(RADIATOR) associating clients with handlers
hugh at open.com.au
Wed Sep 6 18:13:22 CDT 2006
Hello Stuart -
What you show below should work correctly, however a couple of things
- have you restarted radiusd to re-read the configuration file?
- is there a second definition for this Client later in the
- is there some other problem in the configuration file that is
confusing radiusd when it starts up?
In answer to your question below, the "Client" in Radiator is the
device that is sending the radius request(s).
In this case the Client is 188.8.131.52.
However the user who is attempting to connect is "skendrick" which is
what is contained in the User-Name attribute.
hope that helps
On 7 Sep 2006, at 02:18, Stuart Kendrick wrote:
> i'm stumbling over how to associate clients with handlers
> i'm using Radiator 3.15 with patches under Windows 2003
> here's a snippet from my radius.cfg
> [... global parameters ...]
> [... log file stuff ... ]
> #### Client Definitions ####
> <Client 184.108.40.206>
> Secret foozle
> Identifier apc-gear
> #### Handle APC gear ####
> <Handler Client-Identifier=apc-gear>
> AuthByPolicy ContinueWhileIgnore
> # Handle administrative users
> <AuthBy LSA>
> Domain COMPANY
> Group UPSManagement
> AddToReply Service-Type = "Administrative-User"
> # Log it
> AuthLog mgmt-authlog
> AcctLogFileName %L/Acct/%Y-%m-%d-acct
> i can see from a packet sniffer the Access-Request packets arriving
> at my Radiator server from the 220.127.116.11 ... but no response
> from Radiator
> setting Trace to 4, i can see in logfile:
> *** Received from 18.104.22.168 port 32813 ....
> Code: Access-Request
> Identifier: 34
> Authentic: [...]
> User-Name = "skendric"
> User-Password = "[...]"
> NAS-Identifier = "foo.fhcrc.org"
> Wed Sep 6 09:07:17 2006: WARNING: Could not find a handler for
> skendric: request is ignored
> -so, why does Radiator think the *client* name is 'skendric'? to
> my way of thinking, the client's name is 'foo.fhcrc.org' ... or, at
> the very least, 22.214.171.124
> -what am i misunderstanding about how to use Client-Identifiers?
> insights appreciated,
> stuart kendrick
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
CATool: Private Certificate Authority for Unix and Unix-like systems.
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator