[RADIATOR] Radiator with Windows Server 2008 DHCP

Richard Fenner richard at idsi.co.uk
Wed Aug 4 05:15:04 CDT 2010 

Hi Hugh,

Thanks for replying.

I have currently got one pool setup on the DHCP server called RADIUS1.

If I change the PoolHint option in the config file to the following
however as shown in the Reference Manual, the PoolHint is declared as
incorrect.

PoolHint RADIUS1

As far as the firewall on the DHCP server goes, the logs show that the
DISCOVER request is allowed through and accepted. Therefore it would
seem logical (as you have said) that the problem is to do with the
PoolHint.

I will do some further research into the use of naming pools in Windows.

If you can think of anything else that may be the problem then it would
be greatly appreciated if you could let me know.

Cheers,

Richard

-----Original Message-----
From: Hugh Irvine [mailto:hugh at open.com.au] 
Sent: 04 August 2010 10:54
To: Richard Fenner
Cc: radiator at open.com.au
Subject: Re: [RADIATOR] Radiator with Windows Server 2008 DHCP


Hello Richard -

If there is nothing in the DHCP server logs I would suspect a firewall
problem.

Until the DHCP server actually receives the requests there isn't much it
can do.

The PoolHint refers to a pool that has been defined on the DHCP server.

See section 5.43.2 in the Radiator 4.6 reference manual ("doc/ref.pdf").

As the DHCP server can deal with multiple pools, the PoolHint tells the
DHCP server which pool to allocate from.

You will need to check your DHCP server documentation for how to
configure and name the IP address pools it manages.

regards

Hugh


On 4 Aug 2010, at 19:15, Richard Fenner wrote:

> Hi Hugh,
> 
> Looking at the DHCP server logs, there is no mention of any DISCOVER
> requests ever being received which is slightly worrying.
> 
> I currently have a Superscope set-up on the DHCP server using subnet
> 255.255.255.240.
> 
> There are two scopes under this: 192.168.107.10-14 and
192.168.107.15-26
> 
> What exactly should I be using as the PoolHint for this?
> 
> I am attempting to authenticate devices connected to a firewall and at
> the same time allocate them an IP address.
> 
> Hope you can help.
> 
> Cheers,
> 
> Richard
> 
> -----Original Message-----
> From: Hugh Irvine [mailto:hugh at open.com.au] 
> Sent: 04 August 2010 09:57
> To: Richard Fenner
> Cc: Alan Buxey; radiator at open.com.au
> Subject: Re: [RADIATOR] Radiator with Windows Server 2008 DHCP
> 
> 
> Hello Richard -
> 
> Yes correct - Radiator is sending a DHCP request, but the DHCP server
is
> not responding, presumably because it doesn't understand the request.
> 
> You will need to check the DHCP server log to find out what it thinks
> the problem is.
> 
> I am guessing, like Alan, that the problem is the PoolHint you are
> sending is not matching any address pools defined on the DHCP server.
> 
> BTW - what exactly are you wanting to do? It is more usual to have
your
> NAS equipment set up to allocate IP addresses directly.
> 
> regards
> 
> Hugh
> 
> 
> On 4 Aug 2010, at 18:32, Richard Fenner wrote:
> 
>> Hi Alan,
>> 
>> Just run a test using Wireshark on the DHCP end and all I get is the
>> confirmation of 4 DHCP DISCOVER packets being received by the DHCP
>> server and then no response. Presumably this means that Radiator is
>> attempting to make a connection 4 times with each one failing for
some
>> reason?
>> 
>> Cheers,
>> 
>> Richard
>> 
>> -----Original Message-----
>> From: radiator-bounces at open.com.au
> [mailto:radiator-bounces at open.com.au]
>> On Behalf Of Richard Fenner
>> Sent: 04 August 2010 09:16
>> To: Alan Buxey
>> Cc: radiator at open.com.au
>> Subject: Re: [RADIATOR] Radiator with Windows Server 2008 DHCP
>> 
>> Hi Alan,
>> 
>> I don't quite follow what you mean regarding the PoolHint?
>> 
>> Also, I can confirm that the DISCOVER packets are being received at
> the
>> DHCP server as they appear in the Windows Firewall logs. Will get
>> Wireshark out and test where they go from there in a bit.
>> 
>> Cheers,
>> 
>> Richard
>> 
>> -----Original Message-----
>> From: Alan Buxey [mailto:A.L.M.Buxey at lboro.ac.uk] 
>> Sent: 03 August 2010 18:53
>> To: Richard Fenner
>> Cc: radiator at open.com.au
>> Subject: Re: [RADIATOR] Radiator with Windows Server 2008 DHCP
>> 
>> Hi,
>> 
>>>     <AuthBy DYNADDRESS>
>>>     AddressAllocator dhcpallocator
>>>     PoolHint 255.255.255.240
>>>     </AuthBy>
>> 
>> from the manual:
>> 
>> Note: the PoolHint supplied in the AuthBy DYNADDRESS clause must be a
>> subnet
>> definition that is understood by the DHCP server for the purposes of
>> address allocation
>> 
>> 
>> goodies/addressallocatordhcp.cfg  has a nice example config to look
>> at....  I find
>> if you are having issues and make no progress just looking at the
>> RADIATOR
>> debug logs, then look at the other end - see what your DHCP server is
>> bleating
>> about and check with eg wireshark, tcpdump or snoop, that traffic is
>> going
>> between the hosts involved!
>> 
>> alan
>> _______________________________________________
>> radiator mailing list
>> radiator at open.com.au
>> http://www.open.com.au/mailman/listinfo/radiator
>> _______________________________________________
>> radiator mailing list
>> radiator at open.com.au
>> http://www.open.com.au/mailman/listinfo/radiator
> 
> 
> 
> NB: 
> 
> Have you read the reference manual ("doc/ref.html")?
> Have you searched the mailing list archive
> (www.open.com.au/archives/radiator)?
> Have you had a quick look on Google (www.google.com)?
> Have you included a copy of your configuration file (no secrets), 
> together with a trace 4 debug showing what is happening?
> 
> -- 
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> Includes support for reliable RADIUS transport (RadSec),
> and DIAMETER translation agent.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> -
> CATool: Private Certificate Authority for Unix and Unix-like systems.
> 
> 
> 



NB: 

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive
(www.open.com.au/archives/radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets), 
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

More information about the radiator mailing list