(RADIATOR) Re: PIN code authentication + hijack traffic and force end user to a specific portal to login?

Hugh Irvine hugh at open.com.au
Sun Apr 20 18:51:15 CDT 2008 

Hello Scott -

Have you tried ActivePerl 5.8.8.820?

Once you have a LogMicroseconds log, the trace 4 debug will include a  
6 digit number in the timestamp indicating the microsecond offset in  
the current second. This will show you exactly how long each  
processing step is taking, and hence how many requests per second you  
can process. It will also show you where your performance bottlenecks  
are.

You should check Google for RADIUS testing tools - a search for  
"RADIUS protocol testing tools" gives lots of hits.

regards

Hugh


On 21 Apr 2008, at 00:22, ScottXiao163 wrote:

> Hi Hugh
> Thanks for the advice. I tried to install Hires but got the  
> error ,please advise.
>
> PPM> install Time::Hires
> Install package 'Time-Hires?' (y/N): y
> Installing package 'Time-Hires'...
> Error installing package 'Time-Hires': Read a PPD for 'Time-Hires',  
> but it is no
> t intended for this build of Perl (MSWin32-x86-multi-thread)
> My OS is windows 2003 server in VMware, MS SQL workgroup edition  
> install.Perl 5.6.1.Build 638
>
> Do you have more details on how to use that for testing the  
> performance? Any tools recommended to simulate thousands of users  
> concurrent login?
> Thanks!
> Scott
>
>
> ----- Original Message ----- From: "Hugh Irvine" <hugh at open.com.au>
> To: "ScottXiao163" <scottshaw at 163.com>
> Cc: <radiator at open.com.au>
> Sent: Thursday, April 17, 2008 4:56 PM
> Subject: Re: (RADIATOR) Re: PIN code authentication + hijack  
> traffic and force end user to a specific portal to login?
>
>
>>
>> Hello Scott -
>>
>> The best answer you will get is by setting up your own test   
>> environment and doing some tests.
>>
>> You can set up a Log FILE clause with LogMicroseconds (requires  
>> Time- Hires from CPAN) which will show you exactly how long each  
>> processing step will take. You will then know the maximum number  
>> of requests per second that you can process in your environment.
>>
>> The critical variable is the number of RADIUS requests per second   
>> that you will need to process - you can then use your test results  
>> to determine how much hardware you will require.
>>
>> It is extremely important when using sn SQL database to have a  
>> really good database administrator involved.
>>
>> hope that helps
>>
>> regards
>>
>> Hugh
>>
>>
>>
>> On 17 Apr 2008, at 15:07, ScottXiao163 wrote:
>>> Hi Hugh
>>> I tried to contact archred with email, but no response yet for a   
>>> few days,I will try again.So you know there are some cases that   
>>> archred works as access controller with radiator to hijack the   
>>> traffic and redirect to its portal login page?
>>> I have another question regarding backup. I know Radiator 's  
>>> config  file can be easily copy out for backup.What about the the  
>>> whole  system and database? My project now is, we may put the MS  
>>> SQL  server workgroup edition  on the same windows 2003 server  
>>> as  Radiator 4.2, Radmin and Radar. Does Radiator support  
>>> asynchronous  bidirectional backup ,or synchronous bidirectional  
>>> backup ? Please  correct me if I didn't use the correct term for  
>>> that. Or it's not  related to radiator at all? Just MS SQL server  
>>> backup?
>>> Do you have any recommended hardware config for MS SQL server to   
>>> work with Radiator to cater up to 5000 concurrently  
>>> authentication  login? My current design is only MS SQL server  
>>> workgroup edition  one CPU, windows 2003 server, Radiator 4.2  
