(RADIATOR) Problem with ISDN connections on new Radiator Install
Hugh Irvine
hugh at open.com.au
Thu Dec 29 16:47:38 CST 2005
Hello Terry -
What exactly is the problem?
As far as I can see from the Radiator log, Radiator is operating
correctly and returning an Access-Accept for "honick". The Access-
Accept contains the reply attributes as specified in the user record.
If the session is being dropped by the NAS it looks more like a NAS
problem, but I can't be sure.
regards
Hugh
On 30 Dec 2005, at 09:38, Terry Rossi wrote:
>
>
> My own failed for about 30 hours straight with the same symptoms
> now I have a customer failing too. Can you please help point me in
> the right direction. My connection is now working fine but the
> user "honick" is not.
>
>
>
> Brand new machine (replacement) and new install of Radiator via RPM
> 3.13.1
>
>
>
> Linux picspc01.pics.com 2.4.21-37.ELsmp #1 SMP Wed Sep 7 13:28:55
> EDT 2005 i686 i686 i386 GNU/Linux
>
>
>
> *** password.log**
>
>
>
> Thu Dec 29 17:05:14 2005:1135893914:honick:XXXxxxXXX:XXXxxxXXX:PASS
>
> Thu Dec 29 17:07:48 2005:1135894068:conner:UNKNOWN-CHAP:1075:PASS
>
> Thu Dec 29 17:11:16 2005:1135894276:honick:XXXxxxXXX:XXXxxxXXX:PASS
>
> Thu Dec 29 17:11:57 2005:1135894317:kennyg:UNKNOWN-CHAP:tazz:PASS
>
> Thu Dec 29 17:12:28 2005:1135894348:honick:XXXxxxXXX:XXXxxxXXX:PASS
>
> Thu Dec 29 17:13:03 2005:1135894383:honick:XXXxxxXXX:XXXxxxXXX:PASS
>
> Thu Dec 29 17:13:23 2005:1135894403:honick:XXXxxxXXX:XXXxxxXXX:PASS
>
> Thu Dec 29 17:13:43 2005:1135894423:honick:XXXxxxXXX:XXXxxxXXX:PASS
>
> Thu Dec 29 17:14:05 2005:1135894445:honick:XXXxxxXXX:XXXxxxXXX:PASS
>
> Thu Dec 29 17:14:32 2005:1135894472:honick:XXXxxxXXX:XXXxxxXXX:PASS
>
> Thu Dec 29 17:14:52 2005:1135894492:honick:XXXxxxXXX:XXXxxxXXX:PASS
>
> Thu Dec 29 17:15:22 2005:1135894522:honick:XXXxxxXXX:XXXxxxXXX:PASS
>
> Thu Dec 29 17:16:05 2005:1135894565:honick:XXXxxxXXX:XXXxxxXXX:PASS
>
> Thu Dec 29 17:16:19 2005:1135894579:honick:XXXxxxXXX:XXXxxxXXX:PASS
>
> Thu Dec 29 17:16:37 2005:1135894597:honick:XXXxxxXXX:XXXxxxXXX:PASS
>
> Thu Dec 29 17:17:04 2005:1135894624:honick:XXXxxxXXX:XXXxxxXXX:PASS
>
>
>
>
>
> *** logfile ***
>
> Packet length = 20
>
> 05 da 00 14 fc 89 5d f7 89 30 8f a9 5c b9 61 39
>
> 09 de e7 34
>
> Code: Accounting-Response
>
> Identifier: 218
>
> Authentic: WQ#<28><150><*<150>*>*<9><11>tS^
>
> Attributes:
>
>
>
> Thu Dec 29 17:16:37 2005: DEBUG: Packet dump:
>
> *** Received from 192.135.189.36 port 1645 ....
