Hello Ganbold -
I will need to see a trace 4 debug from Radiator showing what is
happening.
thanks
Hugh
At 19:11 +0800 01/4/9, ganbold wrote:
Hi,
I have problem with Radiator-2.18 in FreeBSD 4.0. All modules installed.
All is working fine except Radiator is not sending accounting-response after receiving accounting-request from NAS.
Here is my radiator config file.
########################################################################################
# radius.cfg
Foreground
Trace 5
AuthPort 1645
AcctPort 1646
LogDir /var/log/radius
DbDir /usr/local/var/radius
LogFile %L/logfile
DictionaryFile %D/dictionary
#DictionaryFile %D/dictionary.cisco
#DictionaryFile %D/dictionary.ascend
#DictionaryFile %D/dictionary.ascend2
FingerProg /usr/bin/finger
SnmpgetProg /usr/local/bin/snmpget
#RewriteUsername tr/[A-Z]/[a-z]/
#RewriteUsername s/\S+//g
#PreClientHook sub { print "Here I am in PreClentHook\n"; }
#StartupHook sub {print "here I am in StartupHook $_[0]\n";}
<Client x.x.x.x>
Secret xxx
DupInterval 0
NoIgnoreDuplicates Access-Request
NasType Cisco
# NasType Ascend
# RewriteUsername s/^([^@]+).*/$1/
# RewriteUsername tr/[A-Z]/[a-z]/
StatusServerShowClientDetails
</Client>
<Client z.z.z.z>
Secret xxx
DupInterval 0
NoIgnoreDuplicates Access-Request
NasType Cisco
# NasType Ascend
# RewriteUsername s/^([^@]+).*/$1/
# RewriteUsername tr/[A-Z]/[a-z]/
StatusServerShowClientDetails
</Client>
<Client DEFAULT>
Secret xxx
DupInterval 0
NoIgnoreDuplicates Access-Request
NasType Cisco
# NasType Ascend
# RewriteUsername s/^([^@]+).*/$1/
# RewriteUsername tr/[A-Z]/[a-z]/
StatusServerShowClientDetails
</Client>
###############################################################
####################################################################
####################################################################
<Realm DEFAULT>
#<Handler>
# RewriteUsername s/^([^@]+).*/$1/
# RewriteUsername tr/[A-Z]/[a-z]/
MaxSessions 1
# AcctLogFileName %L/detail
# AcctLogFileFormat %{Timestamp} %{Acct-Session-Id} %{User-Name}
# WtmpFileName %L/wtmp
# PasswordLogFileName %L/password.log
RejectHasReason
AuthByPolicy ContinueWhileIgnore
AccountingHandled
SessionDatabase SQL1
<AuthBy SQL>
DBSource dbi:mysql:radius
DBUsername root
DBAuth xxx
# AuthSelect select PASSWORD,CHECKATTR,REPLYATTR from SUBSCRIBERS where USERNAME='%n'
AuthSelect select PASSWORD,REPLYATTR,TIMELEFT from SUBSCRIBERS where USERNAME='%n'
AuthColumnDef 0, User-Password, check
AuthColumnDef 1, GENERIC, reply
AuthColumnDef 2, Session-Timeout, reply
AddToReply Framed-Protocol = PPP,Service-Type = Framed-User,Framed-MTU = 1500,Framed-Compression = Van-Jacobson-TCP-IP
AccountingTable ACCOUNTING
AccountingStopsOnly
AcctColumnDef USERNAME,User-Name
AcctColumnDef TIME_STAMP,Timestamp,integer
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
AcctColumnDef NASIDENTIFIER,NAS-Identifier
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AcctColumnDef CALLINGSTATIONID,Calling-Station-Id
AcctSQLStatement update SUBSCRIBERS set TIMELEFT=TIMELEFT-%{Acct-Session-Time} where USERNAME='%n'
RejectEmptyPassword
AcctFailedLogFileName %L/misseddetails
</AuthBy>
<AuthBy RADIUS>
Host xxx.net
Secret xxx
AuthPort 1645
AcctPort 1646
Retries 4
RetryTimeout 5
CachePasswords
RejectEmptyPassword
# AcctLogFileName %L/misseddetails2
</AuthBy>
##############################################
PostAuthHook file:"%D/CheckBlockTimeLeft"
</Realm>
#</Handler>
<ClientListSQL>
DBSource dbi:mysql:radius
DBUsername root
DBAuth xxx
</ClientListSQL>
<SessionDatabase SQL>
DBSource dbi:mysql:radius
DBUsername root
DBAuth xxx
# Optional identifier. Its just a name
Identifier SQL1
AddQuery insert into RADONLINE (USERNAME,NASIDENTIFIER,NASPORT,ACCTSESSIONID,TIME_STAMP,FRAMEDIPADDRESS,NASPORTTYPE,SERVICETYPE) values('%n','%N',%{NAS-Port},'%{Acct-Session-Id}',%{Timestamp},'%{Framed-IP-Address}','%{Port-Type}','%{Service-Type}')
DeleteQuery delete from RADONLINE where USERNAME='%n' and NASIDENTIFIER='%N' and NASPORT=%{NAS-Port}
ClearNasQuery delete from RADONLINE where NASIDENTIFIER='%N'
CountQuery select NASIDENTIFIER,NASPORT,ACCTSESSIONID from RADONLINE where USERNAME='%n'
</SessionDatabase>
# Log to a file
<Log FILE>
Filename %L/mylog
Trace 5
</Log>
# Log to syslog (Unix only)
<Log SYSLOG>
Facility user
Trace 4
</Log>
#<Log SQL>
# Defines how to connect to the database. See examples above
# DBSource dbi:mysql:radius
# DBUsername mikem
# DBAuth fred
# Trace level to use (allows same values as the global Trace level)
# Trace 4
#</Log>
#########################################################################################
--
NB: I am travelling this week, so there may be delays in our correspondence.
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux,
FreeBSD, Windows 95/98/2000, NT, MacOS X.