No subject


Tue Jun 24 01:18:08 CDT 2008 

Cisco, and if the Cisco is not doing the right thing, then you will need to 
check with Cisco how to configure the NAS to do what you require.

If may be that you will need to use the special "cisco-avpair" reply 
attribute, but you should check the Cisco web site and do a search on radius 
support and cisco-avpair support.

Here is the URL for a reference to an article on this topic on the archive:

http://www.open.com.au/archives/radiator/2000-06/msg00211.html

regards

Hugh


On Saturday 10 November 2001 23:41, Jai Kumar Shinde wrote:
> Hi,
>
> I am using RADIATOR AND RADMIN with MYSQL DATABASE for DIALUP
> AUTHENTICATION, with RAS CISCO 5300.
>
> i am trying to allocat static IP address for few users which are in MYSQL
> database, As i am using the field STATICIPADDRESS in mysql, i have added
> that ip address in that field. but when i try to connect using DIALUP, it
> allots the different IPADDRESS which in RAS local POOL, not from the
> STATICIPADDRESS field. After seeing the log file  the radius is sending the
> ip address..plz see below
>
>   *** Sending to 203.171.148.13 port 1645 ....
> Code:       Access-Accept
> Identifier: 73
> Authentic:  )uR<248><132><129><221>:yL<156><240><182><253>Pd
> Attributes:
>         Framed-IP-Address = x.x.x.x(the ip address
>         Session-Timeout = 27433
>         Service-Type = Framed-User
>         Framed-Protocol = PPP
>         Framed-IP-Netmask = 255.255.255.255
>         Framed-Routing = None
>         Framed-MTU = 1500
>         Framed-Compression = Van-Jacobson-TCP-IP
>
>
>
> As  started debug at the CISCO RAS, its showing the Framed-IP-ADDRESS IP
> address,
>
>
>
>
> 2d00h: AAA/MEMORY: create_user (0x61BD6734) user='0404040404040404'
> ruser='' port='Async195' rem_addr='116161989/116189707' authen_type=CHAP
> service=PPP priv=1
> 2d00h: AAA/AUTHEN/START (2933723112): port='Async195' list='net4del2'
> action=LOGIN service=PPP
> 2d00h: AAA/AUTHEN/START (2933723112): found list net4del2
> 2d00h: AAA/AUTHEN (2933723112): status = UNKNOWN
> 2d00h: AAA/AUTHEN/START (2933723112): Method=LOCAL
> 2d00h: AAA/AUTHEN (2933723112): status = ERROR
> 2d00h: AAA/AUTHEN/START (2933723112): Method=radius (radius)
> 2d00h: RADIUS: ustruct sharecount=1
> 2d00h: RADIUS: Initial Transmit Async195 id 216 x.x.x.x:1812,
> Access-Request, len 109
> 2d00h:         Attribute 4 6 CB47813C
> 2d00h:         Attribute 5 6 000000C3
> 2d00h:         Attribute 61 6 00000000
> 2d00h:         Attribute 1 18 30343034
> 2d00h:         Attribute 30 11 31313631
> 2d00h:         Attribute 31 11 31313631
> 2d00h:         Attribute 3 19 13400D0C
> 2d00h:         Attribute 6 6 00000002
> 2d00h:         Attribute 7 6 00000001
> 2d00h: RADIUS: Received from id 216 x.x.x.x:1812, Access-Accept, len 99
> 2d00h:         Attribute 8 6 CB478201  ------->  ( STATIPADDRESS FROM MYSQL
> DATABASE)
> 2d00h:         Attribute 27 6 0005663D
> 2d00h:         Attribute 7 6 00000001
> 2d00h:         Attribute 9 6 FFFFFF00
> 2d00h:         Attribute 10 6 00000001
> 2d00h:         Attribute 12 6 000005DC
> 2d00h:         Attribute 13 6 00000000
> 2d00h:         Attribute 3 6 00000004
> 2d00h:         Attribute 45 6 00000001
> 2d00h:         Attribute 26 25 0000000901136970
> 2d00h: AAA/AUTHEN (2933723112): status = PASS
>
>
> as U see above the line "Attribute 8 6 CB478201"...8 means FRAMED-IPADDRESS
