(RADIATOR) Radiator doesn't bind to LDAP
Hugh Irvine
hugh at open.com.au
Wed Feb 15 16:48:40 CST 2006
Hello David -
Further to this you can add "Debug 255" to your AuthBy LDAP2 clause
to get additional LDAP debugging.
regards
Hugh
On 16 Feb 2006, at 09:42, Hugh Irvine wrote:
>
> Hello David -
>
> I will need to see the complete configuration file and a trace 4
> debug from startup showing what is happening.
>
> regards
>
> Hugh
>
>
> On 16 Feb 2006, at 09:17, David Felipe Rios Rojas wrote:
>
>>
>>> -----Mensaje original-----
>>> De: Hugh Irvine [mailto:hugh at open.com.au]
>>> Enviado el: Martes, 14 de Febrero de 2006 11:37 p.m.
>>> Para: David Felipe Rios Rojas
>>> CC: radiator at open.com.au
>>> Asunto: Re: (RADIATOR) Radiator doesn't bind to LDAP
>>>
>>>
>>> Hello David -
>>>
>>> I think the AuthBy LDAP 2 configuration is incorrect.
>>>
>>> Try this instead:
>>>
>>>
>>> <Realm ldap.realm>
>>> <AuthBy LDAP2>
>>> Host xxxxxx
>>> Port 389
>>> AuthDN root
>>> AuthPassword xxxxxx
>>> BaseDN ou=xxxxx,o=xxxxx
>>> SearchFilter (&(%0=%1)(radiusloginservice=E))
>>> UsernameAttr uid
>>> PasswordAttr userPassword
>>> </AuthBy>
>>> </Realm>
>>>
>>>
>>> hope that helps
>>>
>>> regards
>>>
>>> Hugh
>>>
>>
>> Hi Hugh.
>>
>> I changed config file as you wrote but it didn't work :(
>>
>> I used "snoop" to see what it was sending to LDAP server and
>> guess what! it doesn't send anything!; this is information
>> showed by snoop:
>>
>> #############################################
>> ETHER: ----- Ether Header -----
>> ETHER:
>> ETHER: Packet 1 arrived at 14:56:10.23
>> ETHER: Packet size = 62 bytes
>> ETHER: Destination = 0:e0:b6:4:d9:62,
>> ETHER: Source = 8:0:20:c7:98:4c, Sun
>> ETHER: Ethertype = 0800 (IP)
>> ETHER:
>> IP: ----- IP Header -----
>> IP:
>> IP: Version = 4
>> IP: Header length = 20 bytes
>> IP: Type of service = 0x00
>> IP: xxx. .... = 0 (precedence)
>> IP: ...0 .... = normal delay
>> IP: .... 0... = normal throughput
>> IP: .... .0.. = normal reliability
>> IP: Total length = 48 bytes
>> IP: Identification = 34837
>> IP: Flags = 0x4
>> IP: .1.. .... = do not fragment
>> IP: ..0. .... = last fragment
>> IP: Fragment offset = 0 bytes
>> IP: Time to live = 64 seconds/hops
>> IP: Protocol = 6 (TCP)
>> IP: Header checksum = 479f
>> IP: Source address = ***.***.***.***, ********
>> IP: Destination address = ***.***.***.***, ********
>> IP: No options
>> IP:
>> TCP: ----- TCP Header -----
>> TCP:
>> TCP: Source port = 46731
>> TCP: Destination port = 389 (LDAP)
>> TCP: Sequence number = 3244986615
>> TCP: Acknowledgement number = 0
>> TCP: Data offset = 28 bytes
>> TCP: Flags = 0x02
>> TCP: ..0. .... = No urgent pointer
>> TCP: ...0 .... = No acknowledgement
>> TCP: .... 0... = No push
>> TCP: .... .0.. = No reset
>> TCP: .... ..1. = Syn
>> TCP: .... ...0 = No Fin
