[RADIATOR] Handler to always auth

Hugh Irvine hugh at open.com.au
Thu Aug 27 20:18:59 CDT 2009


Hello Jim -

I would use the AuthBy INTERNAL clause.

See section 5.48 in the Radiator 4.4 reference manual ("doc/ref.pdf").

I suspect your NAS equipment has some limit to the number of tunnel  
attributes supported.

The RADIUS protocol itself is limited to whatever will fit in a single  
UDP packet.

regards

Hugh



On 28 Aug 2009, at 00:49, Jim Tyrrell wrote:

> Hi,
>
> Whats the correct way to authenticate any incoming request with an
> accept?  I have a handler that needs to accept any request and reply
> with multiple Tunnel-Server-Endpoint's.  At the moment I have done  
> this
> using the "AuthBy TEST" below, but I'm sure I read of another way this
> should be done but cant find it.
>
> # Auth any request and specify IP for L2TP termination
> <Handler Client-Identifier = bob>
>        <AuthBy TEST>
>                AddToReply
> Tunnel-Type="1:L2TP",Tunnel-Medium-Type="1:IP",Tunnel-Server- 
> Endpoint="1:10.0.1.101",
>
> Tunnel-Password="1:letmein1",Tunnel-Preference="1:1",Tunnel- 
> Type="2:L2TP",Tunnel-Medium-Type="2:IP",
>
> Tunnel-Server-Endpoint="2:10.0.1.102",Tunnel- 
> Password="2:letmein2",Tunnel-Preference="2:1"
>                NoDefault
>        </AuthBy>
> </Handler>
>
> Also, is there a limit to the number of tagged Tunnel attributes you  
> can
> return?  I cant see a mention of a limitation in the RFC?
>
>
> Thanks.
>
> Jim.
>
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator



NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
Have you checked the RadiusExpert wiki:
http://www.open.com.au/wiki/index.php/Main_Page

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.




More information about the radiator mailing list