(RADIATOR) radius RAS communication

Hugh Irvine hugh at open.com.au
Tue Feb 20 15:07:59 CST 2007


Hello William -

I will need to see a copy of your configuration file and a trace 4  
debug from Radiator showing what is happening.

I will also need a reference to the Packeteer documentation showing  
what you are trying to accomplish.

Normally it is the NAS that sends a username and password, and  
Radiator then replies with an accept together with the relevant reply  
attributes.

regards

Hugh



On 21 Feb 2007, at 01:39, kihara Muriithi wrote:

> Hi all
>  I have an equipment that can only do two level authorization,  
> touch and
> look. I am writing to the group to seek help on what need to be  
> done on
> radiator for such a setup to work.
>  This is what the equipment expect from radius, a name, password  
> and an
> attribute touch or look. To fulfill this, I have used the field
> "description" to hold the touch and look phrases at the ldap end and
> push them to radiator using
> "AuthAttrDef description,packeteeraccess,reply" statement. From the
> logs, ldap radiator communication seems fine.
>  I have then a group GroupMemberAttr packeteeraccess, to separate the
> two groups and finally, I have a "AuthorizeGroup touch permit .*". I
> really don't think this is necessary, but it can't also do any  
> harm. Now
> with this simple configuration, what does my NAS see? The logs don'
> reveal this, unless I am misreading the file. What changes do I  
> need to
> insert on my radiator configuration to ensure the three tuples, user
> name, password and "touch or look" is availed to my NAS, a packeteer?
> Please advice
>
> William
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.



NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/ 
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list