>> TCP: Window = 24820
>> TCP: Checksum = 0xaca4
>> TCP: Urgent pointer = 0
>> TCP: Options: (8 bytes)
>> TCP: - No operation
>> TCP: - No operation
>> TCP: - SACK permitted option
>> TCP: - Maximum segment size = 1460 bytes
>> TCP:
>> LDAP: ----- LDAP: -----
>> LDAP:
>> LDAP: ""
>> LDAP:
>>
>> ETHER: ----- Ether Header -----
>> ETHER:
>> ETHER: Packet 2 arrived at 14:56:10.23
>> ETHER: Packet size = 62 bytes
>> ETHER: Destination = 8:0:20:c7:98:4c, Sun
>> ETHER: Source = 0:e0:b6:4:d9:62,
>> ETHER: Ethertype = 0800 (IP)
>> ETHER:
>> IP: ----- IP Header -----
>> IP:
>> IP: Version = 4
>> IP: Header length = 20 bytes
>> IP: Type of service = 0x00
>> IP: xxx. .... = 0 (precedence)
>> IP: ...0 .... = normal delay
>> IP: .... 0... = normal throughput
>> IP: .... .0.. = normal reliability
>> IP: Total length = 48 bytes
>> IP: Identification = 16165
>> IP: Flags = 0x4
>> IP: .1.. .... = do not fragment
>> IP: ..0. .... = last fragment
>> IP: Fragment offset = 0 bytes
>> IP: Time to live = 60 seconds/hops
>> IP: Protocol = 6 (TCP)
>> IP: Header checksum = 948f
>> IP: Source address = ***.***.***.***, **********
>> IP: Destination address = ***.***.***.***, ********
>> IP: No options
>> IP:
>> TCP: ----- TCP Header -----
>> TCP:
>> TCP: Source port = 389
>> TCP: Destination port = 46731
>> TCP: Sequence number = 1601298321
>> TCP: Acknowledgement number = 3244986616
>> TCP: Data offset = 28 bytes
>> TCP: Flags = 0x12
>> TCP: ..0. .... = No urgent pointer
>> TCP: ...1 .... = Acknowledgement
>> TCP: .... 0... = No push
>> TCP: .... .0.. = No reset
>> TCP: .... ..1. = Syn
>> TCP: .... ...0 = No Fin
>> TCP: Window = 64860
>> TCP: Checksum = 0xd177
>> TCP: Urgent pointer = 0
>> TCP: Options: (8 bytes)
>> TCP: - Maximum segment size = 1380 bytes
>> TCP: - No operation
>> TCP: - No operation
>> TCP: - SACK permitted option
>> TCP:
>> LDAP: ----- LDAP: -----
>> LDAP:
>> LDAP: ""
>> LDAP:
>>
>> ETHER: ----- Ether Header -----
>> ETHER:
>> ETHER: Packet 3 arrived at 14:56:10.23
>> ETHER: Packet size = 54 bytes
>> ETHER: Destination = 0:e0:b6:4:d9:62,
>> ETHER: Source = 8:0:20:c7:98:4c, Sun
>> ETHER: Ethertype = 0800 (IP)
>> ETHER:
>> IP: ----- IP Header -----
>> IP:
>> IP: Version = 4
>> IP: Header length = 20 bytes
>> IP: Type of service = 0x00
>> IP: xxx. .... = 0 (precedence)
>> IP: ...0 .... = normal delay
>> IP: .... 0... = normal throughput
>> IP: .... .0.. = normal reliability
>> IP: Total length = 40 bytes
>> IP: Identification = 34838
>> IP: Flags = 0x4
>> IP: .1.. .... = do not fragment
>> IP: ..0. .... = last fragment
>> IP: Fragment offset = 0 bytes
>> IP: Time to live = 64 seconds/hops
>> IP: Protocol = 6 (TCP)
>> IP: Header checksum = 47a6
>> IP: Source address = ***.***.***.***, ********
>> IP: Destination address = ***.***.***.***, **********
