No subject
Tue Jun 24 01:16:44 CDT 2008
Gary
--------------------------------------
Ausmail
Our virtual home on the net.
Some time in the future :-)
--------------------------------------
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 10679 invoked by uid 0); 26 Feb 2001 07:29:07 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 26 Feb 2001 07:29:07 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id RAA14664
for radiator-zzlist; Mon, 26 Feb 2001 17:40:42 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id RAA14633
for radiator at open.com.au; Mon, 26 Feb 2001 17:40:33 +1100 (EST)
>Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id RAA07178
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Mon, 26 Feb 2001 17:07:51 +1100 (EST)
Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id RAA07178
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Mon, 26 Feb 2001 17:07:51 +1100 (EST)
Received: from hugo (acc2-ppp39.mel.roaming.connect.com.au [203.63.124.167])
by entoo.connect.com.au (Postfix) with SMTP id 51F86DD342
for <radiator at open.com.au>; Mon, 26 Feb 2001 17:05:41 +1100 (EST)
From: Hugh Irvine <hugh at open.com.au>
Reply-To: hugh at open.com.au
Organization: Open System Consultants
To: radiator at open.com.au
Subject: (RADIATOR) IMPORTANT - sending problem reports to the list
Date: Mon, 26 Feb 2001 17:18:51 +1100
X-Mailer: KMail [version 1.1.99]
MIME-Version: 1.0
Message-Id: <0102261718510B.00913 at hugo>
Content-Transfer-Encoding: 8bit
Content-Type: text/plain;
charset="iso-8859-1"
Sender: owner-radiator at open.com.au
Precedence: bulk
Hello Everyone -
Well, I got home safe and sound this morning after spending the weekend with
Joanne on Bintan Island (playing golf).
If I have missed any emails, could those concerned please repost?
Also, if you are going to post a problem report, please remember that I am
much better able to help with the problem if I receive adequate supporting
documentation.
This means, at a minimum, a copy of your configuration file (no secrets), a
copy of a trace 4 debug from Radiator showing what is happening (NB - please
do not send LARGE attachements, edit them down to size first).
In addition it is also helpful to know what version of Radiator you are
running, and what version of hardware and software you are running it on.
many thanks
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 10689 invoked by uid 0); 26 Feb 2001 07:29:10 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 26 Feb 2001 07:29:10 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id RAA14712
for radiator-zzlist; Mon, 26 Feb 2001 17:41:01 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id RAA14657
for radiator at open.com.au; Mon, 26 Feb 2001 17:40:38 +1100 (EST)
>Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id RAA07137
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Mon, 26 Feb 2001 17:07:26 +1100 (EST)
Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id RAA07137
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Mon, 26 Feb 2001 17:07:26 +1100 (EST)
Received: from hugo (acc2-ppp39.mel.roaming.connect.com.au [203.63.124.167])
by entoo.connect.com.au (Postfix) with SMTP
id 247CBDD342; Mon, 26 Feb 2001 17:05:30 +1100 (EST)
From: Hugh Irvine <hugh at open.com.au>
Reply-To: hugh at open.com.au
Organization: Open System Consultants
To: "Tim McCullagh" <timbo at halenet.com.au>, <radiator at open.com.au>
Subject: Re: (RADIATOR) radacct.cgi and customer usage
Date: Mon, 26 Feb 2001 16:56:38 +1100
X-Mailer: KMail [version 1.1.99]
References: <056401c09e5b$096c9f20$6500a8c0 at halenet.com.au>
In-Reply-To: <056401c09e5b$096c9f20$6500a8c0 at halenet.com.au>
MIME-Version: 1.0
Message-Id: <01022616563804.00913 at hugo>
Content-Transfer-Encoding: 8bit
Content-Type: text/plain;
charset="iso-8859-1"
Sender: owner-radiator at open.com.au
Precedence: bulk
Hello Tim -
On Saturday 24 February 2001 23:12, Tim McCullagh wrote:
> Hi Hugh,
>
> Can you tell me which apache pam / radius module I need to install to
> authenticate customers so that they can use radacct.cgi to get their own
> usage stats only. Mike mentions a pam radius module in the radacct.cgi
>
> I found 1 email in the mail archives where the following link was given
> http://pam.sourceforge.net/mod_auth_pam/
> Can you help with some example or link that may show how to configure this
> to authenticate the user using my radius database
>
> is this the correct module or should it be this one
>
> http://www.wede.de/sw/mod_auth_radius/
>
http://www.cpan.org/modules/by-module/Apache/Apache-AuthenRadius-0.3.tar.gz
hth
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 10688 invoked by uid 0); 26 Feb 2001 07:29:09 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 26 Feb 2001 07:29:09 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id RAA14732
for radiator-zzlist; Mon, 26 Feb 2001 17:41:09 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id RAA14673
for radiator at open.com.au; Mon, 26 Feb 2001 17:40:43 +1100 (EST)
>Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id RAA07157
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Mon, 26 Feb 2001 17:07:33 +1100 (EST)
Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id RAA07157
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Mon, 26 Feb 2001 17:07:33 +1100 (EST)
Received: from hugo (acc2-ppp39.mel.roaming.connect.com.au [203.63.124.167])
by entoo.connect.com.au (Postfix) with SMTP
id 4FB3CDD705; Mon, 26 Feb 2001 17:05:36 +1100 (EST)
From: Hugh Irvine <hugh at open.com.au>
Reply-To: hugh at open.com.au
Organization: Open System Consultants
To: "Gordon Smith" <gordons at morenet.net.nz>, "Radiator" <radiator at open.com.au>
Subject: Re: (RADIATOR) multiple POPs
Date: Mon, 26 Feb 2001 17:06:09 +1100
X-Mailer: KMail [version 1.1.99]
References: <NEBBIDMIPIGIIIEBCNIAAEIKCFAA.gordons at morenet.net.nz>
In-Reply-To: <NEBBIDMIPIGIIIEBCNIAAEIKCFAA.gordons at morenet.net.nz>
MIME-Version: 1.0
Message-Id: <01022617060908.00913 at hugo>
Content-Transfer-Encoding: 8bit
Content-Type: text/plain;
charset="iso-8859-1"
Sender: owner-radiator at open.com.au
Precedence: bulk
Hello Gordon -
I think the simplest thing to do is use the new proxy load balancing in
Radiator 2.18 (in alpha now if you would like to do some testing). In
addition you would use the proxy caching to continue authenticating if you
have a database problem and/or the latest AuthBy SQL feature that lets you
write to a flat file if the database is unavailable.
hth
Hugh
On Monday 26 February 2001 13:34, Gordon Smith wrote:
> I agree. I'm wondering if you could recommend a setup that would allow the
> radius servers to handle authentication whether the Plat server is there or
> not. I was thinking of using perl scripts to update both databases so that
> they would stay in sync (I just don't trust MS SQL... )
> I've got the radius backend in PostgreSQL. I see that Platypus will ftp a
> flat file off, but I'm just not familiar enough with the SQL side of things
> to work out the best way to sync database to database. Multiple accounting
> clauses and a cron job for user updates, maybe?
>
> Cheers,
> Gordon
>
>
> -----Original Message-----
> From: owner-radiator at open.com.au [mailto:owner-radiator at open.com.au]On
> Behalf Of Hugh Irvine
> Sent: Tuesday, 20 February 2001 13:35
> To: gordons at morenet.net.nz; radiator at open.com.au
> Subject: RE: (RADIATOR) multiple POPs
>
>
>
> Hello Gordon -
>
> At 9:59 +1300 01/2/20, Gordon Smith wrote:
> >We're currently setting up Platypus as well.
> >
> >One radius server can talk to as many NAS's as you like - just set then up
> >to auth to the same server.
> >I'm looking at keeping the Radiator server separate from Platypus and
> > using perl scripts to update the radius database, and sending accounting
> > info
>
> back
>
> >from radius to Platypus. The idea is not to load one server up
> > excessively, which could interfere with authentication.
>
> In general terms, you should always have at least two Radiator hosts
> and configure your NAS(s) to use one as the primary radius host and
> the other as the secondary radius host. This is for redundancy in the
> face of one of your Radiator hosts going down. Of course, both
> Radiator hosts can connect to the same backend SQL/Platypus host,
> which I agree should be on a seperate machine (preferably with
> hot-swap RAID disks).
>
> hth
>
> Hugh
> --
>
> NB: I am travelling this week, so there may be delays in our
> correspondence.
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
> Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
>
> ===
> Archive at http://www.starport.net/~radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>
> ===
> Archive at http://www.starport.net/~radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 10703 invoked by uid 0); 26 Feb 2001 07:29:21 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 26 Feb 2001 07:29:21 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id RAA14693
for radiator-zzlist; Mon, 26 Feb 2001 17:40:51 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id RAA14649
for radiator at open.com.au; Mon, 26 Feb 2001 17:40:36 +1100 (EST)
>Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id RAA07143
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Mon, 26 Feb 2001 17:07:28 +1100 (EST)
Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id RAA07143
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Mon, 26 Feb 2001 17:07:28 +1100 (EST)
Received: from hugo (acc2-ppp39.mel.roaming.connect.com.au [203.63.124.167])
by entoo.connect.com.au (Postfix) with SMTP
id BF03ADD353; Mon, 26 Feb 2001 17:05:31 +1100 (EST)
From: Hugh Irvine <hugh at open.com.au>
Reply-To: hugh at open.com.au
Organization: Open System Consultants
To: "Mohammed AbdusSami" <abdussami at gulfnetksa.com>
Subject: Re: (RADIATOR) Re:
Date: Mon, 26 Feb 2001 16:58:23 +1100
X-Mailer: KMail [version 1.1.99]
Cc: <radiator at open.com.au>
References: <NEBBJOPJMLBGFKDGNJABAEOMCOAA.abdussami at gulfnetksa.com>
In-Reply-To: <NEBBJOPJMLBGFKDGNJABAEOMCOAA.abdussami at gulfnetksa.com>
MIME-Version: 1.0
Message-Id: <01022616582305.00913 at hugo>
Content-Transfer-Encoding: 8bit
Content-Type: text/plain;
charset="iso-8859-1"
Sender: owner-radiator at open.com.au
Precedence: bulk
Hello AbdusSami -
On Sunday 25 February 2001 01:23, Mohammed AbdusSami wrote:
> Dear Hugh,
>
> As you suggested I had made changes to Authby clauses. From dos prompt when
> I test by radpwtst it is successfully accepting the password. But by Dialup
> it is saying password is not correct.
>
> Please suggest me asap to solve this problem..
>
I am much better able to help you if you send me a copy of your configuration
file (no secrets) together with a trace 4 debug from Radiator showing the
problem.
thanks
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 10711 invoked by uid 0); 26 Feb 2001 07:29:35 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 26 Feb 2001 07:29:35 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id RAA14735
for radiator-zzlist; Mon, 26 Feb 2001 17:41:09 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id RAA14682
for radiator at open.com.au; Mon, 26 Feb 2001 17:40:45 +1100 (EST)
>Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id RAA07160
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Mon, 26 Feb 2001 17:07:38 +1100 (EST)
Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id RAA07160
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Mon, 26 Feb 2001 17:07:38 +1100 (EST)
Received: from hugo (acc2-ppp39.mel.roaming.connect.com.au [203.63.124.167])
by entoo.connect.com.au (Postfix) with SMTP
id 480DADD51A; Mon, 26 Feb 2001 17:05:38 +1100 (EST)
From: Hugh Irvine <hugh at open.com.au>
Reply-To: hugh at open.com.au
Organization: Open System Consultants
To: "Jamie Orzechowski" <mhz at ripnet.com>, <radiator at open.com.au>
Subject: Re: (RADIATOR) Strange!
Date: Mon, 26 Feb 2001 17:07:22 +1100
X-Mailer: KMail [version 1.1.99]
References: <DDEMKFEAMJLMFHAJLMDJOEOICDAA.derek.chen at peakhour.com.au> <000f01c09f91$bef9f360$6401a8c0 at MegaH>
In-Reply-To: <000f01c09f91$bef9f360$6401a8c0 at MegaH>
MIME-Version: 1.0
Message-Id: <01022617072209.00913 at hugo>
Content-Transfer-Encoding: 8bit
Content-Type: text/plain;
charset="iso-8859-1"
Sender: owner-radiator at open.com.au
Precedence: bulk
Hello Jamie -
On Monday 26 February 2001 12:16, Jamie Orzechowski wrote:
> > Hello ... I have 2 servers running radiator ... when both are doing
> authentication they will BOTH crash at the same time and I will get a page
> from restartWrapper saying it has restarted the service on one machine then
> seconds later on the seconds server ... if I make the second server only do
> Accounting then I get pages mails from restartwrapper saying it restarted
> the first server ...
>
> I get about 10 crashes per day! ... Running SuSE Linux 7.0 + 2.2.17 (2.4.2
> on the second box) and 1GB RAM ... any ideas why it crashes so much? and
> why both crash at the same time on 2 different servers when running
> authentication ... ?
It is impossible to say without seeing a copy of your configuration file (no
secrets) together with a trace 4 debug showing the problem.
thanks
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 10719 invoked by uid 0); 26 Feb 2001 07:29:43 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 26 Feb 2001 07:29:43 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id RAA14724
for radiator-zzlist; Mon, 26 Feb 2001 17:41:04 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id RAA14666
for radiator at open.com.au; Mon, 26 Feb 2001 17:40:41 +1100 (EST)
>Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id RAA07148
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Mon, 26 Feb 2001 17:07:31 +1100 (EST)
Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id RAA07148
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Mon, 26 Feb 2001 17:07:31 +1100 (EST)
Received: from hugo (acc2-ppp39.mel.roaming.connect.com.au [203.63.124.167])
by entoo.connect.com.au (Postfix) with SMTP
id A1AC4DDAAE; Mon, 26 Feb 2001 17:05:34 +1100 (EST)
From: Hugh Irvine <hugh at open.com.au>
Reply-To: hugh at open.com.au
Organization: Open System Consultants
To: Marc Langer <radiator at marclanger.de>, radiator at open.com.au
Subject: Re: (RADIATOR) Memory Leak
Date: Mon, 26 Feb 2001 17:01:10 +1100
X-Mailer: KMail [version 1.1.99]
References: <20010225031128.A13301 at marclanger.de>
In-Reply-To: <20010225031128.A13301 at marclanger.de>
MIME-Version: 1.0
Message-Id: <01022617011007.00913 at hugo>
Content-Transfer-Encoding: 8bit
Content-Type: text/plain;
charset="us-ascii"
Sender: owner-radiator at open.com.au
Precedence: bulk
Hello Marc -
On Sunday 25 February 2001 13:11, Marc Langer wrote:
> I have read the FAQ, but it does not help:
>
> The radiator process is always growing, after a day it is taking 20 MB,
> still growing. A few days later the whole memory (Sun Ultra 5, 512 MB
> RAM, Solaris 2.6) is exhausted, "df -k" shows 0 bytes for /tmp partition
> and processes begin to crash.
>
> Versions in use:
>
> Radiator 2.17.1
> Net-LDAPapi 1.42
> Perl 5.005_03
>
> I tried Perl 5.6 but Net-LDAPapi does not compile with newer Perl versions.
> (Why don't you use Perl-LDAP, Net-LDAPapi is deprecated as I read),
> and Net-LDAPapi 1.43 causes Radiator to crash everytime a user connects!
>
> Config file:
>
> LogDir /var/log/radius
> Trace 6
> DbDir /etc/radiator
>
> <Client DEFAULT>
> Secret xxxxx
> </Client>
>
> <Realm surf2000>
> RewriteUsername s/^([^@]+).*/$1/
> <AuthBy LDAP>
> Host xxxxx
> BaseDN ou=xxxxx, o=xxxxx
> PasswordAttr userpassword
> ReplyAttr multiLineDescription
> </AuthBy>
> AuthByPolicy ContinueWhileReject
> <AuthBy FILE>
> # The filename defaults to %D/users
> </AuthBy>
> </Realm>
>
> The log file does not show any information concerning this problem,
> neither it does when crashing with Net-LDAPapi 1.43.
>
> If you need more information, please do not hesitate to contact me.
>
You should really be using AuthBy LDAP2 with the perl-ldap module.
regards
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 10925 invoked by uid 0); 26 Feb 2001 10:13:26 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 26 Feb 2001 10:13:26 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id UAA15222
for radiator-zzlist; Mon, 26 Feb 2001 20:40:24 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id UAA15201
for radiator at open.com.au; Mon, 26 Feb 2001 20:40:15 +1100 (EST)
>Received: from tsknet.org (king.tsknet.org [203.149.50.5]) by perki.connect.com.au with ESMTP id UAA16817
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Mon, 26 Feb 2001 20:16:06 +1100 (EST)
Received: from tsknet.org (king.tsknet.org [203.149.50.5]) by perki.connect.com.au with ESMTP id UAA16817
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Mon, 26 Feb 2001 20:16:06 +1100 (EST)
Received: from intersol.co.th (server1.intersol.co.th [203.149.50.50])
by tsknet.org (8.9.3/8.9.1) with ESMTP id QAA12468;
Mon, 26 Feb 2001 16:15:53 +0700
Received: from localhost (yodpong at localhost)
by intersol.co.th (8.9.3/8.9.1) with ESMTP id QAA16964;
Mon, 26 Feb 2001 16:15:52 +0700
Date: Mon, 26 Feb 2001 16:15:51 +0700 (ICT)
From: Yodpong Jariyawittayawat <yodpong at server1.intersol.co.th>
To: Gary <gary at ausmail.com>
cc: "radiator at open.com.au" <radiator at open.com.au>
Subject: Re: (RADIATOR) Any Interbase users ?
