[RADIATOR] radius attribute errors
Martin Burton
mvb at sanger.ac.uk
Fri Aug 24 07:48:39 CDT 2012
If you replace:
DbDir .
with
DbDir /etc/radiator
in your radius.cfg then it should fix your problem.
I suspect that the intermittent issue you are seeing depends on whether
your current working directory is /etc/radiator when you start radiator.
It will work correctly if that is the case, but fail if it is started
when your CWD is elsewhere.
HTH.
Cheers,
Martin.
On 24/08/12 12:01, Murat Kocum wrote:
> Dear Hugh,
>
>
> What dictionary file are you using?
> It is the default one that comes with the software.
>
> What version of Radiator?
> My colleague installed with file Radiator-4.6-1.noarch.rpm
>
> What version of Perl?
> v5.8.8
>
> What configuration file (do not include shared secrets)?
> Please see attached.
>
> We will need to know more about your installation to be able to say anything more.
>
>
> [root@ radiator]# ps -ef|grep radi
> avahi 3464 1 0 Aug22 ? 00:00:00 avahi-daemon: running [azradius1.local]
> root 3928 3904 0 Aug22 pts/3 00:00:00 tail -100f /var/log/radius/logfile-2012-08-22
> root 5534 1 0 Aug22 ? 00:01:25 /usr/bin/perl /usr/bin/radiusd -config_file /etc/radiator/radius.cfg -daemon
> root 11201 3817 0 14:54 pts/2 00:00:00 grep radi
> [root at azradius1 radiator]# ls -ltr /etc/radiator/ total 404
> -rw-r--r-- 1 root root 583 Feb 5 2010 users
> -rw-r--r-- 1 root root 319483 Feb 5 2010 dictionary
> -rw-r--r-- 1 root root 8362 Aug 21 11:06 radius.cfg.bck
> -rw-r--r-- 1 root root 39822 Aug 22 18:16 tcpdump.azradius1.2208_1612
> -rw-r--r-- 1 root root 6282 Aug 22 18:40 tcpdump.azradius1.2208_1639
> -rw-r--r-- 1 root root 8369 Aug 22 20:24 radius.cfg.back2
> -rw-r--r-- 1 root root 8374 Aug 24 12:47 radius.cfg
> [root at azradius1 radiator]# pwd
> /etc/radiator
> [root at azradius1 radiator]#
>
>
> Thanks,
> Murat
>
>
> -----Original Message-----
> From: Hugh Irvine [mailto:hugh at open.com.au]
> Sent: Friday, August 24, 2012 12:31 PM
> To: Murat Kocum
> Cc: radiator at open.com.au
> Subject: Re: [RADIATOR] radius attribute errors
>
>
> Hello Murat Kocum -
>
> This looks like Radiator is not seeing its dictionary file, as the packet you show below decodes correctly with a User-name of
>
>> 01 0a 31 30 35 31 31 34 30 31
>
> 10511401
>
> The other attribute numbers are also defined in the standard Radiator dictionary.
>
> What dictionary file are you using? What version of Radiator? What version of Perl? What configuration file (do not include shared secrets)?
>
> We will need to know more about your installation to be able to say anything more.
>
> regards
>
> Hugh
>
>
> On 24 Aug 2012, at 18:35, Murat Kocum <mkocum at inteltek.com.tr> wrote:
>
>> Dear All,
>>
>> We have mass disconnections on our radius server radiator and then they can not connect. It was a smooth running server until our provider made some changes on their side. What I see is that we are receiving username null when problems occur. We have no username null it should be 8 digit figure. Besides I see several attribute not found errors. Both of them appear together. For some periods of time they connect and work properly. What may be the problem?
>>
>> Thanks
>>
>>
>> Packet length = 96
>> 01 b9 00 60 fe 9f dc 6b 6f a0 55 c6 4f 6c 0c 7d 8c 66 b3 33 01 0a 31
>> 30 35 31 31 34 30 31 02 12
>> 56 76 5a 41 6b 86 97 f6 68 af 2c 3f 99 32 1a c3
>> 04 06 0a 11 03 fe 20 11 4d 31 32 30 5f 32 5f 41 7a 65 72 63 65 6c 6c
>> 1e 07 69 6e 74 65 6c 07 06
>> 00 00 00 07 06 06 00 00 00 02 3d 06 00 00 00 05
>> Code: Access-Request
>> Identifier: 185
>> Authentic: <254><159><220>ko<160>U<198>Ol<12>}<140>f<179>3
>> Attributes:
>>
>> Mon Aug 20 17:07:48 2012: ERR: Attribute number 5 is not defined in
>> your dictionary Mon Aug 20 17:07:48 2012: ERR: Attribute number 40 is
>> not defined in your dictionary Mon Aug 20 17:07:48 2012: DEBUG: Handling request with Handler 'Realm=DEFAULT'
>> Mon Aug 20 17:07:48 2012: ERR: Attribute number 4 is not defined in
>> your dictionary Mon Aug 20 17:07:48 2012: ERR: Attribute number 32 is
>> not defined in your dictionary Mon Aug 20 17:07:48 2012: ERR:
>> Attribute number 44 is not defined in your dictionary Mon Aug 20
>> 17:07:48 2012: ERR: Attribute number 8 is not defined in your
