(RADIATOR) 802.1x accounting packets
Hugh Irvine
hugh at open.com.au
Tue Nov 7 15:59:09 CST 2006
Hello Fred -
Thanks for sending the additional information.
The EAP protocols involve a series of radius request exchanges
between the client device and the radius server via some intermediate
access device. The initial sequence determines what version of EAP to
use and sets up an encrypted tunnel between the client and the server
- this sequence is termed the "outer" requests and typically always
use the "anonymous" username. Once the encrypted tunnel is
established, the "inner" request is sent which contains the real
username and the real password. In your case the accounting is being
done by the "outer" Handler and the "outer" requests contain
"anonymous". The eap_anon_hook.pl that we provide uses an SQL table
to store the mapping between the "inner" username and the "outer"
accounting requests to overcome this problem.
If you had the accounting working with the real username previously,
then you are correct - you would have had the access point (or the
client) configured to use the real username instead of "anonymous".
hope that helps
regards
Hugh
On 7 Nov 2006, at 20:08, Fred Leeflang wrote:
> Hi Hugh,
>
> Read that eap_anon_hook.pl and that looks like it might be what we
> want to
> use. I'm a bit surprised though, we have had this working before.
> I'm thinking
> it may be a setting in the AP still.
>
> Anyway, I attached the radius.cfg and a relevant part of the log,
> hope that'll tell
> you more, I've been digging through that several times already :)
>
> -Fred
>
>
> Hugh Irvine wrote:
>>
>> Hello Fred -
>>
>> Thanks for your mail.
>>
>> I will need to see a copy of your configuration file and a more
>> complete trace 4 debug showing what is happening.
>>
>> In the meantime however you should look at "goodies/
>> eap_anon_hook.pl" which may be what you need.
>>
>> regards
>>
>> Hugh
>>
>>
>>
>> On 7 Nov 2006, at 09:06, Fred Leeflang wrote:
>>
>>> Hi,
>>>
>>> We have a Radiator setup with which we're recording accounting
>>> packets into a mysql database through:
>>>
>>> <AuthBy SQL>
>>> DateFormat %Y-%m-%d %X
>>> Identifier SQLAccounting
>>> DBSource DBI:mysql:database=usertracking;host=127.0.0.1
>>> DBUsername utuser
>>> DBAuth resutu
>>> AuthSelect
>>> AccountingTable RAD_ACCOUNTING
>>> HandleAcctStatusTypes Start,Stop
>>> AcctColumnDef USERNAME,User-Name
>>> AcctColumnDef TIME_STAMP,Timestamp,integer-date
>>> AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
>>> AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
>>> AcctColumnDef ACCTINPUTOCT,Acct-Input-Octets,integer
>>> AcctColumnDef ACCTOUTPUTOCT,Acct-Output-Octets,integer
>>> AcctColumnDef ACCTSESSIONID,Acct-Session-Id
>>> AcctColumnDef ACCTSESSTIME,Acct-Session-Time,integer
>>> AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
>>> AcctColumnDef NASIDENTIFIER,NAS-Identifier
>>> AcctColumnDef NASPORT,NAS-Port,integer
>>> AcctColumnDef NASIPADDRESS,NAS-IP-Address
>>> AcctColumnDef CALLEDSTATIONID,Called-Station-Id
>>> AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
>>> </Authby>
>>>
>>> # ----------------Wireless Accounting ssid=test----------------
>>> <Handler Request-Type = Accounting-Request, Realm=student.rug.nl>
>>> AuthBy SQLAccounting
>>> </Handler>
>>>
>>> It all seems to work quite well except we're seeing accounting
>>> packets like these
>>> coming in:
>>>
>>> Code: Accounting-Request
>>> Identifier: 67
>>> Authentic: Me<181><28>\<28>;<227><11><226>e(f<146>\%
>>> Attributes:
>>> Acct-Session-Id = "0000044A"
>>> Called-Station-Id = "000d.29f0.a340"
>>> Calling-Station-Id = "0040.9651.77b8"
>>> cisco-avpair = "ssid=test"
>>> cisco-avpair = "vlan-id=17"
>>> cisco-avpair = "nas-location=unspecified"
>>> cisco-avpair = "auth-algo-type=eap-ttls"
>>> User-Name = "anonymous at student.rug.nl"
>>> Acct-Authentic = RADIUS
>>> cisco-avpair = "connect-progress=Call Up"
>>> Acct-Session-Time = 3516
>>> Acct-Input-Octets = 203580
>>> Acct-Output-Octets = 1073541
>>> Acct-Input-Packets = 1241
>>> Acct-Output-Packets = 1006
>>> Acct-Terminate-Cause = Lost-Carrier
>>> cisco-avpair = "disc-cause-ext=No Reason"
>>> Acct-Status-Type = Stop
>>> NAS-Port-Type = Wireless-IEEE-802-11
>>> Cisco-NAS-Port = "525"
>>> NAS-Port = 525
>>> Service-Type = Framed-User
>>> NAS-IP-Address = 129.125.100.202
>>> Acct-Delay-Time = 0
>>>
>>> So this looks like it logs the outter user-name instead of the
>>> inner username.