In-Reply-To: <200102260419.f1Q4JwJ27219 at macha.cairns.net.au>
Message-ID: <Pine.LNX.4.20.0102261612001.16251-100000 at server1.intersol.co.th>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-radiator at open.com.au
Precedence: bulk
hi,
Now,I'm using Interbase v5.6 with radiator
I will migrate to v6 (opensource) soon.
have fun,
Yodpong Jariyawitayawat
yodpong at intersol.co.th
On Mon, 26 Feb 2001, Gary wrote:
> Hi folks,
>
> just wondering whether anyone has used interbase (v6 -> opensource now)
> with radiator.
>
> >From reports it much better than Mysql ?
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 10933 invoked by uid 0); 26 Feb 2001 10:13:30 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 26 Feb 2001 10:13:30 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id UAA15237
for radiator-zzlist; Mon, 26 Feb 2001 20:41:13 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id UAA15232
for radiator at open.com.au; Mon, 26 Feb 2001 20:41:08 +1100 (EST)
From: "Mike McCauley" <mikem at open.com.au>
Message-Id: <1010226204107.ZM15230 at oscar.open.com.au>
Date: Mon, 26 Feb 2001 20:41:07 -0500
X-Mailer: Z-Mail (4.0.1 13Jan97)
To: radiator at open.com.au
Subject: (RADIATOR) Expiration through shadow file
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-radiator at open.com.au
Precedence: bulk
--- Forwarded mail from owner-radiator at open.com.au
Date: Mon, 26 Feb 2001 20:10:20 +1100 (EST)
From: owner-radiator at open.com.au
To: owner-radiator at open.com.au
Subject: BOUNCE radiator at open.com.au: Non-member submission from [Richard
Lennerts <richard at staff.vianet.net.au>]
>From mikem Mon Feb 26 20:10:16 2001
Received: by oscar.open.com.au (8.9.0/8.9.0) id UAA15169
for radiator at open.com.au; Mon, 26 Feb 2001 20:10:16 +1100 (EST)
>Received: from freddie.vianet.net.au ([202.165.70.4]) by perki.connect.com.au
with ESMTP id TAA15776
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Mon, 26 Feb 2001 19:58:08 +1100
(EST)
Received: from freddie.vianet.net.au ([202.165.70.4]) by perki.connect.com.au
with ESMTP id TAA15776
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Mon, 26 Feb 2001 19:58:08 +1100
(EST)
Received: from hutch.vianet.net.au (hutch.vianet.net.au [203.13.35.19])
by freddie.vianet.net.au (8.9.3/8.9.2) with ESMTP id QAA29516
for <radiator at open.com.au>; Mon, 26 Feb 2001 16:58:12 +0800
Received: by HUTCH with Internet Mail Service (5.5.2650.21)
id <D736NWWR>; Mon, 26 Feb 2001 16:56:38 +0800
Message-ID: <CB6F93EBDD83D41195BE0000E8D5B4ED164D43 at HUTCH>
From: Richard Lennerts <richard at staff.vianet.net.au>
To: "'radiator at open.com.au'" <radiator at open.com.au>
Subject: Expiration through shadow file
Date: Mon, 26 Feb 2001 16:56:28 +0800
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2650.21)
Content-Type: text/plain;
charset="iso-8859-1"
Hi,
Just wondering whether anyone has successfully managed to get Radiator using
the shadow file's account expiry field as the Expiration check item for
Radiator?
Regards,
Richard Lennerts
---End of forwarded mail from owner-radiator at open.com.au
--
Mike McCauley mikem at open.com.au
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc
on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 10941 invoked by uid 0); 26 Feb 2001 10:13:33 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 26 Feb 2001 10:13:33 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id UAA15223
for radiator-zzlist; Mon, 26 Feb 2001 20:40:26 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id UAA15209
for radiator at open.com.au; Mon, 26 Feb 2001 20:40:16 +1100 (EST)
>Received: from joe.halenet.com.au (joe.halenet.com.au [203.37.141.114]) by perki.connect.com.au with ESMTP id UAA17070
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Mon, 26 Feb 2001 20:23:27 +1100 (EST)
Received: from joe.halenet.com.au (joe.halenet.com.au [203.37.141.114]) by perki.connect.com.au with ESMTP id UAA17070
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Mon, 26 Feb 2001 20:23:27 +1100 (EST)
Received: from temp19 (modem-105-st.halenet.com.au [203.55.33.105])
by joe.halenet.com.au (8.9.1/8.9.1) with SMTP id TAA15220
for <radiator at open.com.au>; Mon, 26 Feb 2001 19:22:33 +1000 (EST)
(envelope-from timbo at halenet.com.au)
Message-ID: <009401c09fd6$1f573300$6500a8c0 at halenet.com.au>
From: "Tim McCullagh" <timbo at halenet.com.au>
To: <radiator at open.com.au>
Subject: (RADIATOR) radacct.cgi and customer usage
Date: Mon, 26 Feb 2001 19:25:54 +1000
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4133.2400
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
Content-Type: text/plain;
charset="iso-8859-1"
Sender: owner-radiator at open.com.au
Precedence: bulk
Hi Hugh,
Can you tell me which apache pam / radius module I need to install to
authenticate customers so that they can use radacct.cgi to get their own
usage stats only. Mike mentions a pam radius module in the radacct.cgi
I found 1 email in the mail archives where the following link was given
http://pam.sourceforge.net/mod_auth_pam/
Can you help with some example or link that may show how to configure this
to authenticate the user using my radius database
is this the correct module or should it be this one
http://www.wede.de/sw/mod_auth_radius/
Also is it correct that I shouldn't use the same radius for both NAS and web
authentication as the mod_auth perl states
<quote in mod_auth_radius module>
Everyone wants strong authentication over the web. For us, this means
RADIUS.
Using static passwords & RADIUS authentication over the web is a BAD
IDEA. Everyone can sniff the passwords, as they're sent over the net
in the clear. RADIUS web authentication is a REALLY BAD IDEA if you
use the same RADIUS server for web and NAS (dial-up) or firewall
users. Then ANYONE can pretend to be you, and break through your
firewall with minimal effort.
PLEASE use a different RADIUS server for web authentication and
dial-up or firewall users! If you must use the same server, go for
one-time passwords. They're ever so much more secure.
Also, do NOT have your RADIUS server visible to the external world.
Doing so makes all kinds of attacks possible.
<end quote>
Thanks and regards
Tim
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 11442 invoked by uid 0); 26 Feb 2001 18:00:46 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 26 Feb 2001 18:00:46 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id EAA15877
for radiator-zzlist; Tue, 27 Feb 2001 04:10:18 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id EAA15872;
Tue, 27 Feb 2001 04:10:14 +1100 (EST)
>Received: from host2.linkserve.com.ng ([195.166.232.2]) by perki.connect.com.au with ESMTP id DAA06613
(8.8.8/IDA-1.7); Tue, 27 Feb 2001 03:40:13 +1100 (EST)
Received: from host2.linkserve.com.ng ([195.166.232.2]) by perki.connect.com.au with ESMTP id DAA06613
(8.8.8/IDA-1.7); Tue, 27 Feb 2001 03:40:13 +1100 (EST)
Received: from ttt ([195.166.225.12])
by host2.linkserve.com.ng (8.9.3/8.9.3) with SMTP id RAA17237;
Mon, 26 Feb 2001 17:42:55 +0100
Message-ID: <02fd01c0a00f$35f0c8e0$0ce1a6c3 at linkserve.net>
From: "'Tunde Ogedengbe" <tunde at linkserve.net>
To: <radiator at open.com.au>, "Hugh Irvine" <hugh at open.com.au>
References: <200102131754.AA37486996 at localmail.com> <a04320426b6af80b20e66@[202.151.212.17]>
Subject: (RADIATOR) Optigold Billing System
Date: Mon, 26 Feb 2001 17:14:35 +0100
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.00.2919.6600
Disposition-Notification-To: "'Tunde Ogedengbe" <tunde at linkserve.net>
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600
Content-Type: text/plain;
charset="iso-8859-1"
Sender: owner-radiator at open.com.au
Precedence: bulk
We are evaluating Optigold Billing software. Does Radiator integrate with
Optigold?
'Tunde Ogedengbe
Linkserve Limited
22 Akin Adesola Street
Victoria Island
Lagos - Nigeria
Tel: +234 1 2623900
Fax: +234 1 2623906
URL: http://www.linkserve.net
----- Original Message -----
From: "Hugh Irvine" <hugh at open.com.au>
To: <radiator1 at localmail.com>; <radiator at open.com.au>
Sent: Wednesday, February 14, 2001 1:26 AM
Subject: Re: (RADIATOR) Cisco AS5300 VoIP / Radiator
>
> Hello Jeremy -
>
> At 17:54 -0500 01/2/13, List Account wrote:
> >Hi,
> >
> > We're trying to setup Radiator to work with our Cisco AS5300 to
> >do Voice over IP. We have things (basically) working, it will
> >authenticate off of caller ID, etc. But, there are a few extras
> >we'd like to do and need some advice on.
> >
> > First, has anyone used Simultaneous-Use with the AS5300 using
> >account numbers and PINs? For example, Joe User dials in, enters an
> >account number, a PIN, and makes a call. Let's say his wife picks
> >up the phone at some other location, dials in, and enters the same
> >account number and PIN. It shouldn't let her use it if he's already
> >on. One interesting thing to note is that the AS5300 seems to be
> >sending a null User-Name ("") when they use account/PIN.
> >
> > Second, whenever multiple users are dialed into the unit, only
> >one user is showing up in the online user database. I have the
> >radwho.cgi setup to work with it, and it only shows one entry in the
> >database. We are just using a standard DBM database file for now,
> >until we get things working, at which point we'll migrate it to
> >something better.
> >
> > If anyone has any ideas that may help, it would be appreciated.
> >Thanks. :)
> >
>
> If you use a <SessionDatabase SQL>, you can provide your own queries
> to tailor the simultaneous use behaviour to your own requirements.
>
> regards
>
> Hugh
>
> --
>
> NB: I am travelling this week, so there may be delays in our
correspondence.
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
> Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
>
> ===
> Archive at http://www.starport.net/~radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 11885 invoked by uid 0); 26 Feb 2001 22:48:37 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 26 Feb 2001 22:48:37 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id JAA16223
for radiator-zzlist; Tue, 27 Feb 2001 09:10:28 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id JAA16211
for radiator at open.com.au; Tue, 27 Feb 2001 09:10:22 +1100 (EST)
>Received: from neo.innovation.kpn.com ([194.151.52.2]) by perki.connect.com.au with ESMTP id IAA19845
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Tue, 27 Feb 2001 08:51:23 +1100 (EST)
Received: from neo.innovation.kpn.com ([194.151.52.2]) by perki.connect.com.au with ESMTP id IAA19845
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Tue, 27 Feb 2001 08:51:23 +1100 (EST)
Received: from Michael (test-lan.innovation.kpn.com [194.151.52.5])
by neo.innovation.kpn.com (8.9.3/8.9.3) with SMTP id WAA15443
for <radiator at open.com.au>; Mon, 26 Feb 2001 22:51:21 +0100
Message-ID: <002801c0b31a$0a081f80$8150110a at mshome.net>
From: "Michael Chen" <michael at innovation.kpn.com>
To: <radiator at open.com.au>
Subject: (RADIATOR) %{Reply:Framed-IP-Address}
Date: Thu, 22 Mar 2001 22:49:58 +0100
MIME-Version: 1.0
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4133.2400
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0025_01C0B322.6B928BC0"
Sender: owner-radiator at open.com.au
Precedence: bulk
This is a multi-part message in MIME format.
------=_NextPart_000_0025_01C0B322.6B928BC0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Hi,
I need to put a dynamic Framed-IP-Address (from the users file) minus 1 =
into the radius.cfg.
Is that possible ? .... and How ?
Example:=20
users file Framed-IP-Address =3D 10.17.10.1
radius.cfg %{Reply:Framed-IP-Adddress} (how to get =
10.17.10.0 instead of 10.17.10.1)
Thanks in advance,
Michael chen
KPN Telecom
------=_NextPart_000_0025_01C0B322.6B928BC0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 5.50.4134.600" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>Hi,</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>I need to put a dynamic =
Framed-IP-Address (from the=20
users file) minus 1 into the radius.cfg.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>Is that possible ? .... and How =
?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Example: </FONT></DIV>
<DIV><FONT face=3DArial size=3D2>users file =
Framed-IP-Address =3D=20
10.17.10.1</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>radius.cfg =20
%{Reply:Framed-IP-Adddress} &nbs=
p; =20
(how to get 10.17.10.0 instead of 10.17.10.1)</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Thanks in advance,</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>Michael chen</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>KPN Telecom</FONT></DIV></BODY></HTML>
------=_NextPart_000_0025_01C0B322.6B928BC0--
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 13255 invoked by uid 0); 27 Feb 2001 04:19:35 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 27 Feb 2001 04:19:35 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id OAA17353
for radiator-zzlist; Tue, 27 Feb 2001 14:41:19 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id OAA17316
for radiator at open.com.au; Tue, 27 Feb 2001 14:41:02 +1100 (EST)
>Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id OAA08531
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Tue, 27 Feb 2001 14:11:48 +1100 (EST)
Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id OAA08531
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Tue, 27 Feb 2001 14:11:48 +1100 (EST)
Received: from hugo (acc2-ppp46.mel.roaming.connect.com.au [203.63.124.174])
by entoo.connect.com.au (Postfix) with SMTP
id D54EBDD540; Tue, 27 Feb 2001 14:09:46 +1100 (EST)
From: Hugh Irvine <hugh at open.com.au>
Reply-To: hugh at open.com.au
Organization: Open System Consultants
To: Richard Lennerts <richard at staff.vianet.net.au>, radiator at open.com.au
Subject: Re: (RADIATOR) Expiration through shadow file
Date: Tue, 27 Feb 2001 14:13:29 +1100
X-Mailer: KMail [version 1.1.99]
References: <1010226204107.ZM15230 at oscar.open.com.au>
In-Reply-To: <1010226204107.ZM15230 at oscar.open.com.au>
MIME-Version: 1.0
Message-Id: <0102271413290K.00913 at hugo>
Content-Transfer-Encoding: 8bit
Content-Type: text/plain;
charset="us-ascii"
Sender: owner-radiator at open.com.au
Precedence: bulk
Hello Richard -
>
> Just wondering whether anyone has successfully managed to get Radiator
> using the shadow file's account expiry field as the Expiration check item
> for Radiator?
>
The Expiration check item works with an explicit date as a check item.
Have a look at section 13.1.4 in the Radiator 2.17.1 reference manual.
regards
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 13264 invoked by uid 0); 27 Feb 2001 04:19:40 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 27 Feb 2001 04:19:40 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id OAA17329
for radiator-zzlist; Tue, 27 Feb 2001 14:41:07 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id OAA17267;
Tue, 27 Feb 2001 14:40:45 +1100 (EST)
>Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id OAA08495
(8.8.8/IDA-1.7); Tue, 27 Feb 2001 14:11:40 +1100 (EST)
Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id OAA08495
(8.8.8/IDA-1.7); Tue, 27 Feb 2001 14:11:40 +1100 (EST)
Received: from hugo (acc2-ppp46.mel.roaming.connect.com.au [203.63.124.174])
by entoo.connect.com.au (Postfix) with SMTP
id A63C5DD518; Tue, 27 Feb 2001 14:09:42 +1100 (EST)
From: Hugh Irvine <hugh at open.com.au>
Reply-To: hugh at open.com.au
Organization: Open System Consultants
To: "'Tunde Ogedengbe" <tunde at linkserve.net>, <radiator at open.com.au>
Subject: (RADIATOR) Re: Optigold Billing System
Date: Tue, 27 Feb 2001 14:05:05 +1100
X-Mailer: KMail [version 1.1.99]
References: <200102131754.AA37486996 at localmail.com> <a04320426b6af80b20e66@[202.151.212.17]> <02fd01c0a00f$35f0c8e0$0ce1a6c3 at linkserve.net>
In-Reply-To: <02fd01c0a00f$35f0c8e0$0ce1a6c3 at linkserve.net>
Cc: chima at linkserve.net, joanne at open.com.au
MIME-Version: 1.0
Message-Id: <0102271405050I.00913 at hugo>
Content-Transfer-Encoding: 8bit
Content-Type: text/plain;
charset="iso-8859-1"
Sender: owner-radiator at open.com.au
Precedence: bulk
Hello 'Tunde -
Radiator does not integrate directly with Optigold at this time, however with
the use of MacRADIUS, you can proxy from Radiator to Optigold very easily.
