(RADIATOR) Problems with AuthBy SQLRADIUS after upgrade to 3.17.1
Mike McCauley
mikem at open.com.au
Wed Jun 27 20:19:43 CDT 2007
Hello Yves,
thanks for reporting this. It was caused by some internal changes to AuthBy
RADIUS. It has now been fixed in the latest Radiator patch set.
We apologise for any inconvenience.
Cheers.
On Thursday 28 June 2007 02:12, Yves Martel wrote:
> Hello,
>
> We have 2 servers running 3 virtual Radius
>
> The first one is a proxy
> - incoming wi-fi to the third server
> - incoming dial-minute ppp, broadband. to the second server
> - outgoing wifi, broadband, ppp to different third party remote radius
>
> The second server is dealing with local ppp, broadband devices and
> proxied ppp/broadband. It also proxy ppp and broadband to the first server.
>
> The third server is dealing with a local wifi network on a proprietary
> system plus the proxied from the first server. It also proxy request to
> the first server.
>
> I hope this description make sense to you guys
>
> Since the upgrade to 3.17.1 the AuthBy SQLRADIUS isnt listening to
> LocalAddress tag and bind itself to the default primary ip.
>
> I have try to change from global variable to hard coded value but still
> bind itself to the default ip.
> I was using 3.11 before and everything was working correctly with this
> configuration.
>
> I have change the primary ip on both server as a temporary fix.
>
> Bug or error in my conf file ?
>
>
> ------ Conf File -----
> #Define Config Global Variables
> DefineFormattedGlobalVar DBRadSystem dbi:ODBC:RadiusSystem
> DefineFormattedGlobalVar DBRadSystemUsername xxxxxxxxxxx
> DefineFormattedGlobalVar DBRadSystemAuth xxxxxxxxxxxxxxxx
>
> DefineFormattedGlobalVar RadDir D:/Radiator-ProxyServer/
> DefineFormattedGlobalVar DefaultDomain oricom.ca
> DefineFormattedGlobalVar AuthIP 64.18.160.57
> DefineFormattedGlobalVar AuthPort 1645
> DefineFormattedGlobalVar MonAuthPort 9021
>
> # Define Global Setting
> #Foreground
> LogStdout
> LogDir %{GlobalVar:RadDir}logs
> DbDir %{GlobalVar:RadDir}cfg
> PidFile %{GlobalVar:RadDir}logs/Auth-RadSys-ProxyServer.pid
> LogFile %{GlobalVar:RadDir}logs/%Y-%m-%d-%H-Auth-RadSys-ProxyServer.log
> Trace 4
> AuthPort %{GlobalVar:AuthPort}
> AcctPort
> #BindAddress %{GlobalVar:AuthIP}
> BindAddress 64.18.160.57,206.108.60.32
>
> # Define client server secret
> <ClientListSQL>
> DBSource %{GlobalVar:DBRadSystem}
> DBUsername %{GlobalVar:DBRadSystemUsername}
> DBAuth %{GlobalVar:DBRadSystemAuth}
> RefreshPeriod 60
> GetClientQuery select NASIDENTIFIER, SECRET, NULL, DUPINTERVAL,
> DEFAULTREALM, Null, Null, Null, Null, Null, Null, Null, Null, Null,
> Null, Null, Null, STRIPFROMREPLY, Null, ADDTOREPLY, Null, Null,
> ADDTOREQUEST, STRIPFROMREQUEST from RadiusClients where GRPID=3 OR GRPID=6
> </Client>
>
> # Define session server
> <SessionDatabase NULL>
> Identifier NoSessionTable
> </SessionDatabase NULL>
>
> # Define AuthBy clause
> <AuthBy SQL>
> # Radius Roaming Server Lookup Table
> Identifier ValidateRadiusRoamingClient
> DBSource %{GlobalVar:DBRadSystem}
> DBUsername %{GlobalVar:DBRadSystemUsername}
> DBAuth %{GlobalVar:DBRadSystemAuth}
> NoDefault
> IgnoreAccounting
> AuthSelect EXEC usp_RadiusGetRoamingAuthType '%c', '%u', '%W', '%R'
> AuthColumnDef 0, GENERIC, check
> </AuthBy>
>
> <AuthBy SQLRADIUS>
> Identifier GoRadiusProxy
> DBSource %{GlobalVar:DBRadSystem}
> DBUsername %{GlobalVar:DBRadSystemUsername}
> DBAuth %{GlobalVar:DBRadSystemAuth}
> LocalAddress %{GlobalVar:AuthIP}
> NoDefault
> IgnoreAccounting
>
> HostSelect EXEC usp_RadiusGetRoamingServer '%u', '%W', %0
> HostColumnDef 0, Host
> HostColumnDef 1, Secret
> HostColumnDef 2, AuthPort
> HostColumnDef 3, AcctPort
> HostColumnDef 4, Retries
> HostColumnDef 5, RetryTimeout
> HostColumnDef 6, StripFromRequest
> HostColumnDef 7, AddToRequest
> HostColumnDef 8, AddToReply
> HostColumnDef 9, FailurePolicy
> </AuthBy>
>
> # Define Handlers
> <Handler Request-Type = Access-Request>
> # Default Handler
> SessionDatabase NoSessionTable
> AuthBy ValidateRadiusRoamingClient
> </Handler>
>
> # Define Monitoring Server Settings
> <Monitor>
> BindAddress 192.168.127.81
> Port %{GlobalVar:MonAuthPort}
> Username xxxxxxxx
> Password xxxxxxxx
> </Monitor>
>
> --------------
> --- log file ---
>
> Wed Jun 27 09:55:36 2007: DEBUG: Packet dump:
> *** Received from 64.26.143.6 port 1647 ....
