(RADIATOR) Problems with AuthBy SQLRADIUS after upgrade to 3.17.1

Yves Martel yves.martel at oricom.ca
Wed Jun 27 11:12:47 CDT 2007 

Hello,

We have 2 servers running 3 virtual Radius

The first one is a proxy
- incoming wi-fi to the third server
- incoming dial-minute ppp, broadband. to the second server
- outgoing wifi, broadband, ppp to different third party remote radius

The second server is dealing with local ppp, broadband devices and
proxied ppp/broadband. It also proxy ppp and broadband to the first server.

The third server is dealing with a local wifi network on a proprietary
system plus the proxied from the first server. It also proxy request to
the first server.

I hope this description make sense to you  guys

Since the upgrade to 3.17.1 the AuthBy SQLRADIUS isnt listening to
LocalAddress tag and bind itself to the default primary ip.

I have try to change from global variable to hard coded value but still
bind itself to the default ip.
I was using 3.11 before and everything was working correctly with this
configuration.

I have change the primary ip on both server as a temporary fix.

Bug or error in my conf file ?


------ Conf File -----
#Define Config Global Variables
DefineFormattedGlobalVar DBRadSystem dbi:ODBC:RadiusSystem
DefineFormattedGlobalVar DBRadSystemUsername xxxxxxxxxxx
DefineFormattedGlobalVar DBRadSystemAuth xxxxxxxxxxxxxxxx

DefineFormattedGlobalVar RadDir D:/Radiator-ProxyServer/
DefineFormattedGlobalVar DefaultDomain oricom.ca
DefineFormattedGlobalVar AuthIP 64.18.160.57
DefineFormattedGlobalVar AuthPort 1645
DefineFormattedGlobalVar MonAuthPort 9021

# Define Global Setting
#Foreground
LogStdout
LogDir    %{GlobalVar:RadDir}logs
DbDir    %{GlobalVar:RadDir}cfg
PidFile %{GlobalVar:RadDir}logs/Auth-RadSys-ProxyServer.pid
LogFile %{GlobalVar:RadDir}logs/%Y-%m-%d-%H-Auth-RadSys-ProxyServer.log
Trace 4
AuthPort %{GlobalVar:AuthPort}
AcctPort
#BindAddress  %{GlobalVar:AuthIP}
BindAddress  64.18.160.57,206.108.60.32

# Define client server secret
<ClientListSQL>
    DBSource        %{GlobalVar:DBRadSystem}
    DBUsername      %{GlobalVar:DBRadSystemUsername}
       DBAuth          %{GlobalVar:DBRadSystemAuth}
    RefreshPeriod 60
    GetClientQuery select NASIDENTIFIER, SECRET, NULL, DUPINTERVAL,
DEFAULTREALM, Null, Null, Null, Null, Null, Null, Null, Null, Null,
Null, Null, Null, STRIPFROMREPLY, Null, ADDTOREPLY, Null, Null,
ADDTOREQUEST, STRIPFROMREQUEST from RadiusClients where GRPID=3 OR GRPID=6
</Client>

# Define session server
<SessionDatabase NULL>
    Identifier NoSessionTable
</SessionDatabase NULL>

# Define AuthBy clause
<AuthBy SQL>
    # Radius Roaming Server Lookup Table
    Identifier ValidateRadiusRoamingClient
    DBSource        %{GlobalVar:DBRadSystem}
    DBUsername      %{GlobalVar:DBRadSystemUsername}
       DBAuth          %{GlobalVar:DBRadSystemAuth}
    NoDefault
    IgnoreAccounting
    AuthSelect EXEC usp_RadiusGetRoamingAuthType '%c', '%u', '%W', '%R'
    AuthColumnDef 0, GENERIC, check
</AuthBy>

<AuthBy SQLRADIUS>
    Identifier GoRadiusProxy
    DBSource        %{GlobalVar:DBRadSystem}
    DBUsername      %{GlobalVar:DBRadSystemUsername}
       DBAuth          %{GlobalVar:DBRadSystemAuth}
    LocalAddress %{GlobalVar:AuthIP}
    NoDefault
    IgnoreAccounting

    HostSelect EXEC usp_RadiusGetRoamingServer '%u', '%W', %0
    HostColumnDef 0, Host
    HostColumnDef 1, Secret
    HostColumnDef 2, AuthPort
    HostColumnDef 3, AcctPort
    HostColumnDef 4, Retries
    HostColumnDef 5, RetryTimeout
    HostColumnDef 6, StripFromRequest
    HostColumnDef 7, AddToRequest
    HostColumnDef 8, AddToReply
    HostColumnDef 9, FailurePolicy
</AuthBy>