We have tried to contact Optigold several times to integrate Radiator
directly, however we have never had a response from them.
regards
Hugh
On Tuesday 27 February 2001 03:14, 'Tunde Ogedengbe wrote:
> We are evaluating Optigold Billing software. Does Radiator integrate with
> Optigold?
>
> 'Tunde Ogedengbe
> Linkserve Limited
> 22 Akin Adesola Street
> Victoria Island
> Lagos - Nigeria
> Tel: +234 1 2623900
> Fax: +234 1 2623906
> URL: http://www.linkserve.net
> ----- Original Message -----
> From: "Hugh Irvine" <hugh at open.com.au>
> To: <radiator1 at localmail.com>; <radiator at open.com.au>
> Sent: Wednesday, February 14, 2001 1:26 AM
> Subject: Re: (RADIATOR) Cisco AS5300 VoIP / Radiator
>
> > Hello Jeremy -
> >
> > At 17:54 -0500 01/2/13, List Account wrote:
> > >Hi,
> > >
> > > We're trying to setup Radiator to work with our Cisco AS5300 to
> > >do Voice over IP. We have things (basically) working, it will
> > >authenticate off of caller ID, etc. But, there are a few extras
> > >we'd like to do and need some advice on.
> > >
> > > First, has anyone used Simultaneous-Use with the AS5300 using
> > >account numbers and PINs? For example, Joe User dials in, enters an
> > >account number, a PIN, and makes a call. Let's say his wife picks
> > >up the phone at some other location, dials in, and enters the same
> > >account number and PIN. It shouldn't let her use it if he's already
> > >on. One interesting thing to note is that the AS5300 seems to be
> > >sending a null User-Name ("") when they use account/PIN.
> > >
> > > Second, whenever multiple users are dialed into the unit, only
> > >one user is showing up in the online user database. I have the
> > >radwho.cgi setup to work with it, and it only shows one entry in the
> > >database. We are just using a standard DBM database file for now,
> > >until we get things working, at which point we'll migrate it to
> > >something better.
> > >
> > > If anyone has any ideas that may help, it would be appreciated.
> > >Thanks. :)
> >
> > If you use a <SessionDatabase SQL>, you can provide your own queries
> > to tailor the simultaneous use behaviour to your own requirements.
> >
> > regards
> >
> > Hugh
> >
> > --
> >
> > NB: I am travelling this week, so there may be delays in our
>
> correspondence.
>
> > Radiator: the most portable, flexible and configurable RADIUS server
> > anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> > Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
> > Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
> >
> > ===
> > Archive at http://www.starport.net/~radiator/
> > Announcements on radiator-announce at open.com.au
> > To unsubscribe, email 'majordomo at open.com.au' with
> > 'unsubscribe radiator' in the body of the message.
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 13265 invoked by uid 0); 27 Feb 2001 04:19:40 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 27 Feb 2001 04:19:40 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id OAA17318
for radiator-zzlist; Tue, 27 Feb 2001 14:41:03 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id OAA17253
for radiator at open.com.au; Tue, 27 Feb 2001 14:40:41 +1100 (EST)
>Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id OAA08441
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Tue, 27 Feb 2001 14:11:32 +1100 (EST)
Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id OAA08441
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Tue, 27 Feb 2001 14:11:32 +1100 (EST)
Received: from hugo (acc2-ppp46.mel.roaming.connect.com.au [203.63.124.174])
by entoo.connect.com.au (Postfix) with SMTP
id 01E6BDD2EE; Tue, 27 Feb 2001 14:09:35 +1100 (EST)
From: Hugh Irvine <hugh at open.com.au>
Reply-To: hugh at open.com.au
Organization: Open System Consultants
To: "Michael Chen" <michael at innovation.kpn.com>, <radiator at open.com.au>
Subject: Re: (RADIATOR) %{Reply:Framed-IP-Address}
Date: Tue, 27 Feb 2001 13:36:46 +1100
X-Mailer: KMail [version 1.1.99]
References: <002801c0b31a$0a081f80$8150110a at mshome.net>
In-Reply-To: <002801c0b31a$0a081f80$8150110a at mshome.net>
MIME-Version: 1.0
Message-Id: <0102271336460E.00913 at hugo>
Content-Transfer-Encoding: 8bit
Content-Type: text/plain;
charset="iso-8859-1"
Sender: owner-radiator at open.com.au
Precedence: bulk
Hello Michael -
You will have to do this in a PostAuthHook.
hth
Hugh
On Friday 23 March 2001 08:49, Michael Chen wrote:
> > Hi,
>
> I need to put a dynamic Framed-IP-Address (from the users file) minus 1
> into the radius.cfg. Is that possible ? .... and How ?
>
> Example:
> users file Framed-IP-Address = 10.17.10.1
> radius.cfg %{Reply:Framed-IP-Adddress} (how to get
> 10.17.10.0 instead of 10.17.10.1)
>
> Thanks in advance,
> Michael chen
> KPN Telecom
----------------------------------------
Content-Type: text/html; charset="iso-8859-1"; name="Attachment: 1"
Content-Transfer-Encoding: quoted-printable
Content-Description:
----------------------------------------
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 13273 invoked by uid 0); 27 Feb 2001 04:19:42 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 27 Feb 2001 04:19:42 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id OAA17278
for radiator-zzlist; Tue, 27 Feb 2001 14:40:50 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id OAA17237
for radiator at open.com.au; Tue, 27 Feb 2001 14:40:38 +1100 (EST)
>Received: from dns2.corp.netpci.com (dns2.corp.netpci.com [202.128.70.2]) by perki.connect.com.au with ESMTP id OAA08415
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Tue, 27 Feb 2001 14:11:16 +1100 (EST)
Received: from dns2.corp.netpci.com (dns2.corp.netpci.com [202.128.70.2]) by perki.connect.com.au with ESMTP id OAA08415
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Tue, 27 Feb 2001 14:11:16 +1100 (EST)
Received: from corp.netpci.com (jdelmundo.corp.netpci.com [202.128.70.43])
by dns2.corp.netpci.com (8.8.8/8.8.8) with ESMTP id NAA26150
for <radiator at open.com.au>; Tue, 27 Feb 2001 13:10:10 +1000 (GST)
Message-ID: <3A9B1AAF.8A8A0C8F at corp.netpci.com>
Date: Tue, 27 Feb 2001 13:10:39 +1000
From: Janet N del Mundo <jdelmundo at corp.netpci.com>
Organization: Startec Global Communications
X-Mailer: Mozilla 4.72 [en] (Win98; U)
X-Accept-Language: en,pdf
MIME-Version: 1.0
To: radiator at open.com.au
Subject: (RADIATOR) Multiple SessionDatabase not working!
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=us-ascii
Sender: owner-radiator at open.com.au
Precedence: bulk
Hi Everyone,
I'm trying to use multiple instances of SessionDatabase, but it keeps
defaulting to the wrong SessionDatabase during the accounting request.
I want to separate my dialup users and my DSL users. Everytime I do a
radpwtst to test a regular dialup user, the SessionDatabase defaults to
SessionDatabase SQL. I'm trying to figure out why, but I'm
unsuccessful.
Here's what I have:
-------------------
<SessionDatabase NULL>
Identifier NULL
</SessionDatabase>
<SessionDatabase DBM>
Identifier Dialup-SessionCheck
Filename %D/online
</SessionDatabase>
<SessionDatabase SQL>
Identifier DSL-SessionCheck
DBSource dbi:FreeTDS:....;
DBUsername radius
DBAuth step!0ff
AddQuery insert into RADONLINE ...
DeleteQuery delete from RADONLINE where USERNAME='%n' and \
NASIDENTIFIER='%N' and
ACCTSESSIONID='%{Acct-Session-Id}'
ClearNasQuery delete from RADONLINE where NASIDENTIFIER='%N'
CountQuery select NASIDENTIFIER, NASPORT, ACCTSESSIONID from
RADONLINE \
where USERNAME='%n'
</SessionDatabase>
.
.
.
<Handler NAS-IP-Address = xxx.xxx.xxx.xxx>
SessionDatabase DSL-SessionCheck
PasswordLogFileName %D/Radiator-2.17.1/gtapass.log.%y%m
AuthByPolicy ContinueWhileAccept
AuthBy Check-Users
<AuthBy FILE>
Filename %D/users-sql
AddToReplyIfNotExist Framed-IP-Address = 255.255.255.254
</AuthBy>
</Handler>
<Handler Request-Type = Accounting-Request>
SessionDatabase NULL
AuthByPolicy ContinueAlways
AuthBy InsertIntoSQL
</Handler>
<Handler>
SessionDatabase Dialup-SessionCheck
PasswordLogFileName %D/Radiator-2.17.1/gtapass.log.%y%m
AuthByPolicy ContinueWhileAccept
AuthBy Check-Users
<AuthBy FILE>
Filename %D/users-sql
AddToReplyIfNotExist Framed-IP-Address = 255.255.255.254
</AuthBy>
</Handler>
Here's my log file:
-------------------
*** Received from 127.0.0.1 port 1637 ....
Code: Access-Request
Identifier: 62
Authentic: 1234567890123456
Attributes:
User-Name = "mikesanlite"
Service-Type = Framed-User
NAS-IP-Address = 203.63.154.1
NAS-Port = 11
NAS-Port-Type = Async
User-Password =
"<255>!<207><158>ELL<177><225><27><202><174><163>[L<172>"
Tue Feb 27 13:04:48 2001: DEBUG: Check if Handler Prefix = IPASS/ should
be used to handle this request
Tue Feb 27 13:04:48 2001: DEBUG: Check if Handler Realm = estart.com
should be used to handle this request
Tue Feb 27 13:04:48 2001: DEBUG: Check if Handler NAS-IP-Address =
202.128.81.2 should be used to handle this request
Tue Feb 27 13:04:48 2001: DEBUG: Check if Handler Request-Type =
Accounting-Request should be used to handle this request
Tue Feb 27 13:04:48 2001: DEBUG: Check if Handler should be used to
handle this request
Tue Feb 27 13:04:48 2001: DEBUG: Handling request with Handler ''
Tue Feb 27 13:04:48 2001: DEBUG: Dialup-SessionCheck Deleting session
for mikesanlite, 203.63.154.1, 11
Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthGROUP
Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthFILE
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
mikesanlite
Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthFILE
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
mikesanlite
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
DEFAULT
Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSYSTEM
Tue Feb 27 13:04:48 2001: DEBUG: getpwnam got mikesanlite,
s1JrqcKdgmUlg, 4784, 2001, , , Mike Santos Lite, /fs1/u7/mikesanlite,
/usr/slocal/sbin/flash
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM looks for match with
mikesanlite
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM REJECT: User
mikesanlite is not in Group mailbox
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE REJECT: User
mikesanlite is not in Group mailbox
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
DEFAULT1
Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSYSTEM
Tue Feb 27 13:04:48 2001: DEBUG: getpwnam got mikesanlite,
s1JrqcKdgmUlg, 4784, 2001, , , Mike Santos Lite, /fs1/u7/mikesanlite,
/usr/slocal/sbin/flash
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM looks for match with
mikesanlite
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM REJECT: User
mikesanlite is not in Group gcc
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE REJECT: User
mikesanlite is not in Group gcc
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
DEFAULT2
Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSYSTEM
Tue Feb 27 13:04:48 2001: DEBUG: getpwnam got mikesanlite,
s1JrqcKdgmUlg, 4784, 2001, , , Mike Santos Lite, /fs1/u7/mikesanlite,
/usr/slocal/sbin/flash
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM looks for match with
mikesanlite
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM REJECT: User
mikesanlite is not in Group shell
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE REJECT: User
mikesanlite is not in Group shell
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
DEFAULT3
Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSYSTEM
Tue Feb 27 13:04:48 2001: DEBUG: getpwnam got mikesanlite,
s1JrqcKdgmUlg, 4784, 2001, , , Mike Santos Lite, /fs1/u7/mikesanlite,
/usr/slocal/sbin/flash
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM looks for match with
mikesanlite
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM REJECT: User
mikesanlite is not in Group limited
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE REJECT: User
mikesanlite is not in Group limited
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
DEFAULT4
Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSYSTEM
Tue Feb 27 13:04:48 2001: DEBUG: getpwnam got mikesanlite,
s1JrqcKdgmUlg, 4784, 2001, , , Mike Santos Lite, /fs1/u7/mikesanlite,
/usr/slocal/sbin/flash
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM looks for match with
mikesanlite
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM REJECT: User
mikesanlite is not in Group email
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE REJECT: User
mikesanlite is not in Group email
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
DEFAULT5
Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSYSTEM
Tue Feb 27 13:04:48 2001: DEBUG: getpwnam got mikesanlite,
s1JrqcKdgmUlg, 4784, 2001, , , Mike Santos Lite, /fs1/u7/mikesanlite,
/usr/slocal/sbin/flash
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM looks for match with
mikesanlite
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM REJECT: User
mikesanlite is not in Group isdn64
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE REJECT: User
mikesanlite is not in Group isdn64
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
DEFAULT6
Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSYSTEM
Tue Feb 27 13:04:48 2001: DEBUG: getpwnam got mikesanlite,
s1JrqcKdgmUlg, 4784, 2001, , , Mike Santos Lite, /fs1/u7/mikesanlite,
/usr/slocal/sbin/flash
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM looks for match with
mikesanlite
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM REJECT: User
mikesanlite is not in Group isdn128
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE REJECT: User
mikesanlite is not in Group isdn128
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
DEFAULT7
Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSYSTEM
Tue Feb 27 13:04:48 2001: DEBUG: getpwnam got mikesanlite,
s1JrqcKdgmUlg, 4784, 2001, , , Mike Santos Lite, /fs1/u7/mikesanlite,
/usr/slocal/sbin/flash
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM looks for match with
mikesanlite
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM REJECT: User
mikesanlite is not in Group unlimited
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE REJECT: User
mikesanlite is not in Group unlimited
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
DEFAULT8
Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSYSTEM
Tue Feb 27 13:04:48 2001: DEBUG: getpwnam got mikesanlite,
s1JrqcKdgmUlg, 4784, 2001, , , Mike Santos Lite, /fs1/u7/mikesanlite,
/usr/slocal/sbin/flash
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM looks for match with
mikesanlite
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM ACCEPT:
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE ACCEPT:
Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthFILE
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
mikesanlite
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
DEFAULT
Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSQL
Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSQL
Tue Feb 27 13:04:48 2001: DEBUG: Query is: select Password, Expiration,
SimUse, IdleTime, SessionTime, StaticIP from USERS where IDENTIFIER =
'mikesanlite' AND STATUS != 'C'
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSQL looks for match with
mikesanlite
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSQL ACCEPT:
Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE ACCEPT:
Tue Feb 27 13:04:48 2001: DEBUG: Access accepted for mikesanlite
Tue Feb 27 13:04:48 2001: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 1637 ....
Code: Access-Accept
Identifier: 62
Authentic: 1234567890123456
Attributes:
Framed-Protocol = PPP
Service-Type = Annex-Framed-Tunnel
Port-Limit = 1
Idle-Timeout = 100
Session-Timeout = 29000
Framed-IP-Address = 255.255.255.254
Tue Feb 27 13:04:48 2001: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 1637 ....
Code: Accounting-Request
Identifier: 63
Authentic: (Y<16><188><164>Qm<230><229><149><1>w<237><193><159><224>
Attributes:
User-Name = "mikesanlite"
Service-Type = Framed-User
NAS-IP-Address = 203.63.154.1
NAS-Port = 11
NAS-Port-Type = Async
Acct-Session-Id = "00001234"
Acct-Status-Type = Start
Framed-IP-Address = 255.255.255.254
Tue Feb 27 13:04:48 2001: DEBUG: Check if Handler Prefix = IPASS/ should
be used to handle this request
Tue Feb 27 13:04:48 2001: DEBUG: Check if Handler Realm = estart.com
should be used to handle this request
Tue Feb 27 13:04:48 2001: DEBUG: Check if Handler NAS-IP-Address =
202.128.81.2 should be used to handle this request
Tue Feb 27 13:04:48 2001: DEBUG: Check if Handler Request-Type =
Accounting-Request should be used to handle this request
Tue Feb 27 13:04:48 2001: DEBUG: Handling request with Handler
'Request-Type = Accounting-Request'
Tue Feb 27 13:04:48 2001: DEBUG: DSL-SessionCheck Adding session for
mikesanlite, 203.63.154.1, 11
Tue Feb 27 13:04:48 2001: DEBUG: do query is: delete from RADONLINE
where USERNAME='mikesanlite' and NASIDENTIFIER='203.63.154.1' and
ACCTSESSIONID='00001234'
Tue Feb 27 13:04:48 2001: DEBUG: do query is: insert into RADONLINE
(USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,
FRAMEDIPADDRESS, NASPORTTYPE, SERVICETYPE) values ('mikesanlite',
'203.63.154.1', 11,'00001234', 983243088, '255.255.255.254',
'','Framed-User')
Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSQL
Tue Feb 27 13:04:48 2001: DEBUG: Handling accounting with
Radius::AuthSQL
Tue Feb 27 13:04:48 2001: DEBUG: do query is: insert into ACCOUNTING
(IDENTIFIER, TIME_STAMP, ACCTSTATUSTYPE, ACCTSESSIONID,
NASIDENTIFIER, NASPORT, FRAMEDIPADDRESS)
values
('mikesanlite', '02-27-2001 13:04:48', 'Start',
'00001234', '203.63.154.1', 11, '255.255.255.254')
Tue Feb 27 13:04:48 2001: DEBUG: Accounting accepted
Tue Feb 27 13:04:48 2001: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 1637 ....
