(RADIATOR) Radiator doesn't bind to LDAP
Hugh Irvine
hugh at open.com.au
Wed Feb 15 16:42:55 CST 2006
Hello David -
I will need to see the complete configuration file and a trace 4
debug from startup showing what is happening.
regards
Hugh
On 16 Feb 2006, at 09:17, David Felipe Rios Rojas wrote:
>
>> -----Mensaje original-----
>> De: Hugh Irvine [mailto:hugh at open.com.au]
>> Enviado el: Martes, 14 de Febrero de 2006 11:37 p.m.
>> Para: David Felipe Rios Rojas
>> CC: radiator at open.com.au
>> Asunto: Re: (RADIATOR) Radiator doesn't bind to LDAP
>>
>>
>> Hello David -
>>
>> I think the AuthBy LDAP 2 configuration is incorrect.
>>
>> Try this instead:
>>
>>
>> <Realm ldap.realm>
>> <AuthBy LDAP2>
>> Host xxxxxx
>> Port 389
>> AuthDN root
>> AuthPassword xxxxxx
>> BaseDN ou=xxxxx,o=xxxxx
>> SearchFilter (&(%0=%1)(radiusloginservice=E))
>> UsernameAttr uid
>> PasswordAttr userPassword
>> </AuthBy>
>> </Realm>
>>
>>
>> hope that helps
>>
>> regards
>>
>> Hugh
>>
>
> Hi Hugh.
>
> I changed config file as you wrote but it didn't work :(
>
> I used "snoop" to see what it was sending to LDAP server and
> guess what! it doesn't send anything!; this is information
> showed by snoop:
>
> #############################################
> ETHER: ----- Ether Header -----
> ETHER:
> ETHER: Packet 1 arrived at 14:56:10.23
> ETHER: Packet size = 62 bytes
> ETHER: Destination = 0:e0:b6:4:d9:62,
> ETHER: Source = 8:0:20:c7:98:4c, Sun
> ETHER: Ethertype = 0800 (IP)
> ETHER:
> IP: ----- IP Header -----
> IP:
> IP: Version = 4
> IP: Header length = 20 bytes
> IP: Type of service = 0x00
> IP: xxx. .... = 0 (precedence)
> IP: ...0 .... = normal delay
> IP: .... 0... = normal throughput
> IP: .... .0.. = normal reliability
> IP: Total length = 48 bytes
> IP: Identification = 34837
> IP: Flags = 0x4
> IP: .1.. .... = do not fragment
> IP: ..0. .... = last fragment
> IP: Fragment offset = 0 bytes
> IP: Time to live = 64 seconds/hops
> IP: Protocol = 6 (TCP)
> IP: Header checksum = 479f
> IP: Source address = ***.***.***.***, ********
> IP: Destination address = ***.***.***.***, ********
> IP: No options
> IP:
> TCP: ----- TCP Header -----
> TCP:
> TCP: Source port = 46731
> TCP: Destination port = 389 (LDAP)
> TCP: Sequence number = 3244986615
> TCP: Acknowledgement number = 0
> TCP: Data offset = 28 bytes
> TCP: Flags = 0x02
> TCP: ..0. .... = No urgent pointer
> TCP: ...0 .... = No acknowledgement
> TCP: .... 0... = No push
> TCP: .... .0.. = No reset
> TCP: .... ..1. = Syn
> TCP: .... ...0 = No Fin
> TCP: Window = 24820
> TCP: Checksum = 0xaca4
> TCP: Urgent pointer = 0
> TCP: Options: (8 bytes)
> TCP: - No operation
> TCP: - No operation
> TCP: - SACK permitted option
> TCP: - Maximum segment size = 1460 bytes
> TCP:
> LDAP: ----- LDAP: -----
> LDAP:
> LDAP: ""
> LDAP:
>
> ETHER: ----- Ether Header -----
> ETHER:
> ETHER: Packet 2 arrived at 14:56:10.23
> ETHER: Packet size = 62 bytes
> ETHER: Destination = 8:0:20:c7:98:4c, Sun
> ETHER: Source = 0:e0:b6:4:d9:62,
> ETHER: Ethertype = 0800 (IP)
> ETHER:
