(RADIATOR) tunnel password format problem

andreas.waibel at web.de andreas.waibel at web.de
Wed May 9 04:13:36 CDT 2007


Hi colleagues,

I am running 3.16 as a RADIUS proxy and have the following problem:

I am receiving tunnel AVPs from a remote authoritative RADIUS together with the Access-Accept messages. Most tunnel AVPs look fine, but Tunnel-Passwort is malformatted. Appearantly what should be a 1:<password> shows up as "<1><password>", which results in problems with the NAS when forwarded in that way. 

The administrator of the remote system has informed me, that he is also running Radiator but has modified the dictionary by defining Tunnel-Passwort as "tagged-string" instead of "string". I have tried to do this as well on my system but one way or another the tag-format is not properly recognized. 
What can I do to correct the format, as a modification of the remote system of the customer appears to be not an option? 

 *** Received from X.X.X.X port 1812 ....
 Code: Access-Accept
 Identifier: 1
 Authentic: ^<199><23>'<255>S<199><20><199><299><299><299><299>W8_
 Attributes:
 Tunnel-Type = 1:L2TP
 Tunnel-Medium-Type = 1:IP
 Tunnel-Server-Endpoint = 1:10.10.10.7
 Tunnel-Client-Auth-ID = 1:xx_yyyy_zzz
 Tunnel-Assignment-ID = 1:xx_yyyy_zzz
 Tunnel-Password = "<1>abcdefghijk"
 Tunnel-Preference = 1:100

I have tried to insert the Tunnel-Password manually by removing the sent password and putting

 AddToReply Tunnel-Password = "1:abcdefghijk"

This works fine, so the problem seems to be just the format. 

best regards

Andreas Waibel

 

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list