--- Forwarded mail from [EMAIL PROTECTED] From: [EMAIL PROTECTED] Date: Sat, 2 Jun 2001 15:01:29 -0500 To: [EMAIL PROTECTED] Subject: BOUNCE [EMAIL PROTECTED]: Non-member submission from ["Steve Hardin" <[EMAIL PROTECTED]>] >From [EMAIL PROTECTED] Sat Jun 2 15:01:29 2001 Received: from phoenix.aye.net (phoenix.aye.net [198.7.192.5]) by server1.open.com.au (8.11.0/8.11.0) with SMTP id f52K1TD07841 for <[EMAIL PROTECTED]>; Sat, 2 Jun 2001 15:01:29 -0500 Received: (qmail 36702 invoked from network); 2 Jun 2001 21:57:31 -0000 Received: from hpcw.hpcisp.com (HELO CTO) (208.149.144.9) by phoenix.aye.net with SMTP; 2 Jun 2001 21:57:31 -0000 Reply-To: <[EMAIL PROTECTED]> From: "Steve Hardin" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Subject: Static IP address/Framed-IP-Address Simultaneous-Use = 1 attribute Date: Sat, 2 Jun 2001 17:59:53 -0400 Message-ID: <[EMAIL PROTECTED]> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.3018.1300 Hi, We are testing out Radiator and so far it seems easy to set up and get working. I seem to be having a problem with a few items however I believe they are all connected. I'm trying a simple set up with one realm (DEFAULT) with cisco 5300. I would like to use Simultaneous-Use only for most users but not all. I would like to add static ip's for some users with Framed-IP-Address Simultaneous-Use = 1 authentication from SQL Database. The basic username password authentication is working fine only when forcing the AddToReplyIfNotExist directive in the config file. It seems that the reply attributes are not being sent back to the 5300 so the same users can log on multiple times. When using the DefaultSimultaneousUse statement only one user at a time can log on. However when setting that attribute and value in the SQL database and removing DefaultSimultaneousUse from the config file, the same user can log on multiple times. I'm seeing a similar problem with assigning a static ip. Defined in the database does not get assigned to the access server. Additionally I must use the AddToReplyIfNotExist in my config or else I get a no appropriate authorization type for user. Here is my sql.config and some debugs. One for a the user fred and one for the user xyz. Xyz is a user set up for static ip and fred is a basic user that can only log on once. Sql.cfg # common-sql.cfg # # Example Radiator configuration file that allows you to # authenticate from an SQL database. # With Radiator you can interface with almost any databse schema, # and there are many more configurable parameters that allow you # to control database fallback, select statements, column names # and arrangements etc etc etc. # See the reference manual for more details. # This is a very simple exmaple to get you started. It will # work with the tables created by the goodies/*.sql scripts. # # You should consider this file to be a starting point only # $Id: sql.cfg,v 1.5 2000/11/07 21:18:05 mikem Exp $ Foreground LogStdout LogDir . DictionaryFile ./dictionary.cisco DbDir . Trace 4 <Client as2.hpcisp.com> Secret xxx </Client> <SessionDatabase SQL> DBSource dbi:mysql:xxxxx DBUsername xxxxx DBAuth xxxxxxx </SessionDatabase SQL> # This will authenticate users from SUBSCRIBERS <Realm DEFAULT> <AuthBy SQL> # Adjust DBSource, DBUsername, DBAuth to suit your DB DBSource dbi:mysql:xxx DBUsername xxx DBAuth xxxxx #DefaultSimultaneousUse 1 # You may want to tailor these for your ACCOUNTING table # You can add your own columns to store whatever you like AccountingTable ACCOUNTING AcctColumnDef USERNAME,User-Name AcctColumnDef TIME_STAMP,Timestamp,integer AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer AcctColumnDef ACCTSESSIONID,Acct-Session-Id AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause AcctColumnDef NASIDENTIFIER,NAS-Identifier AcctColumnDef NASPORT,NAS-Port,integer AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address # added would like to take this out! AddToReplyIfNotExist Service-Type = Framed-User,\ Framed-Protocol = PPP,\ Framed-Routing = None,\ Framed-MTU = 1500,\ Framed-Compression = Van-Jacobson-TCP-IP # end added # You can arrange to log accounting to a file if the # SQL insert fails with AcctFailedLogFileName # That way you could recover from a broken SQL # server AcctFailedLogFileName %D/missedaccounting </AuthBy> </Realm> --------------------------------------------------End SQL.cfg--------------------------------------------------------------------- ------------ -----------------------------Select for subscribers------------------------------------------------ USERNAME CHECKATTR fred Simultaneous-Use = 1, Service-Type = Framed-User xyz Service-Type = Framed-User USERNAME REPLYATTR fred Framed-Protocol = PPP,Framed-IP-Netmask = 255.255.255.254,Service-Type = Framed-User, Framed-Routing = None,Framed-MTU = 1500, Framed-Compression = Van-Jacobson-TCP-IP USERNAME REPLYATTR xyz Framed-Protocol = PPP,Framed-IP-Netmask = 255.255.255.254,Framed-IP-Address = 208.149.144.160, Service-Type = Framed-User,Framed-Routing = None,Framed-MTU = 1500, Framed-Compression = Van-Jacobson-TCP-I ------------------------------End select for Subscribers------------------------------------------------ ---End of forwarded mail from [EMAIL PROTECTED] -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.