(RADIATOR) tunnel password format problem

Ernst Oudhof e.oudhof at mailfrom.nl
Wed May 9 06:32:42 CDT 2007


Hi,

You could use a PostAuthHook to do the job.
Had a similar problem with a vlan attribute.
I've modified my code to do what you asked for. Haven't tested it, please
do so before using.

sub
{
        my $rp = ${$_[1]};
        my $tunnelpw = $rp->get_attr('Tunnel-Password');
        if ( $tunnelpw =~ /^<1>/ )
        {
                substr($tunnelpw,0,3,"1:");
                $rp->change_attr('Tunnel-Password', $tunnelpw);
        }
}


regards,

Ernst Oudhof

> Hi colleagues,
>
> I am running 3.16 as a RADIUS proxy and have the following problem:
>
> I am receiving tunnel AVPs from a remote authoritative RADIUS together
> with the Access-Accept messages. Most tunnel AVPs look fine, but
> Tunnel-Passwort is malformatted. Appearantly what should be a 1:<password>
> shows up as "<1><password>", which results in problems with the NAS when
> forwarded in that way.
>
> The administrator of the remote system has informed me, that he is also
> running Radiator but has modified the dictionary by defining
> Tunnel-Passwort as "tagged-string" instead of "string". I have tried to do
> this as well on my system but one way or another the tag-format is not
> properly recognized.
> What can I do to correct the format, as a modification of the remote
> system of the customer appears to be not an option?
>
>  *** Received from X.X.X.X port 1812 ....
>  Code: Access-Accept
>  Identifier: 1
>  Authentic: ^<199><23>'<255>S<199><20><199><299><299><299><299>W8_
>  Attributes:
>  Tunnel-Type = 1:L2TP
>  Tunnel-Medium-Type = 1:IP
>  Tunnel-Server-Endpoint = 1:10.10.10.7
>  Tunnel-Client-Auth-ID = 1:xx_yyyy_zzz
>  Tunnel-Assignment-ID = 1:xx_yyyy_zzz
>  Tunnel-Password = "<1>abcdefghijk"
>  Tunnel-Preference = 1:100
>
> I have tried to insert the Tunnel-Password manually by removing the sent
> password and putting
>
>  AddToReply Tunnel-Password = "1:abcdefghijk"
>
> This works fine, so the problem seems to be just the format.
>
> best regards
>
> Andreas Waibel
>
>
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list