> IP: ----- IP Header -----
> IP:
> IP: Version = 4
> IP: Header length = 20 bytes
> IP: Type of service = 0x00
> IP: xxx. .... = 0 (precedence)
> IP: ...0 .... = normal delay
> IP: .... 0... = normal throughput
> IP: .... .0.. = normal reliability
> IP: Total length = 48 bytes
> IP: Identification = 16165
> IP: Flags = 0x4
> IP: .1.. .... = do not fragment
> IP: ..0. .... = last fragment
> IP: Fragment offset = 0 bytes
> IP: Time to live = 60 seconds/hops
> IP: Protocol = 6 (TCP)
> IP: Header checksum = 948f
> IP: Source address = ***.***.***.***, **********
> IP: Destination address = ***.***.***.***, ********
> IP: No options
> IP:
> TCP: ----- TCP Header -----
> TCP:
> TCP: Source port = 389
> TCP: Destination port = 46731
> TCP: Sequence number = 1601298321
> TCP: Acknowledgement number = 3244986616
> TCP: Data offset = 28 bytes
> TCP: Flags = 0x12
> TCP: ..0. .... = No urgent pointer
> TCP: ...1 .... = Acknowledgement
> TCP: .... 0... = No push
> TCP: .... .0.. = No reset
> TCP: .... ..1. = Syn
> TCP: .... ...0 = No Fin
> TCP: Window = 64860
> TCP: Checksum = 0xd177
> TCP: Urgent pointer = 0
> TCP: Options: (8 bytes)
> TCP: - Maximum segment size = 1380 bytes
> TCP: - No operation
> TCP: - No operation
> TCP: - SACK permitted option
> TCP:
> LDAP: ----- LDAP: -----
> LDAP:
> LDAP: ""
> LDAP:
>
> ETHER: ----- Ether Header -----
> ETHER:
> ETHER: Packet 3 arrived at 14:56:10.23
> ETHER: Packet size = 54 bytes
> ETHER: Destination = 0:e0:b6:4:d9:62,
> ETHER: Source = 8:0:20:c7:98:4c, Sun
> ETHER: Ethertype = 0800 (IP)
> ETHER:
> IP: ----- IP Header -----
> IP:
> IP: Version = 4
> IP: Header length = 20 bytes
> IP: Type of service = 0x00
> IP: xxx. .... = 0 (precedence)
> IP: ...0 .... = normal delay
> IP: .... 0... = normal throughput
> IP: .... .0.. = normal reliability
> IP: Total length = 40 bytes
> IP: Identification = 34838
> IP: Flags = 0x4
> IP: .1.. .... = do not fragment
> IP: ..0. .... = last fragment
> IP: Fragment offset = 0 bytes
> IP: Time to live = 64 seconds/hops
> IP: Protocol = 6 (TCP)
> IP: Header checksum = 47a6
> IP: Source address = ***.***.***.***, ********
> IP: Destination address = ***.***.***.***, **********
> IP: No options
> IP:
> TCP: ----- TCP Header -----
> TCP:
> TCP: Source port = 46731
> TCP: Destination port = 389 (LDAP)
> TCP: Sequence number = 3244986616
> TCP: Acknowledgement number = 1601298322
> TCP: Data offset = 20 bytes
> TCP: Flags = 0x10
> TCP: ..0. .... = No urgent pointer
> TCP: ...1 .... = Acknowledgement
> TCP: .... 0... = No push
> TCP: .... .0.. = No reset
> TCP: .... ..0. = No Syn
> TCP: .... ...0 = No Fin
> TCP: Window = 24840
> TCP: Checksum = 0x9a40
> TCP: Urgent pointer = 0
> TCP: No options
> TCP:
> LDAP: ----- LDAP: -----
> LDAP:
> LDAP: ""
> LDAP:
>
> ETHER: ----- Ether Header -----
> ETHER:
> ETHER: Packet 4 arrived at 14:56:10.23
> ETHER: Packet size = 54 bytes
> ETHER: Destination = 0:e0:b6:4:d9:62,
> ETHER: Source = 8:0:20:c7:98:4c, Sun
> ETHER: Ethertype = 0800 (IP)
> ETHER:
> IP: ----- IP Header -----
> IP:
> IP: Version = 4