>>> plus radmin,radar. Do  you think it will be any performance issue  
>>> if 5000 concurrent login  come in?Or maximu how many will be best  
>>> practice for MS SQL server  workgroup edtion with Radiator?
>>> I think there might be some topics in archive of mailling list   
>>> too,just cannot find out.Any tip to search that in the archive?  
>>> It  would be better if you have some reference document on the  
>>> best  practice.
>>> thanks
>>> scott
>>>
>>>
>>> ----- Original Message ----- From: "Hugh Irvine" <hugh at open.com.au>
>>> To: "ScottXiao163" <scottshaw at 163.com>
>>> Cc: <radiator at open.com.au>
>>> Sent: Friday, April 11, 2008 4:20 PM
>>> Subject: Re: (RADIATOR) Re: PIN code authentication + hijack   
>>> traffic and force end user to a specific portal to login?
>>>
>>>
>>>>
>>>> Hello again Scott -
>>>>
>>>> You may find this useful:
>>>>
>>>> http://www.archred.com/products.html
>>>>
>>>> regards
>>>>
>>>> Hugh
>>>>
>>>>
>>>> On 11 Apr 2008, at 17:29, ScottXiao163 wrote:
>>>>> Hello Hugh
>>>>> Thanks. Will try (Or search for some tools if there is any  
>>>>> available...)...
>>>>> Regarding the first question,is there module allows radiator   
>>>>> server to hijack traffic
>>>>> and  force end user to a specific portal to login,or any  
>>>>> advice  on that?
>>>>> Thanks
>>>>> Scott
>>>>> ----- Original Message ----- From: "Hugh Irvine"  
>>>>> <hugh at open.com.au>
>>>>> To: "ScottXiao163" <scottshaw at 163.com>
>>>>> Cc: <radiator at open.com.au>
>>>>> Sent: Friday, April 11, 2008 2:33 PM
>>>>> Subject: Re: (RADIATOR) Re: PIN code authentication + hijack    
>>>>> traffic and force end user to a specific portal to login?
>>>>>
>>>>>
>>>>>>
>>>>>> Hello Scott -
>>>>>>
>>>>>> You would write an SQL script to populate the database.
>>>>>>
>>>>>> regards
>>>>>>
>>>>>> Hugh
>>>>>>
>>>>>>
>>>>>> On 11 Apr 2008, at 16:30, ScottXiao163 wrote:
>>>>>>> Hello Hugh
>>>>>>> Thanks! I also guess it's just a kind of simple user name   
>>>>>>> without password,while user name is numeric.Nothing to do  
>>>>>>> with  the real PIN,like two factors PIN for secure login. So  
>>>>>>> in this  case, the administrator just use Radmin to create a  
>>>>>>> numeric  user while leaving password blank,print out the  
>>>>>>> voucher. If  the customer  need to usr Radmin to import an  
>>>>>>> excel user list,  or randomly  create thousands of prepaid  
>>>>>>> users with  Radmin,what is the best  way you suggest we do?I  
>>>>>>> didn't see  the option of creating  multiple users in  
>>>>>>> Radmin's UI yet.
>>>>>>> Thanks!
>>>>>>> best regards
>>>>>>> Scott
>>>>>>> ----- Original Message ----- From: "Hugh Irvine"   
>>>>>>> <hugh at open.com.au>
>>>>>>> To: "ScottXiao163" <scottshaw at 163.com>
>>>>>>> Cc: <radiator at open.com.au>; "Mike McCauley" <mikem at open.com.au>
>>>>>>> Sent: Friday, April 11, 2008 1:46 PM
>>>>>>> Subject: Re: PIN code authentication + hijack traffic and   
>>>>>>> force  end user to a specific portal to login?
>>>>>>>
>>>>>>>
>>>>>>>>
>>>>>>>> Hello Scott -
>>>>>>>>
>>>>>>>> What you are describing is just a simple numeric username   
>>>>>>>> which is used as the username when performing RADIUS   
>>>>>>>> authentication.
>>>>>>>>
>>>>>>>> Many organisations use this sort of system for prepaid    
>>>>>>>> internet access - there is nothing special required.
>>>>>>>>
>>>>>>>> regards
>>>>>>>>
>>>>>>>> Hugh
>>>>>>>>
>>>>>>>>
>>>>>>>> On 11 Apr 2008, at 11:44, ScottXiao163 wrote:
>>>>>>>>> Hello team
>>>>>>>>> Does Radiator support PIN code authentication?
>>>>>>>>> Network envirionment is  Airport deporture lounge WIFI    
>>>>>>>>> network. The user need to purchase a voucher which include   