>>> I have a feeling that this is an AP configuration issue and
>>> doesn't have anything
>>> to do with Radiator so I'm not including the whole debug/config
>>> at this time to
>>> keep it light. If I recall, the site this is running on is using
>>> Cisco 1200 AP's.
>>>
>>> Any quickfix here or do I need to send the whole config to figure
>>> this one out?
>>>
>>> Thanks a lot!
>>>
>>> -- Fred Leeflang 3DN Tel. 06-46182773 / 036-5467838 Almere http://
>>> www.3dn.nl fredl at 3dn.nl
>>> <fredl.vcf>
>>
>>
>>
>> NB:
>>
>> Have you read the reference manual ("doc/ref.html")?
>> Have you searched the mailing list archive (www.open.com.au/
>> archives/radiator)?
>> Have you had a quick look on Google (www.google.com)?
>> Have you included a copy of your configuration file (no secrets),
>> together with a trace 4 debug showing what is happening?
>>
>> --Radiator: the most portable, flexible and configurable RADIUS
>> server
>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
>> Includes support for reliable RADIUS transport (RadSec),
>> and DIAMETER translation agent.
>> -
>> Nets: internetwork inventory and management - graphical, extensible,
>> flexible with hardware, software, platform and database independence.
>> -
>> CATool: Private Certificate Authority for Unix and Unix-like systems.
>>
>>
>> --
>> Archive at http://www.open.com.au/archives/radiator/
>> Announcements on radiator-announce at open.com.au
>> To unsubscribe, email 'majordomo at open.com.au' with
>> 'unsubscribe radiator' in the body of the message.
>
>
> --
> Fred Leeflang 3DN
> Tel. 06-46182773 / 036-5467838 Almere
> http://www.3dn.nl fredl at 3dn.nl
>
> # radius.cfg 011106-v1 (JH)
> #
> # Example Radiator configuration file.
> # This very simple file will allow you to get started with
> # a simple system. You can then add and change features.
> # We suggest you start simple, prove to yourself that it
> # works and then develop a more complicated configuration as required.
> #
> # This example will authenticate from a standard users file in
> # DbDir/users and log accounting to LogDir/detail.
> #
> # It will accept requests from any client and try to handle request
> # for any realm.
> #
> # You should consider this file to be a starting point only
> # $Id: linux-radius.cfg,v 1.3 2002/03/24 23:07:49 mikem Exp $
>
> #Foreground
> LogStdout
> LogDir /var/log/radius
> DbDir /etc/radiator
>
> AuthPort 1812
> AcctPort 1813
>
> # Use a low trace level in production systems. Increase
> # it to 4 or 5 for debugging, or use the -trace flag to radiusd
> Trace 5
>
> # You will probably want to add other Clients to suit your site,
> # one for each NAS you want to work with
>
> # NAS Client file
> # include %D/clients.cfg
>
> <Client 129.125.100.202>
> Secret XXXXXXX
> DupInterval 0
> </Client>
>
>
> ###############################################################
> # Begin usertracking config
> ###############################################################
>
> # Make sure to edit the rr.name='....' to have a host name of a
> RADIUS server in
> # UT's RADIUS admin section.