> Code: Access-Request
> Identifier: 171
> Authentic: <31>2s<213><168><30><160><135><198><5><147>1<145>Fj<9>
> Attributes:
> User-Name = "cricha"
> User-Password = "e<136><4><149><194><0><231>gysn3(<144><215><167>"
> NAS-IP-Address = 209.226.151.241
> NAS-Port = 22
> Service-Type = Framed-User
> Framed-Protocol = PPP
> Called-Station-Id = "4507525413"
> NAS-Port-Type = Async
> Proxy-State = 16
>
> Wed Jun 27 09:55:36 2007: DEBUG: Handling request with Handler
> 'Request-Type = Access-Request'
> Wed Jun 27 09:55:36 2007: DEBUG: Handling with Radius::AuthSQL
> Wed Jun 27 09:55:36 2007: DEBUG: Handling with Radius::AuthSQL:
> ValidateRadiusRoamingClient
> Wed Jun 27 09:55:36 2007: DEBUG: Query is: 'EXEC
> usp_RadiusGetRoamingAuthType '64.26.143.6', 'cricha', '', 'oricom.ca'':
> Wed Jun 27 09:55:37 2007: DEBUG: Radius::AuthSQL looks for match with
> cricha at oricom.ca [cricha]
> Wed Jun 27 09:55:37 2007: DEBUG: Handling with Radius::AuthRADIUS
> Wed Jun 27 09:55:37 2007: DEBUG: Query is: 'EXEC
> usp_RadiusGetRoamingServer 'cricha', '', 1':
> Wed Jun 27 09:55:37 2007: DEBUG: AuthBy RADIUS creates new local socket
> '0.0.0.0' for sending requests
> Wed Jun 27 09:55:37 2007: DEBUG: Packet dump:
> *** Sending to 64.18.160.56 port 1645 ....
> Code: Access-Request
> Identifier: 1
> Authentic: <31>2s<213><168><30><160><135><198><5><147>1<145>Fj<9>
> Attributes:
> User-Name = "cricha at oricom.ca"
> User-Password = "h<241><181><2><240>*<12>_<242> '<163>U<142><153><172>"
> NAS-IP-Address = 209.226.151.241
> NAS-Port = 22
> Service-Type = Framed-User
> Framed-Protocol = PPP
> Called-Station-Id = "4507525413"
> NAS-Port-Type = Async
>
> Wed Jun 27 09:55:37 2007: DEBUG: Radius::AuthSQL IGNORE: :
> cricha at oricom.ca [cricha]
> Wed Jun 27 09:55:37 2007: DEBUG: AuthBy SQL result: IGNORE,
> Wed Jun 27 09:55:37 2007: DEBUG: Packet dump:
> *** Received from 64.18.160.56 port 1645 ....
> Code: Access-Accept
> Identifier: 1
> Authentic: <29><246>L<177><246><231>b<234><18><182>\<249><23>2:<131>
> Attributes:
>
> Wed Jun 27 09:55:37 2007: DEBUG: Received reply in AuthRADIUS for req 1
> from 64.18.160.56:1645
> Wed Jun 27 09:55:37 2007: DEBUG: Access accepted for cricha at oricom.ca
> Wed Jun 27 09:55:37 2007: DEBUG: Packet dump:
> *** Sending to 64.26.143.6 port 1647 ....
> Code: Access-Accept
> Identifier: 171
> Authentic: <31>2s<213><168><30><160><135><198><5><147>1<145>Fj<9>
> Attributes:
> Proxy-State = 16
--
Mike McCauley mikem at open.com.au
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
9 Bulbul Place Currumbin Waters QLD 4223 Australia http://www.open.com.au
Phone +61 7 5598-7474 Fax +61 7 5598-7070
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP etc on Unix, Windows, MacOS, NetWare etc.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list