Code: Accounting-Response
Identifier: 63
Authentic: (Y<16><188><164>Qm<230><229><149><1>w<237><193><159><224>
Attributes:
HELP!!!
Janet
--
_____________________________________________________
Janet del Mundo
Internet Administrator, Startec Global Communications
135 Chalan Santo Papa Agana, Guam 96910
Email: jdelmundo at corp.netpci.com
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 13289 invoked by uid 0); 27 Feb 2001 04:22:13 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 27 Feb 2001 04:22:13 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id OAA17335
for radiator-zzlist; Tue, 27 Feb 2001 14:41:12 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id OAA17284
for radiator at open.com.au; Tue, 27 Feb 2001 14:40:52 +1100 (EST)
>Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id OAA08505
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Tue, 27 Feb 2001 14:11:41 +1100 (EST)
Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id OAA08505
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Tue, 27 Feb 2001 14:11:41 +1100 (EST)
Received: from hugo (acc2-ppp46.mel.roaming.connect.com.au [203.63.124.174])
by entoo.connect.com.au (Postfix) with SMTP
id 08369DD4FB; Tue, 27 Feb 2001 14:09:45 +1100 (EST)
From: Hugh Irvine <hugh at open.com.au>
Reply-To: hugh at open.com.au
Organization: Open System Consultants
To: "Tim McCullagh" <timbo at halenet.com.au>, <radiator at open.com.au>
Subject: Re: (RADIATOR) radacct.cgi and customer usage
Date: Tue, 27 Feb 2001 14:09:34 +1100
X-Mailer: KMail [version 1.1.99]
References: <009401c09fd6$1f573300$6500a8c0 at halenet.com.au>
In-Reply-To: <009401c09fd6$1f573300$6500a8c0 at halenet.com.au>
MIME-Version: 1.0
Message-Id: <0102271409340J.00913 at hugo>
Content-Transfer-Encoding: 8bit
Content-Type: text/plain;
charset="iso-8859-1"
Sender: owner-radiator at open.com.au
Precedence: bulk
Hello Tim -
I sent this to you yesterday, but here it is again:
http://www.cpan.org/modules/by-module/Apache/Apache-AuthenRadius-0.3.tar.gz
The notes you quote regarding Radius are quite correct, your Radiator host(s)
should be behind a firewall in any case. If you wish to use multiple copies
of Radiator it is very easy to do simply by specifying different port numbers
with the AuthPort and AcctPort parameters in the Radiator configuration file.
hth
Hugh
On Monday 26 February 2001 20:25, Tim McCullagh wrote:
> Hi Hugh,
>
> Can you tell me which apache pam / radius module I need to install to
> authenticate customers so that they can use radacct.cgi to get their own
> usage stats only. Mike mentions a pam radius module in the radacct.cgi
>
> I found 1 email in the mail archives where the following link was given
> http://pam.sourceforge.net/mod_auth_pam/
> Can you help with some example or link that may show how to configure this
> to authenticate the user using my radius database
>
> is this the correct module or should it be this one
>
> http://www.wede.de/sw/mod_auth_radius/
>
> Also is it correct that I shouldn't use the same radius for both NAS and
> web authentication as the mod_auth perl states
>
> <quote in mod_auth_radius module>
>
> Everyone wants strong authentication over the web. For us, this means
> RADIUS.
>
> Using static passwords & RADIUS authentication over the web is a BAD
> IDEA. Everyone can sniff the passwords, as they're sent over the net
> in the clear. RADIUS web authentication is a REALLY BAD IDEA if you
> use the same RADIUS server for web and NAS (dial-up) or firewall
> users. Then ANYONE can pretend to be you, and break through your
> firewall with minimal effort.
>
> PLEASE use a different RADIUS server for web authentication and
> dial-up or firewall users! If you must use the same server, go for
> one-time passwords. They're ever so much more secure.
>
> Also, do NOT have your RADIUS server visible to the external world.
> Doing so makes all kinds of attacks possible.
> <end quote>
>
>
>
> Thanks and regards
>
> Tim
>
>
>
>
> ===
> Archive at http://www.starport.net/~radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 13409 invoked by uid 0); 27 Feb 2001 06:28:52 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 27 Feb 2001 06:28:52 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id QAA17811
for radiator-zzlist; Tue, 27 Feb 2001 16:40:31 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id QAA17778
for radiator at open.com.au; Tue, 27 Feb 2001 16:40:23 +1100 (EST)
>Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id QAA16245
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Tue, 27 Feb 2001 16:20:30 +1100 (EST)
Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id QAA16245
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Tue, 27 Feb 2001 16:20:30 +1100 (EST)
Received: from hugo (acc2-ppp46.mel.roaming.connect.com.au [203.63.124.174])
by entoo.connect.com.au (Postfix) with SMTP
id DBAC5DD6AF; Tue, 27 Feb 2001 16:18:30 +1100 (EST)
From: Hugh Irvine <hugh at open.com.au>
Reply-To: hugh at open.com.au
Organization: Open System Consultants
To: Janet N del Mundo <jdelmundo at corp.netpci.com>, radiator at open.com.au
Subject: Re: (RADIATOR) Multiple SessionDatabase not working!
Date: Tue, 27 Feb 2001 16:13:00 +1100
X-Mailer: KMail [version 1.1.99]
References: <3A9B1AAF.8A8A0C8F at corp.netpci.com>
In-Reply-To: <3A9B1AAF.8A8A0C8F at corp.netpci.com>
MIME-Version: 1.0
Message-Id: <0102271613000V.00913 at hugo>
Content-Transfer-Encoding: 8bit
Content-Type: text/plain;
charset="us-ascii"
Sender: owner-radiator at open.com.au
Precedence: bulk
Hello Janet -
There was a bug in SessionDatabase NULL. You should check the patches area.
hth
Hugh
On Tuesday 27 February 2001 14:10, Janet N del Mundo wrote:
> Hi Everyone,
>
> I'm trying to use multiple instances of SessionDatabase, but it keeps
> defaulting to the wrong SessionDatabase during the accounting request.
> I want to separate my dialup users and my DSL users. Everytime I do a
> radpwtst to test a regular dialup user, the SessionDatabase defaults to
> SessionDatabase SQL. I'm trying to figure out why, but I'm
> unsuccessful.
>
> Here's what I have:
> -------------------
>
> <SessionDatabase NULL>
> Identifier NULL
> </SessionDatabase>
>
> <SessionDatabase DBM>
> Identifier Dialup-SessionCheck
> Filename %D/online
> </SessionDatabase>
>
> <SessionDatabase SQL>
> Identifier DSL-SessionCheck
> DBSource dbi:FreeTDS:....;
> DBUsername radius
> DBAuth step!0ff
>
> AddQuery insert into RADONLINE ...
>
> DeleteQuery delete from RADONLINE where USERNAME='%n' and \
> NASIDENTIFIER='%N' and
> ACCTSESSIONID='%{Acct-Session-Id}'
>
> ClearNasQuery delete from RADONLINE where NASIDENTIFIER='%N'
>
> CountQuery select NASIDENTIFIER, NASPORT, ACCTSESSIONID from
> RADONLINE \
> where USERNAME='%n'
>
> </SessionDatabase>
> ..
> ..
> ..
>
> <Handler NAS-IP-Address = xxx.xxx.xxx.xxx>
> SessionDatabase DSL-SessionCheck
> PasswordLogFileName %D/Radiator-2.17.1/gtapass.log.%y%m
> AuthByPolicy ContinueWhileAccept
> AuthBy Check-Users
>
> <AuthBy FILE>
> Filename %D/users-sql
> AddToReplyIfNotExist Framed-IP-Address = 255.255.255.254
> </AuthBy>
> </Handler>
>
> <Handler Request-Type = Accounting-Request>
> SessionDatabase NULL
> AuthByPolicy ContinueAlways
> AuthBy InsertIntoSQL
> </Handler>
>
> <Handler>
> SessionDatabase Dialup-SessionCheck
> PasswordLogFileName %D/Radiator-2.17.1/gtapass.log.%y%m
> AuthByPolicy ContinueWhileAccept
>
> AuthBy Check-Users
>
> <AuthBy FILE>
> Filename %D/users-sql
> AddToReplyIfNotExist Framed-IP-Address = 255.255.255.254
> </AuthBy>
>
> </Handler>
>
> Here's my log file:
> -------------------
> *** Received from 127.0.0.1 port 1637 ....
> Code: Access-Request
> Identifier: 62
> Authentic: 1234567890123456
> Attributes:
> User-Name = "mikesanlite"
> Service-Type = Framed-User
> NAS-IP-Address = 203.63.154.1
> NAS-Port = 11
> NAS-Port-Type = Async
> User-Password =
> "<255>!<207><158>ELL<177><225><27><202><174><163>[L<172>"
>
> Tue Feb 27 13:04:48 2001: DEBUG: Check if Handler Prefix = IPASS/ should
> be used to handle this request
> Tue Feb 27 13:04:48 2001: DEBUG: Check if Handler Realm = estart.com
> should be used to handle this request
> Tue Feb 27 13:04:48 2001: DEBUG: Check if Handler NAS-IP-Address =
> 202.128.81.2 should be used to handle this request
> Tue Feb 27 13:04:48 2001: DEBUG: Check if Handler Request-Type =
> Accounting-Request should be used to handle this request
> Tue Feb 27 13:04:48 2001: DEBUG: Check if Handler should be used to
> handle this request
> Tue Feb 27 13:04:48 2001: DEBUG: Handling request with Handler ''
> Tue Feb 27 13:04:48 2001: DEBUG: Dialup-SessionCheck Deleting session
> for mikesanlite, 203.63.154.1, 11
> Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthGROUP
> Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthFILE
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
> mikesanlite
> Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthFILE
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
> mikesanlite
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
> DEFAULT
> Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSYSTEM
> Tue Feb 27 13:04:48 2001: DEBUG: getpwnam got mikesanlite,
> s1JrqcKdgmUlg, 4784, 2001, , , Mike Santos Lite, /fs1/u7/mikesanlite,
> /usr/slocal/sbin/flash
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM looks for match with
> mikesanlite
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM REJECT: User
> mikesanlite is not in Group mailbox
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE REJECT: User
> mikesanlite is not in Group mailbox
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
> DEFAULT1
> Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSYSTEM
> Tue Feb 27 13:04:48 2001: DEBUG: getpwnam got mikesanlite,
> s1JrqcKdgmUlg, 4784, 2001, , , Mike Santos Lite, /fs1/u7/mikesanlite,
> /usr/slocal/sbin/flash
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM looks for match with
> mikesanlite
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM REJECT: User
> mikesanlite is not in Group gcc
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE REJECT: User
> mikesanlite is not in Group gcc
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
> DEFAULT2
> Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSYSTEM
> Tue Feb 27 13:04:48 2001: DEBUG: getpwnam got mikesanlite,
> s1JrqcKdgmUlg, 4784, 2001, , , Mike Santos Lite, /fs1/u7/mikesanlite,
> /usr/slocal/sbin/flash
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM looks for match with
> mikesanlite
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM REJECT: User
> mikesanlite is not in Group shell
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE REJECT: User
> mikesanlite is not in Group shell
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
> DEFAULT3
> Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSYSTEM
> Tue Feb 27 13:04:48 2001: DEBUG: getpwnam got mikesanlite,
> s1JrqcKdgmUlg, 4784, 2001, , , Mike Santos Lite, /fs1/u7/mikesanlite,
> /usr/slocal/sbin/flash
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM looks for match with
> mikesanlite
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM REJECT: User
> mikesanlite is not in Group limited
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE REJECT: User
> mikesanlite is not in Group limited
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
> DEFAULT4
> Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSYSTEM
> Tue Feb 27 13:04:48 2001: DEBUG: getpwnam got mikesanlite,
> s1JrqcKdgmUlg, 4784, 2001, , , Mike Santos Lite, /fs1/u7/mikesanlite,
> /usr/slocal/sbin/flash
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM looks for match with
> mikesanlite
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM REJECT: User
> mikesanlite is not in Group email
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE REJECT: User
> mikesanlite is not in Group email
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
> DEFAULT5
> Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSYSTEM
> Tue Feb 27 13:04:48 2001: DEBUG: getpwnam got mikesanlite,
> s1JrqcKdgmUlg, 4784, 2001, , , Mike Santos Lite, /fs1/u7/mikesanlite,
> /usr/slocal/sbin/flash
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM looks for match with
> mikesanlite
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM REJECT: User
> mikesanlite is not in Group isdn64
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE REJECT: User
> mikesanlite is not in Group isdn64
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
> DEFAULT6
> Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSYSTEM
> Tue Feb 27 13:04:48 2001: DEBUG: getpwnam got mikesanlite,
> s1JrqcKdgmUlg, 4784, 2001, , , Mike Santos Lite, /fs1/u7/mikesanlite,
> /usr/slocal/sbin/flash
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM looks for match with
> mikesanlite
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM REJECT: User
> mikesanlite is not in Group isdn128
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE REJECT: User
> mikesanlite is not in Group isdn128
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
> DEFAULT7
> Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSYSTEM
> Tue Feb 27 13:04:48 2001: DEBUG: getpwnam got mikesanlite,
> s1JrqcKdgmUlg, 4784, 2001, , , Mike Santos Lite, /fs1/u7/mikesanlite,
> /usr/slocal/sbin/flash
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM looks for match with
> mikesanlite
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM REJECT: User
> mikesanlite is not in Group unlimited
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE REJECT: User
> mikesanlite is not in Group unlimited
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
> DEFAULT8
> Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSYSTEM
> Tue Feb 27 13:04:48 2001: DEBUG: getpwnam got mikesanlite,
> s1JrqcKdgmUlg, 4784, 2001, , , Mike Santos Lite, /fs1/u7/mikesanlite,
> /usr/slocal/sbin/flash
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM looks for match with
> mikesanlite
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM ACCEPT:
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE ACCEPT:
> Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthFILE
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
> mikesanlite
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
> DEFAULT
> Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSQL
> Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSQL
> Tue Feb 27 13:04:48 2001: DEBUG: Query is: select Password, Expiration,
> SimUse, IdleTime, SessionTime, StaticIP from USERS where IDENTIFIER =
> 'mikesanlite' AND STATUS != 'C'
>
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSQL looks for match with
> mikesanlite
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSQL ACCEPT:
> Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE ACCEPT:
> Tue Feb 27 13:04:48 2001: DEBUG: Access accepted for mikesanlite
> Tue Feb 27 13:04:48 2001: DEBUG: Packet dump:
> *** Sending to 127.0.0.1 port 1637 ....
> Code: Access-Accept
> Identifier: 62
> Authentic: 1234567890123456
> Attributes:
> Framed-Protocol = PPP
> Service-Type = Annex-Framed-Tunnel
> Port-Limit = 1
> Idle-Timeout = 100
> Session-Timeout = 29000
> Framed-IP-Address = 255.255.255.254
>
> Tue Feb 27 13:04:48 2001: DEBUG: Packet dump:
> *** Received from 127.0.0.1 port 1637 ....