>> IP: No options
>> IP:
>> TCP: ----- TCP Header -----
>> TCP:
>> TCP: Source port = 46731
>> TCP: Destination port = 389 (LDAP)
>> TCP: Sequence number = 3244986616
>> TCP: Acknowledgement number = 1601298322
>> TCP: Data offset = 20 bytes
>> TCP: Flags = 0x10
>> TCP: ..0. .... = No urgent pointer
>> TCP: ...1 .... = Acknowledgement
>> TCP: .... 0... = No push
>> TCP: .... .0.. = No reset
>> TCP: .... ..0. = No Syn
>> TCP: .... ...0 = No Fin
>> TCP: Window = 24840
>> TCP: Checksum = 0x9a40
>> TCP: Urgent pointer = 0
>> TCP: No options
>> TCP:
>> LDAP: ----- LDAP: -----
>> LDAP:
>> LDAP: ""
>> LDAP:
>>
>> ETHER: ----- Ether Header -----
>> ETHER:
>> ETHER: Packet 4 arrived at 14:56:10.23
>> ETHER: Packet size = 54 bytes
>> ETHER: Destination = 0:e0:b6:4:d9:62,
>> ETHER: Source = 8:0:20:c7:98:4c, Sun
>> ETHER: Ethertype = 0800 (IP)
>> ETHER:
>> IP: ----- IP Header -----
>> IP:
>> IP: Version = 4
>> IP: Header length = 20 bytes
>> IP: Type of service = 0x00
>> IP: xxx. .... = 0 (precedence)
>> IP: ...0 .... = normal delay
>> IP: .... 0... = normal throughput
>> IP: .... .0.. = normal reliability
>> IP: Total length = 40 bytes
>> IP: Identification = 34839
>> IP: Flags = 0x4
>> IP: .1.. .... = do not fragment
>> IP: ..0. .... = last fragment
>> IP: Fragment offset = 0 bytes
>> IP: Time to live = 64 seconds/hops
>> IP: Protocol = 6 (TCP)
>> IP: Header checksum = 47a5
>> IP: Source address = ***.***.***.***, ********
>> IP: Destination address = ***.***.***.***, ********
>> IP: No options
>> IP:
>> TCP: ----- TCP Header -----
>> TCP:
>> TCP: Source port = 46731
>> TCP: Destination port = 389 (LDAP)
>> TCP: Sequence number = 3244986616
>> TCP: Acknowledgement number = 1601298322
>> TCP: Data offset = 20 bytes
>> TCP: Flags = 0x11
>> TCP: ..0. .... = No urgent pointer
>> TCP: ...1 .... = Acknowledgement
>> TCP: .... 0... = No push
>> TCP: .... .0.. = No reset
>> TCP: .... ..0. = No Syn
>> TCP: .... ...1 = Fin
>> TCP: Window = 24840
>> TCP: Checksum = 0x9a3f
>> TCP: Urgent pointer = 0
>> TCP: No options
>> TCP:
>> LDAP: ----- LDAP: -----
>> LDAP:
>> LDAP: ""
>> LDAP:
>>
>> ETHER: ----- Ether Header -----
>> ETHER:
>> ETHER: Packet 5 arrived at 14:56:10.24
>> ETHER: Packet size = 60 bytes
>> ETHER: Destination = 8:0:20:c7:98:4c, Sun
>> ETHER: Source = 0:e0:b6:4:d9:62,
>> ETHER: Ethertype = 0800 (IP)
>> ETHER:
>> IP: ----- IP Header -----
>> IP:
>> IP: Version = 4
>> IP: Header length = 20 bytes
>> IP: Type of service = 0x00
>> IP: xxx. .... = 0 (precedence)
>> IP: ...0 .... = normal delay
>> IP: .... 0... = normal throughput
>> IP: .... .0.. = normal reliability
>> IP: Total length = 40 bytes
>> IP: Identification = 16166
>> IP: Flags = 0x4
>> IP: .1.. .... = do not fragment
>> IP: ..0. .... = last fragment
>> IP: Fragment offset = 0 bytes
