(RADIATOR) Issues with the TACPLUS Server
Patrik Forsberg
patrik.forsberg at dataphone.net
Thu Dec 6 04:09:24 CST 2007
Hi,
Not really, it only keeps local information..
Here's a copy
"
Key <snip>
Port 49
BindAddress <snip>
"
Same with radius.local.cfg.
I synchronize the config over several different machines and have to
keep some config, like BindAddress, local to the machine :)
<thinking>
..
..
</thinking>
Mmh.. think I finally nailed it!
Not Working config
"
GroupAuthAttr group1 priv-lvl=15
AuthorizeGroup group1 permit service=shell cmd\* {priv-lvl=15}
AuthorizeGroup group1 permit service=junos-exec {local-user-name=group1}
AuthorizeGroup group1 permit service=shell cmd= {priv-lvl=15}
AuthorizeGroup group1 permit .*
"
Working config
"
AuthorizeGroup group1 permit service=shell cmd\* {priv-lvl=15}
AuthorizeGroup group1 permit service=junos-exec {local-user-name=group1}
AuthorizeGroup group1 permit service=shell cmd= {priv-lvl=15}
AuthorizeGroup group1 permit .*
"
Seems to be GroupAuthAttr that screwed my config up, not AuthorizeGroup
it self!
Strange thing is I don't see it in the config I sent you to begin with..
and that is a copy of the config I used, promise!
<thinking>
..
..
</thinking>
Yea.. perhaps I know what it is.
In the original setup I set '' AddToReplyIfNotExist
cisco-avpair="priv-lvl=15" '' but now I do not..
Regards,
Patrik
> -----Original Message-----
> From: Mike McCauley [mailto:mikem at open.com.au]
> Sent: Thursday, December 06, 2007 10:51 AM
> To: Patrik Forsberg
> Cc: radiator at open.com.au
> Subject: Re: (RADIATOR) Issues with the TACPLUS Server
>
> Hello Patrik,
>
> Thanks for your reply. We still dont understand why your system is
> behaving
> that way: we cant reproduce it. Though we notice that there is soem
> configuration of yours that we havent seen yet:
> you have this in your ServerTACACSPLUS config:
>
> Include /etc/radiator-test/radius.tacacs.local.cfg
>
> Could that be relevant?
>
> Cheers.
>
> On Thursday 06 December 2007 19:04, Patrik Forsberg wrote:
> > Hi,
> >
> > Guess you got my original mail too ;)
> >
> > I run on two FreeBSD 6.2 and a 5.2 all running perl 5.8.8 with
> > appropriate cpan modules and Radiator 3.17.1 with the latest patches
> up
> > till 2007-10-11.
> >
> > After looking at the code yesterday I notice you do different things
> > between CommandAuth and AuthorizeGroup. In the deprecated code you
> > treated a single command differently then if you get a attribute
> > attached to the command in AuthorizeGroup you use the same routine
no
> > matter if it has a attribute or not, I am not sure but it could be a
> > clue to the behavior I'm seeing ?
> >
> > Referring to line 708-718 for the new code and 759-762,776-782 of
> > ServerTACPLUS.pm. This is the only thing I could find that actually
> > differ the two commands from each other that would affect my
problem.
> > I've only tried this out on Cisco so I don't know if any other
> hardware
> > shows the same behavior or not.
> >
> > Best Regards,
> > Patrik
> >
> > > -----Original Message-----
> > > From: Mike McCauley [mailto:mikem at open.com.au]
> > > Sent: Thursday, December 06, 2007 1:11 AM
> > > To: Patrik Forsberg
> > > Cc: radiator at open.com.au
> > > Subject: Re: (RADIATOR) Issues with the TACPLUS Server
> > >
> > > Hello Patrik,
> > >
> > > Thanks for the detailed logs.
> > > We still have not been able to reproduce this.
> > > We note a comment in the relevant source:
> > >
> > > # Hmmm. funny behaviour remembering the value of @reply_pairs
> from
> > > call to
> > > call
> > > # on perl 5.8.5
> > >
> > > and its @reply_pairs that is the relveant thing in your case.
> > >
> > > What version of perl are you running? On what platform?
> > >
> > > Cheers.