> Code: Accounting-Request
> Identifier: 63
> Authentic: (Y<16><188><164>Qm<230><229><149><1>w<237><193><159><224>
> Attributes:
> User-Name = "mikesanlite"
> Service-Type = Framed-User
> NAS-IP-Address = 203.63.154.1
> NAS-Port = 11
> NAS-Port-Type = Async
> Acct-Session-Id = "00001234"
> Acct-Status-Type = Start
> Framed-IP-Address = 255.255.255.254
>
> Tue Feb 27 13:04:48 2001: DEBUG: Check if Handler Prefix = IPASS/ should
> be used to handle this request
> Tue Feb 27 13:04:48 2001: DEBUG: Check if Handler Realm = estart.com
> should be used to handle this request
> Tue Feb 27 13:04:48 2001: DEBUG: Check if Handler NAS-IP-Address =
> 202.128.81.2 should be used to handle this request
> Tue Feb 27 13:04:48 2001: DEBUG: Check if Handler Request-Type =
> Accounting-Request should be used to handle this request
> Tue Feb 27 13:04:48 2001: DEBUG: Handling request with Handler
> 'Request-Type = Accounting-Request'
> Tue Feb 27 13:04:48 2001: DEBUG: DSL-SessionCheck Adding session for
> mikesanlite, 203.63.154.1, 11
> Tue Feb 27 13:04:48 2001: DEBUG: do query is: delete from RADONLINE
> where USERNAME='mikesanlite' and NASIDENTIFIER='203.63.154.1' and
> ACCTSESSIONID='00001234'
>
> Tue Feb 27 13:04:48 2001: DEBUG: do query is: insert into RADONLINE
> (USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,
> FRAMEDIPADDRESS, NASPORTTYPE, SERVICETYPE) values ('mikesanlite',
> '203.63.154.1', 11,'00001234', 983243088, '255.255.255.254',
> '','Framed-User')
>
> Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSQL
> Tue Feb 27 13:04:48 2001: DEBUG: Handling accounting with
> Radius::AuthSQL
> Tue Feb 27 13:04:48 2001: DEBUG: do query is: insert into ACCOUNTING
> (IDENTIFIER, TIME_STAMP, ACCTSTATUSTYPE, ACCTSESSIONID,
> NASIDENTIFIER, NASPORT, FRAMEDIPADDRESS)
> values
> ('mikesanlite', '02-27-2001 13:04:48', 'Start',
> '00001234', '203.63.154.1', 11, '255.255.255.254')
>
> Tue Feb 27 13:04:48 2001: DEBUG: Accounting accepted
> Tue Feb 27 13:04:48 2001: DEBUG: Packet dump:
> *** Sending to 127.0.0.1 port 1637 ....
> Code: Accounting-Response
> Identifier: 63
> Authentic: (Y<16><188><164>Qm<230><229><149><1>w<237><193><159><224>
> Attributes:
>
> HELP!!!
> Janet
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 13563 invoked by uid 0); 27 Feb 2001 07:24:59 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 27 Feb 2001 07:24:59 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id RAA18125
for radiator-zzlist; Tue, 27 Feb 2001 17:40:46 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id RAA18103;
Tue, 27 Feb 2001 17:40:38 +1100 (EST)
>Received: from dns2.corp.netpci.com (dns2.corp.netpci.com [202.128.70.2]) by perki.connect.com.au with ESMTP id RAA20025
(8.8.8/IDA-1.7); Tue, 27 Feb 2001 17:27:51 +1100 (EST)
Received: from dns2.corp.netpci.com (dns2.corp.netpci.com [202.128.70.2]) by perki.connect.com.au with ESMTP id RAA20025
(8.8.8/IDA-1.7); Tue, 27 Feb 2001 17:27:51 +1100 (EST)
Received: from corp.netpci.com (jdelmundo.corp.netpci.com [202.128.70.43])
by dns2.corp.netpci.com (8.8.8/8.8.8) with ESMTP id QAA00712;
Tue, 27 Feb 2001 16:26:50 +1000 (GST)
Message-ID: <3A9B48C0.C6F4E68F at corp.netpci.com>
Date: Tue, 27 Feb 2001 16:27:12 +1000
From: Janet N del Mundo <jdelmundo at corp.netpci.com>
Organization: Startec Global Communications
X-Mailer: Mozilla 4.72 [en] (Win98; U)
X-Accept-Language: en,pdf
MIME-Version: 1.0
To: hugh at open.com.au
CC: radiator at open.com.au
Subject: Re: (RADIATOR) Multiple SessionDatabase not working!
References: <3A9B1AAF.8A8A0C8F at corp.netpci.com> <0102271613000V.00913 at hugo>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=us-ascii
Sender: owner-radiator at open.com.au
Precedence: bulk
Is this for version 2.17.1? I don't see patches for SessionDatabase
NULL for 2.17.1.
I tried reversing the order - placing SessionDatabase DBM last and it
seems to be working... that's weird. I read one of your old emails and
you said to try to reverse the order which I did. Is this the bug?
Thanks,
Janet
Hugh Irvine wrote:
>
> Hello Janet -
>
> There was a bug in SessionDatabase NULL. You should check the patches area.
>
> hth
>
> Hugh
>
> On Tuesday 27 February 2001 14:10, Janet N del Mundo wrote:
> > Hi Everyone,
> >
> > I'm trying to use multiple instances of SessionDatabase, but it keeps
> > defaulting to the wrong SessionDatabase during the accounting request.
> > I want to separate my dialup users and my DSL users. Everytime I do a
> > radpwtst to test a regular dialup user, the SessionDatabase defaults to
> > SessionDatabase SQL. I'm trying to figure out why, but I'm
> > unsuccessful.
> >
> > Here's what I have:
> > -------------------
> >
> > <SessionDatabase NULL>
> > Identifier NULL
> > </SessionDatabase>
> >
> > <SessionDatabase DBM>
> > Identifier Dialup-SessionCheck
> > Filename %D/online
> > </SessionDatabase>
> >
> > <SessionDatabase SQL>
> > Identifier DSL-SessionCheck
> > DBSource dbi:FreeTDS:....;
> > DBUsername radius
> > DBAuth step!0ff
> >
> > AddQuery insert into RADONLINE ...
> >
> > DeleteQuery delete from RADONLINE where USERNAME='%n' and \
> > NASIDENTIFIER='%N' and
> > ACCTSESSIONID='%{Acct-Session-Id}'
> >
> > ClearNasQuery delete from RADONLINE where NASIDENTIFIER='%N'
> >
> > CountQuery select NASIDENTIFIER, NASPORT, ACCTSESSIONID from
> > RADONLINE \
> > where USERNAME='%n'
> >
> > </SessionDatabase>
> > ..
> > ..
> > ..
> >
> > <Handler NAS-IP-Address = xxx.xxx.xxx.xxx>
> > SessionDatabase DSL-SessionCheck
> > PasswordLogFileName %D/Radiator-2.17.1/gtapass.log.%y%m
> > AuthByPolicy ContinueWhileAccept
> > AuthBy Check-Users
> >
> > <AuthBy FILE>
> > Filename %D/users-sql
> > AddToReplyIfNotExist Framed-IP-Address = 255.255.255.254
> > </AuthBy>
> > </Handler>
> >
> > <Handler Request-Type = Accounting-Request>
> > SessionDatabase NULL
> > AuthByPolicy ContinueAlways
> > AuthBy InsertIntoSQL
> > </Handler>
> >
> > <Handler>
> > SessionDatabase Dialup-SessionCheck
> > PasswordLogFileName %D/Radiator-2.17.1/gtapass.log.%y%m
> > AuthByPolicy ContinueWhileAccept
> >
> > AuthBy Check-Users
> >
> > <AuthBy FILE>
> > Filename %D/users-sql
> > AddToReplyIfNotExist Framed-IP-Address = 255.255.255.254
> > </AuthBy>
> >
> > </Handler>
> >
> > Here's my log file:
> > -------------------
> > *** Received from 127.0.0.1 port 1637 ....
> > Code: Access-Request
> > Identifier: 62
> > Authentic: 1234567890123456
> > Attributes:
> > User-Name = "mikesanlite"
> > Service-Type = Framed-User
> > NAS-IP-Address = 203.63.154.1
> > NAS-Port = 11
> > NAS-Port-Type = Async
> > User-Password =
> > "<255>!<207><158>ELL<177><225><27><202><174><163>[L<172>"
> >
> > Tue Feb 27 13:04:48 2001: DEBUG: Check if Handler Prefix = IPASS/ should
> > be used to handle this request
> > Tue Feb 27 13:04:48 2001: DEBUG: Check if Handler Realm = estart.com
> > should be used to handle this request
> > Tue Feb 27 13:04:48 2001: DEBUG: Check if Handler NAS-IP-Address =
> > 202.128.81.2 should be used to handle this request
> > Tue Feb 27 13:04:48 2001: DEBUG: Check if Handler Request-Type =
> > Accounting-Request should be used to handle this request
> > Tue Feb 27 13:04:48 2001: DEBUG: Check if Handler should be used to
> > handle this request
> > Tue Feb 27 13:04:48 2001: DEBUG: Handling request with Handler ''
> > Tue Feb 27 13:04:48 2001: DEBUG: Dialup-SessionCheck Deleting session
> > for mikesanlite, 203.63.154.1, 11
> > Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthGROUP
> > Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthFILE
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
> > mikesanlite
> > Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthFILE
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
> > mikesanlite
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
> > DEFAULT
> > Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSYSTEM
> > Tue Feb 27 13:04:48 2001: DEBUG: getpwnam got mikesanlite,
> > s1JrqcKdgmUlg, 4784, 2001, , , Mike Santos Lite, /fs1/u7/mikesanlite,
> > /usr/slocal/sbin/flash
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM looks for match with
> > mikesanlite
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM REJECT: User
> > mikesanlite is not in Group mailbox
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE REJECT: User
> > mikesanlite is not in Group mailbox
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
> > DEFAULT1
> > Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSYSTEM
> > Tue Feb 27 13:04:48 2001: DEBUG: getpwnam got mikesanlite,
> > s1JrqcKdgmUlg, 4784, 2001, , , Mike Santos Lite, /fs1/u7/mikesanlite,
> > /usr/slocal/sbin/flash
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM looks for match with
> > mikesanlite
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM REJECT: User
> > mikesanlite is not in Group gcc
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE REJECT: User
> > mikesanlite is not in Group gcc
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
> > DEFAULT2
> > Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSYSTEM
> > Tue Feb 27 13:04:48 2001: DEBUG: getpwnam got mikesanlite,
> > s1JrqcKdgmUlg, 4784, 2001, , , Mike Santos Lite, /fs1/u7/mikesanlite,
> > /usr/slocal/sbin/flash
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM looks for match with
> > mikesanlite
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM REJECT: User
> > mikesanlite is not in Group shell
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE REJECT: User
> > mikesanlite is not in Group shell
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
> > DEFAULT3
> > Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSYSTEM
> > Tue Feb 27 13:04:48 2001: DEBUG: getpwnam got mikesanlite,
> > s1JrqcKdgmUlg, 4784, 2001, , , Mike Santos Lite, /fs1/u7/mikesanlite,
> > /usr/slocal/sbin/flash
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM looks for match with
> > mikesanlite
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM REJECT: User
> > mikesanlite is not in Group limited
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE REJECT: User
> > mikesanlite is not in Group limited
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
> > DEFAULT4
> > Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSYSTEM
> > Tue Feb 27 13:04:48 2001: DEBUG: getpwnam got mikesanlite,
> > s1JrqcKdgmUlg, 4784, 2001, , , Mike Santos Lite, /fs1/u7/mikesanlite,
> > /usr/slocal/sbin/flash
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM looks for match with
> > mikesanlite
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM REJECT: User
> > mikesanlite is not in Group email
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE REJECT: User
> > mikesanlite is not in Group email
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
> > DEFAULT5
> > Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSYSTEM
> > Tue Feb 27 13:04:48 2001: DEBUG: getpwnam got mikesanlite,
> > s1JrqcKdgmUlg, 4784, 2001, , , Mike Santos Lite, /fs1/u7/mikesanlite,
> > /usr/slocal/sbin/flash
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM looks for match with
> > mikesanlite
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM REJECT: User
> > mikesanlite is not in Group isdn64
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE REJECT: User
> > mikesanlite is not in Group isdn64
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
> > DEFAULT6
> > Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSYSTEM
> > Tue Feb 27 13:04:48 2001: DEBUG: getpwnam got mikesanlite,
> > s1JrqcKdgmUlg, 4784, 2001, , , Mike Santos Lite, /fs1/u7/mikesanlite,
> > /usr/slocal/sbin/flash
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM looks for match with
> > mikesanlite
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM REJECT: User
> > mikesanlite is not in Group isdn128
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE REJECT: User
> > mikesanlite is not in Group isdn128
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
> > DEFAULT7
> > Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSYSTEM
> > Tue Feb 27 13:04:48 2001: DEBUG: getpwnam got mikesanlite,
> > s1JrqcKdgmUlg, 4784, 2001, , , Mike Santos Lite, /fs1/u7/mikesanlite,
> > /usr/slocal/sbin/flash
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM looks for match with
> > mikesanlite
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM REJECT: User
> > mikesanlite is not in Group unlimited
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE REJECT: User
> > mikesanlite is not in Group unlimited
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
> > DEFAULT8
> > Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSYSTEM
> > Tue Feb 27 13:04:48 2001: DEBUG: getpwnam got mikesanlite,
> > s1JrqcKdgmUlg, 4784, 2001, , , Mike Santos Lite, /fs1/u7/mikesanlite,
> > /usr/slocal/sbin/flash
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM looks for match with
> > mikesanlite
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSYSTEM ACCEPT:
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE ACCEPT:
> > Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthFILE
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
> > mikesanlite
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE looks for match with
> > DEFAULT
> > Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSQL
> > Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSQL
> > Tue Feb 27 13:04:48 2001: DEBUG: Query is: select Password, Expiration,
> > SimUse, IdleTime, SessionTime, StaticIP from USERS where IDENTIFIER =
> > 'mikesanlite' AND STATUS != 'C'
> >
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSQL looks for match with
> > mikesanlite
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthSQL ACCEPT:
> > Tue Feb 27 13:04:48 2001: DEBUG: Radius::AuthFILE ACCEPT:
> > Tue Feb 27 13:04:48 2001: DEBUG: Access accepted for mikesanlite
> > Tue Feb 27 13:04:48 2001: DEBUG: Packet dump:
> > *** Sending to 127.0.0.1 port 1637 ....
> > Code: Access-Accept
> > Identifier: 62
> > Authentic: 1234567890123456
> > Attributes:
> > Framed-Protocol = PPP
> > Service-Type = Annex-Framed-Tunnel
> > Port-Limit = 1
> > Idle-Timeout = 100
> > Session-Timeout = 29000
> > Framed-IP-Address = 255.255.255.254
> >
> > Tue Feb 27 13:04:48 2001: DEBUG: Packet dump:
> > *** Received from 127.0.0.1 port 1637 ....
> > Code: Accounting-Request
> > Identifier: 63
> > Authentic: (Y<16><188><164>Qm<230><229><149><1>w<237><193><159><224>
> > Attributes:
> > User-Name = "mikesanlite"
> > Service-Type = Framed-User
> > NAS-IP-Address = 203.63.154.1
> > NAS-Port = 11
> > NAS-Port-Type = Async
> > Acct-Session-Id = "00001234"
> > Acct-Status-Type = Start
> > Framed-IP-Address = 255.255.255.254
> >
> > Tue Feb 27 13:04:48 2001: DEBUG: Check if Handler Prefix = IPASS/ should
> > be used to handle this request
> > Tue Feb 27 13:04:48 2001: DEBUG: Check if Handler Realm = estart.com
> > should be used to handle this request
> > Tue Feb 27 13:04:48 2001: DEBUG: Check if Handler NAS-IP-Address =
> > 202.128.81.2 should be used to handle this request
> > Tue Feb 27 13:04:48 2001: DEBUG: Check if Handler Request-Type =
> > Accounting-Request should be used to handle this request
> > Tue Feb 27 13:04:48 2001: DEBUG: Handling request with Handler
> > 'Request-Type = Accounting-Request'
> > Tue Feb 27 13:04:48 2001: DEBUG: DSL-SessionCheck Adding session for
> > mikesanlite, 203.63.154.1, 11
> > Tue Feb 27 13:04:48 2001: DEBUG: do query is: delete from RADONLINE
> > where USERNAME='mikesanlite' and NASIDENTIFIER='203.63.154.1' and
> > ACCTSESSIONID='00001234'
> >
> > Tue Feb 27 13:04:48 2001: DEBUG: do query is: insert into RADONLINE
> > (USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,
> > FRAMEDIPADDRESS, NASPORTTYPE, SERVICETYPE) values ('mikesanlite',
> > '203.63.154.1', 11,'00001234', 983243088, '255.255.255.254',
> > '','Framed-User')
> >
> > Tue Feb 27 13:04:48 2001: DEBUG: Handling with Radius::AuthSQL
> > Tue Feb 27 13:04:48 2001: DEBUG: Handling accounting with
> > Radius::AuthSQL
> > Tue Feb 27 13:04:48 2001: DEBUG: do query is: insert into ACCOUNTING
> > (IDENTIFIER, TIME_STAMP, ACCTSTATUSTYPE, ACCTSESSIONID,
> > NASIDENTIFIER, NASPORT, FRAMEDIPADDRESS)
> > values
> > ('mikesanlite', '02-27-2001 13:04:48', 'Start',
> > '00001234', '203.63.154.1', 11, '255.255.255.254')
> >
> > Tue Feb 27 13:04:48 2001: DEBUG: Accounting accepted
> > Tue Feb 27 13:04:48 2001: DEBUG: Packet dump:
> > *** Sending to 127.0.0.1 port 1637 ....
> > Code: Accounting-Response
> > Identifier: 63
> > Authentic: (Y<16><188><164>Qm<230><229><149><1>w<237><193><159><224>
> > Attributes:
> >
> > HELP!!!