>> IP: Time to live = 60 seconds/hops
>> IP: Protocol = 6 (TCP)
>> IP: Header checksum = 9496
>> IP: Source address = ***.***.***.***, ********
>> IP: Destination address = ***.***.***.***, ********
>> IP: No options
>> IP:
>> TCP: ----- TCP Header -----
>> TCP:
>> TCP: Source port = 389
>> TCP: Destination port = 46731
>> TCP: Sequence number = 1601298322
>> TCP: Acknowledgement number = 3244986617
>> TCP: Data offset = 20 bytes
>> TCP: Flags = 0x10
>> TCP: ..0. .... = No urgent pointer
>> TCP: ...1 .... = Acknowledgement
>> TCP: .... 0... = No push
>> TCP: .... .0.. = No reset
>> TCP: .... ..0. = No Syn
>> TCP: .... ...0 = No Fin
>> TCP: Window = 64860
>> TCP: Checksum = 0xfdea
>> TCP: Urgent pointer = 0
>> TCP: No options
>> TCP:
>> LDAP: ----- LDAP: -----
>> LDAP:
>> LDAP: ""
>> LDAP:
>>
>> ETHER: ----- Ether Header -----
>> ETHER:
>> ETHER: Packet 6 arrived at 14:56:11.67
>> ETHER: Packet size = 60 bytes
>> ETHER: Destination = 8:0:20:c7:98:4c, Sun
>> ETHER: Source = 0:e0:b6:4:d9:62,
>> ETHER: Ethertype = 0800 (IP)
>> ETHER:
>> IP: ----- IP Header -----
>> IP:
>> IP: Version = 4
>> IP: Header length = 20 bytes
>> IP: Type of service = 0x00
>> IP: xxx. .... = 0 (precedence)
>> IP: ...0 .... = normal delay
>> IP: .... 0... = normal throughput
>> IP: .... .0.. = normal reliability
>> IP: Total length = 40 bytes
>> IP: Identification = 16167
>> IP: Flags = 0x4
>> IP: .1.. .... = do not fragment
>> IP: ..0. .... = last fragment
>> IP: Fragment offset = 0 bytes
>> IP: Time to live = 60 seconds/hops
>> IP: Protocol = 6 (TCP)
>> IP: Header checksum = 9495
>> IP: Source address = ***.***.***.***, ********
>> IP: Destination address = ***.***.***.***, ********
>> IP: No options
>> IP:
>> TCP: ----- TCP Header -----
>> TCP:
>> TCP: Source port = 389
>> TCP: Destination port = 46731
>> TCP: Sequence number = 1601298322
>> TCP: Acknowledgement number = 3244986617
>> TCP: Data offset = 20 bytes
>> TCP: Flags = 0x11
>> TCP: ..0. .... = No urgent pointer
>> TCP: ...1 .... = Acknowledgement
>> TCP: .... 0... = No push
>> TCP: .... .0.. = No reset
>> TCP: .... ..0. = No Syn
>> TCP: .... ...1 = Fin
>> TCP: Window = 64860
>> TCP: Checksum = 0xfde9
>> TCP: Urgent pointer = 0
>> TCP: No options
>> TCP:
>> LDAP: ----- LDAP: -----
>> LDAP:
>> LDAP: ""
>> LDAP:
>>
>> ETHER: ----- Ether Header -----
>> ETHER:
>> ETHER: Packet 7 arrived at 14:56:11.67
>> ETHER: Packet size = 54 bytes
>> ETHER: Destination = 0:e0:b6:4:d9:62,
>> ETHER: Source = 8:0:20:c7:98:4c, Sun
>> ETHER: Ethertype = 0800 (IP)
>> ETHER:
>> IP: ----- IP Header -----
>> IP:
>> IP: Version = 4
>> IP: Header length = 20 bytes
>> IP: Type of service = 0x00
>> IP: xxx. .... = 0 (precedence)
>> IP: ...0 .... = normal delay
>> IP: .... 0... = normal throughput
>> IP: .... .0.. = normal reliability
>> IP: Total length = 40 bytes