> > >
> > > On Wednesday 05 December 2007 02:51, Patrik Forsberg wrote:
> > > > Hi,
> > > >
> > > > I've been trying to convert our old Cisco enabled Radiator
Tacacs
> > > > configuration from the old Depricated "CommandAuth" format to
the
> > >
> > > newer
> > >
> > > > "AuthorizeGroup" format but I've ran into a feature that is
quite
> > > > unwanted.
> > > >
> > > > First off the configuration I have works on all my current
> hardware
> > >
> > > but
> > >
> > > > we need the features that the AuthorizeGroup gives.
> > > > Everything works great exept on cisco boxes. Besides I don't
like
> >
> > the
> >
> > > > idea to use configuration that will be gone in some future
> release.
> > > > Atleast our old Cisco 7200 seem to not like the new format.
> > > >
> > > > I've done some debugging and the only differens I can see is
that
> > >
> > > there
> > >
> > > > are one difference between the new and old format
> > > >
> > > > Level 4 debug log on the
> > > >
> > > > Old Format
> > > > "
> > > > Tue Dec 4 17:25:10 2007: DEBUG: New TacacsplusConnection
created
> >
> > for
> >
> > > > 212.37.9.27:16082
> > > > Tue Dec 4 17:25:11 2007: DEBUG: TacacsplusConnection request
192,
> >
> > 2,
> >
> > > 1,
> > >
> > > > 0, 3787464609, 87
> > > > Tue Dec 4 17:25:11 2007: DEBUG: TacacsplusConnection
> Authorization
> > > > REQUEST 6, 1, 1, 1, paddy, tty2, 83.145.30.2, 4, service=shell
> > >
> > > cmd=show
> > >
> > > > cmd-arg=running-config cmd-arg=<cr>
> > > > Tue Dec 4 17:25:11 2007: DEBUG: TacacsplusConnection
> Authorization
> > > > RESPONSE 1, , ,
> > > > Tue Dec 4 17:25:11 2007: DEBUG: TacacsplusConnection
disconnected
> > >
> > > from
> > >
> > > > 212.37.9.27:16082
> > > > "
> > > >
> > > > New Format
> > > > "
> > > > Tue Dec 4 17:26:08 2007: DEBUG: New TacacsplusConnection
created
> >
> > for
> >
> > > > 212.37.9.27:16085
> > > > Tue Dec 4 17:26:08 2007: DEBUG: TacacsplusConnection request
192,
> >
> > 2,
> >
> > > 1,
> > >
> > > > 0, 1625861, 87
> > > > Tue Dec 4 17:26:08 2007: DEBUG: TacacsplusConnection
> Authorization
> > > > REQUEST 6, 1, 1, 1, paddy, tty2, 83.145.30.2, 4, service=shell
> > >
> > > cmd=show
> > >
> > > > cmd-arg=running-config cmd-arg=<cr>
> > > > Tue Dec 4 17:26:08 2007: DEBUG: AuthorizeGroup rule match
found:
> > >
> > > permit
> > >
> > > > .* { }
> > > > Tue Dec 4 17:26:08 2007: INFO: Authorization permitted for
paddy,
> > >
> > > group
> > >
> > > > securityofficer, args service=shell cmd=show cmd-arg=running-
> config
> > > > cmd-arg=<cr>
> > > > Tue Dec 4 17:26:08 2007: DEBUG: TacacsplusConnection
> Authorization
> > > > RESPONSE 1, , , priv-lvl=15
> > > > Tue Dec 4 17:26:08 2007: DEBUG: TacacsplusConnection
disconnected
> > >
> > > from
> > >
> > > > 212.37.9.27:16085
> > > > "
> > > >
> > > >
> > > > Notice the little "priv-lvl=15" on the end of the last RESPONSE
?
> > > >
> > > > That's the only thing I can see that is different between the
two
> > > > formats.
