(RADIATOR) Upstream Provider seeing more on Attribute than needed

Hugh Irvine hugh at open.com.au
Wed Nov 23 16:03:15 CST 2005 

Hello Dan -

What your upstream provider is seeing is defined by the dictionary  
for _his_ radius server, what you are sending on the wire is encoded  
and does not contain "GVSA-Ascend-Data-Filter" at all. You can verify  
exactly what you are sending by running at trace 5 debug (or you can  
look at the radius packet dumps with your favourite packet sniffer -  
ethereal, tcpdump, snoop).

You should be aware that there are two sets of Ascend radius  
attributes and you will need to use the correct set for your  
application.

By default the Ascend vendor specific attributes are sent rather than  
the "old-style" Ascend attributes, so if you want to send the "old- 
style" attributes you should add this to your configuration file (you  
will need copies of both dictionary files in %D):


#define dictionaries to use the "old-style" Ascend attributes

DictionaryFile %D/dictionary, %D/dictionary.ascend


See section 6.4.10 in the Radiator reference manual ("doc/ref.html").

BTW - the most recent version is Radiator 3.13.

hope that helps

regards

Hugh


On 24 Nov 2005, at 02:42, Dan Verbarg wrote:

> Hello,
> We are currently running version 3.6 for a long time now without  
> any problems. The other day we tried to do some "fencing" of some  
> users to prevent where they could go with some "Ascend-Data-Filter" .
>
> We have a issue of the upstream provider saying we are passing this  
> instead "GVSA-Ascend-Data-Filter"
> How can I strip the GVSA?
>
> Dan


NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/ 
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list