> from Dictionary. which is getting from radius (MYSQ DATABASE),
>
> I AM NOT ABLE TO MAKE the ERROR WITH CISCO 5300 OR RADIUS....CAN ANY ONE
> HELP ME OUT...!!!   : - )
>
> I am adding the radius.cfg below....
>
> <Realm DEFAULT>
>         <AuthBy RADMIN>
>                 # Change DBSource, DBUsername, DBAuth for your database
>                 # See the reference manual. You will also have to
>                 # change the one in <SessionDatabse SQL> below
>                 # so its the same
>                 DBSource        dbi:mysql:radmin
>                 DBUsername      radmin
>                 DBAuth          xxxxx
>
>                 # You can add to or change these if you want, but you
>                 # will probably want to change the databse schema first
>                 AccountingTable RADUSAGE
>                 AcctColumnDef   USERNAME,User-Name
>                 AcctColumnDef   TIME_STAMP,Timestamp,integer
>                 AcctColumnDef   ACCTSTATUSTYPE,Acct-Status-Type,integer
>                 AcctColumnDef   ACCTDELAYTIME,Acct-Delay-Time,integer
>                 AcctColumnDef   ACCTINPUTOCTETS,Acct-Input-Octets,integer
>                 AcctColumnDef   ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
>                 AcctColumnDef   ACCTSESSIONID,Acct-Session-Id
>                 AcctColumnDef   ACCTSESSIONTIME,Acct-Session-Time,integer
>                 AcctColumnDef
> ACCTTERMINATECAUSE,Acct-Terminate-Cause,integer
>                 AcctColumnDef   FRAMEDIPADDRESS,Framed-IP-Address
> #               AcctColumnDef   NASIDENTIFIER,NAS-Identifier
>                 AcctColumnDef   NASIDENTIFIER,NAS-IP-Address
>                 AcctColumnDef   NASPORT,NAS-Port,integer
>                 AcctColumnDef   DNIS,Called-Station-Id
>
>                 # This updates the time and octets left
>                 # for this user
> #               AcctSQLStatement update RADUSERS set
> TIMELEFT=TIMELEFT-0%{Acct-Session-Time}, OCTETSINLEFT=OCTETSINLEFT-0%{Acc
> t-Input-Octets}, OCTETSOUTLEFT=OCTETSOUTLEFT-0%{Acct-Output-Octets} where
> USERNAME='%n'
>
>               AcctSQLStatement update RADUSERS set
> TIMELEFT=TIMELEFT-0%{Acct-Session-Time}, OCTETSINLEFT=OCTETSINLEFT-0%{Acct
> -Input-Octets} where USERNAME='%n'
>
>
>                 # These are the classic things to add to each users
>                 # reply to allow a PPP dialup session. It may be
>                 # different for your NAS. This will add some
>                 # reply items to everyone's reply
>                 AddToReply Service-Type = Framed-User,\
>                         Framed-Protocol = PPP,\
>                         Framed-IP-Netmask = 255.255.255.255,\
>                         Framed-Routing = None,\
>                         Framed-MTU = 1500,\
>                         Framed-Compression = Van-Jacobson-TCP-IP
>         </AuthBy>
> </Realm>
>
> <SessionDatabase SQL>
>         # This database spec usually should be exactly the same
>         # as in <AuthBy RADMIN> above
>         DBSource        dbi:mysql:radmin
>         DBUsername      radmin
>         DBAuth          radminpw
>
> </SessionDatabase>
>
>
> THANZ...!!!
>
>
>
> -----------------
> Jai Kumar shinde
> ------------------
> System/Network Engg.
> Net4india Ltd.
>
>
>
>
>
>
>
>
>
>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list