>>>>>>>>> a  PIN code. The user launch IE on laptop,get a portal  
>>>>>>>>> for   authentication. The user need key in the PIN code  
>>>>>>>>> instead  of  username/password, start to surf internet once  
>>>>>>>>> the PIN   authentication successful through  radiator  
>>>>>>>>> Radius server.
>>>>>>>>> Does Radiator can be configured to support this?I have  
>>>>>>>>> read   some documents mentioned digipass,but it's to  
>>>>>>>>> enhance the authentication with two factors PIN, I don't  
>>>>>>>>> think the   customer will make it so complicated in airport  
>>>>>>>>> wifi.
>>>>>>>>>
>>>>>>>>> Thank you !
>>>>>>>>> Best regards
>>>>>>>>> Scott
>>>>>>>>> ----- Original Message ----- From: "ScottXiao163"  
>>>>>>>>> <scottshaw at 163.com>
>>>>>>>>> To: "Hugh Irvine" <hugh at open.com.au>
>>>>>>>>> Cc: <radiator at open.com.au>; "Mike McCauley"  
>>>>>>>>> <mikem at open.com.au>
>>>>>>>>> Sent: Wednesday, April 09, 2008 9:51 PM
>>>>>>>>> Subject: (RADIATOR) any module allows radiator server to   
>>>>>>>>> hijack traffic and force end user to a specific portal to  
>>>>>>>>> login?
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>> Hello team
>>>>>>>>>> Is there any module allows radiator server to hijack   
>>>>>>>>>> traffic and force end user to a specific portal to login?   
>>>>>>>>>> Usually  what we did before is, to let customer buy a   
>>>>>>>>>> access  controller ,and it can do hijack and force all  
>>>>>>>>>> DHCP (or event  static IP address user) users ' web  
>>>>>>>>>> brower  redirect to a web  server's login page.The login  
>>>>>>>>>> will use  radiator's AAA  servcie. But now many AC has  
>>>>>>>>>> their own  builtin AAA service ,  so the custome may not  
>>>>>>>>>> need radiator  at all if we introduce  the AC to customer.  
>>>>>>>>>> that's why I  ask if there is any optional  module can do  
>>>>>>>>>> this. any advice?
>>>>>>>>>>
>>>>>>>>>> Thanks!
>>>>>>>>>> Scott
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> NB:
>>>>>>>>
>>>>>>>> Have you read the reference manual ("doc/ref.html")?
>>>>>>>> Have you searched the mailing list archive (www.open.com.au/  
>>>>>>>> archives/ radiator)?
>>>>>>>> Have you had a quick look on Google (www.google.com)?
>>>>>>>> Have you included a copy of your configuration file (no  
>>>>>>>> secrets),
>>>>>>>> together with a trace 4 debug showing what is happening?
>>>>>>>> Have you checked the RadiusExpert wiki:
>>>>>>>> http://www.open.com.au/wiki/index.php/Main_Page
>>>>>>>>
>>>>>>>> -- 
>>>>>>>> Radiator: the most portable, flexible and configurable  
>>>>>>>> RADIUS server
>>>>>>>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
>>>>>>>> Includes support for reliable RADIUS transport (RadSec),
>>>>>>>> and DIAMETER translation agent.
>>>>>>>> -
>>>>>>>> Nets: internetwork inventory and management - graphical,  
>>>>>>>> extensible,
>>>>>>>> flexible with hardware, software, platform and database  
>>>>>>>> independence.
>>>>>>>> -
>>>>>>>> CATool: Private Certificate Authority for Unix and Unix-like  
>>>>>>>> systems.
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Archive at http://www.open.com.au/archives/radiator/
>>>>>>> Announcements on radiator-announce at open.com.au
>>>>>>> To unsubscribe, email 'majordomo at open.com.au' with
>>>>>>> 'unsubscribe radiator' in the body of the message.
>>>>>>
>>>>>>
>>>>>>
>>>>>> NB:
>>>>>>
>>>>>> Have you read the reference manual ("doc/ref.html")?
>>>>>> Have you searched the mailing list archive (www.open.com.au/  
>>>>>> archives/ radiator)?
>>>>>> Have you had a quick look on Google (www.google.com)?
>>>>>> Have you included a copy of your configuration file (no secrets),