> IP: Header length = 20 bytes
> IP: Type of service = 0x00
> IP: xxx. .... = 0 (precedence)
> IP: ...0 .... = normal delay
> IP: .... 0... = normal throughput
> IP: .... .0.. = normal reliability
> IP: Total length = 40 bytes
> IP: Identification = 34839
> IP: Flags = 0x4
> IP: .1.. .... = do not fragment
> IP: ..0. .... = last fragment
> IP: Fragment offset = 0 bytes
> IP: Time to live = 64 seconds/hops
> IP: Protocol = 6 (TCP)
> IP: Header checksum = 47a5
> IP: Source address = ***.***.***.***, ********
> IP: Destination address = ***.***.***.***, ********
> IP: No options
> IP:
> TCP: ----- TCP Header -----
> TCP:
> TCP: Source port = 46731
> TCP: Destination port = 389 (LDAP)
> TCP: Sequence number = 3244986616
> TCP: Acknowledgement number = 1601298322
> TCP: Data offset = 20 bytes
> TCP: Flags = 0x11
> TCP: ..0. .... = No urgent pointer
> TCP: ...1 .... = Acknowledgement
> TCP: .... 0... = No push
> TCP: .... .0.. = No reset
> TCP: .... ..0. = No Syn
> TCP: .... ...1 = Fin
> TCP: Window = 24840
> TCP: Checksum = 0x9a3f
> TCP: Urgent pointer = 0
> TCP: No options
> TCP:
> LDAP: ----- LDAP: -----
> LDAP:
> LDAP: ""
> LDAP:
>
> ETHER: ----- Ether Header -----
> ETHER:
> ETHER: Packet 5 arrived at 14:56:10.24
> ETHER: Packet size = 60 bytes
> ETHER: Destination = 8:0:20:c7:98:4c, Sun
> ETHER: Source = 0:e0:b6:4:d9:62,
> ETHER: Ethertype = 0800 (IP)
> ETHER:
> IP: ----- IP Header -----
> IP:
> IP: Version = 4
> IP: Header length = 20 bytes
> IP: Type of service = 0x00
> IP: xxx. .... = 0 (precedence)
> IP: ...0 .... = normal delay
> IP: .... 0... = normal throughput
> IP: .... .0.. = normal reliability
> IP: Total length = 40 bytes
> IP: Identification = 16166
> IP: Flags = 0x4
> IP: .1.. .... = do not fragment
> IP: ..0. .... = last fragment
> IP: Fragment offset = 0 bytes
> IP: Time to live = 60 seconds/hops
> IP: Protocol = 6 (TCP)
> IP: Header checksum = 9496
> IP: Source address = ***.***.***.***, ********
> IP: Destination address = ***.***.***.***, ********
> IP: No options
> IP:
> TCP: ----- TCP Header -----
> TCP:
> TCP: Source port = 389
> TCP: Destination port = 46731
> TCP: Sequence number = 1601298322
> TCP: Acknowledgement number = 3244986617
> TCP: Data offset = 20 bytes
> TCP: Flags = 0x10
> TCP: ..0. .... = No urgent pointer
> TCP: ...1 .... = Acknowledgement
> TCP: .... 0... = No push
> TCP: .... .0.. = No reset
> TCP: .... ..0. = No Syn
> TCP: .... ...0 = No Fin
> TCP: Window = 64860
> TCP: Checksum = 0xfdea
> TCP: Urgent pointer = 0
> TCP: No options
> TCP:
> LDAP: ----- LDAP: -----
> LDAP:
> LDAP: ""
> LDAP:
>
> ETHER: ----- Ether Header -----
> ETHER:
> ETHER: Packet 6 arrived at 14:56:11.67
> ETHER: Packet size = 60 bytes
> ETHER: Destination = 8:0:20:c7:98:4c, Sun
> ETHER: Source = 0:e0:b6:4:d9:62,
> ETHER: Ethertype = 0800 (IP)
> ETHER:
> IP: ----- IP Header -----
> IP:
> IP: Version = 4
> IP: Header length = 20 bytes
> IP: Type of service = 0x00
> IP: xxx. .... = 0 (precedence)
> IP: ...0 .... = normal delay
> IP: .... 0... = normal throughput
> IP: .... .0.. = normal reliability