>> IP: Identification = 34840
>> IP: Flags = 0x4
>> IP: .1.. .... = do not fragment
>> IP: ..0. .... = last fragment
>> IP: Fragment offset = 0 bytes
>> IP: Time to live = 64 seconds/hops
>> IP: Protocol = 6 (TCP)
>> IP: Header checksum = 47a4
>> IP: Source address = ***.***.***.***, ********
>> IP: Destination address = ***.***.***.***, ********
>> IP: No options
>> IP:
>> TCP: ----- TCP Header -----
>> TCP:
>> TCP: Source port = 46731
>> TCP: Destination port = 389 (LDAP)
>> TCP: Sequence number = 3244986617
>> TCP: Acknowledgement number = 1601298323
>> TCP: Data offset = 20 bytes
>> TCP: Flags = 0x10
>> TCP: ..0. .... = No urgent pointer
>> TCP: ...1 .... = Acknowledgement
>> TCP: .... 0... = No push
>> TCP: .... .0.. = No reset
>> TCP: .... ..0. = No Syn
>> TCP: .... ...0 = No Fin
>> TCP: Window = 24840
>> TCP: Checksum = 0x9a3e
>> TCP: Urgent pointer = 0
>> TCP: No options
>> TCP:
>> LDAP: ----- LDAP: -----
>> LDAP:
>> LDAP: ""
>> LDAP:
>> #############################################
>>
>> If you use grep to filter it, you could see that lines with
>> "LDAP:" don't have any important information.
>>
>> PD. Sensible information was replace with "*"
>>
>>>
>>> On 14 Feb 2006, at 08:45, David Felipe Rios Rojas wrote:
>>>
>>>> I'm testing Radiator for first time, but I'm a little
>>> confused because
>>>> an error message when it try binding to LDAP server; I use LDAP
>>>> superuser account just to try it.
>>>>
>>>> Next is my config file; it was made based on sample
>>> configuration file
>>>> provided and several items are not configured yet because I just
>>>> want to
>>>> test LDAP binding first.
>>>>
>>>> Here we go:
>>>>
>>>> ##################################################################
>>>> Foreground
>>>>
>>>> LogStdout
>>>>
>>>> Trace 4
>>>>
>>>> PidFile /tmp/radiusd.pid
>>>>
>>>> AuthPort 1645
>>>>
>>>> AcctPort 1646
>>>>
>>>> LogFile %L/%Y-%m-%d_logfile
>>>> LogDir /var/log/radius
>>>>
>>>> DbDir .
>>>>
>>>> DictionaryFile /etc/radiator/dictionary,/etc/radiator/
>>>> dictionary.ascend
>>>>
>>>> User radius
>>>> Group radius
>>>>
>>>> <Client DEFAULT>
>>>> Secret mysecret
>>>> DupInterval 0
>>>> DefaultRealm ldap.realm
>>>> StatusServerShowClientDetails
>>>> </Client>
>>>>
>>>>
>>>> <Realm DEFAULT>
>>>> RewriteUsername s/^([^@]+).*/$1/
>>>> MaxSessions 2
>>>> AcctLogFileName %L/detail
>>>> WtmpFileName %L/wtmp
>>>> PasswordLogFileName %L/password.log
>>>> RejectHasReason
>>>>
>>>> <AuthBy FILE>
>>>> Filename /etc/radiator/users
>>>> DynamicReply USR-IP-Input-Filter
>>>> DynamicCheck Group
>>>> UseAddressHint
>>>> AddToReply Reply-Message=hello
>>>> AddToReplyIfNotExist Ascend-Data-Filter="ip in
>>> forward tcp est"
>>>> DefaultReply
>>> Service-Type=Framed-User,Framed-Protocol=PPP
>>>> RejectEmptyPassword
>>>> AutoMPPEKeys