>>>>>> together with a trace 4 debug showing what is happening?
>>>>>> Have you checked the RadiusExpert wiki:
>>>>>> http://www.open.com.au/wiki/index.php/Main_Page
>>>>>>
>>>>>> -- 
>>>>>> Radiator: the most portable, flexible and configurable RADIUS   
>>>>>> server
>>>>>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
>>>>>> Includes support for reliable RADIUS transport (RadSec),
>>>>>> and DIAMETER translation agent.
>>>>>> -
>>>>>> Nets: internetwork inventory and management - graphical,   
>>>>>> extensible,
>>>>>> flexible with hardware, software, platform and database   
>>>>>> independence.
>>>>>> -
>>>>>> CATool: Private Certificate Authority for Unix and Unix-like   
>>>>>> systems.
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Archive at http://www.open.com.au/archives/radiator/
>>>>>> Announcements on radiator-announce at open.com.au
>>>>>> To unsubscribe, email 'majordomo at open.com.au' with
>>>>>> 'unsubscribe radiator' in the body of the message.
>>>>>
>>>>
>>>>
>>>>
>>>> NB:
>>>>
>>>> Have you read the reference manual ("doc/ref.html")?
>>>> Have you searched the mailing list archive (www.open.com.au/  
>>>> archives/ radiator)?
>>>> Have you had a quick look on Google (www.google.com)?
>>>> Have you included a copy of your configuration file (no secrets),
>>>> together with a trace 4 debug showing what is happening?
>>>> Have you checked the RadiusExpert wiki:
>>>> http://www.open.com.au/wiki/index.php/Main_Page
>>>>
>>>> -- 
>>>> Radiator: the most portable, flexible and configurable RADIUS  
>>>> server
>>>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
>>>> Includes support for reliable RADIUS transport (RadSec),
>>>> and DIAMETER translation agent.
>>>> -
>>>> Nets: internetwork inventory and management - graphical,  
>>>> extensible,
>>>> flexible with hardware, software, platform and database  
>>>> independence.
>>>> -
>>>> CATool: Private Certificate Authority for Unix and Unix-like  
>>>> systems.
>>>>
>>>>
>>>> --
>>>> Archive at http://www.open.com.au/archives/radiator/
>>>> Announcements on radiator-announce at open.com.au
>>>> To unsubscribe, email 'majordomo at open.com.au' with
>>>> 'unsubscribe radiator' in the body of the message.
>>>
>>
>>
>>
>> NB:
>>
>> Have you read the reference manual ("doc/ref.html")?
>> Have you searched the mailing list archive (www.open.com.au/ 
>> archives/ radiator)?
>> Have you had a quick look on Google (www.google.com)?
>> Have you included a copy of your configuration file (no secrets),
>> together with a trace 4 debug showing what is happening?
>> Have you checked the RadiusExpert wiki:
>> http://www.open.com.au/wiki/index.php/Main_Page
>>
>> -- 
>> Radiator: the most portable, flexible and configurable RADIUS server
>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
>> Includes support for reliable RADIUS transport (RadSec),
>> and DIAMETER translation agent.
>> -
>> Nets: internetwork inventory and management - graphical, extensible,
>> flexible with hardware, software, platform and database independence.
>> -
>> CATool: Private Certificate Authority for Unix and Unix-like systems.
>>
>>
>> --
>> Archive at http://www.open.com.au/archives/radiator/
>> Announcements on radiator-announce at open.com.au
>> To unsubscribe, email 'majordomo at open.com.au' with
>> 'unsubscribe radiator' in the body of the message.
>
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.



NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/ 
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
Have you checked the RadiusExpert wiki:
http://www.open.com.au/wiki/index.php/Main_Page

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list