[RADIATOR] radius attribute errors

Hugh Irvine hugh at open.com.au
Fri Aug 24 04:31:11 CDT 2012 

Hello Murat Kocum -

This looks like Radiator is not seeing its dictionary file, as the packet you show below decodes correctly with a User-name of 

> 01 0a 31 30 35 31 31 34 30 31 

10511401

The other attribute numbers are also defined in the standard Radiator dictionary.

What dictionary file are you using? What version of Radiator? What version of Perl? What configuration file (do not include shared secrets)?

We will need to know more about your installation to be able to say anything more.

regards

Hugh


On 24 Aug 2012, at 18:35, Murat Kocum <mkocum at inteltek.com.tr> wrote:

> Dear All,
> 
> We have mass disconnections on our radius server radiator and then they can not connect. It was a smooth running server until our provider made some changes on their side. What I see is that we are receiving username null when problems occur. We have no username null it should be 8 digit figure. Besides I see several attribute not found errors. Both of them appear together. For some periods of time they connect and work properly. What may be the problem? 
> 
> Thanks
> 
> 
> Packet length = 96
> 01 b9 00 60 fe 9f dc 6b 6f a0 55 c6 4f 6c 0c 7d
> 8c 66 b3 33 01 0a 31 30 35 31 31 34 30 31 02 12
> 56 76 5a 41 6b 86 97 f6 68 af 2c 3f 99 32 1a c3
> 04 06 0a 11 03 fe 20 11 4d 31 32 30 5f 32 5f 41
> 7a 65 72 63 65 6c 6c 1e 07 69 6e 74 65 6c 07 06
> 00 00 00 07 06 06 00 00 00 02 3d 06 00 00 00 05
> Code: Access-Request
> Identifier: 185
> Authentic: <254><159><220>ko<160>U<198>Ol<12>}<140>f<179>3
> Attributes:
> 
> Mon Aug 20 17:07:48 2012: ERR: Attribute number 5 is not defined in your dictionary
> Mon Aug 20 17:07:48 2012: ERR: Attribute number 40 is not defined in your dictionary
> Mon Aug 20 17:07:48 2012: DEBUG: Handling request with Handler 'Realm=DEFAULT'
> Mon Aug 20 17:07:48 2012: ERR: Attribute number 4 is not defined in your dictionary
> Mon Aug 20 17:07:48 2012: ERR: Attribute number 32 is not defined in your dictionary
> Mon Aug 20 17:07:48 2012: ERR: Attribute number 44 is not defined in your dictionary
> Mon Aug 20 17:07:48 2012: ERR: Attribute number 8 is not defined in your dictionary
> Mon Aug 20 17:07:48 2012: DEBUG: Deleting session for , 10.17.3.254, 
> Mon Aug 20 17:07:48 2012: DEBUG: do query is: 'delete from RADONLINE where NASIDENTIFIER='10.17.3.254' and NASPORT=0': 
> Mon Aug 20 17:07:48 2012: DEBUG: Handling with Radius::AuthRADMIN: 
> Mon Aug 20 17:07:48 2012: DEBUG: Handling with Radius::AuthRADMIN: 
> Mon Aug 20 17:07:48 2012: ERR: Attribute number 79 is not defined in your dictionary
> Mon Aug 20 17:07:48 2012: DEBUG: Query is: 'select PASS_WORD, STATICADDRESS, TIMELEFT, MAXLOGINS, SERVICENAME, BADLOGINS, VALIDFROM, VALIDTO from RADUSERS where USERNAME=NULL': 
> Mon Aug 20 17:07:48 2012: DEBUG: Radius::AuthRADMIN looks for match with []
> Mon Aug 20 17:07:48 2012: DEBUG: Radius::AuthRADMIN REJECT: No such user: []
> Mon Aug 20 17:07:48 2012: DEBUG: AuthBy RADMIN result: REJECT, No such user
> Mon Aug 20 17:07:48 2012: INFO: Access rejected for : No such user
> Mon Aug 20 17:07:48 2012: ERR: Attribute number 2 is not defined in your dictionary
> Mon Aug 20 17:07:48 2012: DEBUG: do query is: 'insert into RADAUTHLOG (TIME_STAMP, USERNAME, TYPE, REASON) values (1345464468, '', 0, 'No such user')': 
> Mon Aug 20 17:07:48 2012: ERR: Attribute number 18 is not defined in your dictionary
> Mon Aug 20 17:07:48 2012: ERR: Attribute number 18 is not defined in your dictionary
> Mon Aug 20 17:07:48 2012: ERR: Attribute number 211 is not defined in your dictionary
> Mon Aug 20 17:07:48 2012: WARNING: No such attribute Unknown
> Mon Aug 20 17:07:48 2012: DEBUG: Packet dump:
> *** Sending to 10.17.3.254 port 63160 ....
> 
> Packet length = 20
> 03 b9 00 14 18 88 f4 7d 1f 34 4b f5 d8 f9 ea 96
> 05 ea b3 ef
> Code: Access-Reject
> Identifier: 185
> Authentic: <24><136><244>}<31>4K<245><216><249><234><150><5><234><179><239>
> Attributes:
> Unknown = Request Denied
>  
> Disclaimer:
> Bu e-posta mesaji ve ekleri sadece gonderildigi kisi veya kuruma ozeldir. Eger dogru kisiye ulasmadigini dusunuyorsaniz, bu mesajin yonlendirilmesi, kopyalanmasi veya herhangi bir sekilde kullanilmasi yasaktir.Mesaj iceriginde bulunan fikir ve yorumlar, INTELTEK'e degil sadece gondericiye aittir. Bu mesaj bilinen tum viruslere karsi test edilmistir.
> 
> This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the intended recipient you are hereby notified that any dissemination, copying or use of the information is prohibited. The opinions expressed in this message belong to sender alone. There is no implied endorsement by INTELTEK.This e-mail has been scanned for all known computer viruses.
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator


--

Hugh Irvine
hugh at open.com.au

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. 
Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.

More information about the radiator mailing list