>>>> EAPType MD5-Challenge
>>>> </AuthBy>
>>>>
>>>> <AuthBy GROUP>
>>>> AuthByPolicy ContinueUntilAccept
>>>> AddToReply Reply-Message=xxxx
>>>> <AuthBy FILE>
>>>> Filename users
>>>> </AuthBy>
>>>> <AuthBy FILE>
>>>> Filename users
>>>> </AuthBy>
>>>> </AuthBy>
>>>>
>>>> </Realm>
>>>>
>>>> <Realm unix.realm>
>>>> RewriteUsername s/^([^@]+).*/$1/
>>>>
>>>> <AuthBy UNIX>
>>>> Identifier System
>>>> DefaultReply
>>> Service-Type=Framed-User,Framed-Protocol=PPP
>>>> </AuthBy>
>>>> </Realm>
>>>>
>>>>
>>>> <Realm system.realm>
>>>> RewriteUsername s/^([^@]+).*/$1/
>>>> </Realm>
>>>>
>>>>
>>>> <Realm ldap.realm>
>>>> <AuthBy LDAP2>
>>>> Host xxxxxx
>>>> Port 389
>>>> AuthDN cn=root
>>>> AuthPassword xxxxxx
>>>> BaseDN
>>> (&(%0=%1,ou=xxxxx,o=xxxxx)(radiusloginservice=E))
>>>> UsernameAttr uid
>>>> PasswordAttr userPassword
>>>> </AuthBy>
>>>> </Realm>
>>>>
>>>>
>>>>
>>>> <Realm external.realm>
>>>> RewriteUsername s/^([^@]+).*/$1/
>>>> <AuthBy EXTERNAL>
>>>> Command perl ./goodies/testcommand.pl
>>>> DecryptPassword
>>>> </AuthBy>
>>>> </Realm>
>>>>
>>>> <Realm internal.realm>
>>>> <AuthBy INTERNAL>
>>>> DefaultResult accept
>>>> </AuthBy>
>>>> </Realm>
>>>>
>>>>
>>>> <Realm mobileip.realm>
>>>> RewriteUsername s/^([^@]+).*/$1/
>>>> <AuthBy FILE>
>>>> Filename ./users
>>>> </AuthBy>
>>>> <AuthBy MOBILEIP>
>>>> DefaultHAAddress 192.10.10.2
>>>> </AuthBy>
>>>> </Realm>
>>>>
>>>>
>>>> <AuthBy FILE>
>>>> Identifier identifier1
>>>> </AuthBy>
>>>>
>>>>
>>>> <Realm xyz>
>>>> AuthBy identifier1
>>>> </Realm>
>>>> ##################################################################
>>>>
>>>>
>>>> And this is output debug after "perl radpwtst -user driosr -
>>>> password pass" is execute:
>>>>
>>>> ##################################################################
>>>> Fri Feb 10 07:45:26 2006: DEBUG: Reading group file /etc/group
>>>> Fri Feb 10 07:45:27 2006: DEBUG: Finished reading configuration
>>>> file '/etc/radiator/radius.cfg'
>>>> This Radiator license will expire on 2006-07-01
>>>> This Radiator license will stop operating after 1000 requests
>>>> To purchase an unlimited full source version of Radiator, see
>>>> http://www.open.com.au/ordering.html
>>>> To extend your license period, contact admin at open.com.au
>>>>
>>>> Fri Feb 10 07:45:27 2006: DEBUG: Reading dictionary file '/etc/
>>>> radiator/dictionary'
>>>> Fri Feb 10 07:45:28 2006: DEBUG: Reading dictionary file '/etc/
>>>> radiator/dictionary.ascend'
>>>> Fri Feb 10 07:45:28 2006: DEBUG: Creating authentication port
>>>> 0.0.0.0:1645
>>>> Fri Feb 10 07:45:28 2006: DEBUG: Creating accounting port
>>> 0.0.0.0:1646
>>>> Fri Feb 10 07:45:28 2006: NOTICE: Server started: Radiator 3.14 on
>>>> XXXX(LOCKED)
>>>> Fri Feb 10 07:46:16 2006: DEBUG: Packet dump:
>>>> *** Received from 127.0.0.1 port 33466 ....
