP TTLS data, 3, 5, 4
Fri Apr 15 13:52:48 2005: DEBUG: EAP TTLS inner authentication request for 
frank
Fri Apr 15 13:52:48 2005: DEBUG: TTLS Tunnelled Diameter Packet dump:
Code:       Access-Request
Identifier: UNDEF
Authentic:  <135>?<130>cu<200><201>%<226><148><162>@S<227><14>)
Attributes:
        User-Name = "frank"
        MS-CHAP2-Response = 
F<0><7><202><137><185><179><151>=<246>u<153><135>5<154><127>6)<0><0><0><0><0><0><0><0><23><131><3><225><245><237><25><28><181><31><170>$<188><158>NL<140><178>oox<25>14
        MS-CHAP-Challenge = 
mM<19><140>)<235>!<139><138>V<229><158><10><9>#<174>

Fri Apr 15 13:52:48 2005: DEBUG: Handling request with Handler 
'Realm=DEFAULT'
Fri Apr 15 13:52:48 2005: DEBUG:  Deleting session for frank, 
192.168.210.10, 
Fri Apr 15 13:52:48 2005: DEBUG: Handling with Radius::AuthSQL
Fri Apr 15 13:52:48 2005: DEBUG: Handling with Radius::AuthSQL: 
Fri Apr 15 13:52:48 2005: ERR: Could not connect to SQL database with 
DBI->connect dbi:Pg:radius, radiator, security:  missing "=" after 
"radius" in connection info string

Fri Apr 15 13:52:48 2005: ERR: Could not connect to any SQL database. 
Request is ignored. Backing off for 600 seconds
Fri Apr 15 13:52:48 2005: DEBUG: AuthBy SQL result: IGNORE, User database 
access error
Fri Apr 15 13:52:48 2005: DEBUG: EAP result: 2, EAP TTLS inner 
authentication redespatched to a Handler
Fri Apr 15 13:52:48 2005: DEBUG: AuthBy SQL result: IGNORE, EAP TTLS inner 
authentication redespatched to a Handler
Fri Apr 15 13:52:53 2005: DEBUG: Packet dump:

CFG file
***********************************************************************************************************

Foreground
LogStdout 
LogDir  /var/log/radius
DbDir   /etc/radiator
PidFile /var/log/radius/radiator.pid
# User a lower trace level in production systems:
Trace           4

<Client ap1>
        Secret  security
        DupInterval 0
</Client>
<Client DEFAULT>
        Secret  security
        DupInterval 0
</Client>

<Realm DEFAULT>

 
        <AuthBy SQL>

        DBSource        dbi:Pg:radius
        DBUsername      radiator
        DBAuth          security

        # You may want to tailor these for your ACCOUNTING table
        # You can add your own columns to store whatever you like
        AccountingTable ACCOUNTING
        AcctColumnDef   USERNAME,User-Name
        AcctColumnDef   TIME_STAMP,Timestamp,integer
        AcctColumnDef   ACCTSTATUSTYPE,Acct-Status-Type
        AcctColumnDef   ACCTDELAYTIME,Acct-Delay-Time,integer
        AcctColumnDef   ACCTINPUTOCTETS,Acct-Input-Octets,integer
        AcctColumnDef   ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
        AcctColumnDef   ACCTSESSIONID,Acct-Session-Id
        AcctColumnDef   ACCTSESSIONTIME,Acct-Session-Time,integer
        AcctColumnDef   ACCTTERMINATECAUSE,Acct-Terminate-Cause
        AcctColumnDef   NASIDENTIFIER,NAS-Identifier
        AcctColumnDef   NASPORT,NAS-Port,integer
        AcctColumnDef   FRAMEDIPADDRESS,Framed-IP-Address


 
                EAPType TTLS

                EAPTLS_CAFile /var/ssl/root.pem

                EAPTLS_CertificateFile /var/ssl/rds1.pem
                EAPTLS_CertificateType PEM

                EAPTLS_PrivateKeyFile /var/ssl/rds1.pem
                EAPTLS_PrivateKeyPassword security

                EAPTLS_MaxFragmentSize 1000

 

                AutoMPPEKeys

    </AuthBy>
 
 
</Realm>

*************************************************************************

Vriendelijke groeten, Kind regards,
Frank Messie
Osix/Systems B.V.
Office:   Bikbergerweg 18, 1272 PM Huizen, The Netherlands
Mail:     Postbox 5006, 1410 AA Naarden, The Netherlands
Phone:    +31(0)356946010                  Fax:  +31(0)356951802
Email:    frank.messie at osix.nl              Homepage: www.osix.nl

This is an e-mail message from The Osix Group. The information contained 
in this
communication is intended solely for use by the individual or entity to
whom it is addressed. Use of this communication by others is prohibited. 
If
the e-mail message was sent to you by mistake, please destroy it without
reading, using, copying or disclosing its contents to any other person.
Sender accepts no liability for damage related to data and/or documents 
which
are communicated by electronic mail.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20050415/631dfb76/attachment.html>

More information about the radiator mailing list