> > > >
> > > > Cisco debugs--
> > > >
> > > > Old Format
> > > > "
> > > > Dec 4 11:21:10.860 MET: tty3 AAA/AUTHOR/CMD (3753599229):
> >
> > Port='tty3'
> >
> > > > list='' service=CMD
> > > > Dec 4 11:21:10.860 MET: AAA/AUTHOR/CMD: tty3 (3753599229)
> > >
> > > user='paddy'
> > >
> > > > Dec 4 11:21:10.860 MET: tty3 AAA/AUTHOR/CMD (3753599229): send
AV
> > > > service=shell
> > > > Dec 4 11:21:10.860 MET: tty3 AAA/AUTHOR/CMD (3753599229): send
AV
> > > > cmd=show
> > > > Dec 4 11:21:10.860 MET: tty3 AAA/AUTHOR/CMD (3753599229): send
AV
> > > > cmd-arg=running-config
> > > > Dec 4 11:21:10.860 MET: tty3 AAA/AUTHOR/CMD (3753599229): send
AV
> > > > cmd-arg=<cr>
> > > > Dec 4 11:21:10.860 MET: tty3 AAA/AUTHOR/CMD (3753599229): found
> >
> > list
> >
> > > > "default"
> > > > Dec 4 11:21:10.864 MET: tty3 AAA/AUTHOR/CMD (3753599229):
> > > > Method=tacacs+ (tacacs+)
> > > > Dec 4 11:21:10.864 MET: AAA/AUTHOR/TAC+: (3753599229):
user=paddy
> > > > Dec 4 11:21:10.864 MET: AAA/AUTHOR/TAC+: (3753599229): send AV
> > > > service=shell
> > > > Dec 4 11:21:10.864 MET: AAA/AUTHOR/TAC+: (3753599229): send AV
> > >
> > > cmd=show
> > >
> > > > Dec 4 11:21:10.864 MET: AAA/AUTHOR/TAC+: (3753599229): send AV
> > > > cmd-arg=running-config
> > > > Dec 4 11:21:10.864 MET: AAA/AUTHOR/TAC+: (3753599229): send AV
> > > > cmd-arg=<cr>
> > > > Dec 4 11:21:10.864 MET: TAC+: using previously set server
> > >
> > > 212.37.0.171
> > >
> > > > from group tacacs+
> > > > Dec 4 11:21:10.864 MET: TAC+: Opening TCP/IP to 212.37.0.171/49
> > > > timeout=5
> > > > Dec 4 11:21:10.864 MET: TAC+: Opened TCP/IP handle 0x621DC9D4
to
> > > > 212.37.0.171/49 using source 212.37.9.27
> > > > Dec 4 11:21:10.864 MET: TAC+: Opened 212.37.0.171 index=1
> > > > Dec 4 11:21:10.864 MET: TAC+: periodic timer started
> > > > Dec 4 11:21:10.864 MET: TAC+: 212.37.0.171 req=620BD880 Qd
> > > > id=3753599229 ver=192 handle=0x621DC9D4 (ESTAB) expire=5
> >
> > AUTHOR/START
> >
> > > > queued
> > > > Dec 4 11:21:10.868 MET: TAC+: 212.37.0.171 (3753599229)
> >
> > AUTHOR/START
> >
> > > > queued
> > > > Dec 4 11:21:10.964 MET: TAC+: 212.37.0.171 ESTAB id=3753599229
> >
> > wrote
> >
> > > 99
> > >
> > > > of 99 bytes
> > > > Dec 4 11:21:10.964 MET: TAC+: 212.37.0.171 req=620BD880 Qd
> > > > id=3753599229 ver=192 handle=0x621DC9D4 (ESTAB) expire=4
> >
> > AUTHOR/START
> >
> > > > sent
> > > > Dec 4 11:21:11.064 MET: TAC+: 212.37.0.171 ESTAB read=12
> wanted=12
> > > > alloc=12 got=12
> > > > Dec 4 11:21:11.064 MET: TAC+: 212.37.0.171 ESTAB read=18
> wanted=18
> > > > alloc=18 got=6
> > > > Dec 4 11:21:11.064 MET: TAC+: 212.37.0.171 received 18 byte
reply
> >
> > for
> >
> > > > 620BD880
> > > > Dec 4 11:21:11.064 MET: TAC+: req=620BD880 Tx id=3753599229
> ver=192
> > > > handle=0x621DC9D4 (ESTAB) expire=4 AUTHOR/START processed
> > > > Dec 4 11:21:11.064 MET: TAC+: (3753599229) AUTHOR/START
processed
> > > > Dec 4 11:21:11.064 MET: TAC+: periodic timer stopped (queue
> empty)
> > > > Dec 4 11:21:11.064 MET: TAC+: (3753599229): received author
> >
> > response
> >
> > > > status = PASS_ADD
> > > > Dec 4 11:21:11.064 MET: TAC+: Closing TCP/IP 0x621DC9D4
> connection
> >
> > to
> >
> > > > 212.37.0.171/49
> > > > Dec 4 11:21:11.064 MET: AAA/AUTHOR (3753599229): Post
> authorization
> > > > status = PASS_ADD
> > > > "
> > > >
> > > > New Format
> > > > "