> IP: Total length = 40 bytes
> IP: Identification = 16167
> IP: Flags = 0x4
> IP: .1.. .... = do not fragment
> IP: ..0. .... = last fragment
> IP: Fragment offset = 0 bytes
> IP: Time to live = 60 seconds/hops
> IP: Protocol = 6 (TCP)
> IP: Header checksum = 9495
> IP: Source address = ***.***.***.***, ********
> IP: Destination address = ***.***.***.***, ********
> IP: No options
> IP:
> TCP: ----- TCP Header -----
> TCP:
> TCP: Source port = 389
> TCP: Destination port = 46731
> TCP: Sequence number = 1601298322
> TCP: Acknowledgement number = 3244986617
> TCP: Data offset = 20 bytes
> TCP: Flags = 0x11
> TCP: ..0. .... = No urgent pointer
> TCP: ...1 .... = Acknowledgement
> TCP: .... 0... = No push
> TCP: .... .0.. = No reset
> TCP: .... ..0. = No Syn
> TCP: .... ...1 = Fin
> TCP: Window = 64860
> TCP: Checksum = 0xfde9
> TCP: Urgent pointer = 0
> TCP: No options
> TCP:
> LDAP: ----- LDAP: -----
> LDAP:
> LDAP: ""
> LDAP:
>
> ETHER: ----- Ether Header -----
> ETHER:
> ETHER: Packet 7 arrived at 14:56:11.67
> ETHER: Packet size = 54 bytes
> ETHER: Destination = 0:e0:b6:4:d9:62,
> ETHER: Source = 8:0:20:c7:98:4c, Sun
> ETHER: Ethertype = 0800 (IP)
> ETHER:
> IP: ----- IP Header -----
> IP:
> IP: Version = 4
> IP: Header length = 20 bytes
> IP: Type of service = 0x00
> IP: xxx. .... = 0 (precedence)
> IP: ...0 .... = normal delay
> IP: .... 0... = normal throughput
> IP: .... .0.. = normal reliability
> IP: Total length = 40 bytes
> IP: Identification = 34840
> IP: Flags = 0x4
> IP: .1.. .... = do not fragment
> IP: ..0. .... = last fragment
> IP: Fragment offset = 0 bytes
> IP: Time to live = 64 seconds/hops
> IP: Protocol = 6 (TCP)
> IP: Header checksum = 47a4
> IP: Source address = ***.***.***.***, ********
> IP: Destination address = ***.***.***.***, ********
> IP: No options
> IP:
> TCP: ----- TCP Header -----
> TCP:
> TCP: Source port = 46731
> TCP: Destination port = 389 (LDAP)
> TCP: Sequence number = 3244986617
> TCP: Acknowledgement number = 1601298323
> TCP: Data offset = 20 bytes
> TCP: Flags = 0x10
> TCP: ..0. .... = No urgent pointer
> TCP: ...1 .... = Acknowledgement
> TCP: .... 0... = No push
> TCP: .... .0.. = No reset
> TCP: .... ..0. = No Syn
> TCP: .... ...0 = No Fin
> TCP: Window = 24840
> TCP: Checksum = 0x9a3e
> TCP: Urgent pointer = 0
> TCP: No options
> TCP:
> LDAP: ----- LDAP: -----
> LDAP:
> LDAP: ""
> LDAP:
> #############################################
>
> If you use grep to filter it, you could see that lines with
> "LDAP:" don't have any important information.
>
> PD. Sensible information was replace with "*"
>
>>
>> On 14 Feb 2006, at 08:45, David Felipe Rios Rojas wrote:
>>
>>> I'm testing Radiator for first time, but I'm a little
>> confused because
>>> an error message when it try binding to LDAP server; I use LDAP
>>> superuser account just to try it.
>>>
>>> Next is my config file; it was made based on sample
>> configuration file
>>> provided and several items are not configured yet because I just
>>> want to
>>> test LDAP binding first.