>
>
>
> Packet length = 239
>
> 01 fc 00 ef 4e 79 4d 88 1f c4 13 47 db 01 37 fa
>
> 4f 36 67 11 01 08 68 6f 6e 69 63 6b 02 12 27 21
>
> 09 7d 87 a0 a7 c8 ec da 5f 95 c0 f3 7f 24 04 06
>
> cf 08 a8 01 20 0d 32 30 37 2e 38 2e 31 36 38 2e
>
> 31 05 06 00 00 01 83 2c 0a 36 37 32 33 39 39 36
>
> 31 1a 0e 00 00 01 ad 00 00 98 43 00 00 08 eb 1a
>
> 0e 00 00 01 ad 00 00 98 89 00 00 00 00 06 06 00
>
> 00 00 02 07 06 00 00 00 01 1a 10 00 00 01 ad 00
>
> 00 98 41 00 00 c5 7b c8 0c 1a 10 00 00 01 ad 00
>
> 4f 36 67 11 01 08 68 6f 6e 69 63 6b 02 12 27 21
>
> 09 7d 87 a0 a7 c8 ec da 5f 95 c0 f3 7f 24 04 06
>
> cf 08 a8 01 20 0d 32 30 37 2e 38 2e 31 36 38 2e
>
> 31 05 06 00 00 01 83 2c 0a 36 37 32 33 39 39 36
>
> 31 1a 0e 00 00 01 ad 00 00 98 43 00 00 08 eb 1a
>
> 0e 00 00 01 ad 00 00 98 89 00 00 00 00 06 06 00
>
> 00 00 02 07 06 00 00 00 01 1a 10 00 00 01 ad 00
>
> 00 98 41 00 00 c5 7b c8 0c 1a 10 00 00 01 ad 00
>
> 00 90 25 00 00 c5 7b c8 0c 1a 0e 00 00 01 ad 00
>
> 00 90 19 00 00 00 05 1a 0e 00 00 01 ad 00 00 90
>
> 1a 00 00 00 01 1a 0e 00 00 01 ad 00 00 90 1b 00
>
> 00 00 03 1a 0e 00 00 01 ad 00 00 90 23 00 00 00
>
> 01 1f 0c 36 30 39 37 30 34 37 36 32 38 1e 0c 38
>
> 35 36 36 32 36 38 38 39 39 3d 06 00 00 00 02
>
> Code: Access-Request
>
> Identifier: 252
>
> Authentic: NyM<136><31><196><19>G<219><1>7<250>O6g<17>
>
> Attributes:
>
> User-Name = "honick"
>
> User-Password = '!<9>}
> <135><160><167><200><236><218>_<149><192><243><127>$
>
> NAS-IP-Address = 207.8.168.1
>
> NAS-Identifier = "207.8.168.1"
>
> Thu Dec 29 17:16:37 2005: DEBUG: Radius::AuthFILE looks for match
> with honick
>
> Thu Dec 29 17:16:37 2005: DEBUG: Radius::AuthFILE ACCEPT:
>
> Thu Dec 29 17:16:37 2005: DEBUG: AuthBy FILE result: ACCEPT,
>
> Thu Dec 29 17:16:37 2005: DEBUG: Access accepted for honick
>
> Thu Dec 29 17:16:37 2005: DEBUG: Packet dump:
>
> *** Sending to 192.135.189.36 port 1645 ....
>
>
>
> Packet length = 80
>
> 02 fc 00 50 23 44 c3 07 1e 3b c6 6f 45 ba 2f 78
>
> d3 21 54 e7 08 06 cf 08 a8 df 06 06 00 00 00 02
>
> 07 06 00 00 00 01 09 06 ff ff ff ff 0a 06 00 00
>
> 00 03 0d 06 00 00 00 01 0c 06 00 00 05 dc 3e 06
>
> 00 00 00 02 1b 06 00 00 a8 c0 1c 06 00 00 04 b0
>
> Code: Access-Accept
>
> Identifier: 252
>
> Authentic: NyM<136><31><196><19>G<219><1>7<250>O6g<17>
>
> Attributes:
>
> Framed-IP-Address = 207.8.168.223
>
> Service-Type = Framed-User
>
> Framed-Protocol = PPP
>
> Framed-IP-Netmask = 255.255.255.255
>
> Framed-Routing = Broadcast-Listen
>
> Framed-Compression = Van-Jacobson-TCP-IP
>
> NAS-Port = 387
>
> Acct-Session-Id = "67239961"
>
> USR-Interface-Index = 2283
>
> USR-Tunnel-Supports-Tags = 0
>
> Service-Type = Framed-User
>
> Framed-Protocol = PPP
>
> USR-MP-EDO = "<0><0><197>{<200><12>"
>
> USR-MP-EDO = "<0><0><197>{<200><12>"
>
> USR-Chassis-Call-Slot = 5
>
> USR-Chassis-Call-Span = 1
>
> USR-Chassis-Call-Channel = 3
>
> USR-Connect-Speed = NONE
>
> Calling-Station-Id = "6097047628"
>
> Called-Station-Id = "8566268899"
>
> NAS-Port-Type = ISDN
>
>
>
> Thu Dec 29 17:16:37 2005: DEBUG: Rewrote user name to honick
>
> Thu Dec 29 17:16:37 2005: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
>
> Thu Dec 29 17:16:37 2005: DEBUG: Rewrote user name to honick
>
> Thu Dec 29 17:16:37 2005: DEBUG: DefaultSessionDB Deleting session
> for honick, 207.8.168.1, 387
>
> Thu Dec 29 17:16:37 2005: DEBUG: Handling with Radius::AuthFILE: ID_0
>
> Thu Dec 29 17:16:37 2005: DEBUG: Radius::AuthFILE looks for match
> with honick
>
> Thu Dec 29 17:16:37 2005: DEBUG: Radius::AuthFILE ACCEPT:
>
> Thu Dec 29 17:16:37 2005: DEBUG: Access accepted for honick
>
> Thu Dec 29 17:16:37 2005: DEBUG: Packet dump:
>
> *** Sending to 192.135.189.36 port 1645 ....