> > Janet
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
>
> ===
> Archive at http://www.starport.net/~radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
--
_____________________________________________________
Janet del Mundo
Internet Administrator, Startec Global Communications
135 Chalan Santo Papa Agana, Guam 96910
Email: jdelmundo at corp.netpci.com
Phone: (671) 475-6879
Fax : (671) 477-6054
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 13828 invoked by uid 0); 27 Feb 2001 11:49:29 -0000
Received: from unknown (HELO oscar.open.com.au) (203.63.154.1)
by 61.8.97.232 with SMTP; 27 Feb 2001 11:49:29 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id WAA18554
for radiator-zzlist; Tue, 27 Feb 2001 22:10:18 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id WAA18545;
Tue, 27 Feb 2001 22:10:14 +1100 (EST)
>Received: from favour.linkserve.net ([195.166.232.3]) by perki.connect.com.au with ESMTP id VAA02512
(8.8.8/IDA-1.7); Tue, 27 Feb 2001 21:44:25 +1100 (EST)
Received: from favour.linkserve.net ([195.166.232.3]) by perki.connect.com.au with ESMTP id VAA02512
(8.8.8/IDA-1.7); Tue, 27 Feb 2001 21:44:25 +1100 (EST)
Received: from ttt ([195.166.225.12])
by favour.linkserve.net (8.9.3/8.9.3) with SMTP id JAA15242;
Tue, 27 Feb 2001 09:59:45 +0100
Message-ID: <006501c0a090$0629a060$0ce1a6c3 at linkserve.net>
From: "'Tunde Ogedengbe" <tunde at linkserve.net>
To: <hugh at open.com.au>, <radiator at open.com.au>
Cc: <chima at linkserve.net>, <joanne at open.com.au>
References: <200102131754.AA37486996 at localmail.com> <a04320426b6af80b20e66@[202.151.212.17]> <02fd01c0a00f$35f0c8e0$0ce1a6c3 at linkserve.net> <0102271405050I.00913 at hugo>
Subject: (RADIATOR) Re: Optigold Billing System
Date: Tue, 27 Feb 2001 08:23:57 +0100
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.00.2919.6600
Disposition-Notification-To: "'Tunde Ogedengbe" <tunde at linkserve.net>
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600
Content-Type: text/plain;
charset="iso-8859-1"
Sender: owner-radiator at open.com.au
Precedence: bulk
Hugh:
Thanks. Can you pls explain how the
MacRadius works with Radiator & Optigold.
'Tunde Ogedengbe
Linkserve Limited
22 Akin Adesola Street
Victoria Island
Lagos - Nigeria
Tel: +234 1 2623900
Fax: +234 1 2623906
URL: http://www.linkserve.net
----- Original Message -----
From: "Hugh Irvine" <hugh at open.com.au>
To: "'Tunde Ogedengbe" <tunde at linkserve.net>; <radiator at open.com.au>
Cc: <chima at linkserve.net>; <joanne at open.com.au>
Sent: Tuesday, February 27, 2001 4:05 AM
Subject: Re: Optigold Billing System
>
> Hello 'Tunde -
>
> Radiator does not integrate directly with Optigold at this time, however
with
> the use of MacRADIUS, you can proxy from Radiator to Optigold very easily.
>
> We have tried to contact Optigold several times to integrate Radiator
> directly, however we have never had a response from them.
>
> regards
>
> Hugh
>
> On Tuesday 27 February 2001 03:14, 'Tunde Ogedengbe wrote:
> > We are evaluating Optigold Billing software. Does Radiator integrate
with
> > Optigold?
> >
> > 'Tunde Ogedengbe
> > Linkserve Limited
> > 22 Akin Adesola Street
> > Victoria Island
> > Lagos - Nigeria
> > Tel: +234 1 2623900
> > Fax: +234 1 2623906
> > URL: http://www.linkserve.net
> > ----- Original Message -----
> > From: "Hugh Irvine" <hugh at open.com.au>
> > To: <radiator1 at localmail.com>; <radiator at open.com.au>
> > Sent: Wednesday, February 14, 2001 1:26 AM
> > Subject: Re: (RADIATOR) Cisco AS5300 VoIP / Radiator
> >
> > > Hello Jeremy -
> > >
> > > At 17:54 -0500 01/2/13, List Account wrote:
> > > >Hi,
> > > >
> > > > We're trying to setup Radiator to work with our Cisco AS5300 to
> > > >do Voice over IP. We have things (basically) working, it will
> > > >authenticate off of caller ID, etc. But, there are a few extras
> > > >we'd like to do and need some advice on.
> > > >
> > > > First, has anyone used Simultaneous-Use with the AS5300 using
> > > >account numbers and PINs? For example, Joe User dials in, enters an
> > > >account number, a PIN, and makes a call. Let's say his wife picks
> > > >up the phone at some other location, dials in, and enters the same
> > > >account number and PIN. It shouldn't let her use it if he's already
> > > >on. One interesting thing to note is that the AS5300 seems to be
> > > >sending a null User-Name ("") when they use account/PIN.
> > > >
> > > > Second, whenever multiple users are dialed into the unit, only
> > > >one user is showing up in the online user database. I have the
> > > >radwho.cgi setup to work with it, and it only shows one entry in the
> > > >database. We are just using a standard DBM database file for now,
> > > >until we get things working, at which point we'll migrate it to
> > > >something better.
> > > >
> > > > If anyone has any ideas that may help, it would be appreciated.
> > > >Thanks. :)
> > >
> > > If you use a <SessionDatabase SQL>, you can provide your own queries
> > > to tailor the simultaneous use behaviour to your own requirements.
> > >
> > > regards
> > >
> > > Hugh
> > >
> > > --
> > >
> > > NB: I am travelling this week, so there may be delays in our
> >
> > correspondence.
> >
> > > Radiator: the most portable, flexible and configurable RADIUS server
> > > anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> > > Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
> > > Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
> > >
> > > ===
> > > Archive at http://www.starport.net/~radiator/
> > > Announcements on radiator-announce at open.com.au
> > > To unsubscribe, email 'majordomo at open.com.au' with
> > > 'unsubscribe radiator' in the body of the message.
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
>
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 14193 invoked by uid 0); 27 Feb 2001 16:25:30 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 27 Feb 2001 16:25:30 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id CAA18870
for radiator-zzlist; Wed, 28 Feb 2001 02:40:15 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id CAA18857
for radiator at open.com.au; Wed, 28 Feb 2001 02:40:10 +1100 (EST)
>Received: from mail.ripnet.com (mail.ripnet.com [206.47.98.3]) by perki.connect.com.au with ESMTP id CAA14590
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Wed, 28 Feb 2001 02:18:08 +1100 (EST)
Received: from mail.ripnet.com (mail.ripnet.com [206.47.98.3]) by perki.connect.com.au with ESMTP id CAA14590
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Wed, 28 Feb 2001 02:18:08 +1100 (EST)
Received: from smtp2.ripnet.com (www.recorder.ca [206.47.98.103])
by mail.ripnet.com (8.11.1/8.11.1) with ESMTP id f1RFHvS28184
for <radiator at open.com.au>; Tue, 27 Feb 2001 10:17:57 -0500
Received: from rewt ([192.168.0.24])
by smtp2.ripnet.com (8.11.2/8.11.1) with SMTP id f1RFE9u20066
for <radiator at open.com.au>; Tue, 27 Feb 2001 10:14:09 -0500
Message-ID: <000d01c0a0d0$7d86c580$1800a8c0 at ripnet.com>
From: "Jamie Orzechowski" <mhz at ripnet.com>
To: <radiator at open.com.au>
Subject: (RADIATOR) SNMP Problems ...
Date: Tue, 27 Feb 2001 10:18:07 -0500
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4522.1200
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200
Content-Type: text/plain;
charset="iso-8859-1"
Sender: owner-radiator at open.com.au
Precedence: bulk
hello ... I have a strange SNMP problem ... If I add the <SNMPAgent> to my
cfg I get a bunch of message saying it can;t find the Handler for this
request ... if I comment out the SNMP section it works without any problems
... any ideas??
here is my config ...
<SNMPAgent>
Community xxxxxxxxxxxxxx
</SNMPAgent>
<AuthBy DBFILE>
Identifier FlatFile
Filename %D/users
</AuthBy>
<AuthLog FILE>
Identifier Logger
Filename %L/Failure.log
LogSuccess 1
LogFailure 1
SuccessFormat %l:UserID %U - SUCCESS
FailureFormat %l:UserID %U - FAILED - Attempted Password "%P"
</AuthLog>
<AuthBy RODOPI>
Identifier CheckRODOPI
DBSource dbi:Sybase:rodopi
DBUsername Rodopi
DBAuth xxxxxxxxxxxx
</AuthBy>
<Handler Request-Type = Access-Request>
RewriteUsername s/^([^@]+).*/$1/
RewriteUsername tr/A-Z/a-z/
RewriteUsername s/\s+//g
AuthByPolicy ContinueAlways
AuthBy CheckRODOPI
</Handler>
<Handler Request-Type = Accounting-Request>
RewriteUsername s/^([^@]+).*/$1/
RewriteUsername tr/A-Z/a-z/
RewriteUsername s/\s+//g
AuthByPolicy ContinueAlways
AuthBy CheckRODOPI
</Handler>
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 14337 invoked by uid 0); 27 Feb 2001 19:47:59 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 27 Feb 2001 19:47:59 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id GAA19190
for radiator-zzlist; Wed, 28 Feb 2001 06:10:18 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id GAA19173
for radiator at open.com.au; Wed, 28 Feb 2001 06:10:11 +1100 (EST)
>Received: from dedos.pert.com.ar (dedos.pert.com.ar [200.49.76.34]) by perki.connect.com.au with ESMTP id FAA22363
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Wed, 28 Feb 2001 05:39:26 +1100 (EST)
Received: from dedos.pert.com.ar (dedos.pert.com.ar [200.49.76.34]) by perki.connect.com.au with ESMTP id FAA22363
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Wed, 28 Feb 2001 05:39:26 +1100 (EST)
Received: from cosa.intranet.pert.com.ar ([192.168.1.10]:56592 "EHLO cosa"
whoson: "popbaby") by dedos.pert.com.ar with ESMTP
id <S34476AbRB0Si4>; Tue, 27 Feb 2001 15:38:56 -0300
From: "Mariano Absatz" <lradius at pert.com.ar>
To: Radiator List <radiator at open.com.au>
Date: Tue, 27 Feb 2001 15:38:57 -0300
MIME-Version: 1.0
Content-transfer-encoding: 7BIT
Subject: (RADIATOR) <Log FILE> Identifier clause
Message-ID: <3A9BCA11.22311.5347AF3 at localhost>
X-mailer: Pegasus Mail for Win32 (v3.12c)
Content-Type: text/plain; charset=US-ASCII
Sender: owner-radiator at open.com.au
Precedence: bulk
Is it a bug? or is it a feature?
:-D
Some time ago, I let the "LogFile" statement from my radius.cfg commented
out (along with Trace 4) pointing to a filename of "debug" and added a
<Log FILE> clause pinting to another filename with trace 3, so I can
enable and disable debugging without affecting (especially in size) my
standard logging.
I tried it and didn't notice anything strange, but now that I enabled
debugging 'cause there was a problem (unrelated to radiator) I noticed
this line whenever I restart radiator in a trace 4:
Tue Feb 27 15:16:46 2001: ERR: Unknown keyword 'Identifier' in
/app/Radiator/etc/radius.cfg line 29
I check the file and it's the Identifier inside the <Log FILE> that,
according to section 6.10.3, should be allowed.
I attach the top of my radius.cfg
====================================================================
LogDir /D/logs/radius
DbDir /app/Radiator/db
DictionaryFile /app/Radiator/etc/dictionary
AuthPort 1812
AcctPort 1813
<SNMPAgent>
Port 50161
Community velo-com-isp
</SNMPAgent>
##################################################################
# LOGGING SECTION #
##################################################################
# Para debugging, descomentar las dos lineas siguientes
Trace 4
LogFile %L/%Y-%m/debuglog_%d-%q
#Trace:
#0 ERR. Error conditions. Serious and unexpected failures
#1 WARNING. Warning conditions. Unexpected failures
#2 NOTICE. Normal but significant conditions.
#3 INFO. Informational messages.
#4 DEBUG. Debugging messages.
#5 Incoming raw packet dumps in hexadecimal.
<Log FILE>
Identifier fileLoggerVelocom # ****THIS IS LINE 29****
Filename %L/%Y-%m/logfile_%d-%q
Trace 3
</Log>
# Log authentication success and failure to a file
<AuthLog FILE>
Identifier authLoggerVelocom
Filename %L/%Y-%m/auth_%d-%q
LogSuccess 1
LogFailure 1
SuccessFormat %l:%n:<****>:OK
FailureFormat %l:%n:%P:FAIL
# FailureFormat %l:%n:%P:FAIL:(%{Reason})
</AuthLog>
#<SNIP>
====================================================================
Any ideas?
--
Mariano Absatz
El Baby
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 14393 invoked by uid 0); 27 Feb 2001 20:41:25 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 27 Feb 2001 20:41:25 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id HAA19287
for radiator-zzlist; Wed, 28 Feb 2001 07:10:24 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id HAA19282
for radiator at open.com.au; Wed, 28 Feb 2001 07:10:20 +1100 (EST)
>Received: from mail.uspops.com (megaman.uspops.com [216.239.168.130]) by perki.connect.com.au with ESMTP id GAA25336
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Wed, 28 Feb 2001 06:52:17 +1100 (EST)
Date: Tue, 27 Feb 2001 11:57:37 -0800
Message-Id: <200102271157.AA11796984 at mail.uspops.com>
Mime-Version: 1.0
From: "Steve Roderick" <steve at uspops.com>
Reply-To: <steve at uspops.com>
X-Sender: <steve at mail.uspops.com>
To: <radiator at open.com.au>
Subject: (RADIATOR) Reply:Profile pseudo attribute
X-Mailer: <IMail v5.07>
Content-Type: text/plain; charset=us-ascii
Sender: owner-radiator at open.com.au
Precedence: bulk
Is there something special about this or can I use any name that I wish as long as I strip it before sending it back to the NAS?
I want to:
1. Lookup a customer ID in a PreProcessingHook
2. Store the customer ID in a reply attribute
3. Process the request with a custom AuthBy module
4. Strip the customer ID pseudo attribute from the reply packet
Do I need to use Profile or can I use 'cust_id'?
Does Profile (or cust_id) need to be defined in my dictionary?
Thanks for any help,
Steve
--
---
Stephen Roderick
Chairman/CEO
Universal Telecom, Inc.
--
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 15056 invoked by uid 0); 28 Feb 2001 02:50:02 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 28 Feb 2001 02:50:02 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id NAA19933
for radiator-zzlist; Wed, 28 Feb 2001 13:10:41 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id NAA19890
for radiator at open.com.au; Wed, 28 Feb 2001 13:10:30 +1100 (EST)
>Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id MAA14564
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Wed, 28 Feb 2001 12:58:44 +1100 (EST)
Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id MAA14564
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Wed, 28 Feb 2001 12:58:44 +1100 (EST)
Received: from hugo (acc23-ppp254.mel.dialup.connect.net.au [210.10.142.254])
by entoo.connect.com.au (Postfix) with SMTP
id 3C7E6DD468; Wed, 28 Feb 2001 12:56:47 +1100 (EST)
From: Hugh Irvine <hugh at open.com.au>
Reply-To: hugh at open.com.au
Organization: Open System Consultants
To: "Jamie Orzechowski" <mhz at ripnet.com>, <radiator at open.com.au>
Subject: Re: (RADIATOR) SNMP Problems ...
Date: Wed, 28 Feb 2001 12:10:06 +1100
X-Mailer: KMail [version 1.1.99]
References: <000d01c0a0d0$7d86c580$1800a8c0 at ripnet.com>
In-Reply-To: <000d01c0a0d0$7d86c580$1800a8c0 at ripnet.com>
MIME-Version: 1.0
Message-Id: <01022812100616.00913 at hugo>
Content-Transfer-Encoding: 8bit
Content-Type: text/plain;
charset="iso-8859-1"
Sender: owner-radiator at open.com.au
Precedence: bulk
Hello Jamie -
I have cut and pasted the configuration file listed below and it seems to
work fine. Can you please send me a trace 4 debug showing what is going on?
BTW - what version of Radiator are you running?
thanks
Hugh
On Wednesday 28 February 2001 02:18, Jamie Orzechowski wrote:
> hello ... I have a strange SNMP problem ... If I add the <SNMPAgent> to my
> cfg I get a bunch of message saying it can;t find the Handler for this
> request ... if I comment out the SNMP section it works without any problems
> .... any ideas??
>
> here is my config ...
