[RADIATOR] TOTP config ERRORS

Hugh Irvine hugh at open.com.au
Sun Sep 12 07:26:48 CDT 2010


Hello Matthew -

Hmmm - yes I see - we'll look at this next week.

regards

Hugh


On 12 Sep 2010, at 06:06, Matthew Reeves-Hairs wrote:

> Hi Hugh,
> 
> The output from the startup is as follows:
> 
> root at Radius:/home/administrator/Radiator-Locked-4.7# perl radiusd -foreground -log_stdout -trace 4 -config_file goodies/totp.cfg 
> Sun Sep 12 12:02:20 2010: ERR: Unknown keyword 'MaxBadLogins' in goodies/totp.cfg line 23
> Sun Sep 12 12:02:20 2010: ERR: Unknown keyword 'DelayWindow' in goodies/totp.cfg line 25
> Sun Sep 12 12:02:20 2010: ERR: Unknown keyword 'TimeStep' in goodies/totp.cfg line 26
> Sun Sep 12 12:02:20 2010: DEBUG: Finished reading configuration file 'goodies/totp.cfg'
> This Radiator license will expire on 2012-03-01
> This Radiator license will stop operating after 1000 requests
> To purchase an unlimited full source version of Radiator, see
> http://www.open.com.au/ordering.html
> To extend your license period, contact admin at open.com.au
> 
> Sun Sep 12 12:02:20 2010: DEBUG: Reading dictionary file './dictionary'
> Sun Sep 12 12:02:20 2010: DEBUG: Creating authentication port 0.0.0.0:1645
> Sun Sep 12 12:02:20 2010: DEBUG: Creating accounting port 0.0.0.0:1646
> Sun Sep 12 12:02:20 2010: NOTICE: Server started: Radiator 4.7 on Radius (LOCKED)
> 
> The config file is as follows:
> 
> # totp.cfg
> Foreground
> LogStdout
> LogDir          .
> DbDir           .
> # User a lower trace level in production systems:
> Trace           5
> 
> # You will probably want to add other Clients to suit your site,
> # one for each NAS you want to work with
> 
> <Client DEFAULT>
>       Secret  mysecret
>       DupInterval 0
> </Client>
> 
> <Realm DEFAULT>
>       <AuthBy SQLTOTP>
>               DBSource        dbi:mysql:radius
>               DBUsername      [NOT SHOWN]
>               DBAuth           [NOT SHOWN]
> 
>               MaxBadLogins 99
>               # BadLoginWindow 10
>               DelayWindow 4
>               TimeStep 60
>               # You can also support EAP-OTP and/or EAP-GTC, besides PAP
>               EAPType OTP GTC
>               #EAPType GTC OTP
> 
>       </AuthBy>
> </Realm>
> 
> The systems is running Ubuntu 10.04 64 bit under vmware ESXi4
> 
> Regards
> 
> Matthew
> 
> 
> On 11 Sep 2010, at 23:03, Hugh Irvine wrote:
> 
>> 
>> Hello Matthew -
>> 
>> When asking questions please include the configuration file you are using together with a trace 4 debug when testing from the command line like this:
>> 
>> 
>> 	cd /your/Radiator/source/directory
>> 
>> 	perl radiusd -foreground -log_stdout -trace 4 -config_file /your/Radiator/configuration/file
>> 
>> 	…..
>> 
>> 
>> Use your local pathnames in the above and please include the startup messages so I can see what is happening.
>> 
>> Also include the hardware/software platform you are running on, the version of Perl, the SQL database version, and anything else that might be useful.
>> 
>> regards
>> 
>> Hugh
>> 
>> 
>> On 11 Sep 2010, at 16:44, Matthew Reeves-Hairs wrote:
>> 
>>> Hi I'm having problems setting up to work with C200 TOTP tokens.
>>> Since the default TimeStep is listed as 30 seconds and the C200's are 60 Seconds, I've uncommented the TimeStep in the original config and changed the time to 60 however I am getting the following errors when I start the server.
>>> 
>>> Any ideas.
>>> 
>>> Thanks
>>> 
>>> Sat Sep 11 22:13:32 2010: ERR: Unknown keyword 'MaxBadLogins' in goodies/totp.cfg line 122
>>> Sat Sep 11 22:13:32 2010: ERR: Unknown keyword 'DelayWindow' in goodies/totp.cfg line 128
>>> Sat Sep 11 22:13:32 2010: ERR: Unknown keyword 'TimeStep' in goodies/totp.cfg line 132
>>> Sat Sep 11 22:13:32 2010: DEBUG: Finished reading configuration file 'goodies/totp.cfg'
>>> 
>>> Matthew Reeves-Hairs MBCS
>>> (CCNA, CCNP, CCDA)
>>> Director
>>> 
>>> Willow ICT Limited
>>> 13 Willow Close
>>> Great Hormead
>>> Hertfordshire, SG9 0NW
>>> Mobile: +44 (0)7912 202627
>>> Fax: +44 (0)7092 361501
>>> matthew.reeves-hairs at willowict.com
>>> http://www.willowict.com
>>> <image.png>
>>> Please consider the environment before printing this email.
>>> 
>>> The content of this email and any attachment is private and may be privileged.  If you are not the intended recipient, any use, disclosure, copying or forwarding of this email and/or its attachments is unauthorised.  If you have received this email in error please notify the sender by email and delete this message and any attachments immediately.  Nothing in this email shall bind the Company in any contract or obligation, unless we have specifically agreed to be bound.
>>> 
>>> _______________________________________________
>>> radiator mailing list
>>> radiator at open.com.au
>>> http://www.open.com.au/mailman/listinfo/radiator
>> 
>> 
>> 
>> NB: 
>> 
>> Have you read the reference manual ("doc/ref.html")?
>> Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
>> Have you had a quick look on Google (www.google.com)?
>> Have you included a copy of your configuration file (no secrets), 
>> together with a trace 4 debug showing what is happening?
>> 
>> -- 
>> Radiator: the most portable, flexible and configurable RADIUS server
>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
>> Includes support for reliable RADIUS transport (RadSec),
>> and DIAMETER translation agent.
>> -
>> Nets: internetwork inventory and management - graphical, extensible,
>> flexible with hardware, software, platform and database independence.
>> -
>> CATool: Private Certificate Authority for Unix and Unix-like systems.
>> 
>> 
>> 
> 



NB: 

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets), 
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.





More information about the radiator mailing list