No subject
Tue Jun 24 01:24:14 CDT 2008
forwarded onto the cust from our radfep01 (but the response is still
accepted from the cust, and proxied back to our other internal box, along
with Proxy-State).
I've checked that the responses from cust are coming back from where they
were sent (ie not going in one interface at the custs end and coming out
another) so this bit seems OK. but it also looks like there are two
responses coming back from cust-radius-server? maybe this is why..
the requests should flow like: radfep01 <-> (the new box) <->
cust-radius-server
Maybe its something obvious from the config file.
Any help is more than appreciated.
--trace 4 log---
Mon Sep 20 12:42:31 2004: DEBUG: Packet dump:
*** Received from radfep01 port 1813 ....
Code: Accounting-Request
Identifier: 224
Authentic:
$<218><21><226><233><222>ST<180><29><141><174><141><246><200><18>
Attributes:
Acct-Session-Id = "000B6C97"
Tunnel-Server-Endpoint = xx
Tunnel-Client-Endpoint = xx
Tunnel-Assignment-ID = 1
Tunnel-Type = 0:L2TP
Tunnel-ID = 28215924
Tunnel-Client-Auth-ID = n2563728k-veb1
Tunnel-Server-Auth-ID = OUR-LNS
Framed-Protocol = PPP
Framed-IP-Address = xxx
Ascend-Connect-Progress = prLanSessionUp
Ascend-PreSession-Time = 5
Ascend-Xmit-Rate = 512
Ascend-Data-Rate = 512
Acct-Session-Time = 82193
Acct-Input-Octets = 349655
Acct-Output-Octets = 432453
Ascend-Pre-Input-Octets = 0
Ascend-Pre-Output-Octets = 107
Acct-Input-Packets = 17817
Acct-Output-Packets = 17864
Ascend-Pre-Input-Packets = 0
Ascend-Pre-Output-Packets = 5
Acct-Authentic = RADIUS
Acct-Status-Type = Alive
NAS-Port-Type = Virtual
NAS-Port = 4123
Calling-Station-Id = "atm 9"
Called-Station-Id = "1:2.95#184551756##speed:UBR:512#pppoe
00:04:ed:0d:03:36#/"
Service-Type = Framed-User
NAS-IP-Address = our-lns-ip
Ascend-Session-Svr-Key = "xx"
Event-Timestamp = 1095648161
NAS-Identifier = "OUR-LNS-FQDN"
Acct-Delay-Time = 0
User-Name = "someuser at dsl.net"
Proxy-State =
BSP2radfep01/C2AA4EE0252AF86DA33A5FCB81EE3D06502F8DD12BE6CBA3EB6606A7C78150181161CF982BE6C91F20BA4A3D92894001CD919D5FC1EED618D3056D1EB5EA737A6300AD165B89F928AB0F6B0CB7E83266754FB71E5E94E57C980A2B11A2F5
Mon Sep 20 12:42:31 2004: DEBUG: Handling request with Handler
'Request-Type=Accounting-Request,Acct-Status-Type=Alive'
Mon Sep 20 12:42:31 2004: DEBUG: Handling with Radius::AuthRADIUS
Mon Sep 20 12:42:31 2004: DEBUG: Query is: 'SELECT irh.acct_ip_addr,
irh.secret, irh.auth_portno, acct_portno FROM isp_radius_host irh,
isp_domain id WHERE irh.isp_id = id.isp_id and irh.priority = 1 AND
id.domain_name = 'custs-realm'':
Mon Sep 20 12:42:31 2004: DEBUG: Packet dump:
*** Sending to cust-radius-server port 1813 ....
Code: Accounting-Request
Identifier: 36
Authentic: <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Attributes:
Acct-Session-Id = "000B6C97"
Tunnel-Server-Endpoint = xx
Tunnel-Client-Endpoint = xx
Tunnel-Assignment-ID = 1
Tunnel-Type = 0:L2TP
Tunnel-ID = 28215924
Tunnel-Client-Auth-ID = n2563728k-veb1
Tunnel-Server-Auth-ID = OUR-LNS
Framed-Protocol = PPP
Framed-IP-Address = xx
Ascend-Connect-Progress = prLanSessionUp
Ascend-PreSession-Time = 5
Ascend-Xmit-Rate = 512
Ascend-Data-Rate = 512
Acct-Session-Time = 82193
Acct-Input-Octets = 349655
Acct-Output-Octets = 432453
Ascend-Pre-Input-Octets = 0
Ascend-Pre-Output-Octets = 107
Acct-Input-Packets = 17817
Acct-Output-Packets = 17864
Ascend-Pre-Input-Packets = 0
Ascend-Pre-Output-Packets = 5
Acct-Authentic = RADIUS
Acct-Status-Type = Alive
NAS-Port-Type = Virtual
NAS-Port = 4123
Calling-Station-Id = "atm 9"
Called-Station-Id = "1:2.95#184551756##speed:UBR:512#pppoe
00:04:ed:0d:03:36#/"
Service-Type = Framed-User
NAS-IP-Address = our-lns-ip
Ascend-Session-Svr-Key = "xx"
Event-Timestamp = 1095648161
NAS-Identifier = "OUR-LNS-FQDN"
Acct-Delay-Time = 0
User-Name = "someuser at dsl.net"
Timestamp = 1095648151
Mon Sep 20 12:42:31 2004: DEBUG: Packet dump:
*** Received from cust-radius-server port 1813 ....
Code: Accounting-Response
Identifier: 36
Authentic: \<214>zp<153>P!<181><177>=<5>^<253>^<239><255>
Attributes:
Mon Sep 20 12:42:31 2004: DEBUG: Received reply in AuthRADIUS for req 36
from cust-radius-server:1813
Mon Sep 20 12:42:31 2004: DEBUG: Accounting accepted
Mon Sep 20 12:42:31 2004: DEBUG: Packet dump:
*** Sending to radfep01 port 1813 ....
Code: Accounting-Response
Identifier: 224
Authentic:
$<218><21><226><233><222>ST<180><29><141><174><141><246><200><18>
Attributes:
Proxy-State =
BSP2radfep01/C2AA4EE0252AF86DA33A5FCB81EE3D06502F8DD12BE6CBA3EB6606A7C78150181161CF982BE6C91F20BA4A3D92894001CD919D5FC1EED618D3056D1EB5EA737A6300AD165B89F928AB0F6B0CB7E83266754FB71E5E94E57C980A2B11A2F5
Mon Sep 20 12:42:31 2004: DEBUG: Packet dump:
*** Received from cust-radius-server port 1813 ....
Code: Accounting-Response
Identifier: 36
Authentic: \<214>zp<153>P!<181><177>=<5>^<253>^<239><255>
Attributes:
Mon Sep 20 12:42:31 2004: WARNING: Unknown reply received in AuthRADIUS for
request 36 from cust-radius-server:1813
--radius.cfg--
# Global variables
Foreground
DbDir /opt/Radiator
LogDir /var/log/radius
LogFile %L/%h-%Y-%m.log
PidFile %L/radiusd.pid
DictionaryFile %D/current/dictionary
Trace 0
AuthPort 1812
AcctPort 1813
<Client DEFAULT>
Secret xxxxx
DupInterval 0
</Client>
PreClientHook file:"%D/hooks/chkactv.pl"
<AuthBy FILE>
Identifier REJECT
Filename %D/etc/reject.users
</Authby>
<AuthBy SQLRADIUS>
Identifier ACCT_PROXY
Include %D/etc/sql.cfg
Retries 0
RetryTimeout 5
FailureBackoffTime 180
HostSelect SELECT irh.acct_ip_addr, irh.secret, irh.auth_portno,
acct_portno \
FROM isp_radius_host irh, isp_domain id \
WHERE irh.isp_id = id.isp_id and irh.priority = %0
AND id.domain_name = '%R'
HostColumnDef 0, Host
HostColumnDef 1, Secret
HostColumnDef 2, AuthPort
HostColumnDef 3, AcctPort
</AuthBy>
<AuthBy SQL>
Identifier ACCT_START
Include %D/etc/sql.cfg
IgnoreAuthentication
AuthSelect
AccountingTable ONLINE_SESSION
AcctColumnDef TIMESTAMP,Timestamp,formatted-date,to_date('%e %m %Y
%H:%M:%S','DD MM YYYY HH24:MI:SS')
AcctColumnDef USERNAME,User-Name
AcctColumnDef NAS_IP_ADDR,NAS-IP-Address
AcctColumnDef NAS_PORT,NAS-Port,integer
AcctColumnDef FRAMED_IP_ADDR,Framed-IP-Address
AcctColumnDef ASCEND_SESSION_SVR_KEY,Ascend-Session-Svr-Key
AcctColumnDef ACCT_SESSION_ID,Acct-Session-Id
AcctColumnDef INPUT_OCTETS,Acct-Input-Octets,integer
AcctColumnDef OUTPUT_OCTETS,AcCt-Output-Octets,integer
AcctColumnDef ACCT_STATUS_TYPE,Acct-Status-Type
AcctInsertQuery insert into %0(%1) values (%2)
</AuthBy>
<AuthBy SQL>
Identifier ACCT_ALIVE
Include %D/etc/sql.cfg
IgnoreAuthentication
AuthSelect
AccountingTable ONLINE_SESSION
AcctColumnDef TIMESTAMP,Timestamp,formatted-date,to_date('%e %m %Y
%H:%M:%S','DD MM YYYY HH24:MI:SS')
AcctColumnDef USERNAME,User-Name
AcctColumnDef NAS_IP_ADDR,NAS-IP-Address