>
> <SNMPAgent>
> Community xxxxxxxxxxxxxx
> </SNMPAgent>
>
> <AuthBy DBFILE>
> Identifier FlatFile
> Filename %D/users
> </AuthBy>
>
> <AuthLog FILE>
> Identifier Logger
> Filename %L/Failure.log
> LogSuccess 1
> LogFailure 1
> SuccessFormat %l:UserID %U - SUCCESS
> FailureFormat %l:UserID %U - FAILED - Attempted Password "%P"
> </AuthLog>
>
> <AuthBy RODOPI>
> Identifier CheckRODOPI
> DBSource dbi:Sybase:rodopi
> DBUsername Rodopi
> DBAuth xxxxxxxxxxxx
> </AuthBy>
>
> <Handler Request-Type = Access-Request>
> RewriteUsername s/^([^@]+).*/$1/
> RewriteUsername tr/A-Z/a-z/
> RewriteUsername s/\s+//g
> AuthByPolicy ContinueAlways
> AuthBy CheckRODOPI
> </Handler>
>
> <Handler Request-Type = Accounting-Request>
> RewriteUsername s/^([^@]+).*/$1/
> RewriteUsername tr/A-Z/a-z/
> RewriteUsername s/\s+//g
> AuthByPolicy ContinueAlways
> AuthBy CheckRODOPI
> </Handler>
>
>
> ===
> Archive at http://www.starport.net/~radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 15073 invoked by uid 0); 28 Feb 2001 03:03:21 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 28 Feb 2001 03:03:21 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id NAA19947
for radiator-zzlist; Wed, 28 Feb 2001 13:10:47 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id NAA19919
for radiator at open.com.au; Wed, 28 Feb 2001 13:10:38 +1100 (EST)
>Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id MAA14596
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Wed, 28 Feb 2001 12:58:57 +1100 (EST)
Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id MAA14596
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Wed, 28 Feb 2001 12:58:57 +1100 (EST)
Received: from hugo (acc23-ppp254.mel.dialup.connect.net.au [210.10.142.254])
by entoo.connect.com.au (Postfix) with SMTP
id B4B71DD74E; Wed, 28 Feb 2001 12:56:54 +1100 (EST)
From: Hugh Irvine <hugh at open.com.au>
Reply-To: hugh at open.com.au
Organization: Open System Consultants
To: "Mariano Absatz" <lradius at pert.com.ar>,
Radiator List <radiator at open.com.au>
Subject: Re: (RADIATOR) <Log FILE> Identifier clause
Date: Wed, 28 Feb 2001 12:31:02 +1100
X-Mailer: KMail [version 1.1.99]
References: <3A9BCA11.22311.5347AF3 at localhost>
In-Reply-To: <3A9BCA11.22311.5347AF3 at localhost>
MIME-Version: 1.0
Message-Id: <0102281231021A.00913 at hugo>
Content-Transfer-Encoding: 8bit
Content-Type: text/plain;
charset="US-ASCII"
Sender: owner-radiator at open.com.au
Precedence: bulk
Hello Mariano -
What version of Radiator are you running?
I get the same error in Radiator 2.17.1.
However, I have also tested this with Radiator 2.18 (alpha) and the problem
has been fixed, so I would suggest you upgrade when 2.18 is released.
regards
Hugh
On Wednesday 28 February 2001 05:38, Mariano Absatz wrote:
> Is it a bug? or is it a feature?
>
> :-D
>
> Some time ago, I let the "LogFile" statement from my radius.cfg commented
> out (along with Trace 4) pointing to a filename of "debug" and added a
> <Log FILE> clause pinting to another filename with trace 3, so I can
> enable and disable debugging without affecting (especially in size) my
> standard logging.
>
> I tried it and didn't notice anything strange, but now that I enabled
> debugging 'cause there was a problem (unrelated to radiator) I noticed
> this line whenever I restart radiator in a trace 4:
>
> Tue Feb 27 15:16:46 2001: ERR: Unknown keyword 'Identifier' in
> /app/Radiator/etc/radius.cfg line 29
>
> I check the file and it's the Identifier inside the <Log FILE> that,
> according to section 6.10.3, should be allowed.
>
> I attach the top of my radius.cfg
> ====================================================================
> LogDir /D/logs/radius
> DbDir /app/Radiator/db
> DictionaryFile /app/Radiator/etc/dictionary
> AuthPort 1812
> AcctPort 1813
> <SNMPAgent>
> Port 50161
> Community velo-com-isp
> </SNMPAgent>
>
>
> ##################################################################
> # LOGGING SECTION #
> ##################################################################
>
> # Para debugging, descomentar las dos lineas siguientes
> Trace 4
> LogFile %L/%Y-%m/debuglog_%d-%q
>
> #Trace:
> #0 ERR. Error conditions. Serious and unexpected failures
> #1 WARNING. Warning conditions. Unexpected failures
> #2 NOTICE. Normal but significant conditions.
> #3 INFO. Informational messages.
> #4 DEBUG. Debugging messages.
> #5 Incoming raw packet dumps in hexadecimal.
>
> <Log FILE>
> Identifier fileLoggerVelocom # ****THIS IS LINE 29****
> Filename %L/%Y-%m/logfile_%d-%q
> Trace 3
> </Log>
>
> # Log authentication success and failure to a file
> <AuthLog FILE>
> Identifier authLoggerVelocom
> Filename %L/%Y-%m/auth_%d-%q
> LogSuccess 1
> LogFailure 1
> SuccessFormat %l:%n:<****>:OK
> FailureFormat %l:%n:%P:FAIL
> # FailureFormat %l:%n:%P:FAIL:(%{Reason})
> </AuthLog>
>
> #<SNIP>
> ====================================================================
>
> Any ideas?
>
> --
> Mariano Absatz
> El Baby
>
> ===
> Archive at http://www.starport.net/~radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 15080 invoked by uid 0); 28 Feb 2001 03:03:23 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 28 Feb 2001 03:03:23 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id NAA19906
for radiator-zzlist; Wed, 28 Feb 2001 13:10:34 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id NAA19882
for radiator at open.com.au; Wed, 28 Feb 2001 13:10:27 +1100 (EST)
>Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id MAA14556
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Wed, 28 Feb 2001 12:58:40 +1100 (EST)
Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id MAA14556
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Wed, 28 Feb 2001 12:58:40 +1100 (EST)
Received: from hugo (acc23-ppp254.mel.dialup.connect.net.au [210.10.142.254])
by entoo.connect.com.au (Postfix) with SMTP
id C87EBDD779; Wed, 28 Feb 2001 12:56:43 +1100 (EST)
From: Hugh Irvine <hugh at open.com.au>
Reply-To: hugh at open.com.au
Organization: Open System Consultants
To: "Steve Roderick" <steve at uspops.com>, <radiator at open.com.au>
Subject: Re: (RADIATOR) Reply:Profile pseudo attribute
Date: Wed, 28 Feb 2001 11:15:20 +1100
X-Mailer: KMail [version 1.1.99]
References: <200102271157.AA11796984 at mail.uspops.com>
In-Reply-To: <200102271157.AA11796984 at mail.uspops.com>
MIME-Version: 1.0
Message-Id: <01022811152014.00913 at hugo>
Content-Transfer-Encoding: 8bit
Content-Type: text/plain;
charset="us-ascii"
Sender: owner-radiator at open.com.au
Precedence: bulk
Hello Steve -
You can do all of what you describe, although if you put the pseudo-attribute
into the request packet, you won't have to bother stripping it.
On Wednesday 28 February 2001 06:57, Steve Roderick wrote:
> Is there something special about this or can I use any name that I wish as
> long as I strip it before sending it back to the NAS?
>
You can use any name you wish (see above).
> I want to:
>
> 1. Lookup a customer ID in a PreProcessingHook
Fine.
> 2. Store the customer ID in a reply attribute
OK (but consider using the request packet as above).
> 3. Process the request with a custom AuthBy module
Sure.
> 4. Strip the customer ID pseudo attribute from the reply packet
Yup.
>
> Do I need to use Profile or can I use 'cust_id'?
> Does Profile (or cust_id) need to be defined in my dictionary?
>
Since there is no translation to or from binary wire format, you do not need
anything special defined in the dictionary.
> Thanks for any help,
>
You're welcome.
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 15288 invoked by uid 0); 28 Feb 2001 04:55:38 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 28 Feb 2001 04:55:38 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id PAA20130
for radiator-zzlist; Wed, 28 Feb 2001 15:10:20 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id PAA20118
for radiator at open.com.au; Wed, 28 Feb 2001 15:10:15 +1100 (EST)
>Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id OAA20231
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Wed, 28 Feb 2001 14:40:52 +1100 (EST)
Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id OAA20231
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Wed, 28 Feb 2001 14:40:52 +1100 (EST)
Received: from hugo (acc23-ppp254.mel.dialup.connect.net.au [210.10.142.254])
by entoo.connect.com.au (Postfix) with SMTP
id 458E1DD41B; Wed, 28 Feb 2001 14:38:54 +1100 (EST)
From: Hugh Irvine <hugh at open.com.au>
Reply-To: hugh at open.com.au
Organization: Open System Consultants
To: maisys at xt.net, brewer at comedia.it,
Maisys di Domenico Martini <maisys at xt.net>, radiator at open.com.au
Subject: (RADIATOR) Re: hp-it
Date: Wed, 28 Feb 2001 14:53:03 +1100
X-Mailer: KMail [version 1.1.99]
References: <3A9C3ED8.3606E13F at xt.net>
In-Reply-To: <3A9C3ED8.3606E13F at xt.net>
MIME-Version: 1.0
Message-Id: <0102281453031K.00913 at hugo>
Content-Transfer-Encoding: 8bit
Content-Type: text/plain;
charset="iso-8859-1"
Sender: owner-radiator at open.com.au
Precedence: bulk
Hello Domenico -
I can see that the cisco-avpair is being returned correctly, but I suspect
there may be some additional configuration on the Cisco required.
I have copied this mail to the radiator mailing list in the hopes that
someone on the list has already got this sort of thing working and is willing
to share the Cisco configuration.
There is some mention of virtual profiles on the archive site, so you may
also want to check and do a search:
http://www.starport.net/~radiator
Here is a direct reference that may help:
http://www.starport.net/~radiator/2000-01/msg00168.html
regards
Hugh
> > Hello,
> i have some problem with radiator.
> Actually i was able to install it under an nt eviroment with active
> perl5.6 and it actually autenticate with Authby NT.
> My problem is this i have a cisco 5300 as NAS i autenticate with
> radiator using nt accounts i have added a authby file to check the NT
> group and to give different pool address considring the NT Group.
> Th e problem is that even is reading the log radius is doing is job
> cisco accept the first authentication and starts ppp with the first
> address-pool specificated in the conf file.
> So then radius pass the Attriibutes cisco-avpair =
> "ip:addr-pool=WHATEVER",PPP is just up and running.
> How could i correct this?
> Thank in advance for your help
> Please find attached radius.cgf,dictionary file, user file (Heiweb),log
> file and cisco config file.
>
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 15910 invoked by uid 0); 28 Feb 2001 10:59:02 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 28 Feb 2001 10:59:02 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id VAA21007
for radiator-zzlist; Wed, 28 Feb 2001 21:10:24 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id VAA21002;
Wed, 28 Feb 2001 21:10:20 +1100 (EST)
>Received: from smtp1.versatel.com ([62.58.16.73]) by perki.connect.com.au with ESMTP id UAA08750
(8.8.8/IDA-1.7); Wed, 28 Feb 2001 20:42:32 +1100 (EST)
Received: from smtp1.versatel.com ([62.58.16.73]) by perki.connect.com.au with ESMTP id UAA08750
(8.8.8/IDA-1.7); Wed, 28 Feb 2001 20:42:32 +1100 (EST)
Received: from amshqb-exch02.versatel.com ([10.205.18.36]) by smtp1.versatel.com with Microsoft SMTPSVC(5.0.2172.1);
Wed, 28 Feb 2001 10:40:44 +0100
Received: by AMSHQB-EXCH02 with Internet Mail Service (5.5.2653.19)
id <FPXPGWYW>; Wed, 28 Feb 2001 10:43:18 +0100
Message-ID: <77A588078DF6D3118C0A00508B8E0367038758AF at AMSHQB-EXCH02>
From: Lisa Goulet <Lisa.Goulet at versatel.nl>
To: "'radiator-support at open.com.au'" <radiator-support at open.com.au>
Cc: radiator at open.com.au
Subject: (RADIATOR) Tunnel set up with Nortel CVX 1800
Date: Wed, 28 Feb 2001 10:43:17 +0100
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
X-OriginalArrivalTime: 28 Feb 2001 09:40:44.0405 (UTC) FILETIME=[85758250:01C0A16A]
Content-Type: text/plain
Sender: owner-radiator at open.com.au
Precedence: bulk
Hi,
I'm having difficulty with setting up a tunnel with Nortel CVX:
Here's the tunnel part of my config file:
AddToReply Tunnel-Type = 3,\
Tunnel-Medium-Type = 1, \
Tunnel-ID = lns,\
Tunnel-Password = lns,\
Tunnel-Client-Endpoint = lns, \
Tunnel-Server-Endpoint = "\00062.58.88.46 ppp"
Here's a trace of tunnel parameters being sent out by the radiator:
*** Sending to xxx.xxx.xxx.xxx port 2048 ....
Code: Access-Accept
Identifier: 105
Authentic: K<3>:hb<27>?<198>=<19><<20><21>e<1>c
Attributes:
CVX-VPOP-ID = 30
Tunnel-Type = 3
Tunnel-Medium-Type = 1
Tunnel-ID = "lns"
Tunnel-Password =
"<0><213><154>F~<235>]<191><151>.Mm7<146><151><240><220>R<247>"
Tunnel-Client-Endpoint = "lns"
Tunnel-Server-Endpoint = "<0>62.58.88.46 ppp"
Here's a trace on the CVX side, note that Tunnel-Type is being interpreted
as Vendor-Specific 26:
radius: Access-Accept (2) from server 62.58.62.132, id 106,
length 112, time 64 ms
radius: auth c9 c7 ca 9e ef 89 a6 47
radius: 0c cd b4 04 04 ae c1 9f
Vendor-Specific [26, len 10] = <2637>
CVX-VPOP-Id [2, len 4] = <30>
Vendor-Specific [26, len 10] = <307>
unknown [64, len 4] = <00 00 00 03>
Vendor-Specific [26, len 10] = <307>
unknown [65, len 4] = <00 00 00 01>
Tunnel-Id [68, len 3] = <lns>
Vendor-Specific [26, len 25] = <307>
unknown [69, len 19] = <00 b9 32 a4 67 11 76
b7 ...>
Tunnel-Client-Endpoint [66, len 3] = <lns>
Vendor-Specific [26, len 17] = <307>
unknown [67, len 11] = <36 32 2e 35 38 2e 38 38 ...>
I appreciate any help,
Lisa
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 15935 invoked by uid 0); 28 Feb 2001 11:07:37 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 28 Feb 2001 11:07:37 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id VAA21131
for radiator-zzlist; Wed, 28 Feb 2001 21:40:54 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id VAA21095;
Wed, 28 Feb 2001 21:40:32 +1100 (EST)
>Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id VAA10393
(8.8.8/IDA-1.7); Wed, 28 Feb 2001 21:18:08 +1100 (EST)
Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id VAA10393
(8.8.8/IDA-1.7); Wed, 28 Feb 2001 21:18:08 +1100 (EST)
Received: from hugo (acc22-ppp137.mel.dialup.connect.net.au [210.10.141.137])
by entoo.connect.com.au (Postfix) with SMTP
id C0EB2DD442; Wed, 28 Feb 2001 21:16:10 +1100 (EST)
From: Hugh Irvine <hugh at open.com.au>
Reply-To: hugh at open.com.au
Organization: Open System Consultants
To: Lisa Goulet <Lisa.Goulet at versatel.nl>,
"'radiator-support at open.com.au'" <radiator-support at open.com.au>
Subject: (RADIATOR) Re: Tunnel set up with Nortel CVX 1800
Date: Wed, 28 Feb 2001 21:30:38 +1100
X-Mailer: KMail [version 1.1.99]
Cc: radiator at open.com.au
References: <77A588078DF6D3118C0A00508B8E0367038758AF at AMSHQB-EXCH02>
In-Reply-To: <77A588078DF6D3118C0A00508B8E0367038758AF at AMSHQB-EXCH02>
MIME-Version: 1.0
Message-Id: <0102282130381S.00913 at hugo>
Content-Transfer-Encoding: 8bit
Content-Type: text/plain;
charset="iso-8859-1"
Sender: owner-radiator at open.com.au
Precedence: bulk
Hello Lisa -
What dictionary file are you using?
Here is an extract from the standard dictionary file:
#
# IETF Tunneling Attributes
# Values for string attributes other than Tunnel-Password
# must _always_ have a 0 octet at the beginning, eg:
# Tunnel-Server-Endpoint "\000203.63.154.22 fr:20"
I notice that you are not doing this.
