(RADIATOR) Re: radiator problem connectin to NAS

Hugh Irvine hugh at open.com.au
Wed Oct 12 17:22:29 CDT 2005 

Hello Roy -

There is no radius attribute called "DNSServer".

If you are using Unisphere equipment I would have thought you should  
use "Unisphere-Primary-Dns".

......

<AuthBy DYNADDRESS>
         AddressAllocator myallocator
         PoolHint        pool1
         MapAttribute    yiaddr, Framed-IP-Address
         MapAttribute    subnetmask, Framed-IP-Netmask
         MapAttribute    dnsserver, Unisphere-Primary-Dns
</AuthBy>

......

All of the Radius attributes that Radiator uses are defined in the  
"dictionary" file, which is a simple text file that you can look at  
with any text editor.

If you look at a trace 4 debug from Radiator you will see whatever  
error messages there are.

regards

Hugh


On 12 Oct 2005, at 15:25, Roy Soala wrote:

> dear hugh,
>
> yes it's workin right now, seems it's because radius installed at
> secondary ip, so the NAS didn't recognize the real ip.
> since it's works already, i face another problem. when ip put  
> DNSServer
> attribute at the config file, the dialup client doesn't has IP DNS
> assignment allocated. is there something wrong with the config, or any
> special dictionary should added at dictionary since we use Unisphere/
> Juniper NAS ?
>
> here is my config :
> --
> Foreground
> LogStdout
> LogDir          .
> DbDir           .
> Trace           4
>
> <Client DEFAULT>
>         DupInterval 0
> </Client>
>
> <ClientListSQL>
>         DBSource        dbi:mysql:radius
>         DBUsername      xxx
>         DBAuth          xxx
> </ClientListSQL>
>
>
> <AddressAllocator SQL>
>         Identifier myallocator
>         Identifier myallocator
>
>         DBSource        dbi:mysql:radius
>         DBUsername      xxx
>         DBAuth          xxx
>
>         <AddressPool pool1>
>                 Subnetmask      255.255.255.0
>                 DNSServer       11.51.209.5
>                 Range   11.51.193.2 11.51.193.31
>         </AddressPool>
>
> </AddressAllocator>
>
> <Realm DEFAULT>
>         AuthByPolicy ContinueWhileAccept
>         RewriteUsername s/^([^@]+).*/$1/
>     <AuthBy SQL>
>
>         DBSource        dbi:mysql:radius
>         DBUsername      xxx
>         DBAuth          xxx
>         AccountingTable ACCOUNTING
>         AcctColumnDef   USERNAME,User-Name
>         AcctColumnDef   TIME_STAMP,Timestamp,integer
>         AcctColumnDef   ACCTSTATUSTYPE,Acct-Status-Type
>         AcctColumnDef   ACCTDELAYTIME,Acct-Delay-Time,integer
>         AcctColumnDef   ACCTINPUTOCTETS,Acct-Input-Octets,integer
>         AcctColumnDef   ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
>         AcctColumnDef   ACCTSESSIONID,Acct-Session-Id
>         AcctColumnDef   ACCTSESSIONTIME,Acct-Session-Time,integer
>         AcctColumnDef   ACCTTERMINATECAUSE,Acct-Terminate-Cause
>         AcctColumnDef   NASIDENTIFIER,NAS-Identifier
>         AcctColumnDef   NASPORT,NAS-Port,integer
>         AcctColumnDef   FRAMEDIPADDRESS,Framed-IP-Address
>         SQLRecoveryFile %D/missedaccounting
>     </AuthBy>
>
> <AuthBy DYNADDRESS>
>         AddressAllocator myallocator
>         PoolHint        pool1
>         MapAttribute    yiaddr, Framed-IP-Address
>         MapAttribute    subnetmask, Framed-IP-Netmask
>         MapAttribute    dnsserver, DNSServer
> </AuthBy>
>
> </Realm>
> ---
>
> is there something todo with NASTYPE ?
>
> please advice,
>
> thanks.
>
> br, --roy
>
>
>
> On Thu, 2005-10-06 at 17:03, Hugh Irvine wrote:
>
>> Hello Roy -
>>
>> Thanks for your mail.
>>
>> As far as I can see from the debug trace log, Radiator is operating
>> correctly and sending an Access-Accept back to the NAS.
>>
>> Either there is a filter or firewall blocking the reply from getting
>> to the NAS, or the NAS does not like the contents of the Access- 
>> Accept.
>>
>> You should check a debug on the NAS to see what is happening.
>>
>> regards
>>
>> Hugh
>>
>>
>> On 6 Oct 2005, at 12:50, Roy Soala wrote:
>>
>>
>>> dear hugh,
>>>
>>> recently i've got Radiator-Locked-3.13_new.tar from radiator local
>>> reseller here in indonesia. i've try to install it until i execute :
>>> [root at goangie Radiator-Locked-3.13]# perl radpwtst -user mikem -
>>> password fred
>>> and seems everthing running well.
>>>
>>>
>
>


NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/ 
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list