[RADIATOR] radiator hangs

Zod Mansour zod at reachlocal.com
Wed Dec 9 13:07:12 CST 2009


I am still getting the hang. We have not purchased the product yet.  
This hanging is the only barrier for us to purchase this product. I am  
wondering if it hangs due to the limitation on the evaluation unit  
having only 1000 request limit? Then restarting it clears that up?

I ran tcpdump and shows that the radius requests coming into the  
server. The logfile will not help in this situation. It just stops and  
nothing gets logged. I am including the config file here:

<Client DEFAULT>
	Secret	testing123
	DupInterval 0
	Identifier LDAPCLIENT
</Client>

#	<AuthBy FILE>
#		Filename %D/users
#		EAPType PEAP,TTLS,TLS,MD5,Generic-Token,LEAP,MSCHAP-V2,FAST
#	</AuthBy>
#	# Log accounting to a detail file
#	AcctLogFileName	%L/detail
<Handler Client-Identifier=LDAPCLIENT>
	RewriteUsername s/(.*)\\(.*)/$2/
	RewriteUsername s/(.*)\@(.*)/$1/
	<AuthBy LDAP2>
		#RewriteUsername s/^RLCORP\\([^@]+).*/$1/
		Debug 255
		EAPType PEAP,TTLS,TLS,MD5,Generic-Token,LEAP,MSCHAP-V2,FAST
		EAPTLS_CAFile %D/cert/cacert.pem
		EAPTLS_CertificateFile /etc/radiator/cert/server.key.pem
		EAPTLS_PrivateKeyFile %D/cert/radius.key
		EAPTLS_CertificateType PEM
		ServerChecksPassword
		NoDefault
		Host localhost
		Port 389
		BaseDN dc=domainl,dc=com
              # see /etc/openldap/slapd.conf
		AuthDN          cn=Manager, dc=domain, dc=com
		AuthPassword    xxxxxxxxxx
		UsernameAttr uid
		#EncryptedPasswordAttr xxxxxxxxxx
		PasswordAttr userPassword
		#PasswordAttr passwd
		#SearchFilter
		#EAPType LEAP
		#NoEAP
		AutoMPPEKeys
		StripFromReply Tunnel-Type, Tunnel-Medium-Type, Tunnel-Private- 
Group- ID, Filter-Id, cisco-avpair
		#AddToReply Tunnel-Medium-Type=802,Tunnel-Pvt-Group-ID=28,Tunnel-  
Type=VLAN
		AddToReply Service-Type = Framed-User, Framed-Protocol =  
PPP,TUNNEL_TYPE=VLAN,TUNNEL_MEDIUM_TYPE=802,TUNNEL_GROUP_ID=28
	</AuthBy>
</Handler>



On Dec 3, 2009, at 11:09 PM, Hugh Irvine wrote:

>
> Hello Zod -
>
> Without seeing a copy of your configuration file and a trace 4 debug  
> showing what is happening I can't give you an answer.
>
> You can set the debug level with the Trace parameter in the  
> configuration file and you can send it to a file with a LogFile  
> parameter.
>
> See sections 5.4.3 and 5.4.9 in the Radiator reference manual ("doc/ 
> ref.pdf").
>
> regards
>
> Hugh
>
>
> On 4 Dec 2009, at 11:39, Zod Mansour wrote:
>
>> My radiator 4.5.1 just hangs and does not authenticate until a  
>> restart
>> how can I get debugging logged to file?
>> My Cisco 2100 controller logs that the radius is not responding.
>>
>>
>> _______________________________________________
>> radiator mailing list
>> radiator at open.com.au
>> http://www.open.com.au/mailman/listinfo/radiator
>
>
>
> NB:
>
> Have you read the reference manual ("doc/ref.html")?
> Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
> Have you had a quick look on Google (www.google.com)?
> Have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
>
> -- 
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> Includes support for reliable RADIUS transport (RadSec),
> and DIAMETER translation agent.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> -
> CATool: Private Certificate Authority for Unix and Unix-like systems.
>
>
>



More information about the radiator mailing list