Hello Chairath -
I apologise, but I don't understand the question. Could you please provide me with more details and a trace 4 debug showing the problem. thanks Hugh On Tue, 11 Dec 2001 17:51, Chairath K wrote: > Hello Hugh, > > Our Nas send a user with realm. And when I set Bad login count to zero , I > can login with user2@test2 also. > > Regards, > Chairath > > > Hello Chairath - > > > > The log message shown below is due to the username "user2@test2" not > > being found in the database. This is probably because you have not used a > > RewriteUsername in the Handler to strip the realm (you should use the > > same one that you used in the Realm clause). > > > > regards > > > > Hugh > > > > On Tue, 11 Dec 2001 15:17, Chairath K wrote: > > > Hello Hugh, > > > > > > I have got problem about Bad login count. According to section 5.1.9 in > > > reference manual of RAdmin version 1.4 , it said that if we leave this > > > field blank, then no bad login limits will be applied. But !! when I > > > try > > , > > > > I can't login . In log file shows a message like these > > > > > > > > > Tue Dec 11 10:53:56 2001: INFO: Access rejected for user2@test2: No > > > such user Tue Dec 11 10:53:56 2001: DEBUG: Packet dump: > > > *** Sending to 10.20.0.2 port 49156 .... > > > Code: Access-Reject > > > Identifier: 159 > > > Authentic: <0><0>4G<0><0><13><21><0><0><31>><0><0>/<172> > > > Attributes: > > > Reply-Message = "Request Denied" > > > > > > So how can I fixed it . > > > Futhermore , how can I expand login limit to more than 5 > > > > > > Regards, > > > Chairath > > > > > > P.S. Our system are running with Radiator 2.18 and Radmin 1.4 > > > > > > Foreground > > > LogStdout > > > LogDir d:/Radiator-2.18/log > > > DbDir d:/Radiator-2.18 > > > LogFile %L/logfile-%d-%m-%Y > > > > > > # Dont turn this up too high, since all log messages are logged > > > # to the RADMESSAGES table in the database. 3 will give you everything > > > # except debugging messages > > > Trace 4 > > > > > > > > > # PreClientHook to add NAS-Port attribute > > > PreClientHook file:"%D/addNASPort" > > > > > > # You will probably want to change this to suit your site. > > > # You should list all the clients you have, and their secrets > > > # If you are using the Radmin Clients table, you wil probably > > > # want to disable this. > > > #<Client DEFAULT> > > > # Secret mysecret > > > # DupInterval 0 > > > #</Client> > > > > > > # You can put additonal (or all) client details in your Radmin > > > # database table > > > # and get their details from there with something like this: > > > # You can then use the Radmin 'Add Radius Client' to add new clients. > > > <ClientListSQL> > > > DBSource dbi:ODBC:Radmin > > > DBUsername xxx > > > DBAuth xxxx > > > </ClientListSQL> > > > > > > #<AuthBy RADIUS> > > > # Identifier ProxyTofunk > > > # Host 10.2.0.6 > > > # Secret test > > > #</AuthBy> > > > > > > #<Realm funk> > > > # strip Realm > > > # RewriteUsername s/^([^@]+).*/$1/ > > > # AuthBy ProxyTofunk > > > #</Realm> > > > > > > <AuthBy RADMIN> > > > Identifier RADMINAUTH > > > # Change DBSource, DBUsername, DBAuth for your database > > > # See the reference manual. You will also have to > > > # change the one in <SessionDatabse SQL> below > > > # so its the same > > > DBSource dbi:ODBC:Radmin > > > DBUsername xxx > > > DBAuth xxxx > > > DateFormat %e %m %Y %T > > > # You can add to or change these if you want, but you > > > # will probably want to change the database schema first > > > AccountingTable RADUSAGE > > > AcctColumnDef USERNAME,User-Name > > > AcctColumnDef TIME_STAMP,Timestamp,integer > > > AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type,integer > > > AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer > > > AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer > > > AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer > > > AcctColumnDef ACCTSESSIONID,Acct-Session-Id > > > AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer > > > AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause,integer > > > AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address > > > AcctColumnDef NASIDENTIFIER,NAS-Identifier > > > AcctColumnDef NASIDENTIFIER,NAS-IP-Address > > > AcctColumnDef NASPORT,NAS-Port,integer > > > AcctColumnDef DNIS,Called-Station-Id > > > AcctColumnDef DATE,Timestamp,integer-date > > > # This updates the time and octets left > > > # for this user > > > AcctSQLStatement update RADUSERS set > > > TIMELEFT=TIMELEFT-0%{Acct-Session-Time}, > > > OCTETSINLEFT=OCTETSINLEFT-0%{Acct-Input-Octets}, > > > OCTETSOUTLEFT=OCTETSOUTLEFT-0%{Acct-Output-Octets} where USERNAME='%n' > > > > > > </AuthBy> > > > > > > <AuthBy GROUP> > > > Identifier WithIdleTimeout > > > AuthBy RADMINAUTH > > > # These are the classic things to add to each users > > > # reply to allow a PPP dialup session. It may be > > > # different for your NAS. This will add some > > > # reply items to everyone's reply > > > AddToReply Framed-Protocol = PPP,\ > > > Service-Type = Framed-User,\ > > > Framed-IP-Netmask = 255.255.255.255,\ > > > Framed-Routing = None,\ > > > Framed-MTU = 1500,\ > > > Framed-Compression = Van-Jacobson-TCP-IP,\ > > > Idle-Timeout = 600,\ > > > Class = %{NAS-Port} > > > </AuthBy> > > > > > > <AuthBy GROUP> > > > Identifier WithOutIdleTimeout > > > AuthBy RADMINAUTH > > > # These are the classic things to add to each users > > > # reply to allow a PPP dialup session. It may be > > > # different for your NAS. This will add some > > > # reply items to everyone's reply > > > AddToReply Framed-Protocol = PPP,\ > > > Service-Type = Framed-User,\ > > > Framed-IP-Netmask = 255.255.255.255,\ > > > Framed-Routing = None,\ > > > Framed-MTU = 1500,\ > > > Framed-Compression = Van-Jacobson-TCP-IP,\ > > > Class = %{NAS-Port} > > > </AuthBy> > > > > > > <AuthBy FILE> > > > Identifier TimeZone > > > Filename %D/adsl.users > > > </AuthBy> > > > > > > <Handler Request-Type=Accounting-Request> > > > AuthBy RADMINAUTH > > > </Handler> > > > > > > <Handler Realm=test1> > > > AuthBy TimeZone > > > </Handler> > > > > > > <Handler Realm=test2> > > > AuthBy WithOutIdleTimeout > > > </Handler> > > > > > > <Handler> > > > AuthBy WithIdleTimeout > > > </Handler> > > > > > > > > > # Handle User with NO Realm with RADMIN > > > #<Realm> > > > # AuthBy RADMINAUTH > > > #</Realm> > > > > > > # Handle everyone with RADMIN > > > #<Realm DEFAULT> > > > # AuthBy RADMINAUTH > > > #</Realm> > > > > > > <SessionDatabase SQL> > > > # This database spec usually should be exactly the same > > > # as in <AuthBy RADMIN> above > > > DBSource dbi:ODBC:Radmin > > > DBUsername xxxx > > > DBAuth xxxx > > > ClearNasQuery > > > </SessionDatabase> > > > > -- > > Radiator: the most portable, flexible and configurable RADIUS server > > anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. > > - > > Nets: internetwork inventory and management - graphical, extensible, > > flexible with hardware, software, platform and database independence. > > === > > Archive at http://www.open.com.au/archives/radiator/ > > Announcements on [EMAIL PROTECTED] > > To unsubscribe, email '[EMAIL PROTECTED]' with > > 'unsubscribe radiator' in the body of the message. > > === > Archive at http://www.open.com.au/archives/radiator/ > Announcements on [EMAIL PROTECTED] > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.