>>>
>>> Here we go:
>>>
>>> ##################################################################
>>> Foreground
>>>
>>> LogStdout
>>>
>>> Trace 4
>>>
>>> PidFile /tmp/radiusd.pid
>>>
>>> AuthPort 1645
>>>
>>> AcctPort 1646
>>>
>>> LogFile %L/%Y-%m-%d_logfile
>>> LogDir /var/log/radius
>>>
>>> DbDir .
>>>
>>> DictionaryFile /etc/radiator/dictionary,/etc/radiator/
>>> dictionary.ascend
>>>
>>> User radius
>>> Group radius
>>>
>>> <Client DEFAULT>
>>> Secret mysecret
>>> DupInterval 0
>>> DefaultRealm ldap.realm
>>> StatusServerShowClientDetails
>>> </Client>
>>>
>>>
>>> <Realm DEFAULT>
>>> RewriteUsername s/^([^@]+).*/$1/
>>> MaxSessions 2
>>> AcctLogFileName %L/detail
>>> WtmpFileName %L/wtmp
>>> PasswordLogFileName %L/password.log
>>> RejectHasReason
>>>
>>> <AuthBy FILE>
>>> Filename /etc/radiator/users
>>> DynamicReply USR-IP-Input-Filter
>>> DynamicCheck Group
>>> UseAddressHint
>>> AddToReply Reply-Message=hello
>>> AddToReplyIfNotExist Ascend-Data-Filter="ip in
>> forward tcp est"
>>> DefaultReply
>> Service-Type=Framed-User,Framed-Protocol=PPP
>>> RejectEmptyPassword
>>> AutoMPPEKeys
>>> EAPType MD5-Challenge
>>> </AuthBy>
>>>
>>> <AuthBy GROUP>
>>> AuthByPolicy ContinueUntilAccept
>>> AddToReply Reply-Message=xxxx
>>> <AuthBy FILE>
>>> Filename users
>>> </AuthBy>
>>> <AuthBy FILE>
>>> Filename users
>>> </AuthBy>
>>> </AuthBy>
>>>
>>> </Realm>
>>>
>>> <Realm unix.realm>
>>> RewriteUsername s/^([^@]+).*/$1/
>>>
>>> <AuthBy UNIX>
>>> Identifier System
>>> DefaultReply
>> Service-Type=Framed-User,Framed-Protocol=PPP
>>> </AuthBy>
>>> </Realm>
>>>
>>>
>>> <Realm system.realm>
>>> RewriteUsername s/^([^@]+).*/$1/
>>> </Realm>
>>>
>>>
>>> <Realm ldap.realm>
>>> <AuthBy LDAP2>
>>> Host xxxxxx
>>> Port 389
>>> AuthDN cn=root
>>> AuthPassword xxxxxx
>>> BaseDN
>> (&(%0=%1,ou=xxxxx,o=xxxxx)(radiusloginservice=E))
>>> UsernameAttr uid
>>> PasswordAttr userPassword
>>> </AuthBy>
>>> </Realm>
>>>
>>>
>>>
>>> <Realm external.realm>
>>> RewriteUsername s/^([^@]+).*/$1/
>>> <AuthBy EXTERNAL>
>>> Command perl ./goodies/testcommand.pl
>>> DecryptPassword
>>> </AuthBy>
>>> </Realm>
>>>
>>> <Realm internal.realm>
>>> <AuthBy INTERNAL>
>>> DefaultResult accept
>>> </AuthBy>
>>> </Realm>
>>>
>>>
>>> <Realm mobileip.realm>
>>> RewriteUsername s/^([^@]+).*/$1/
>>> <AuthBy FILE>
>>> Filename ./users
>>> </AuthBy>
>>> <AuthBy MOBILEIP>
>>> DefaultHAAddress 192.10.10.2
>>> </AuthBy>
>>> </Realm>
>>>
>>>
>>> <AuthBy FILE>
>>> Identifier identifier1
>>> </AuthBy>
>>>
>>>
>>> <Realm xyz>
>>> AuthBy identifier1
>>> </Realm>
>>> ##################################################################
>>>
>>>
>>> And this is output debug after "perl radpwtst -user driosr -
>>> password pass" is execute:
>>>
>>> ##################################################################
>>> Fri Feb 10 07:45:26 2006: DEBUG: Reading group file /etc/group
>>> Fri Feb 10 07:45:27 2006: DEBUG: Finished reading configuration
>>> file '/etc/radiator/radius.cfg'
