[RADIATOR] radius attribute errors
Heikki Vatiainen
hvn at open.com.au
Fri Aug 24 04:18:23 CDT 2012
On 08/24/2012 11:35 AM, Murat Kocum wrote:
> We have mass disconnections on our radius server radiator and then they
> can not connect. It was a smooth running server until our provider made
> some changes on their side. What I see is that we are receiving username
> null when problems occur. We have no username null it should be 8 digit
> figure. Besides I see several attribute not found errors. Both of them
> appear together. For some periods of time they connect and work
> properly. What may be the problem?
One possibility is your dictionary file is missing or very broken. When
you start radiusd with Trace 4 enabled you should see something like this:
Fri Aug 24 12:14:56 2012: DEBUG: Reading dictionary file
'/home/hvn/radiator/Radiator-4.10/dictionary'
The actual location of dictionary file depends on your configuration.
The default is %D/dictionary where %D is DbDir which is by default
/usr/local/etc/raddb. Many sites define DbDir to /etc/radiator
Please take a look at Radiator startup messages for hints about
dictionary file and see that the dictionary file is correct. The packet
dump looks reasonable and seems to contain User-Name, User-Password etc.
Thanks,
Heikki
> Packet length = 96
> 01 b9 00 60 fe 9f dc 6b 6f a0 55 c6 4f 6c 0c 7d
> 8c 66 b3 33 01 0a 31 30 35 31 31 34 30 31 02 12
> 56 76 5a 41 6b 86 97 f6 68 af 2c 3f 99 32 1a c3
> 04 06 0a 11 03 fe 20 11 4d 31 32 30 5f 32 5f 41
> 7a 65 72 63 65 6c 6c 1e 07 69 6e 74 65 6c 07 06
> 00 00 00 07 06 06 00 00 00 02 3d 06 00 00 00 05
> Code: Access-Request
> Identifier: 185
> Authentic: <254><159><220>ko<160>U<198>Ol<12>}<140>f<179>3
> Attributes:
>
> Mon Aug 20 17:07:48 2012: ERR: Attribute number 5 is not defined in your
> dictionary
> Mon Aug 20 17:07:48 2012: ERR: Attribute number 40 is not defined in
> your dictionary
> Mon Aug 20 17:07:48 2012: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
> Mon Aug 20 17:07:48 2012: ERR: Attribute number 4 is not defined in your
> dictionary
> Mon Aug 20 17:07:48 2012: ERR: Attribute number 32 is not defined in
> your dictionary
> Mon Aug 20 17:07:48 2012: ERR: Attribute number 44 is not defined in
> your dictionary
> Mon Aug 20 17:07:48 2012: ERR: Attribute number 8 is not defined in your
> dictionary
> Mon Aug 20 17:07:48 2012: DEBUG: Deleting session for , 10.17.3.254,
> Mon Aug 20 17:07:48 2012: DEBUG: do query is: 'delete from RADONLINE
> where NASIDENTIFIER='10.17.3.254' and NASPORT=0':
> Mon Aug 20 17:07:48 2012: DEBUG: Handling with Radius::AuthRADMIN:
> Mon Aug 20 17:07:48 2012: DEBUG: Handling with Radius::AuthRADMIN:
> Mon Aug 20 17:07:48 2012: ERR: Attribute number 79 is not defined in
> your dictionary
> Mon Aug 20 17:07:48 2012: DEBUG: Query is: 'select PASS_WORD,
> STATICADDRESS, TIMELEFT, MAXLOGINS, SERVICENAME, BADLOGINS, VALIDFROM,
> VALIDTO from RADUSERS where USERNAME=NULL':
> Mon Aug 20 17:07:48 2012: DEBUG: Radius::AuthRADMIN looks for match with []
> Mon Aug 20 17:07:48 2012: DEBUG: Radius::AuthRADMIN REJECT: No such user: []
> Mon Aug 20 17:07:48 2012: DEBUG: AuthBy RADMIN result: REJECT, No such user
> Mon Aug 20 17:07:48 2012: INFO: Access rejected for : No such user
> Mon Aug 20 17:07:48 2012: ERR: Attribute number 2 is not defined in your
> dictionary
> Mon Aug 20 17:07:48 2012: DEBUG: do query is: 'insert into RADAUTHLOG
> (TIME_STAMP, USERNAME, TYPE, REASON) values (1345464468, '', 0, 'No such
> user')':
> Mon Aug 20 17:07:48 2012: ERR: Attribute number 18 is not defined in
> your dictionary
> Mon Aug 20 17:07:48 2012: ERR: Attribute number 18 is not defined in
> your dictionary
> Mon Aug 20 17:07:48 2012: ERR: Attribute number 211 is not defined in
> your dictionary
> Mon Aug 20 17:07:48 2012: WARNING: No such attribute Unknown
> Mon Aug 20 17:07:48 2012: DEBUG: Packet dump:
> *** Sending to 10.17.3.254 port 63160 ....
>
> Packet length = 20
> 03 b9 00 14 18 88 f4 7d 1f 34 4b f5 d8 f9 ea 96
> 05 ea b3 ef
> Code: Access-Reject
> Identifier: 185
> Authentic: <24><136><244>}<31>4K<245><216><249><234><150><5><234><179><239>
> Attributes:
> Unknown = Request Denied
>
> <http://www.iddaa.com/>
>
> *Disclaimer:*
>
> ------------------------------------------------------------------------
>
> Bu e-posta mesaji ve ekleri sadece gonderildigi kisi veya kuruma
> ozeldir. Eger dogru kisiye ulasmadigini dusunuyorsaniz, bu mesajin
> yonlendirilmesi, kopyalanmasi veya herhangi bir sekilde kullanilmasi
> yasaktir.Mesaj iceriginde bulunan fikir ve yorumlar, INTELTEK'e degil
> sadece gondericiye aittir. Bu mesaj bilinen tum viruslere karsi test
> edilmistir.
> <http://www.iddaa.com/>
> This e-mail and any files transmitted with it are confidential and
> intended solely for the use of the individual or entity to whom they are
> addressed. If you are not the intended recipient you are hereby notified
> that any dissemination, copying or use of the information is prohibited.
> The opinions expressed in this message belong to sender alone. There is
> no implied endorsement by INTELTEK.This e-mail has been scanned for all
> known computer viruses.
>
> ------------------------------------------------------------------------
>
>
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
>
--
Heikki Vatiainen <hvn at open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.
More information about the radiator
mailing list