> <ClientListSQL>
> DBSource DBI:mysql:database=usertracking;host=XXXXXX
> DBUsername XXXXXX
> DBAuth XXXXXX
> GetClientQuery SELECT
> r.NASIDENTIFIER,r.SECRET,r.IGNOREACCTSIGNATURE,r.DUPINTERVAL,r.DEFAULT
> REALM,r.NASTYPE,r.SNMPCOMMUNITY,r.LIVINGSTONOFFS,r.LIVINGSTONHOLE,r.FR
> AMEDGROUPBASEADDRESS,r.FRAMEDGROUPMAXPORTSPERCLASSC,NULL,r.NOIGNOREDUP
> LICATES,r.PREHANDLERHOOK,r.IDENTICALCLIENTS FROM RADCLIENTLIST r,
> CLIENT_TO_RADIUS c, RADIUS_SERVERS rr WHERE r.id=c.client AND
> c.radiusserver=rr.id AND rr.name='jaap7.nema.rug.nl'
> </ClientListSQL>
>
>
> # We'll need this one so UT can see who's online. Also handy to
> synchronize multiple Radiators
> <SessionDatabase SQL>
> Identifier SessionSQL
> DBSource DBI:mysql:database=usertracking;host=127.0.0.1
> DBUsername XXXXXXXX
> DBAuth XXXXXXX
> </SessionDatabase>
>
> # Usertracking config
>
> <AuthBy SQL>
> DateFormat %Y-%m-%d %X
> Identifier SQLAccounting
> DBSource DBI:mysql:database=usertracking;host=127.0.0.1
> DBUsername XXXXXXXX
> DBAuth XXXXXXX
> AuthSelect
> AccountingTable RAD_ACCOUNTING
> HandleAcctStatusTypes Start,Stop
> AcctColumnDef USERNAME,User-Name
> AcctColumnDef TIME_STAMP,Timestamp,integer-date
> AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
> AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
> AcctColumnDef ACCTINPUTOCT,Acct-Input-Octets,integer
> AcctColumnDef ACCTOUTPUTOCT,Acct-Output-Octets,integer
> AcctColumnDef ACCTSESSIONID,Acct-Session-Id
> AcctColumnDef ACCTSESSTIME,Acct-Session-Time,integer
> AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
> AcctColumnDef NASIDENTIFIER,NAS-Identifier
> AcctColumnDef NASPORT,NAS-Port,integer
> AcctColumnDef NASIPADDRESS,NAS-IP-Address
> AcctColumnDef CALLEDSTATIONID,Called-Station-Id
> AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
> </Authby>
>
> # ----------------Wireless Accounting ssid=test----------------
> <Handler Request-Type = Accounting-Request, Realm=student.rug.nl>
> AuthBy SQLAccounting
> </Handler>
>
> ###############################################################
> # einde usertracking config
> ###############################################################
>
>
>
> # ACCOUNTING STUDENT
>
> <Handler Realm=student.rug.nl, Request-Type=Accounting-Request>
> AcctLogFileName %L/student-gebruik
> <AuthBy INTERNAL>
> DefaultResult accept
> </AuthBy>
> </Handler>
> #
>
>
> # NDS Student container
> # Authenticatie student.rug.nl
>
> <AuthBy LDAP2>
> Identifier Student-RADIUS
> UsernameAttr cn
> ServerChecksPassword
> Host 129.125.68.102
> Host 129.125.68.101
> Version 3
> AuthDN cn=Authflexnet,ou=student,o=RUG,c=NL
> AuthPassword XXXXXXX
> BaseDN ou=student,o=RUG,c=NL
> </AuthBy>
>
> <Handler TunnelledByTTLS=1, Realm=student.rug.nl>
> RewriteUsername s/^([^@]+).*/$1/
> AuthBy Student-RADIUS
> </Handler>
>
> <Handler Realm=/student.rug.nl/i>
> RewriteUsername s/^([^@]+).*/$1/
> <Log FILE>
> Filename %L/ttls-auth-log
> </Log>
> <AuthBy FILE>
> Filename %D/dump-users
> EAPType TTLS
> EAPTLS_CAFile /root/SURFnet-PCA-Root-CA.pem
> EAPTLS_CertificateFile /root/servercert.pem
> EAPTLS_CertificateType PEM
> EAPTLS_PrivateKeyFile /root/server.key
> EAPTLS_PrivateKeyPassword XXXXXXX
> EAPTLS_MaxFragmentSize 1024
> AutoMPPEKeys
> </AuthBy>
> </Handler>
>
> *** Received from 129.125.100.202 port 1645 ....