>>> This Radiator license will expire on 2006-07-01
>>> This Radiator license will stop operating after 1000 requests
>>> To purchase an unlimited full source version of Radiator, see
>>> http://www.open.com.au/ordering.html
>>> To extend your license period, contact admin at open.com.au
>>>
>>> Fri Feb 10 07:45:27 2006: DEBUG: Reading dictionary file '/etc/
>>> radiator/dictionary'
>>> Fri Feb 10 07:45:28 2006: DEBUG: Reading dictionary file '/etc/
>>> radiator/dictionary.ascend'
>>> Fri Feb 10 07:45:28 2006: DEBUG: Creating authentication port
>>> 0.0.0.0:1645
>>> Fri Feb 10 07:45:28 2006: DEBUG: Creating accounting port
>> 0.0.0.0:1646
>>> Fri Feb 10 07:45:28 2006: NOTICE: Server started: Radiator 3.14 on
>>> XXXX(LOCKED)
>>> Fri Feb 10 07:46:16 2006: DEBUG: Packet dump:
>>> *** Received from 127.0.0.1 port 33466 ....
>>> Code: Access-Request
>>> Identifier: 211
>>> Authentic: 1234567890123456
>>> Attributes:
>>> User-Name = "driosr"
>>> Service-Type = Framed-User
>>> NAS-IP-Address = 203.63.154.1
>>> NAS-Identifier = "203.63.154.1"
>>> NAS-Port = 1234
>>> Called-Station-Id = "123456789"
>>> Calling-Station-Id = "987654321"
>>> NAS-Port-Type = Async
>>> User-Password = <137><234>,<222><175>
>>> \<4><246><188>8<9><160><216>}x<153>
>>>
>>> Fri Feb 10 07:46:17 2006: DEBUG: Handling request with Handler
>>> 'Realm=ldap.realm'
>>> Fri Feb 10 07:46:17 2006: DEBUG: Deleting session for driosr,
>>> 203.63.154.1, 1234
>>> Fri Feb 10 07:46:17 2006: DEBUG: Handling with Radius::AuthLDAP2:
>>> Fri Feb 10 07:46:17 2006: INFO: Connecting to XXXX:389
>>> Fri Feb 10 07:46:17 2006: INFO: Attempting to bind to LDAP server
>>> XXXX:389
>>> Fri Feb 10 07:46:17 2006: ERR: Could not bind connection with
>>> cn=root, xxxx, error: LDAP error code -1(0xFFFFFFFF) (server XXXX:
>>> 389).
>>> Fri Feb 10 07:46:17 2006: ERR: Backing off from XXXX:389 for 600
>>> seconds.
>>> Fri Feb 10 07:46:17 2006: DEBUG: AuthBy LDAP2 result: IGNORE, User
>>> database access error
>>> Fri Feb 10 07:46:22 2006: DEBUG: Packet dump:
>>> *** Received from 127.0.0.1 port 33466 ....
>>> Code: Accounting-Request
>>> Identifier: 212
>>> Authentic: .<16>t<179>;<188><213>L<151><182><131>L<144>p<159><245>
>>> Attributes:
>>> User-Name = "driosr"
>>> Service-Type = Framed-User
>>> NAS-IP-Address = 203.63.154.1
>>> NAS-Identifier = "203.63.154.1"
>>> NAS-Port = 1234
>>> NAS-Port-Type = Async
>>> Acct-Session-Id = "00001234"
>>> Acct-Status-Type = Start
>>> Called-Station-Id = "123456789"
>>> Calling-Station-Id = "987654321"
>>> Acct-Delay-Time = 0
>>>
>>> Fri Feb 10 07:46:22 2006: DEBUG: Handling request with Handler
>>> 'Realm=ldap.realm'
>>> Fri Feb 10 07:46:22 2006: DEBUG: Adding session for driosr,
>>> 203.63.154.1, 1234
>>> Fri Feb 10 07:46:22 2006: DEBUG: Handling with Radius::AuthLDAP2:
>>> Fri Feb 10 07:46:22 2006: DEBUG: AuthBy LDAP2 result: ACCEPT,
>>> Fri Feb 10 07:46:22 2006: DEBUG: Accounting accepted
>>> Fri Feb 10 07:46:22 2006: DEBUG: Packet dump:
>>> *** Sending to 127.0.0.1 port 33466 ....