>
>
>
> Packet length = 80
>
> 02 fc 00 50 23 44 c3 07 1e 3b c6 6f 45 ba 2f 78
>
> d3 21 54 e7 08 06 cf 08 a8 df 06 06 00 00 00 02
>
> 07 06 00 00 00 01 09 06 ff ff ff ff 0a 06 00 00
>
> 00 03 0d 06 00 00 00 01 0c 06 00 00 05 dc 3e 06
>
> 00 00 00 02 1b 06 00 00 a8 c0 1c 06 00 00 04 b0
>
> Code: Access-Accept
>
> Identifier: 252
>
> Authentic: NyM<136><31><196><19>G<219><1>7<250>O6g<17>
>
> Attributes:
>
> Framed-IP-Address = 207.8.168.223
>
> Service-Type = Framed-User
>
> Framed-Protocol = PPP
>
> Framed-IP-Netmask = 255.255.255.255
>
> Framed-Routing = Broadcast-Listen
>
> Framed-Compression = Van-Jacobson-TCP-IP
>
> Framed-MTU = 1500
>
> Port-Limit = 2
>
> Session-Timeout = 43200
>
> Idle-Timeout = 1200
>
>
>
> Thu Dec 29 17:16:38 2005: DEBUG: Packet dump:
>
> *** Received from 192.135.189.36 port 1646 ....
>
>
>
> Packet length = 351
>
> 04 db 01 5f 1e c8 50 90 0a ee 98 6f 4b 99 be 36
>
> 0f 4d 57 75 01 11 75 6e 61 75 74 68 65 6e 74 69
>
> 63 61 74 65 64 04 06 cf 08 a8 01 28 06 00 00 00
>
> 02 2c 0a 36 37 32 33 39 39 36 31 29 06 00 00 00
>
> 00 06 06 00 00 00 02 3d 06 00 00 00 02 05 06 00
>
> 00 01 83 1a 0e 00 00 01 ad 00 00 98 43 00 00 08
>
> eb 1a 0e 00 00 01 ad 00 00 90 19 00 00 00 05 1a
>
> 0e 00 00 01 ad 00 00 90 1a 00 00 00 01 1a 0e 00
>
> 00 01 ad 00 00 90 1b 00 00 00 03 1a 0e 00 00 01
>
> ad 00 00 90 1d 00 00 00 04 1a 0e 00 00 01 ad 00
>
> 00 98 42 00 00 00 04 1f 0c 36 30 39 37 30 34 37
>
> 36 32 38 1e 0c 38 35 36 36 32 36 38 38 39 39 1a
>
> 0e 00 00 01 ad 00 00 00 6c 00 00 00 1b 1a 0e 00
>
> 00 01 ad 00 00 00 99 00 00 00 06 1a 0e 00 00 01
>
> ad 00 00 00 c7 00 00 00 01 1a 0e 00 00 01 ad 00
>
> 00 90 23 00 00 00 27 07 06 00 00 00 01 08 06 00
>
> 0e 00 00 01 ad 00 00 98 8b 00 00 00 1e 1a 0e 00
>
> 00 01 ad 00 00 98 01 00 00 fa 00 2a 06 00 00 01
>
> 1c 2b 06 00 00 00 8c 2f 06 00 00 00 09 30 06 00
>
> 00 00 07 1a 0e 00 00 01 ad 00 00 98 58 12 cd 03
>
> 4b 1a 0e 00 00 01 ad 00 00 98 59 12 cd 03 4f
>
> Code: Accounting-Request
>
> Identifier: 219
>
> Authentic: <30><200>P<144><10><238><152>oK<153><190>6<15>MWu
>
> Attributes:
>
> User-Name = "unauthenticated"
>
> NAS-IP-Address = 207.8.168.1
>
> Acct-Status-Type = Stop
>
> Acct-Session-Id = "67239961"
>
> Acct-Delay-Time = 0
>
> Service-Type = Framed-User
>
> NAS-Port-Type = ISDN
>
> NAS-Port = 387
>
> USR-Interface-Index = 2283
>
> USR-Chassis-Call-Slot = 5
>
> USR-Chassis-Call-Span = 1
>
> USR-Chassis-Call-Channel = 3
>
> USR-Unauthenticated-Time = 4
>
> USR-Modem-Training-Time = 4
>
> Calling-Station-Id = "6097047628"
>
> Called-Station-Id = "8566268899"
>
> USR-Modulation-Type = ayncSyncPPP
>
> USR-Simplified-MNP-Levels = synchronousNone
>
> USR-Simplified-V42bis-Usage = NONE
>
> USR-Connect-Speed = 64000_BPS
>
> Framed-Protocol = PPP
>
> Framed-IP-Address = 0.0.0.0
>
> Acct-Session-Time = 0
>
> Acct-Terminate-Cause = NAS-Error
>
> USR-Disconnect-Reason = 30
>
