[RADIATOR] radiator hangs

Hugh Irvine hugh at open.com.au
Wed Dec 9 16:27:23 CST 2009


Hello Zod -

Yes this is certainly possible.

The 1000 requests includes access requests and accounting requests, so 333 access requests, 333 accounting starts and 333 accounting stops.

regards

Hugh


On 10 Dec 2009, at 06:07, Zod Mansour wrote:

> I am still getting the hang. We have not purchased the product yet. This hanging is the only barrier for us to purchase this product. I am wondering if it hangs due to the limitation on the evaluation unit having only 1000 request limit? Then restarting it clears that up?
> 
> I ran tcpdump and shows that the radius requests coming into the server. The logfile will not help in this situation. It just stops and nothing gets logged. I am including the config file here:
> 
> <Client DEFAULT>
> 	Secret	testing123
> 	DupInterval 0
> 	Identifier LDAPCLIENT
> </Client>
> 
> #	<AuthBy FILE>
> #		Filename %D/users
> #		EAPType PEAP,TTLS,TLS,MD5,Generic-Token,LEAP,MSCHAP-V2,FAST
> #	</AuthBy>
> #	# Log accounting to a detail file
> #	AcctLogFileName	%L/detail
> <Handler Client-Identifier=LDAPCLIENT>
> 	RewriteUsername s/(.*)\\(.*)/$2/
> 	RewriteUsername s/(.*)\@(.*)/$1/
> 	<AuthBy LDAP2>
> 		#RewriteUsername s/^RLCORP\\([^@]+).*/$1/
> 		Debug 255
> 		EAPType PEAP,TTLS,TLS,MD5,Generic-Token,LEAP,MSCHAP-V2,FAST
> 		EAPTLS_CAFile %D/cert/cacert.pem
> 		EAPTLS_CertificateFile /etc/radiator/cert/server.key.pem
> 		EAPTLS_PrivateKeyFile %D/cert/radius.key
> 		EAPTLS_CertificateType PEM
> 		ServerChecksPassword
> 		NoDefault
> 		Host localhost
> 		Port 389
> 		BaseDN dc=domainl,dc=com
>             # see /etc/openldap/slapd.conf
> 		AuthDN          cn=Manager, dc=domain, dc=com
> 		AuthPassword    xxxxxxxxxx
> 		UsernameAttr uid
> 		#EncryptedPasswordAttr xxxxxxxxxx
> 		PasswordAttr userPassword
> 		#PasswordAttr passwd
> 		#SearchFilter
> 		#EAPType LEAP
> 		#NoEAP
> 		AutoMPPEKeys
> 		StripFromReply Tunnel-Type, Tunnel-Medium-Type, Tunnel-Private-Group- ID, Filter-Id, cisco-avpair
> 		#AddToReply Tunnel-Medium-Type=802,Tunnel-Pvt-Group-ID=28,Tunnel- Type=VLAN
> 		AddToReply Service-Type = Framed-User, Framed-Protocol = PPP,TUNNEL_TYPE=VLAN,TUNNEL_MEDIUM_TYPE=802,TUNNEL_GROUP_ID=28
> 	</AuthBy>
> </Handler>
> 
> 
> 
> On Dec 3, 2009, at 11:09 PM, Hugh Irvine wrote:
> 
>> 
>> Hello Zod -
>> 
>> Without seeing a copy of your configuration file and a trace 4 debug showing what is happening I can't give you an answer.
>> 
>> You can set the debug level with the Trace parameter in the configuration file and you can send it to a file with a LogFile parameter.
>> 
>> See sections 5.4.3 and 5.4.9 in the Radiator reference manual ("doc/ref.pdf").
>> 
>> regards
>> 
>> Hugh
>> 
>> 
>> On 4 Dec 2009, at 11:39, Zod Mansour wrote:
>> 
>>> My radiator 4.5.1 just hangs and does not authenticate until a restart
>>> how can I get debugging logged to file?
>>> My Cisco 2100 controller logs that the radius is not responding.
>>> 
>>> 
>>> _______________________________________________
>>> radiator mailing list
>>> radiator at open.com.au
>>> http://www.open.com.au/mailman/listinfo/radiator
>> 
>> 
>> 
>> NB:
>> 
>> Have you read the reference manual ("doc/ref.html")?
>> Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
>> Have you had a quick look on Google (www.google.com)?
>> Have you included a copy of your configuration file (no secrets),
>> together with a trace 4 debug showing what is happening?
>> 
>> -- 
>> Radiator: the most portable, flexible and configurable RADIUS server
>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
>> Includes support for reliable RADIUS transport (RadSec),
>> and DIAMETER translation agent.
>> -
>> Nets: internetwork inventory and management - graphical, extensible,
>> flexible with hardware, software, platform and database independence.
>> -
>> CATool: Private Certificate Authority for Unix and Unix-like systems.
>> 
>> 
>> 
> 



NB: 

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets), 
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.





More information about the radiator mailing list