AcctColumnDef NAS_PORT,NAS-Port,integer
AcctColumnDef FRAMED_IP_ADDR,Framed-IP-Address
AcctColumnDef ASCEND_SESSION_SVR_KEY,Ascend-Session-Svr-Key
AcctColumnDef ACCT_SESSION_ID,Acct-Session-Id
AcctColumnDef INPUT_OCTETS,Acct-Input-Octets,integer
AcctColumnDef OUTPUT_OCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCT_STATUS_TYPE,Acct-Status-Type
AcctInsertQuery update %0 SET \
INPUT_OCTETS='%{Acct-Input-Octets}', \
OUTPUT_OCTETS='%{Acct-Output-Octets}', \
ACCT_STATUS_TYPE='%{Acct-Status-Type}' \
where USERNAME = '%n'
</AuthBy>
<AuthBy SQL>
Identifier ACCT_STOP
Include %D/etc/sql.cfg
IgnoreAuthentication
AuthSelect
AccountingTable ONLINE_SESSION
AcctColumnDef TIMESTAMP,Timestamp,formatted-date,to_date('%e %m %Y
%H:%M:%S','DD MM YYYY HH24:MI:SS')
AcctColumnDef USERNAME,User-Name
AcctColumnDef NAS_IP_ADDR,NAS-IP-Address
AcctColumnDef NAS_PORT,NAS-Port,integer
AcctColumnDef FRAMED_IP_ADDR,Framed-IP-Address
AcctColumnDef ASCEND_SESSION_SVR_KEY,Ascend-Session-Svr-Key
AcctColumnDef ACCT_SESSION_ID,Acct-Session-Id
AcctColumnDef INPUT_OCTETS,Acct-Input-Octets,integer
AcctColumnDef OUTPUT_OCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCT_STATUS_TYPE,Acct-Status-Type
AcctInsertQuery delete from %0 where USERNAME = '%n'
</AuthBy>
<AuthBy SQLRADIUS>
Identifier AUTH_PROXY
Include %D/etc/sql.cfg
Retries 0
RetryTimeout 5
IgnoreAccounting
FailureBackoffTime 180
HostSelect SELECT irh.auth_ip_addr, irh.secret, irh.auth_portno,
acct_portno \
FROM isp_radius_host irh, isp_domain id \
WHERE irh.isp_id = id.isp_id and irh.priority = %0
AND id.domain_name = '%R'
HostColumnDef 0, Host
HostColumnDef 1, Secret
HostColumnDef 2, AuthPort
HostColumnDef 3, AcctPort
</AuthBy>
<Handler User-Status=0>
AuthBy REJECT
AddToReply Reply-Message = "%{User-Name} is not a active"
</Handler>
<Handler User-Status=1>
AuthByPolicy ContinueWhileAccept
<AuthBy PORTLIMITCHECK>
SessionLimit 2
CountQuery select COUNT(*) from ONLINE_SESSION where
USERNAME = '%{User-Name}'
</AuthBy>
AuthBy AUTH_PROXY
</Handler>
<Handler Request-Type=Accounting-Request,Acct-Status-Type=Start>
AuthByPolicy ContinueWhileAccept
AuthBy ACCT_PROXY
AuthBy ACCT_START
</Handler>
<Handler Request-Type=Accounting-Request,Acct-Status-Type=Alive>
AuthByPolicy ContinueWhileAccept
AuthBy ACCT_PROXY
AuthBy ACCT_ALIVE
</Handler>
<Handler Request-Type=Accounting-Request,Acct-Status-Type=Stop>
AuthByPolicy ContinueWhileAccept
AuthBy ACCT_PROXY
AuthBy ACCT_STOP
</Handler>
<Handler>
AuthBy REJECT
AddToReply "Unknown Request"
</Handler>
<SessionDatabase SQL>
Include %D/etc/sql.cfg
AddQuery
DeleteQuery
ReplaceQuery
ClearNasQuery
</SessionDatabase>
_________________________________________________________________
The new MSN 8: smart spam protection and 2 months FREE*
http://join.msn.com/?page=features/junkmail
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list