(RADIATOR) Re: PIN code authentication + hijack traffic and force end user to a specific portal to login?

Hugh Irvine hugh at open.com.au
Thu Apr 17 03:56:34 CDT 2008


Hello Scott -

The best answer you will get is by setting up your own test  
environment and doing some tests.

You can set up a Log FILE clause with LogMicroseconds (requires Time- 
Hires from CPAN) which will show you exactly how long each processing  
step will take. You will then know the maximum number of requests per  
second that you can process in your environment.

The critical variable is the number of RADIUS requests per second  
that you will need to process - you can then use your test results to  
determine how much hardware you will require.

It is extremely important when using sn SQL database to have a really  
good database administrator involved.

hope that helps

regards

Hugh



On 17 Apr 2008, at 15:07, ScottXiao163 wrote:
> Hi Hugh
> I tried to contact archred with email, but no response yet for a  
> few days,I will try again.So you know there are some cases that  
> archred works as access controller with radiator to hijack the  
> traffic and redirect to its portal login page?
> I have another question regarding backup. I know Radiator 's config  
> file can be easily copy out for backup.What about the the whole  
> system and database? My project now is, we may put the MS SQL  
> server workgroup edition  on the same windows 2003 server as  
> Radiator 4.2, Radmin and Radar. Does Radiator support asynchronous  
> bidirectional backup ,or synchronous bidirectional backup ? Please  
> correct me if I didn't use the correct term for that. Or it's not  
> related to radiator at all? Just MS SQL server backup?
> Do you have any recommended hardware config for MS SQL server to  
> work with Radiator to cater up to 5000 concurrently authentication  
> login? My current design is only MS SQL server workgroup edition  
> one CPU, windows 2003 server, Radiator 4.2 plus radmin,radar. Do  
> you think it will be any performance issue if 5000 concurrent login  
> come in?Or maximu how many will be best practice for MS SQL server  
> workgroup edtion with Radiator?
> I think there might be some topics in archive of mailling list  
> too,just cannot find out.Any tip to search that in the archive? It  
> would be better if you have some reference document on the best  
> practice.
> thanks
> scott
>
>
> ----- Original Message ----- From: "Hugh Irvine" <hugh at open.com.au>
> To: "ScottXiao163" <scottshaw at 163.com>
> Cc: <radiator at open.com.au>
> Sent: Friday, April 11, 2008 4:20 PM
> Subject: Re: (RADIATOR) Re: PIN code authentication + hijack  
> traffic and force end user to a specific portal to login?
>
>
>>
>> Hello again Scott -
>>
>> You may find this useful:
>>
>> http://www.archred.com/products.html
>>
>> regards
>>
>> Hugh
>>
>>
>> On 11 Apr 2008, at 17:29, ScottXiao163 wrote:
>>> Hello Hugh
>>> Thanks. Will try (Or search for some tools if there is any  
>>> available...)...
>>> Regarding the first question,is there module allows radiator  
>>> server  to hijack traffic
>>> and  force end user to a specific portal to login,or any advice  
>>> on  that?
>>> Thanks
>>> Scott
>>> ----- Original Message ----- From: "Hugh Irvine" <hugh at open.com.au>
>>> To: "ScottXiao163" <scottshaw at 163.com>
>>> Cc: <radiator at open.com.au>
>>> Sent: Friday, April 11, 2008 2:33 PM
>>> Subject: Re: (RADIATOR) Re: PIN code authentication + hijack   
>>> traffic and force end user to a specific portal to login?
>>>
>>>
>>>>
>>>> Hello Scott -
>>>>
>>>> You would write an SQL script to populate the database.
>>>>
>>>> regards
>>>>
>>>> Hugh
>>>>
>>>>
>>>> On 11 Apr 2008, at 16:30, ScottXiao163 wrote:
>>>>> Hello Hugh
>>>>> Thanks! I also guess it's just a kind of simple user name  
>>>>> without password,while user name is numeric.Nothing to do with  
>>>>> the real PIN,like two factors PIN for secure login. So in this  
>>>>> case, the administrator just use Radmin to create a numeric  
>>>>> user while   leaving password blank,print out the voucher. If  
>>>>> the customer  need  to usr Radmin to import an excel user list,  
>>>>> or randomly  create  thousands of prepaid users with  
>>>>> Radmin,what is the best  way you  suggest we do?I didn't see  
>>>>> the option of creating  multiple users in  Radmin's UI yet.
>>>>> Thanks!
>>>>> best regards
>>>>> Scott
>>>>> ----- Original Message ----- From: "Hugh Irvine"  
>>>>> <hugh at open.com.au>
>>>>> To: "ScottXiao163" <scottshaw at 163.com>
>>>>> Cc: <radiator at open.com.au>; "Mike McCauley" <mikem at open.com.au>
>>>>> Sent: Friday, April 11, 2008 1:46 PM
>>>>> Subject: Re: PIN code authentication + hijack traffic and  
>>>>> force  end user to a specific portal to login?
>>>>>
>>>>>
>>>>>>
>>>>>> Hello Scott -
>>>>>>
>>>>>> What you are describing is just a simple numeric username  
>>>>>> which   is used as the username when performing RADIUS  
>>>>>> authentication.
>>>>>>
>>>>>> Many organisations use this sort of system for prepaid   
>>>>>> internet access - there is nothing special required.
>>>>>>
>>>>>> regards
>>>>>>
>>>>>> Hugh
>>>>>>
>>>>>>
>>>>>> On 11 Apr 2008, at 11:44, ScottXiao163 wrote:
>>>>>>> Hello team
>>>>>>> Does Radiator support PIN code authentication?
>>>>>>> Network envirionment is  Airport deporture lounge WIFI   
>>>>>>> network.  The user need to purchase a voucher which include  
>>>>>>> a  PIN code.  The user launch IE on laptop,get a portal for   
>>>>>>> authentication.  The user need key in the PIN code instead  
>>>>>>> of  username/password,  start to surf internet once the PIN   
>>>>>>> authentication successful  through  radiator Radius server.
>>>>>>> Does Radiator can be configured to support this?I have read   
>>>>>>> some documents mentioned digipass,but it's to enhance the    
>>>>>>> authentication with two factors PIN, I don't think the   
>>>>>>> customer  will make it so complicated in airport wifi.
>>>>>>>
>>>>>>> Thank you !
>>>>>>> Best regards
>>>>>>> Scott
>>>>>>> ----- Original Message ----- From: "ScottXiao163"  
>>>>>>> <scottshaw at 163.com>
>>>>>>> To: "Hugh Irvine" <hugh at open.com.au>
>>>>>>> Cc: <radiator at open.com.au>; "Mike McCauley" <mikem at open.com.au>
>>>>>>> Sent: Wednesday, April 09, 2008 9:51 PM
>>>>>>> Subject: (RADIATOR) any module allows radiator server to  
>>>>>>> hijack traffic and force end user to a specific portal to login?
>>>>>>>
>>>>>>>
>>>>>>>> Hello team
>>>>>>>> Is there any module allows radiator server to hijack  
>>>>>>>> traffic   and force end user to a specific portal to login?  
>>>>>>>> Usually  what  we did before is, to let customer buy a  
>>>>>>>> access  controller ,and  it can do hijack and force all DHCP 
>>>>>>>> (or event  static IP address  user) users ' web brower  
>>>>>>>> redirect to a web  server's login  page.The login will use  
>>>>>>>> radiator's AAA  servcie. But now many AC  has their own  
>>>>>>>> builtin AAA service ,  so the custome may not need  radiator  
>>>>>>>> at all if we introduce  the AC to customer. that's why  I  
>>>>>>>> ask if there is any optional  module can do this. any advice?
>>>>>>>>
>>>>>>>> Thanks!
>>>>>>>> Scott
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> NB:
>>>>>>
>>>>>> Have you read the reference manual ("doc/ref.html")?
>>>>>> Have you searched the mailing list archive (www.open.com.au/  
>>>>>> archives/ radiator)?