> Code: Access-Request
> Identifier: 183
> Authentic: <25><169><138><181>.<161> <207><24>+<8><217>u<15><198><11>
> Attributes:
> User-Name = "anonymous at student.rug.nl"
> Framed-MTU = 1400
> Called-Station-Id = "000d.29f0.a340"
> Calling-Station-Id = "0040.9651.77b8"
> Service-Type = Login-User
> Message-Authenticator =
> <168><253><175><234><147>F<136>f<230><205>'<139>u<215><241>V
> EAP-Message =
> <2><10><0>_<21><128><0><0><0>U<23><3><1><0>P'uG8<172><142>y5S'A<250><9
> >-
> V<5><19><176><179><165><208><172><209>q=<4><229><248><<205><186><253><
> 228><200><245><214><187><148><14><22><157><30>|
> <243><186><252>u<186>A"<134><10>;<7><228><160>
> +Yp<164>R<245>'<3><18>s<142><226><240><20>|*<129><195>IT<158>}<243>E
> NAS-Port-Type = Wireless-IEEE-802-11
> NAS-Port = 524
> NAS-IP-Address = 129.125.100.202
> NAS-Identifier = "[70.170]22(5431.213)"
>
> Thu Nov 2 08:45:19 2006: DEBUG: Handling request with Handler
> 'Realm=/student.rug.nl/i'
> Thu Nov 2 08:45:19 2006: DEBUG: Rewrote user name to anonymous
> Thu Nov 2 08:45:19 2006: DEBUG: SessionSQL Deleting session for
> anonymous at student.rug.nl, 129.125.100.202, 524
> Thu Nov 2 08:45:19 2006: DEBUG: do query is: 'delete from
> RADONLINE where NASIDENTIFIER='129.125.100.202' and NASPORT=0524':
> Thu Nov 2 08:45:19 2006: DEBUG: Handling with Radius::AuthFILE:
> Thu Nov 2 08:45:19 2006: DEBUG: Handling with EAP: code 2, 10, 95
> Thu Nov 2 08:45:19 2006: DEBUG: Response type 21
> Thu Nov 2 08:45:19 2006: DEBUG: EAP TTLS data, 3, 10, 9
> Thu Nov 2 08:45:19 2006: DEBUG: EAP TTLS inner authentication
> request for s0000013 at student.rug.nl
> Thu Nov 2 08:45:19 2006: DEBUG: TTLS Tunnelled Diameter Packet dump:
> Code: Access-Request
> Identifier: UNDEF
> Authentic: <184>r><21><174>tl^<23><1><25><143><248><6><133><233>
> Attributes:
> User-Name = "s0000013 at student.rug.nl"
> User-Password = "studentpw"
>
> Thu Nov 2 08:45:19 2006: DEBUG: Handling request with Handler
> 'TunnelledByTTLS=1, Realm=student.rug.nl'
> Thu Nov 2 08:45:19 2006: DEBUG: Rewrote user name to s0000013
> Thu Nov 2 08:45:19 2006: DEBUG: SessionSQL Deleting session for
> s0000013 at student.rug.nl, 129.125.100.202,
> Thu Nov 2 08:45:19 2006: DEBUG: do query is: 'delete from
> RADONLINE where NASIDENTIFIER='129.125.100.202' and NASPORT=0':
> Thu Nov 2 08:45:19 2006: DEBUG: Handling with Radius::AuthLDAP2:
> Student-RADIUS
> Thu Nov 2 08:45:19 2006: INFO: Connecting to 129.125.68.101, port 389
> Thu Nov 2 08:45:19 2006: INFO: Attempting to bind to LDAP server
> 129.125.68.101:389
> Thu Nov 2 08:45:19 2006: DEBUG: LDAP got result for
> cn=s0000013,ou=student,o=RUG,c=NL