> > > > Dec 4 11:19:42.357 MET: tty3 AAA/AUTHOR/CMD (2448089756):
> >
> > Port='tty3'
> >
> > > > list='' service=CMD
> > > > Dec 4 11:19:42.357 MET: AAA/AUTHOR/CMD: tty3 (2448089756)
> > >
> > > user='paddy'
> > >
> > > > Dec 4 11:19:42.357 MET: tty3 AAA/AUTHOR/CMD (2448089756): send
AV
> > > > service=shell
> > > > Dec 4 11:19:42.357 MET: tty3 AAA/AUTHOR/CMD (2448089756): send
AV
> > > > cmd=show
> > > > Dec 4 11:19:42.357 MET: tty3 AAA/AUTHOR/CMD (2448089756): send
AV
> > > > cmd-arg=running-config
> > > > Dec 4 11:19:42.357 MET: tty3 AAA/AUTHOR/CMD (2448089756): send
AV
> > > > cmd-arg=<cr>
> > > > Dec 4 11:19:42.357 MET: tty3 AAA/AUTHOR/CMD (2448089756): found
> >
> > list
> >
> > > > "default"
> > > > Dec 4 11:19:42.357 MET: tty3 AAA/AUTHOR/CMD (2448089756):
> > > > Method=tacacs+ (tacacs+)
> > > > Dec 4 11:19:42.357 MET: AAA/AUTHOR/TAC+: (2448089756):
user=paddy
> > > > Dec 4 11:19:42.357 MET: AAA/AUTHOR/TAC+: (2448089756): send AV
> > > > service=shell
> > > > Dec 4 11:19:42.357 MET: AAA/AUTHOR/TAC+: (2448089756): send AV
> > >
> > > cmd=show
> > >
> > > > Dec 4 11:19:42.357 MET: AAA/AUTHOR/TAC+: (2448089756): send AV
> > > > cmd-arg=running-config
> > > > Dec 4 11:19:42.357 MET: AAA/AUTHOR/TAC+: (2448089756): send AV
> > > > cmd-arg=<cr>
> > > > Dec 4 11:19:42.357 MET: TAC+: using previously set server
> > >
> > > 212.37.0.171
> > >
> > > > from group tacacs+
> > > > Dec 4 11:19:42.357 MET: TAC+: Opening TCP/IP to 212.37.0.171/49
> > > > timeout=5
> > > > Dec 4 11:19:42.361 MET: TAC+: Opened TCP/IP handle 0x621E52B0
to
> > > > 212.37.0.171/49 using source 212.37.9.27
> > > > Dec 4 11:19:42.361 MET: TAC+: Opened 212.37.0.171 index=1
> > > > Dec 4 11:19:42.361 MET: TAC+: periodic timer started
> > > > Dec 4 11:19:42.361 MET: TAC+: 212.37.0.171 req=6238E368 Qd
> > > > id=2448089756 ver=192 handle=0x621E52B0 (ESTAB) expire=5
> >
> > AUTHOR/START
> >
> > > > queued
> > > > Dec 4 11:19:42.361 MET: TAC+: 212.37.0.171 (2448089756)
> >
> > AUTHOR/START
> >
> > > > queued
> > > > Dec 4 11:19:42.461 MET: TAC+: 212.37.0.171 ESTAB id=2448089756
> >
> > wrote
> >
> > > 99
> > >
> > > > of 99 bytes
> > > > Dec 4 11:19:42.461 MET: TAC+: 212.37.0.171 req=6238E368 Qd
> > > > id=2448089756 ver=192 handle=0x621E52B0 (ESTAB) expire=4
> >
> > AUTHOR/START
> >
> > > > sent
> > > > Dec 4 11:19:42.561 MET: TAC+: 212.37.0.171 ESTAB read=12
> wanted=12
> > > > alloc=12 got=12
> > > > Dec 4 11:19:42.561 MET: TAC+: 212.37.0.171 ESTAB read=30
> wanted=30
> > > > alloc=30 got=18
> > > > Dec 4 11:19:42.561 MET: TAC+: 212.37.0.171 received 30 byte
reply
> >
> > for
> >
> > > > 6238E368
> > > > Dec 4 11:19:42.561 MET: TAC+: req=6238E368 Tx id=2448089756
> ver=192
> > > > handle=0x621E52B0 (ESTAB) expire=4 AUTHOR/START processed
> > > > Dec 4 11:19:42.561 MET: TAC+: (2448089756) AUTHOR/START
processed
> > > > Dec 4 11:19:42.561 MET: TAC+: periodic timer stopped (queue
> empty)
> > > > Dec 4 11:19:42.561 MET: TAC+: (2448089756): received author
> >
> > response
> >
> > > > status = PASS_ADD
> > > > Dec 4 11:19:42.561 MET: TAC+: Closing TCP/IP 0x621E52B0
> connection
> >
> > to
> >
> > > > 212.37.0.171/49
> > > > Dec 4 11:19:42.561 MET: AAA/AUTHOR (2448089756): Post
> authorization
> > > > status = PASS_ADD
> > > > Dec 4 11:19:42.561 MET: AAA/AUTHOR/CMD Cannot replace commands
> > > > "
> > > >
> > > > Notice the last line ?