>>>>>> Have you had a quick look on Google (www.google.com)?
>>>>>> Have you included a copy of your configuration file (no secrets),
>>>>>> together with a trace 4 debug showing what is happening?
>>>>>> Have you checked the RadiusExpert wiki:
>>>>>> http://www.open.com.au/wiki/index.php/Main_Page
>>>>>>
>>>>>> -- 
>>>>>> Radiator: the most portable, flexible and configurable RADIUS   
>>>>>> server
>>>>>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
>>>>>> Includes support for reliable RADIUS transport (RadSec),
>>>>>> and DIAMETER translation agent.
>>>>>> -
>>>>>> Nets: internetwork inventory and management - graphical,   
>>>>>> extensible,
>>>>>> flexible with hardware, software, platform and database   
>>>>>> independence.
>>>>>> -
>>>>>> CATool: Private Certificate Authority for Unix and Unix-like   
>>>>>> systems.
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Archive at http://www.open.com.au/archives/radiator/
>>>>> Announcements on radiator-announce at open.com.au
>>>>> To unsubscribe, email 'majordomo at open.com.au' with
>>>>> 'unsubscribe radiator' in the body of the message.
>>>>
>>>>
>>>>
>>>> NB:
>>>>
>>>> Have you read the reference manual ("doc/ref.html")?
>>>> Have you searched the mailing list archive (www.open.com.au/  
>>>> archives/ radiator)?
>>>> Have you had a quick look on Google (www.google.com)?
>>>> Have you included a copy of your configuration file (no secrets),
>>>> together with a trace 4 debug showing what is happening?
>>>> Have you checked the RadiusExpert wiki:
>>>> http://www.open.com.au/wiki/index.php/Main_Page
>>>>
>>>> -- 
>>>> Radiator: the most portable, flexible and configurable RADIUS  
>>>> server
>>>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
>>>> Includes support for reliable RADIUS transport (RadSec),
>>>> and DIAMETER translation agent.
>>>> -
>>>> Nets: internetwork inventory and management - graphical,  
>>>> extensible,
>>>> flexible with hardware, software, platform and database  
>>>> independence.
>>>> -
>>>> CATool: Private Certificate Authority for Unix and Unix-like  
>>>> systems.
>>>>
>>>>
>>>> --
>>>> Archive at http://www.open.com.au/archives/radiator/
>>>> Announcements on radiator-announce at open.com.au
>>>> To unsubscribe, email 'majordomo at open.com.au' with
>>>> 'unsubscribe radiator' in the body of the message.
>>>
>>
>>
>>
>> NB:
>>
>> Have you read the reference manual ("doc/ref.html")?
>> Have you searched the mailing list archive (www.open.com.au/ 
>> archives/ radiator)?
>> Have you had a quick look on Google (www.google.com)?
>> Have you included a copy of your configuration file (no secrets),
>> together with a trace 4 debug showing what is happening?
>> Have you checked the RadiusExpert wiki:
>> http://www.open.com.au/wiki/index.php/Main_Page
>>
>> -- 
>> Radiator: the most portable, flexible and configurable RADIUS server
>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
>> Includes support for reliable RADIUS transport (RadSec),
>> and DIAMETER translation agent.
>> -
>> Nets: internetwork inventory and management - graphical, extensible,
>> flexible with hardware, software, platform and database independence.
>> -
>> CATool: Private Certificate Authority for Unix and Unix-like systems.
>>
>>
>> --
>> Archive at http://www.open.com.au/archives/radiator/
>> Announcements on radiator-announce at open.com.au
>> To unsubscribe, email 'majordomo at open.com.au' with
>> 'unsubscribe radiator' in the body of the message.
>



NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/ 
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
Have you checked the RadiusExpert wiki:
http://www.open.com.au/wiki/index.php/Main_Page

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list