> Thu Nov 2 08:45:19 2006: DEBUG: LDAP got
> aselectLdapUserAttributes: s0000013 at student.rug.nl
> Thu Nov 2 08:45:19 2006: DEBUG: LDAP got aselectLdapRegistered: TRUE
> Thu Nov 2 08:45:19 2006: DEBUG: LDAP got aselectAccountEnabled: TRUE
> Thu Nov 2 08:45:19 2006: DEBUG: LDAP got uid: s0000013
> Thu Nov 2 08:45:19 2006: DEBUG: LDAP got Language: ENGLISH
> Thu Nov 2 08:45:19 2006: DEBUG: LDAP got sn: Testuser flexnet
> Thu Nov 2 08:45:19 2006: DEBUG: LDAP got passwordRequired: TRUE
> Thu Nov 2 08:45:19 2006: DEBUG: LDAP got passwordMinimumLength: 8
> Thu Nov 2 08:45:19 2006: DEBUG: LDAP got objectClass:
> inetOrgPerson organizationalPerson Person ndsLoginProperties Top
> aselectPerson
> Thu Nov 2 08:45:19 2006: DEBUG: LDAP got loginTime: 20061101150607Z
> Thu Nov 2 08:45:19 2006: DEBUG: LDAP got loginGraceRemaining: 5
> Thu Nov 2 08:45:19 2006: DEBUG: LDAP got loginGraceLimit: 5
> Thu Nov 2 08:45:19 2006: DEBUG: LDAP got ndsHomeDirectory:
> cn=Cluster03_USR08,o=RUG,c=NL#4#\acc\s0000013
> Thu Nov 2 08:45:19 2006: DEBUG: LDAP got cn: s0000013
> Thu Nov 2 08:45:19 2006: DEBUG: LDAP got ACL:
> 6#entry#cn=s0000013,ou=student,o=RUG,c=NL#loginScript 1#subtree#
> [Root]#[Entry Rights]
> 6#entry#cn=s0000013,ou=student,o=RUG,c=NL#printJobConfiguration
> Thu Nov 2 08:45:19 2006: DEBUG: Radius::AuthLDAP2 looks for match
> with s0000013
> Thu Nov 2 08:45:19 2006: DEBUG: Radius::AuthLDAP2 ACCEPT:
> Thu Nov 2 08:45:19 2006: DEBUG: AuthBy LDAP2 result: ACCEPT,
> Thu Nov 2 08:45:19 2006: DEBUG: Access accepted for s0000013
> Thu Nov 2 08:45:19 2006: DEBUG: EAP result: 0, EAP TTLS inner
> authentication redespatched to a Handler
> Thu Nov 2 08:45:19 2006: DEBUG: AuthBy FILE result: ACCEPT, EAP
> TTLS inner authentication redespatched to a Handler
> Thu Nov 2 08:45:19 2006: DEBUG: Access accepted for anonymous
> Thu Nov 2 08:45:19 2006: DEBUG: Packet dump:
> *** Sending to 129.125.100.202 port 1645 ....
> Code: Access-Accept
> Identifier: 183
> Authentic: <25><169><138><181>.<161> <207><24>+<8><217>u<15><198><11>
> Attributes:
> MS-MPPE-Send-Key =
> "<133><184>R3<173>*<149><1><185><204>X<249>V<14><8><244><144><195>3<21
> 3><236><153><15><153>+<161>\<244><21><230><20>b<159>|<218><134>
> {c<8>h<185><172>X<129><155><247>:i<241><166>"
> MS-MPPE-Recv-Key = "<187>
> (t<223>nM<25><180><28><219><171><4>h<202><147><193><206>O<240><149><20
> 2>cN<255><155><185>B<12><199>#<215>P<201>A=<140>I?<138><31><167>S?
> @<157>D,Yg<219>"
> EAP-Message = <3><10><0><4>
> Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>
> Thu Nov 2 08:45:19 2006: DEBUG: Packet dump:
> *** Received from 129.125.100.202 port 1646 ....