> > > > That seem to screw the whole thing up :(
> > > >
> > > > Yes, I know the timestamps between cisco and radiator debug
> differ..
> > >
> > > one
> > >
> > > > can say that it has taken me awhile to get this far!
> > > >
> > > >
> > > > Radiator Config
> > > >
> > > > Old Format
> > > > "
> > > > # Include local parameters
> > > > Include /etc/radiator-test/radius.local.cfg
> > > >
> > > > <ServerTACACSPLUS>
> > > > # Include local tacacs parameters
> > > > Include /etc/radiator-test/radius.tacacs.local.cfg
> > > >
> > > > #
> > > > AddToRequest NAS-Identifier=TACACS
> > > >
> > > > # Groups
> > > > GroupMemberAttr RouterGroup
> > > > GroupCacheFile %D/tacacs-users.cache
> > > >
> > > > # Group: SecurityOfficer gives privilige level 15
> > > > GroupAuthAttr securityofficer priv-lvl=15
> > > > CommandAuth securityofficer permit .*
> > > > </ServerTACACSPLUS>
> > > >
> > > > <Client DEFAULT>
> > > > Secret <<--snipped-->>
> > > > </Client>
> > > >
> > > > <Handler Calling-Station-Id =
> >
> >
>
/(222.122.13.9|82.198.52.20|217.160.216.229|200.74.221.13|211.218.38.51|
> >
> > > > 62.225.4.102|209.16.117.6|60.2
> > > > 50.127.184)/>
> > > > AcctLogFileName %L/acct.denied
> > > > <AuthBy INTERNAL>
> > > > DefaultResult REJECT
> > > > </AuthBy>
> > > > </Handler>
> > > >
> > > > <Handler NAS-Port-Id = /tty.*/, User-Name = testuser>
> > > > AcctLogFileName %L/acct.admin
> > > > <AuthBy DBFILE>
> > > > Filename %D/tacacs-users
> > > > StripFromReply RouterGroup
> > > > AddToReply RouterGroup="securityofficer"
> > > > AddToReplyIfNotExist cisco-avpair="priv-lvl=15"
> > > > AddToReplyIfNotExist cisco-avpair="idletime=15"
> > > > </AuthBy>
> > > > </Handler>
> > > >
> > > > <Handler NAS-Port-Id = /mgmt.*/, User-Name = testuser>
> > > > AcctLogFileName %L/acct.admin
> > > > <AuthBy DBFILE>
> > > > Filename %D/tacacs-users
> > > > StripFromReply RouterGroup
> > > > AddToReply RouterGroup="securityofficer"
> > > > AddToReplyIfNotExist cisco-avpair="priv-lvl=15"
> > > > AddToReplyIfNotExist cisco-avpair="idletime=15"
> > > > </AuthBy>
> > > > </Handler>
> > > >
> > > > <Handler>
> > > > AcctLogFileName %L/acct.user
> > > > <AuthBy DBFILE>
> > > > Filename %D/tacacs-users
> > > > AddToReplyIfNotExist cisco-avpair="idletime=15"
> > > > </AuthBy>
> > > > </Handler>
> > > > "
> > > >
> > > > New Format
> > > > "
> > > > # Include local parameters
> > > > Include /etc/radiator-test/radius.local.cfg
> > > >
> > > > <ServerTACACSPLUS>
> > > > # Include local tacacs parameters
> > > > Include /etc/radiator-test/radius.tacacs.local.cfg
> > > >
> > > > #
> > > > AddToRequest NAS-Identifier=TACACS
> > > >
> > > > # Groups
> > > > GroupMemberAttr RouterGroup
> > > > GroupCacheFile %D/tacacs-users.cache
> > > >
> > > > # Group: SecurityOfficer gives privilige level 15
> > > > AuthorizeGroup securityofficer permit service=junos_exec
> > > > {local-user-name=admins}
> > > > AuthorizeGroup securityofficer permit service=shell