> USR-Speed-of-Connection = 64000
>
> Acct-Input-Octets = 284
>
> Acct-Output-Octets = 140
>
> Acct-Input-Packets = 9
>
> Acct-Output-Packets = 7
>
> USR-Call-Arrived-Time = 315425611
>
> USR-Call-Lost-Time = 315425615
>
>
>
>
>
> Thu Dec 29 17:16:38 2005: DEBUG: Rewrote user name to unauthenticated
>
> Thu Dec 29 17:16:38 2005: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
>
> Thu Dec 29 17:16:38 2005: DEBUG: Rewrote user name to unauthenticated
>
> Thu Dec 29 17:16:38 2005: DEBUG: DefaultSessionDB Deleting session
> for unauthenticated, 207.8.168.1, 387
>
> Thu Dec 29 17:16:38 2005: DEBUG: Handling with Radius::AuthFILE: ID_0
>
> Thu Dec 29 17:16:38 2005: DEBUG: AuthBy FILE result: ACCEPT,
>
> Thu Dec 29 17:16:38 2005: DEBUG: Accounting accepted
>
> Thu Dec 29 17:16:38 2005: DEBUG: Packet dump:
>
> *** Sending to 192.135.189.36 port 1646 ....
>
>
>
>
>
> *** radiator.cfg ***
>
>
>
> # Radiator configuration file.
>
> # Produced by /~tpr/Radiator-3.5/goodies/radconfig.cgi Thu Feb 27
> 19:32:24 2003
>
> #REMOTE_USER: , REMOTE_ADDR: 192.135.189.223
>
> # Was DupInterval 60 on 12/29/05 changed to DupInterval 0
>
>
>
> AcctPort 1646
>
> AuthPort 1645
>
> DbDir /etc/radiator
>
> DictionaryFile /etc/radiator/dictionary
>
> #Foreground
>
> LivingstonHole 2
>
> LivingstonOffs 29
>
> LogDir /var/log
>
> LogFile %L/logfile
>
> RewriteUsername s/^([^@]+).*/$1/
>
> SnmpgetProg /usr/bin/snmpget
>
> Trace 5
>
>
>
> #DefaultSimultaneousUse 1
>
> <AuthBy FILE>
>
> AddToReply Idle-Timeout = 1200
>
> DefaultSimultaneousUse 1
>
> Filename /etc/radiator/users
>
> Identifier ID_0
>
> </AuthBy>
>
>
>
> <Client DEFAULT>
>
> DupInterval 0
>
> IgnoreAcctSignature
>
> NasType TotalControlSNMP
>
> Secret SecretXXXPass
>
> </Client>
>
>
>
> <Realm picsonline.com>
>
> AcctLogFileName /logs/detail
>
> AuthBy ID_0
>
> AuthByPolicy ContinueWhileIgnore
>
> Description DialUpUSA Realm
>
> PasswordLogFileName /var/log/password.log
>
> MaxSessions 1
>
> RejectHasReason
>
> RewriteUsername %U
>
> SessionDatabase DefaultSessionDB
>
> </Realm>
>
>
>
>
>
>
>
> <Realm DEFAULT>
>
> AcctLogFileName /logs/detail
>
> AuthBy ID_0
>
> AuthByPolicy ContinueWhileIgnore
>
> Description Default PICS Realm
>
> PasswordLogFileName /var/log/password.log
>
> RewriteUsername s/^([^@]+).*/$1/
>
> SessionDatabase DefaultSessionDB
>
> </Realm>
>
>
>
> <SessionDatabase DBM>
>
> Filename %D/online
>
> Identifier DefaultSessionDB
>
> </SessionDatabase>
>
>
>
>
>
> *** users ***
>
>
>
>
>
> honick Password = "XXXxxxXXX"
>
> Service-Type = Framed-User,
>
> Framed-Protocol = PPP,
>
> Framed-IP-Address = 207.8.168.223,
>
> Framed-IP-Netmask = 255.255.255.255,
>
> Framed-Routing = Broadcast-Listen,
>
> Framed-Compression = Van-Jacobson-TCP-IP,
>
> Framed-MTU = 1500,
>
> Port-Limit = 2,
>
> Session-Timeout = 43200
>
>
>
>
>
>
>
>
>
>
NB:
Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list