>> dictionary Mon Aug 20 17:07:48 2012: DEBUG: Deleting session for , 10.17.3.254, Mon Aug 20 17:07:48 2012: DEBUG: do query is: 'delete from RADONLINE where NASIDENTIFIER='10.17.3.254' and NASPORT=0':
>> Mon Aug 20 17:07:48 2012: DEBUG: Handling with Radius::AuthRADMIN:
>> Mon Aug 20 17:07:48 2012: DEBUG: Handling with Radius::AuthRADMIN:
>> Mon Aug 20 17:07:48 2012: ERR: Attribute number 79 is not defined in
>> your dictionary Mon Aug 20 17:07:48 2012: DEBUG: Query is: 'select PASS_WORD, STATICADDRESS, TIMELEFT, MAXLOGINS, SERVICENAME, BADLOGINS, VALIDFROM, VALIDTO from RADUSERS where USERNAME=NULL':
>> Mon Aug 20 17:07:48 2012: DEBUG: Radius::AuthRADMIN looks for match
>> with [] Mon Aug 20 17:07:48 2012: DEBUG: Radius::AuthRADMIN REJECT: No
>> such user: [] Mon Aug 20 17:07:48 2012: DEBUG: AuthBy RADMIN result:
>> REJECT, No such user Mon Aug 20 17:07:48 2012: INFO: Access rejected
>> for : No such user Mon Aug 20 17:07:48 2012: ERR: Attribute number 2
>> is not defined in your dictionary Mon Aug 20 17:07:48 2012: DEBUG: do query is: 'insert into RADAUTHLOG (TIME_STAMP, USERNAME, TYPE, REASON) values (1345464468, '', 0, 'No such user')':
>> Mon Aug 20 17:07:48 2012: ERR: Attribute number 18 is not defined in
>> your dictionary Mon Aug 20 17:07:48 2012: ERR: Attribute number 18 is
>> not defined in your dictionary Mon Aug 20 17:07:48 2012: ERR:
>> Attribute number 211 is not defined in your dictionary Mon Aug 20
>> 17:07:48 2012: WARNING: No such attribute Unknown Mon Aug 20 17:07:48 2012: DEBUG: Packet dump:
>> *** Sending to 10.17.3.254 port 63160 ....
>>
>> Packet length = 20
>> 03 b9 00 14 18 88 f4 7d 1f 34 4b f5 d8 f9 ea 96
>> 05 ea b3 ef
>> Code: Access-Reject
>> Identifier: 185
>> Authentic:
>> <24><136><244>}<31>4K<245><216><249><234><150><5><234><179><239>
>> Attributes:
>> Unknown = Request Denied
>>
>> Disclaimer:
>> Bu e-posta mesaji ve ekleri sadece gonderildigi kisi veya kuruma ozeldir. Eger dogru kisiye ulasmadigini dusunuyorsaniz, bu mesajin yonlendirilmesi, kopyalanmasi veya herhangi bir sekilde kullanilmasi yasaktir.Mesaj iceriginde bulunan fikir ve yorumlar, INTELTEK'e degil sadece gondericiye aittir. Bu mesaj bilinen tum viruslere karsi test edilmistir.
>>
>> This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the intended recipient you are hereby notified that any dissemination, copying or use of the information is prohibited. The opinions expressed in this message belong to sender alone. There is no implied endorsement by INTELTEK.This e-mail has been scanned for all known computer viruses.
>> _______________________________________________
>> radiator mailing list
>> radiator at open.com.au
>> http://www.open.com.au/mailman/listinfo/radiator
>
>
> --
>
> Hugh Irvine
> hugh at open.com.au
>
> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc.
> Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.
>
>
> <P align=left><A href="http://www.iddaa.com/"></A> </P>
> <P style="MARGIN-LEFT: -1px" align=left><B>Disclaimer:</B></P>
> <HR>
>
> <P align=left><FONT size=2>Bu e-posta mesaji ve ekleri sadece gonderildigi kisi veya kuruma ozeldir. Eger dogru kisiye ulasmadigini dusunuyorsaniz, bu mesajin yonlendirilmesi, kopyalanmasi veya herhangi bir sekilde kullanilmasi yasaktir.Mesaj iceriginde bulunan fikir ve yorumlar, INTELTEK'e degil sadece gondericiye aittir. Bu mesaj bilinen tum viruslere karsi test edilmistir.</FONT><BR><A href="http://www.iddaa.com/"><IMG height=60 src="http://www.inteltek.com.tr/exchange_banner/468x60.gif" width=468 border=0></A><BR><FONT size=2>This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the intended recipient you are hereby notified that any dissemination, copying or use of the information is prohibited. The opinions expressed in this message belong to sender alone. There is no implied endorsement by INTELTEK.This e-mail has been scanned for all known computer viruses.</FONT><
/P>
> <HR>
>
>
>
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
>
--
Martin Burton
Principal Systems Administrator \\\|||///
Network Team \\ ^ ^ //
Wellcome Trust Sanger Institute ( 6 6 )
-----------------------------------------oOOo-(_)-oOOo---
http://www.sanger.ac.uk
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
Url : http://www.open.com.au/pipermail/radiator/attachments/20120824/e4660481/attachment-0001.bin
More information about the radiator
mailing list