[RADIATOR] Radiator with Windows Server 2008 DHCP

Richard Fenner richard at idsi.co.uk
Tue Aug 3 11:34:27 CDT 2010


I am currently evaluating Radiator and have configure it to authenticate
with a Zywall USG300 on a static-IP basis.

 

I am now attempting to move on and integrate the system with a DHCP
server in order to allocate IP addresses to users attached to the USG300
from a pool of addresses. The DHCP server is set up on a separate server
but on the same LAN as the RADIUS server.

 

Having now edited the config file to add the DHCP request features, I am
getting errors saying that the DHCP server is not responding to DISCOVER
requests, however I find this very odd seeing as the DHCP server will
allocate IP addresses to PC's connected to its network.

 

My configuration file is as follows:

 

Foreground

LogStdout

LogDir            c:/Program Files/Radiator

DbDir       c:/Program Files/Radiator

 

# This will log at DEBUG level: very verbose # User a lower trace level
in production systems, typically use 3

Trace             4

 

# You will probably want to add other Clients to suit your site, # one
for each NAS you want to work with. This will work # at least with
radpwtst running on the local machine 

 

<Client DEFAULT>

      Secret      ********

      DupInterval 0

</Client>

 

<AddressAllocator DHCP>

 

Identifier dhcpallocator

 

Host  192.168.107.4

 

#Local Address 192.168.107.2

 

#SubnetSelectionOption 118

#SubnetSelectionOption 221

 

</AddressAllocator>

 

 #Authenticate all realms with this

<Realm DEFAULT>

      # Look up user details in a flat file

      AuthByPolicy ContinueWhileAccept

 

      <AuthBy FILE>           

            # %D is replaced by DbDir above

            Filename %D/users

      </AuthBy>

 

      <AuthBy DYNADDRESS>

 

      AddressAllocator dhcpallocator

      PoolHint 255.255.255.240

 

      </AuthBy>

 

      # Log accounting to a detail file. %D is replaced by DbDir above

      AcctLogFileName   %D/detail

</Realm>

 

The log output for a request is as follows:

 

Tue Aug  3 17:05:44 2010: DEBUG: Handling request with Handler
'Realm=DEFAULT'

Tue Aug  3 17:05:44 2010: DEBUG:  Deleting session for mikem, {IP OF
REQUEST PC HERE}, 1750 Tue Aug  3 17:05:44 2010: DEBUG: Handling with
Radius::AuthFILE:

Tue Aug  3 17:05:44 2010: DEBUG: Radius::AuthFILE looks for match with
mikem [mikem] Tue Aug  3 17:05:44 2010: DEBUG: Radius::AuthFILE ACCEPT:
: mikem [mikem] Tue Aug  3 17:05:44 2010: DEBUG: AuthBy FILE result:
ACCEPT, Tue Aug  3 17:05:44 2010: DEBUG: Handling with
Radius::AuthDYNADDRESS Tue Aug  3 17:05:44 2010: DEBUG: Sending
DHCPDISCOVER to

192.168.107.4:67 with xid 5

Tue Aug  3 17:05:44 2010: DEBUG: AuthBy DYNADDRESS result: IGNORE, Tue
Aug  3 17:06:14 2010: INFO: AddressAllocatorDHCP: No reply from DHCP
server 192.168.107.4 Tue Aug  3 17:06:14 2010: INFO: Access rejected for
mikem: No reply from DHCP server Tue Aug  3 17:06:14 2010: DEBUG: Packet
dump:

*** Sending to {IP OF REQUEST PC HERE} port 2775 ....

Code:       Access-Reject

Identifier: 141

Authentic:  <6>\<175><233>k<187><26><205>V9<9>*<158><222>/<193>

Attributes:

      Service-Type = Framed-User

      Framed-Protocol = PPP

      Framed-IP-Netmask = 255.255.255.255

      Framed-Routing = None

      Framed-MTU = 1500

      Framed-Compression = Van-Jacobson-TCP-IP

      Reply-Message = "Request Denied"

 

 

I hope you will be able to provide some assistance as to what is going
on here?

 

Thanks in advance,

 

Richard Fennah

 

IDS

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.open.com.au/pipermail/radiator/attachments/20100803/f9c28fe9/attachment.html 


More information about the radiator mailing list