BTW - where is the CVX-VPOP-ID attribute coming from?
hth
Hugh
On Wednesday 28 February 2001 20:43, Lisa Goulet wrote:
> Hi,
>
> I'm having difficulty with setting up a tunnel with Nortel CVX:
>
> Here's the tunnel part of my config file:
>
> AddToReply Tunnel-Type = 3,\
> Tunnel-Medium-Type = 1, \
> Tunnel-ID = lns,\
> Tunnel-Password = lns,\
> Tunnel-Client-Endpoint = lns, \
> Tunnel-Server-Endpoint = "\00062.58.88.46 ppp"
>
>
> Here's a trace of tunnel parameters being sent out by the radiator:
>
> *** Sending to xxx.xxx.xxx.xxx port 2048 ....
> Code: Access-Accept
> Identifier: 105
> Authentic: K<3>:hb<27>?<198>=<19><<20><21>e<1>c
> Attributes:
> CVX-VPOP-ID = 30
> Tunnel-Type = 3
> Tunnel-Medium-Type = 1
> Tunnel-ID = "lns"
> Tunnel-Password =
> "<0><213><154>F~<235>]<191><151>.Mm7<146><151><240><220>R<247>"
> Tunnel-Client-Endpoint = "lns"
> Tunnel-Server-Endpoint = "<0>62.58.88.46 ppp"
>
>
> Here's a trace on the CVX side, note that Tunnel-Type is being interpreted
> as Vendor-Specific 26:
>
> radius: Access-Accept (2) from server 62.58.62.132, id 106,
> length 112, time 64 ms
> radius: auth c9 c7 ca 9e ef 89 a6 47
> radius: 0c cd b4 04 04 ae c1 9f
> Vendor-Specific [26, len 10] = <2637>
> CVX-VPOP-Id [2, len 4] = <30>
> Vendor-Specific [26, len 10] = <307>
> unknown [64, len 4] = <00 00 00 03>
> Vendor-Specific [26, len 10] = <307>
> unknown [65, len 4] = <00 00 00 01>
> Tunnel-Id [68, len 3] = <lns>
> Vendor-Specific [26, len 25] = <307>
> unknown [69, len 19] = <00 b9 32 a4 67 11 76
> b7 ...>
> Tunnel-Client-Endpoint [66, len 3] = <lns>
> Vendor-Specific [26, len 17] = <307>
> unknown [67, len 11] = <36 32 2e 35 38 2e 38 38 ...>
>
>
>
> I appreciate any help,
> Lisa
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 15945 invoked by uid 0); 28 Feb 2001 11:07:40 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 28 Feb 2001 11:07:40 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id VAA21110
for radiator-zzlist; Wed, 28 Feb 2001 21:40:38 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id VAA21081
for radiator at open.com.au; Wed, 28 Feb 2001 21:40:27 +1100 (EST)
>Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id VAA09687
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Wed, 28 Feb 2001 21:06:55 +1100 (EST)
Received: from entoo.connect.com.au (entoo.connect.com.au [192.189.54.8]) by perki.connect.com.au with ESMTP id VAA09687
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Wed, 28 Feb 2001 21:06:55 +1100 (EST)
Received: from hugo (acc22-ppp137.mel.dialup.connect.net.au [210.10.141.137])
by entoo.connect.com.au (Postfix) with SMTP
id 0BFD0DD53F; Wed, 28 Feb 2001 21:04:55 +1100 (EST)
From: Hugh Irvine <hugh at open.com.au>
Reply-To: hugh at open.com.au
Organization: Open System Consultants
To: Janet N del Mundo <jdelmundo at corp.netpci.com>
Subject: Re: (RADIATOR) Multiple SessionDatabase not working!
Date: Wed, 28 Feb 2001 21:19:23 +1100
X-Mailer: KMail [version 1.1.99]
Cc: radiator at open.com.au
References: <3A9B1AAF.8A8A0C8F at corp.netpci.com> <0102271613000V.00913 at hugo> <3A9B48C0.C6F4E68F at corp.netpci.com>
In-Reply-To: <3A9B48C0.C6F4E68F at corp.netpci.com>
MIME-Version: 1.0
Message-Id: <0102282119231R.00913 at hugo>
Content-Transfer-Encoding: 8bit
Content-Type: text/plain;
charset="us-ascii"
Sender: owner-radiator at open.com.au
Precedence: bulk
Hello Janet -
On Tuesday 27 February 2001 17:27, Janet N del Mundo wrote:
> Is this for version 2.17.1? I don't see patches for SessionDatabase
> NULL for 2.17.1.
>
> I tried reversing the order - placing SessionDatabase DBM last and it
> seems to be working... that's weird. I read one of your old emails and
> you said to try to reverse the order which I did. Is this the bug?
>
We have been unable to reproduce the problem with Radiator 2.17.1 (using a
cut and paste of your configuration file). Is it possible that you have a
typo in the Identifier of the SessionDatabase NULL? Otherwise, how did you
install Radiator 2.17.1? Was it a clean install? Can you try running it
directly from the distribution directory?
thanks
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 15943 invoked by uid 0); 28 Feb 2001 11:07:38 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 28 Feb 2001 11:07:38 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id VAA21132
for radiator-zzlist; Wed, 28 Feb 2001 21:40:55 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id VAA21104
for radiator at open.com.au; Wed, 28 Feb 2001 21:40:34 +1100 (EST)
>Received: from bert.chant.org.uk (pc144-gui4.cable.ntl.com [62.252.21.144]) by perki.connect.com.au with ESMTP id VAA10418
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Wed, 28 Feb 2001 21:20:14 +1100 (EST)
Received: from bert.chant.org.uk (pc144-gui4.cable.ntl.com [62.252.21.144]) by perki.connect.com.au with ESMTP id VAA10418
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Wed, 28 Feb 2001 21:20:14 +1100 (EST)
Received: from andy (helo=localhost)
by bert.chant.org.uk with local-esmtp (Exim 3.16 #13)
id 14Y3iL-0005I7-00
for radiator at open.com.au; Wed, 28 Feb 2001 10:20:09 +0000
Date: Wed, 28 Feb 2001 10:20:08 +0000 (GMT)
From: Andrew Chant <andy at chant.org.uk>
To: radiator at open.com.au
Subject: (RADIATOR) Auth Problems
Message-ID: <Pine.LNX.4.21.0102280959110.19906-100000 at bert.chant.org.uk>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-radiator at open.com.au
Precedence: bulk
Hi,
Having just recently purchased Radiator, we are having a few problems with
some authentication, I was hoping that someone here may have a sugestion
as to what is happening.
My dialup port provider prefers CHAP over PAP, so most requests are CHAP,
and as far as I am aware work fine, here is a packet trace of a request;
Request (f9) - xx.xx.xx.xx:57699 -> xx.xx.xx.xx:1645 (L128)
User-Name Len 23 "usernamewashere"
CHAP-Password Len 19 "passwordwashere"
NAS-IP-Address Len 6 xx.xx.xx.xx
NAS-Port Len 6 20025
Service-Type Len 6 Framed-User
Framed-Protocol Len 6 PPP
Called-Station-Id Len 8 "xxxx"
Calling-Station-Id Len 13 "xxxx"
Proxy-State Len 15 "xxxx"
NAS-Port-Type Len 6 ISDN
This is an example of a request which works fine. However, the following
is an example of what I am getting, which is causing errors;
Request (c1) - xx.xx.xx.xx:57581 -> xx.xx.xx.xx:1645 (L127)
User-Name Len 23 "sameusernamewashere"
NAS-IP-Address Len 6 xx.xx.xx.xx
NAS-Port Len 6 20118
Service-Type Len 6 Framed-User
Framed-Protocol Len 6 PPP
Called-Station-Id Len 8 "xxx"
Calling-Station-Id Len 13 "xxx"
Proxy-State Len 15 "xxx"
NAS-Port-Type Len 6 ISDN
User-Password Len 18 "passwordwashere"
This request is causing "Bad Password" errors, and needless to say my
customers are not likeing it. My gut feeling says this is a PAP request,
and for some reason it does not like it, but I am no expert.
Here follows the segments of my conf I think are significant to this;
======
<Realm DEFAULT>
<AuthBy SQL>
AccountingStopsOnly
AccountingTable ACCOUNTING
AcctColumnDef USERNAME,User-Name
AcctColumnDef TIME_STAMP,Timestamp,integer
AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
AcctColumnDef NASIDENTIFIER,NAS-Identifier
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AcctColumnDef CALLEDSTATIONID,Called-Station-Id
AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
AuthColumnDef 0, Password, check
AuthColumnDef 1, GENERIC, check
AuthColumnDef 2, GENERIC, reply
AuthSelect select SUBSCRIBERS.PASSWORD, GROUPS.CHECKATTR,
GROUPS.REPLYATTR from SUBSCRIBERS, GROUPS where SUBSCRIBERS.USERNAME='%n'
AND GROUPS.GROUPNAME = SUBSCRIBERS.GROUPNAME
DBAuth xxxxx
DBSource DBI:mysql:radius
DBUsername xxxx
Identifier authmysql
</AuthBy>
# AccountingHandled
# AuthBy authmysql
# AuthByPolicy ContinueWhileIgnore
RejectHasReason
SessionDatabase mysqlsess
AuthLog myauthlogger
</Realm>
<Client xx.xx.xx.xx>
Description clientproxy1
DupInterval 2
Secret xxxxxxxxxxxx
IgnoreAcctSignature
NasType unknown
</Client>
<Client xx.xx.xx.xx>
Description clientproxy2
DupInterval 2
Secret xxxxxxxxxxxx
IgnoreAcctSignature
NasType unknown
</Client>
=======
Any help would be much appreciated.
Thanks
Andrew Chant
Datanet International
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 15956 invoked by uid 0); 28 Feb 2001 11:07:41 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 28 Feb 2001 11:07:41 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id VAA21046
for radiator-zzlist; Wed, 28 Feb 2001 21:37:49 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id VAA21035;
Wed, 28 Feb 2001 21:32:26 +1100 (EST)
From: "Mike McCauley" <mikem at open.com.au>
Message-Id: <1010228213224.ZM21033 at oscar.open.com.au>
Date: Wed, 28 Feb 2001 21:32:24 -0500
In-Reply-To: Lisa Goulet <Lisa.Goulet at versatel.nl>
"Tunnel set up with Nortel CVX 1800" (Feb 28, 10:43am)
References: <77A588078DF6D3118C0A00508B8E0367038758AF at AMSHQB-EXCH02>
X-Mailer: Z-Mail (4.0.1 13Jan97)
To: Lisa Goulet <Lisa.Goulet at versatel.nl>,
"'radiator-support at open.com.au
'" <radiator-support at open.com.au>
Subject: (RADIATOR) Re: Tunnel set up with Nortel CVX 1800
Cc: radiator at open.com.au
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-radiator at open.com.au
Precedence: bulk
Hello Lisa,
Looks to me like you are getting the 307 versions of some of the IETF
tunnelling attributes. Prob they are coming from these lines in your
dictionary:
VENDORATTR 307 Tunnel-Type 64 integer
VENDORATTR 307 Tunnel-Medium-Type 65 integer
VENDORATTR 307 Tunnel-Server-Endpoint 67 string
VENDORATTR 307 Tunnel-Password 69 string
I suggest you comment those out of your dictionary and restart your Radiator.
Let us know how you go. It might be best for us to lkeave them out of the dict
permanently.
Cheers.
On Feb 28, 10:43am, Lisa Goulet wrote:
> Subject: Tunnel set up with Nortel CVX 1800
> Hi,
>
> I'm having difficulty with setting up a tunnel with Nortel CVX:
>
> Here's the tunnel part of my config file:
>
> AddToReply Tunnel-Type = 3,\
> Tunnel-Medium-Type = 1, \
> Tunnel-ID = lns,\
> Tunnel-Password = lns,\
> Tunnel-Client-Endpoint = lns, \
> Tunnel-Server-Endpoint = "\00062.58.88.46 ppp"
>
>
> Here's a trace of tunnel parameters being sent out by the radiator:
>
> *** Sending to xxx.xxx.xxx.xxx port 2048 ....
> Code: Access-Accept
> Identifier: 105
> Authentic: K<3>:hb<27>?<198>=<19><<20><21>e<1>c
> Attributes:
> CVX-VPOP-ID = 30
> Tunnel-Type = 3
> Tunnel-Medium-Type = 1
> Tunnel-ID = "lns"
> Tunnel-Password =
> "<0><213><154>F~<235>]<191><151>.Mm7<146><151><240><220>R<247>"
> Tunnel-Client-Endpoint = "lns"
> Tunnel-Server-Endpoint = "<0>62.58.88.46 ppp"
>
>
> Here's a trace on the CVX side, note that Tunnel-Type is being interpreted
> as Vendor-Specific 26:
>
> radius: Access-Accept (2) from server 62.58.62.132, id 106,
> length 112, time 64 ms
> radius: auth c9 c7 ca 9e ef 89 a6 47
> radius: 0c cd b4 04 04 ae c1 9f
> Vendor-Specific [26, len 10] = <2637>
> CVX-VPOP-Id [2, len 4] = <30>
> Vendor-Specific [26, len 10] = <307>
> unknown [64, len 4] = <00 00 00 03>
> Vendor-Specific [26, len 10] = <307>
> unknown [65, len 4] = <00 00 00 01>
> Tunnel-Id [68, len 3] = <lns>
> Vendor-Specific [26, len 25] = <307>
> unknown [69, len 19] = <00 b9 32 a4 67 11 76
> b7 ...>
> Tunnel-Client-Endpoint [66, len 3] = <lns>
> Vendor-Specific [26, len 17] = <307>
> unknown [67, len 11] = <36 32 2e 35 38 2e 38 38 ...>
>
>
>
> I appreciate any help,
> Lisa
>
>-- End of excerpt from Lisa Goulet
--
Mike McCauley mikem at open.com.au
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc
on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
Received: (qmail 16035 invoked by uid 0); 28 Feb 2001 12:20:54 -0000
Received: from oscar.open.com.au (203.63.154.1)
by 61.8.97.232 with SMTP; 28 Feb 2001 12:20:54 -0000
Received: by oscar.open.com.au (8.9.0/8.9.0) id WAA21313
for radiator-zzlist; Wed, 28 Feb 2001 22:41:04 +1100 (EST)
X-Authentication-Warning: oscar.open.com.au: majordom set sender to owner-radiator at open.com.au using -f
Received: by oscar.open.com.au (8.9.0/8.9.0) id WAA21283
for radiator at open.com.au; Wed, 28 Feb 2001 22:40:56 +1100 (EST)
From: Thomas.Krumm at tesion.de
>Received: from eagle2.tesion.net (stu1pf1.tesion.de [195.226.104.46]) by perki.connect.com.au with SMTP id WAA12394
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Wed, 28 Feb 2001 22:09:32 +1100 (EST)
Received: from eagle2.tesion.net (stu1pf1.tesion.de [195.226.104.46]) by perki.connect.com.au with SMTP id WAA12394
(8.8.8/IDA-1.7 for <radiator at open.com.au>); Wed, 28 Feb 2001 22:09:32 +1100 (EST)
Received: from stu1pc310.tesion.de by eagle2.tesion.net
via smtpd (for perki.connect.com.au [192.189.54.5]) with SMTP; 28 Feb 2001 09:37:04 UT
Received: from stu1sv004.it.tesion.net (unverified) by pcw106.it.tesion.net
(Content Technologies SMTPRS 4.2.1) with ESMTP id <T52015f7aedc3e26841146 at pcw106.it.tesion.net> for <radiator at open.com.au>;
Wed, 28 Feb 2001 12:12:32 +0100
Received: by stu1sv004.it.tesion.net with Internet Mail Service (5.5.2650.21)
id <FZ6PLXPF>; Wed, 28 Feb 2001 12:08:27 +0100
Message-ID: <45C6FEB8557DD21194C30020480E3F430251D1E7 at stu1sv004.it.tesion.net>
To: radiator at open.com.au
Subject: (RADIATOR) Forwarding Accounting Data
Date: Wed, 28 Feb 2001 12:08:26 +0100
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2650.21)
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by oscar.open.com.au id WAB21283
Sender: owner-radiator at open.com.au
Precedence: bulk
Dear all,
I need to forward my Radius Accounting-Data to another Server and at the
same time keep a copy of them on my local Radiator Server. So after reading
a few of the articels about forwarding in the Mailinglist I wrote the
following radius.cfg (only the important lines) which seems to work fine,
except that the Radiator doesn´t relpy the Accounting-Request coming from
the NAS back to the NAS. But my NAS gets confused without the reply. Any
ideas ? Are there better solutions for forwarding Accounting-Data ?
<Handler Request-Type = Accounting-Request>
AcctLogFileName %L/detail
<AuthBy RADIUS>
Host <IP Addr. of Remote Server>
Secret <mysecret>
NoForwardAuthentication
Retries 0
</AuthBy>
</Handler>
<Handler>
<AuthBy GROUP>
AuthByPolicy ContinueWhileReject
<AuthBy FILE>
...
</AuthBy>
<AuthBy LDAP2>
...
</AuthBy>
</AuthBy>
</Handler>
===
Archive at http://www.starport.net/~radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list