> Code: Accounting-Request
> Identifier: 51
> Authentic: <7><199>z<151>^<<4><170><128>o<181>E<<31><0>F
> Attributes:
> Acct-Session-Id = "00000448"
> Called-Station-Id = "000d.29f0.a340"
> Calling-Station-Id = "0040.9651.77b8"
> cisco-avpair = "ssid=test"
> cisco-avpair = "vlan-id=17"
> cisco-avpair = "nas-location=unspecified"
> User-Name = "anonymous at student.rug.nl"
> cisco-avpair = "connect-progress=Call Up"
> Acct-Authentic = RADIUS
> Acct-Status-Type = Start
> NAS-Port-Type = Wireless-IEEE-802-11
> Cisco-NAS-Port = "524"
> NAS-Port = 524
> Service-Type = Framed-User
> NAS-IP-Address = 129.125.100.202
> Acct-Delay-Time = 0
>
> Thu Nov 2 08:45:19 2006: DEBUG: Handling request with Handler
> 'Request-Type = Accounting-Request, Realm=student.rug.nl'
> Thu Nov 2 08:45:19 2006: DEBUG: SessionSQL Adding session for
> anonymous at student.rug.nl, 129.125.100.202, 524
> Thu Nov 2 08:45:19 2006: DEBUG: do query is: 'delete from
> RADONLINE where NASIDENTIFIER='129.125.100.202' and NASPORT=0524':
> Thu Nov 2 08:45:19 2006: DEBUG: do query is: 'insert into
> RADONLINE (USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID,
> TIME_STAMP, FRAMEDIPADDRESS, NASPORTTYPE, SERVICETYPE) values
> ('anonymous at student.rug.nl', '129.125.100.202', 524, '00000448',
> 1162453519, '', 'Wireless-IEEE-802-11', 'Framed-User')':
> Thu Nov 2 08:45:19 2006: DEBUG: Handling with Radius::AuthSQL
> Thu Nov 2 08:45:19 2006: DEBUG: Handling accounting with
> Radius::AuthSQL
> Thu Nov 2 08:45:19 2006: DEBUG: do query is: 'insert into
> RAD_ACCOUNTING
> (ACCTDELAYTIME,ACCTSESSIONID,ACCTSTATUSTYPE,CALLEDSTATIONID,CALLINGSTA
> TIONID,NASIPADDRESS,NASPORT,TIME_STAMP,USERNAME) values
> (0,'00000448','Start','000d.
> 29f0.a340','0040.9651.77b8','129.125.100.202',524,'2006-11-02
> 08:45:19','anonymous at student.rug.nl')':
> Thu Nov 2 08:45:19 2006: DEBUG: AuthBy SQL result: ACCEPT,
> Thu Nov 2 08:45:19 2006: DEBUG: Accounting accepted
> Thu Nov 2 08:45:19 2006: DEBUG: Packet dump:
> *** Sending to 129.125.100.202 port 1646 ....
> Code: Accounting-Response
> Identifier: 51
> Authentic: <7><199>z<151>^<<4><170><128>o<181>E<<31><0>F
> Attributes:
>
> Thu Nov 2 08:50:03 2006: DEBUG: Packet dump:
> *** Received from 129.125.100.202 port 1646 ....
> Code: Accounting-Request
> Identifier: 52
> Authentic: N;<223><232><143><160><174><211><30>^0<156>a<185>4(
> Attributes:
> Acct-Session-Id = "00000448"
> Called-Station-Id = "000d.29f0.a340"
> Calling-Station-Id = "0040.9651.77b8"
> cisco-avpair = "ssid=test"
> cisco-avpair = "vlan-id=17"
> cisco-avpair = "nas-location=unspecified"
> User-Name = "anonymous at student.rug.nl"
> cisco-avpair = "connect-progress=Call Up"
> Acct-Session-Time = 285
> Acct-Input-Octets = 10080
> Acct-Output-Octets = 6418
> Acct-Input-Packets = 66
> Acct-Output-Packets = 23
> Acct-Authentic = RADIUS
> Acct-Status-Type = Alive
> NAS-Port-Type = Wireless-IEEE-802-11
> Cisco-NAS-Port = "524"
> NAS-Port = 524
> Service-Type = Framed-User
> NAS-IP-Address = 129.125.100.202
> Acct-Delay-Time = 0
>
> <fredl.vcf>
NB:
Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list