Hello Chairath -
The log message shown below is due to the username "user2@test2" not being found in the database. This is probably because you have not used a RewriteUsername in the Handler to strip the realm (you should use the same one that you used in the Realm clause). regards Hugh On Tue, 11 Dec 2001 15:17, Chairath K wrote: > Hello Hugh, > > I have got problem about Bad login count. According to section 5.1.9 in > reference manual of RAdmin version 1.4 , it said that if we leave this > field blank, then no bad login limits will be applied. But !! when I try , > I can't login . In log file shows a message like these > > > Tue Dec 11 10:53:56 2001: INFO: Access rejected for user2@test2: No such > user Tue Dec 11 10:53:56 2001: DEBUG: Packet dump: > *** Sending to 10.20.0.2 port 49156 .... > Code: Access-Reject > Identifier: 159 > Authentic: <0><0>4G<0><0><13><21><0><0><31>><0><0>/<172> > Attributes: > Reply-Message = "Request Denied" > > So how can I fixed it . > Futhermore , how can I expand login limit to more than 5 > > Regards, > Chairath > > P.S. Our system are running with Radiator 2.18 and Radmin 1.4 > > Foreground > LogStdout > LogDir d:/Radiator-2.18/log > DbDir d:/Radiator-2.18 > LogFile %L/logfile-%d-%m-%Y > > # Dont turn this up too high, since all log messages are logged > # to the RADMESSAGES table in the database. 3 will give you everything > # except debugging messages > Trace 4 > > > # PreClientHook to add NAS-Port attribute > PreClientHook file:"%D/addNASPort" > > # You will probably want to change this to suit your site. > # You should list all the clients you have, and their secrets > # If you are using the Radmin Clients table, you wil probably > # want to disable this. > #<Client DEFAULT> > # Secret mysecret > # DupInterval 0 > #</Client> > > # You can put additonal (or all) client details in your Radmin > # database table > # and get their details from there with something like this: > # You can then use the Radmin 'Add Radius Client' to add new clients. > <ClientListSQL> > DBSource dbi:ODBC:Radmin > DBUsername xxx > DBAuth xxxx > </ClientListSQL> > > #<AuthBy RADIUS> > # Identifier ProxyTofunk > # Host 10.2.0.6 > # Secret test > #</AuthBy> > > #<Realm funk> > # strip Realm > # RewriteUsername s/^([^@]+).*/$1/ > # AuthBy ProxyTofunk > #</Realm> > > <AuthBy RADMIN> > Identifier RADMINAUTH > # Change DBSource, DBUsername, DBAuth for your database > # See the reference manual. You will also have to > # change the one in <SessionDatabse SQL> below > # so its the same > DBSource dbi:ODBC:Radmin > DBUsername xxx > DBAuth xxxx > DateFormat %e %m %Y %T > # You can add to or change these if you want, but you > # will probably want to change the database schema first > AccountingTable RADUSAGE > AcctColumnDef USERNAME,User-Name > AcctColumnDef TIME_STAMP,Timestamp,integer > AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type,integer > AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer > AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer > AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer > AcctColumnDef ACCTSESSIONID,Acct-Session-Id > AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer > AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause,integer > AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address > AcctColumnDef NASIDENTIFIER,NAS-Identifier > AcctColumnDef NASIDENTIFIER,NAS-IP-Address > AcctColumnDef NASPORT,NAS-Port,integer > AcctColumnDef DNIS,Called-Station-Id > AcctColumnDef DATE,Timestamp,integer-date > # This updates the time and octets left > # for this user > AcctSQLStatement update RADUSERS set > TIMELEFT=TIMELEFT-0%{Acct-Session-Time}, > OCTETSINLEFT=OCTETSINLEFT-0%{Acct-Input-Octets}, > OCTETSOUTLEFT=OCTETSOUTLEFT-0%{Acct-Output-Octets} where USERNAME='%n' > > </AuthBy> > > <AuthBy GROUP> > Identifier WithIdleTimeout > AuthBy RADMINAUTH > # These are the classic things to add to each users > # reply to allow a PPP dialup session. It may be > # different for your NAS. This will add some > # reply items to everyone's reply > AddToReply Framed-Protocol = PPP,\ > Service-Type = Framed-User,\ > Framed-IP-Netmask = 255.255.255.255,\ > Framed-Routing = None,\ > Framed-MTU = 1500,\ > Framed-Compression = Van-Jacobson-TCP-IP,\ > Idle-Timeout = 600,\ > Class = %{NAS-Port} > </AuthBy> > > <AuthBy GROUP> > Identifier WithOutIdleTimeout > AuthBy RADMINAUTH > # These are the classic things to add to each users > # reply to allow a PPP dialup session. It may be > # different for your NAS. This will add some > # reply items to everyone's reply > AddToReply Framed-Protocol = PPP,\ > Service-Type = Framed-User,\ > Framed-IP-Netmask = 255.255.255.255,\ > Framed-Routing = None,\ > Framed-MTU = 1500,\ > Framed-Compression = Van-Jacobson-TCP-IP,\ > Class = %{NAS-Port} > </AuthBy> > > <AuthBy FILE> > Identifier TimeZone > Filename %D/adsl.users > </AuthBy> > > <Handler Request-Type=Accounting-Request> > AuthBy RADMINAUTH > </Handler> > > <Handler Realm=test1> > AuthBy TimeZone > </Handler> > > <Handler Realm=test2> > AuthBy WithOutIdleTimeout > </Handler> > > <Handler> > AuthBy WithIdleTimeout > </Handler> > > > # Handle User with NO Realm with RADMIN > #<Realm> > # AuthBy RADMINAUTH > #</Realm> > > # Handle everyone with RADMIN > #<Realm DEFAULT> > # AuthBy RADMINAUTH > #</Realm> > > <SessionDatabase SQL> > # This database spec usually should be exactly the same > # as in <AuthBy RADMIN> above > DBSource dbi:ODBC:Radmin > DBUsername xxxx > DBAuth xxxx > ClearNasQuery > </SessionDatabase> -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.