Hi,
We have been using a Cistron radius server running on FreeBSD. I've since
setup a FreeRadius server (also FreeBSD) with a new dial-up number.
Authentication on the FreeRadius server is working 100% except for ISDN
users. Analog users are authenticating correctly. I can't seem to find the
problem, even though I've done some extensive GOOGLE'ing. :)
I've came across some older Mail Archives with users having the exact same
problem. However there were no answer to the problem. So I was hoping
someone can be of assistance....
Here are the first part of my "USERS" config file:
DEFAULT Fall-Through = no
# ISDN users
isdn password == "isdn", Simultaneous-Use = 2
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 255.255.255.254,
Framed-IP-Netmask = 255.255.255.255,
Framed-Routing = Broadcast,
Framed-Compression = None,
Port-Limit = 2,
Framed-MTU = 1500,
cisco-avpair="ip:addr-pool=cyberh"
123456 Password = "testisdn"
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 255.255.255.254,
Framed-IP-Netmask = 255.255.255.255,
Framed-Routing = Broadcast,
Framed-MTU = 1500,
cisco-avpair="ip:addr-pool=cyberh"
# Analog users
DEFAULT Fall-Through = Yes
test Password = "test123", NAS-Port-Type = Async
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 255.255.255.254,
Framed-IP-Netmask = 255.255.255.255,
Framed-Routing = Broadcast,
Framed-MTU = 1500
HERE ARE THE RADIUS LOGS:
Sat Mar 13 20:20:07 2004 : Info: Reloading configuration files.
Sat Mar 13 20:20:07 2004 : Info: Using deprecated naslist file. Support for
this will go away soon.
Sat Mar 13 20:20:07 2004 : Info: Using deprecated clients file. Support for
this will go away soon.
Sat Mar 13 20:20:07 2004 : Info: Using deprecated realms file. Support for
this will go away soon.
Sat Mar 13 20:20:07 2004 : Info: Ready to process requests.
Sat Mar 13 20:20:12 2004 : Auth: Login incorrect (rlm_chap: Clear text
password not available): [isdn/<CHAP-Password>] (from client NAS2 port 20002
cli 05554409)
Sat Mar 13 20:22:14 2004 : Auth: Login incorrect: [isdn/isdn] (from client
NAS2 port 20201 cli 05554409)
Sat Mar 13 20:22:47 2004 : Auth: Login incorrect (rlm_chap: Clear text
password not available): [isdn/<CHAP-Password>] (from client NAS2 port 20324
cli 05554409)
Sat Mar 13 20:22:59 2004 : Auth: Login incorrect: [isdn/isdn] (from client
NA2 port 20028 cli 05554409)
This problem is becoming quite serious. Please advice...
Regards
Schalk
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of jc
Sent: 12 March 2004 11:38 PM
To: [EMAIL PROTECTED]
Subject: Re: ISDN Authentication problems - URGENT
On Fri, 12 Mar 2004, Schalk Erasmus - IGN wrote:
> TCP/IP CP reported error 738: The server did not assign an address.
>
> Accordingly to the radius logs, authentication was successful.
mmm think this is more an access server problem than radius... sounds like
your nas not assigning ip addresses...
.. if you like contact me offlist and ill try and help where i can
-*-
j.
chief janitor (Tree d'P)
internet solutions - networks infrastructure
tel: +27-11-575-1000 [EMAIL PROTECTED]: +27-11-388-3333
#include <std-disclaimer.h> - 'save the trees, send an email'
-
List info/subscribe/unsubscribe? See http://www.radius.cistron.nl/list/
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Schalk
Erasmus - IGN
Sent: 12 March 2004 11:07 PM
To: [EMAIL PROTECTED]
Subject: ISDN Authentication problems - URGENT
Hi everyone,
I have a slight problem...and also quite an urgent one.
We are in the process of switching NAS Providers, but all is well except
ISDN Authentication. We are running parallel at the moment, using two
different Dial-Up Numbers. Both NAS is setup to send Authentication
request
to our Radius Server (Cistron 1.6.6), using the same IP address.
FreeBSD ver 4.8
radiusd: RADIUS version 1.6.6 06-Feb-2002
Compilation flags: NOSHADOW ATTRIB_NMC COMPAT_1543
HOWEVER, when I dial-up with ISDN (64k - Single Channel), it does not
work
on the new Dial-Up Number. Standard ASync Analog Dial works 100% on both
the
old and new number, using the same User Account information, but not
ISDN.
We've struggled around to find a suitable answer but without any luck.
We
have even considered to start changing values in the dictionary and
dictionary.cisco files.
Does anyone have a valid explanation for this?
When you try to Dial ISDN, authentication is successful, but immediate
thereafter you get:
Error Connecting to ISP
TCP/IP CP reported error 738: The server did not assign an address.
Accordingly to the radius logs, authentication was successful.
Any advice to fix this problem soonest, would be greatly appreciated.
THANK YOU FOR YOUR TIME...
Regards
Schalk
-
List info/subscribe/unsubscribe? See http://www.radius.cistron.nl/list/
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