>>>> Code: Access-Request
>>>> Identifier: 211
>>>> Authentic: 1234567890123456
>>>> Attributes:
>>>> User-Name = "driosr"
>>>> Service-Type = Framed-User
>>>> NAS-IP-Address = 203.63.154.1
>>>> NAS-Identifier = "203.63.154.1"
>>>> NAS-Port = 1234
>>>> Called-Station-Id = "123456789"
>>>> Calling-Station-Id = "987654321"
>>>> NAS-Port-Type = Async
>>>> User-Password = <137><234>,<222><175>
>>>> \<4><246><188>8<9><160><216>}x<153>
>>>>
>>>> Fri Feb 10 07:46:17 2006: DEBUG: Handling request with Handler
>>>> 'Realm=ldap.realm'
>>>> Fri Feb 10 07:46:17 2006: DEBUG: Deleting session for driosr,
>>>> 203.63.154.1, 1234
>>>> Fri Feb 10 07:46:17 2006: DEBUG: Handling with Radius::AuthLDAP2:
>>>> Fri Feb 10 07:46:17 2006: INFO: Connecting to XXXX:389
>>>> Fri Feb 10 07:46:17 2006: INFO: Attempting to bind to LDAP server
>>>> XXXX:389
>>>> Fri Feb 10 07:46:17 2006: ERR: Could not bind connection with
>>>> cn=root, xxxx, error: LDAP error code -1(0xFFFFFFFF) (server XXXX:
>>>> 389).
>>>> Fri Feb 10 07:46:17 2006: ERR: Backing off from XXXX:389 for 600
>>>> seconds.
>>>> Fri Feb 10 07:46:17 2006: DEBUG: AuthBy LDAP2 result: IGNORE, User
>>>> database access error
>>>> Fri Feb 10 07:46:22 2006: DEBUG: Packet dump:
>>>> *** Received from 127.0.0.1 port 33466 ....
>>>> Code: Accounting-Request
>>>> Identifier: 212
>>>> Authentic: .<16>t<179>;<188><213>L<151><182><131>L<144>p<159><245>
>>>> Attributes:
>>>> User-Name = "driosr"
>>>> Service-Type = Framed-User
>>>> NAS-IP-Address = 203.63.154.1
>>>> NAS-Identifier = "203.63.154.1"
>>>> NAS-Port = 1234
>>>> NAS-Port-Type = Async
>>>> Acct-Session-Id = "00001234"
>>>> Acct-Status-Type = Start
>>>> Called-Station-Id = "123456789"
>>>> Calling-Station-Id = "987654321"
>>>> Acct-Delay-Time = 0
>>>>
>>>> Fri Feb 10 07:46:22 2006: DEBUG: Handling request with Handler
>>>> 'Realm=ldap.realm'
>>>> Fri Feb 10 07:46:22 2006: DEBUG: Adding session for driosr,
>>>> 203.63.154.1, 1234
>>>> Fri Feb 10 07:46:22 2006: DEBUG: Handling with Radius::AuthLDAP2:
>>>> Fri Feb 10 07:46:22 2006: DEBUG: AuthBy LDAP2 result: ACCEPT,
>>>> Fri Feb 10 07:46:22 2006: DEBUG: Accounting accepted
>>>> Fri Feb 10 07:46:22 2006: DEBUG: Packet dump:
>>>> *** Sending to 127.0.0.1 port 33466 ....
>>>> Code: Accounting-Response
>>>> Identifier: 212
>>>> Authentic: .<16>t<179>;<188><213>L<151><182><131>L<144>p<159><245>
>>>> Attributes:
>>>>
>>>> Fri Feb 10 07:46:22 2006: DEBUG: Packet dump:
>>>> *** Received from 127.0.0.1 port 33466 ....