cmd\*
> > > > {priv-lvl=15}
> > > > AuthorizeGroup securityofficer permit .*
> > > > </ServerTACACSPLUS>
> > > >
> > > > <Client DEFAULT>
> > > > Secret <<--snipped-->>
> > > > </Client>
> > > >
> > > > <Handler Calling-Station-Id =
> >
> >
>
/(222.122.13.9|82.198.52.20|217.160.216.229|200.74.221.13|211.218.38.51|
> >
> > > > 62.225.4.102|209.16.117.6|60.2
> > > > 50.127.184)/>
> > > > AcctLogFileName %L/acct.denied
> > > > <AuthBy INTERNAL>
> > > > DefaultResult REJECT
> > > > </AuthBy>
> > > > </Handler>
> > > >
> > > > <Handler User-Name = paddy>
> > > > AcctLogFileName %L/acct.admin
> > > >
> > > > # Packet Trace
> > > > PacketTrace
> > > >
> > > > # Explain reject
> > > > RejectHasReason
> > > >
> > > > <Log FILE>
> > > > Filename %L/paddy-log
> > > > </Log>
> > > >
> > > > <AuthBy DBFILE>
> > > > Filename %D/tacacs-users
> > > > AddToReplyIfNotExist cisco-avpair="idletime=15"
> > > > </AuthBy>
> > > > </Handler>
> > > >
> > > >
> > > > <Handler>
> > > > AcctLogFileName %L/acct.user
> > > >
> > > > # Explain reject
> > > > RejectHasReason
> > > >
> > > > <AuthBy DBFILE>
> > > > Filename %D/tacacs-users
> > > > AddToReplyIfNotExist cisco-avpair="idletime=15"
> > > > </AuthBy>
> > > > </Handler>
> > > > "
> > > >
> > > > The included configuration files only keep ports and that kind
of
> > > > information, nothing that could affect this.
> > > >
> > > > I've tried looking throw the ServerTACPLUS.pm but I can't really
> > >
> > > figure
> > >
> > > > what could be wrong.. quite busy at work to so haven't had much
> time
> > >
> > > to
> > >
> > > > spend on it :P
> > > >
> > > > Please help ?
> > > >
> > > > ---
> > > > Regards,
> > > > Patrik
> > > >
> > > >
> > > > --
> > > > Archive at http://www.open.com.au/archives/radiator/
> > > > Announcements on radiator-announce at open.com.au
> > > > To unsubscribe, email 'majordomo at open.com.au' with
> > > > 'unsubscribe radiator' in the body of the message.
> > >
> > > --
> > > Mike McCauley mikem at open.com.au
> > > Open System Consultants Pty. Ltd Unix, Perl, Motif,
C++,
> >
> > WWW
> >
> > > 9 Bulbul Place Currumbin Waters QLD 4223 Australia
> > > http://www.open.com.au
> > > Phone +61 7 5598-7474 Fax +61 7 5598-7070
> > >
> > > Radiator: the most portable, flexible and configurable RADIUS
server
> > > anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT,
Emerald,
> > > Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP,
> >
> > TLS,
> >
> > > TTLS, PEAP etc on Unix, Windows, MacOS, NetWare etc.
>
> --
> Mike McCauley mikem at open.com.au
> Open System Consultants Pty. Ltd Unix, Perl, Motif, C++,
WWW
> 9 Bulbul Place Currumbin Waters QLD 4223 Australia
> http://www.open.com.au
> Phone +61 7 5598-7474 Fax +61 7 5598-7070
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP,
TLS,
> TTLS, PEAP etc on Unix, Windows, MacOS, NetWare etc.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list