>>> Code: Accounting-Response
>>> Identifier: 212
>>> Authentic: .<16>t<179>;<188><213>L<151><182><131>L<144>p<159><245>
>>> Attributes:
>>>
>>> Fri Feb 10 07:46:22 2006: DEBUG: Packet dump:
>>> *** Received from 127.0.0.1 port 33466 ....
>>> Code: Accounting-Request
>>> Identifier: 213
>>> Authentic: 4f<127><151><175><206><15><9>uq<149><22>&_<238>M
>>> Attributes:
>>> User-Name = "driosr"
>>> Service-Type = Framed-User
>>> NAS-IP-Address = 203.63.154.1
>>> NAS-Identifier = "203.63.154.1"
>>> NAS-Port = 1234
>>> NAS-Port-Type = Async
>>> Acct-Session-Id = "00001234"
>>> Acct-Status-Type = Stop
>>> Called-Station-Id = "123456789"
>>> Calling-Station-Id = "987654321"
>>> Acct-Delay-Time = 0
>>> Acct-Session-Time = 1000
>>> Acct-Input-Octets = 20000
>>> Acct-Output-Octets = 30000
>>>
>>> Fri Feb 10 07:46:22 2006: DEBUG: Handling request with Handler
>>> 'Realm=ldap.realm'
>>> Fri Feb 10 07:46:22 2006: DEBUG: Deleting session for driosr,
>>> 203.63.154.1, 1234
>>> Fri Feb 10 07:46:22 2006: DEBUG: Handling with Radius::AuthLDAP2:
>>> Fri Feb 10 07:46:22 2006: DEBUG: AuthBy LDAP2 result: ACCEPT,
>>> Fri Feb 10 07:46:22 2006: DEBUG: Accounting accepted
>>> Fri Feb 10 07:46:22 2006: DEBUG: Packet dump:
>>> *** Sending to 127.0.0.1 port 33466 ....
>>> Code: Accounting-Response
>>> Identifier: 213
>>> Authentic: 4f<127><151><175><206><15><9>uq<149><22>&_<238>M
>>> Attributes:
>>> ##################################################################
>>>
>>>
>>> And this is the output to "perl radpwtst -user driosr -password
>>> pass" command:
>>>
>>> ##################################################################
>>> sending Access-Request...
>>> No reply
>>> sending Accounting-Request Start...
>>> OK
>>> sending Accounting-Request Stop...
>>> OK
>>> ##################################################################
>>>
>>>
>>> Could you help me?
>>>
>>> Thanks in advance.
>>>
>>> --
>>> David Rios R.
>>>
>>> --
>>> Archive at http://www.open.com.au/archives/radiator/
>>> Announcements on radiator-announce at open.com.au
>>> To unsubscribe, email 'majordomo at open.com.au' with
>>> 'unsubscribe radiator' in the body of the message.
>>
>>
>> NB:
>>
>> Have you read the reference manual ("doc/ref.html")?
>> Have you searched the mailing list archive (www.open.com.au/archives/
>> radiator)?
>> Have you had a quick look on Google (www.google.com)?
>> Have you included a copy of your configuration file (no secrets),
>> together with a trace 4 debug showing what is happening?
>>
>> --
>> Radiator: the most portable, flexible and configurable RADIUS server
>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
>> -
>> Nets: internetwork inventory and management - graphical, extensible,
>> flexible with hardware, software, platform and database independence.
>> -
>> CATool: Private Certificate Authority for Unix and Unix-like systems.
>>
>>
>>
>
> --
> David Rios R.
> Ingenieria de Desarrollo
> Expansion Nuevos Servicios
> Empresas Publicas de Medellin
>
NB:
Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list