>>>> Code: Accounting-Request
>>>> Identifier: 213
>>>> Authentic: 4f<127><151><175><206><15><9>uq<149><22>&_<238>M
>>>> Attributes:
>>>> User-Name = "driosr"
>>>> Service-Type = Framed-User
>>>> NAS-IP-Address = 203.63.154.1
>>>> NAS-Identifier = "203.63.154.1"
>>>> NAS-Port = 1234
>>>> NAS-Port-Type = Async
>>>> Acct-Session-Id = "00001234"
>>>> Acct-Status-Type = Stop
>>>> Called-Station-Id = "123456789"
>>>> Calling-Station-Id = "987654321"
>>>> Acct-Delay-Time = 0
>>>> Acct-Session-Time = 1000
>>>> Acct-Input-Octets = 20000
>>>> Acct-Output-Octets = 30000
>>>>
>>>> Fri Feb 10 07:46:22 2006: DEBUG: Handling request with Handler
>>>> 'Realm=ldap.realm'
>>>> Fri Feb 10 07:46:22 2006: DEBUG: Deleting session for driosr,
>>>> 203.63.154.1, 1234
>>>> Fri Feb 10 07:46:22 2006: DEBUG: Handling with Radius::AuthLDAP2:
>>>> Fri Feb 10 07:46:22 2006: DEBUG: AuthBy LDAP2 result: ACCEPT,
>>>> Fri Feb 10 07:46:22 2006: DEBUG: Accounting accepted
>>>> Fri Feb 10 07:46:22 2006: DEBUG: Packet dump:
>>>> *** Sending to 127.0.0.1 port 33466 ....
>>>> Code: Accounting-Response
>>>> Identifier: 213
>>>> Authentic: 4f<127><151><175><206><15><9>uq<149><22>&_<238>M
>>>> Attributes:
>>>> ##################################################################
>>>>
>>>>
>>>> And this is the output to "perl radpwtst -user driosr -password
>>>> pass" command:
>>>>
>>>> ##################################################################
>>>> sending Access-Request...
>>>> No reply
>>>> sending Accounting-Request Start...
>>>> OK
>>>> sending Accounting-Request Stop...
>>>> OK
>>>> ##################################################################
>>>>
>>>>
>>>> Could you help me?
>>>>
>>>> Thanks in advance.
>>>>
>>>> --
>>>> David Rios R.
>>>>
>>>> --
>>>> Archive at http://www.open.com.au/archives/radiator/
>>>> Announcements on radiator-announce at open.com.au
>>>> To unsubscribe, email 'majordomo at open.com.au' with
>>>> 'unsubscribe radiator' in the body of the message.
>>>
>>>
>>> NB:
>>>
>>> Have you read the reference manual ("doc/ref.html")?
>>> Have you searched the mailing list archive (www.open.com.au/
>>> archives/
>>> radiator)?
>>> Have you had a quick look on Google (www.google.com)?
>>> Have you included a copy of your configuration file (no secrets),
>>> together with a trace 4 debug showing what is happening?
>>>
>>> --
>>> Radiator: the most portable, flexible and configurable RADIUS server
>>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
>>> -
>>> Nets: internetwork inventory and management - graphical, extensible,
>>> flexible with hardware, software, platform and database
>>> independence.
>>> -
>>> CATool: Private Certificate Authority for Unix and Unix-like
>>> systems.
>>>
>>>
>>>
>>
>> --
>> David Rios R.
>> Ingenieria de Desarrollo
>> Expansion Nuevos Servicios
>> Empresas Publicas de Medellin
>>
>
>
> NB:
>
> Have you read the reference manual ("doc/ref.html")?
> Have you searched the mailing list archive (www.open.com.au/
> archives/radiator)?
> Have you had a quick look on Google (www.google.com)?
> Have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> -
> CATool: Private Certificate Authority for Unix and Unix-like systems.
>
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
NB:
Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list