# Define Handlers
<Handler Request-Type = Access-Request>
    # Default Handler
    SessionDatabase NoSessionTable
    AuthBy ValidateRadiusRoamingClient
</Handler>

# Define Monitoring Server Settings
<Monitor>
    BindAddress 192.168.127.81
    Port %{GlobalVar:MonAuthPort}
    Username xxxxxxxx
    Password xxxxxxxx
</Monitor>

--------------
--- log file ---

Wed Jun 27 09:55:36 2007: DEBUG: Packet dump:
*** Received from 64.26.143.6 port 1647 ....
Code:       Access-Request
Identifier: 171
Authentic:  <31>2s<213><168><30><160><135><198><5><147>1<145>Fj<9>
Attributes:
    User-Name = "cricha"
    User-Password = "e<136><4><149><194><0><231>gysn3(<144><215><167>"
    NAS-IP-Address = 209.226.151.241
    NAS-Port = 22
    Service-Type = Framed-User
    Framed-Protocol = PPP
    Called-Station-Id = "4507525413"
    NAS-Port-Type = Async
    Proxy-State = 16

Wed Jun 27 09:55:36 2007: DEBUG: Handling request with Handler
'Request-Type = Access-Request'
Wed Jun 27 09:55:36 2007: DEBUG: Handling with Radius::AuthSQL
Wed Jun 27 09:55:36 2007: DEBUG: Handling with Radius::AuthSQL:
ValidateRadiusRoamingClient
Wed Jun 27 09:55:36 2007: DEBUG: Query is: 'EXEC
usp_RadiusGetRoamingAuthType '64.26.143.6', 'cricha', '', 'oricom.ca'':
Wed Jun 27 09:55:37 2007: DEBUG: Radius::AuthSQL looks for match with
cricha at oricom.ca [cricha]
Wed Jun 27 09:55:37 2007: DEBUG: Handling with Radius::AuthRADIUS
Wed Jun 27 09:55:37 2007: DEBUG: Query is: 'EXEC
usp_RadiusGetRoamingServer 'cricha', '', 1':
Wed Jun 27 09:55:37 2007: DEBUG: AuthBy RADIUS creates new local socket
'0.0.0.0' for sending requests
Wed Jun 27 09:55:37 2007: DEBUG: Packet dump:
*** Sending to 64.18.160.56 port 1645 ....
Code:       Access-Request
Identifier: 1
Authentic:  <31>2s<213><168><30><160><135><198><5><147>1<145>Fj<9>
Attributes:
    User-Name = "cricha at oricom.ca"
    User-Password = "h<241><181><2><240>*<12>_<242> '<163>U<142><153><172>"
    NAS-IP-Address = 209.226.151.241
    NAS-Port = 22
    Service-Type = Framed-User
    Framed-Protocol = PPP
    Called-Station-Id = "4507525413"
    NAS-Port-Type = Async

Wed Jun 27 09:55:37 2007: DEBUG: Radius::AuthSQL IGNORE: :
cricha at oricom.ca [cricha]
Wed Jun 27 09:55:37 2007: DEBUG: AuthBy SQL result: IGNORE,
Wed Jun 27 09:55:37 2007: DEBUG: Packet dump:
*** Received from 64.18.160.56 port 1645 ....
Code:       Access-Accept
Identifier: 1
Authentic:  <29><246>L<177><246><231>b<234><18><182>\<249><23>2:<131>
Attributes:

Wed Jun 27 09:55:37 2007: DEBUG: Received reply in AuthRADIUS for req 1
from 64.18.160.56:1645
Wed Jun 27 09:55:37 2007: DEBUG: Access accepted for cricha at oricom.ca
Wed Jun 27 09:55:37 2007: DEBUG: Packet dump:
*** Sending to 64.26.143.6 port 1647 ....
Code:       Access-Accept
Identifier: 171
Authentic:  <31>2s<213><168><30><160><135><198><5><147>1<145>Fj<9>
Attributes:
    Proxy-State = 16



-- 
©º°¨¨°º©©º°¨¨°º©©º°¨¨°º©
Yves Martel
Administrateur Réseau
Oricom Internet Inc.
(418) 683-4557
1 866 9ORICOM
http://www.oricom.ca
yves.martel at oricom.ca
©º°¨¨°º©©º°¨¨°º©©º°¨¨°º©





--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list