(RADIATOR) Ascend filter problem

Mike McCauley Wed, 09 Jan 2002 14:42:16 -0800

----------  Forwarded Message  ----------

Subject: BOUNCE [EMAIL PROTECTED]:    Non-member submission from ["Doug 
Currey" <[EMAIL PROTECTED]>]
Date: Wed, 9 Jan 2002 13:57:41 -0600
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]

>From [EMAIL PROTECTED] Wed Jan  9 13:57:41 2002
Received: from itsi2.your-net.com (IDENT:[EMAIL PROTECTED] [65.89.54.10])
        by server1.open.com.au (8.11.0/8.11.0) with ESMTP id g09Jve303025
        for <[EMAIL PROTECTED]>; Wed, 9 Jan 2002 13:57:40 -0600
Received: (from apache@localhost)
        by itsi2.your-net.com (8.11.0/8.11.0) id g09LYMK21020;
        Wed, 9 Jan 2002 16:34:22 -0500
Date: Wed, 9 Jan 2002 16:34:22 -0500
Message-Id: <[EMAIL PROTECTED]>
From: "Doug Currey" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Ascend filter problem
X-Mailer: NeoMail 1.24
X-IPAddress: 65.89.54.41
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1

Hi Broadwing has started requiring the following info passwd back to
them.

> Ascend-Data-Filter = "ip in forward tcp est",
> Ascend-Data-Filter = "ip in forward dstip 192.48.96.0/24",
> Ascend-Data-Filter = "ip in drop tcp dstport = 25",
> Ascend-Data-Filter = "ip in forward"

I made sure the "ATTRIBUTE       Ascend-Data-Filter
242     abinary"  is in our dictionary file.

and and have the following added to my config file:

AddToReply Ascend-Data-Filter = "ip in forward tcp est", \
           Ascend-Data-Filter = "ip in forward dstip 65.89.54.0/24", \
           Ascend-Data-Filter = "ip in drop tcp dst = 25", \
           Ascend-Data-Filter = "ip in forward"


Also have this entry this one has always been in my config.


AddToReplyIfNotExist Service-Type = Framed-User, Framed-Protocol =
PPP,  \
         Framed-IP-Address = 255.255.255.254, \
         Framed-IP-Netmask = 255.255.255.255, \
         Framed-MTU =1500, \
         Framed-Compression = Van-Jacobson-TCP-IP, \
         Idle-Timeout = 1200, \
         Session-Timeout = 14400

1st Am I allowd to have both addtoreply and addtoreplyifnotexist in
the realm.

2nd I am getting the following error on my trace 4

WARNING: Could not parse Ascend-Data-Filter: ip in drop tcp dst = 25


Any suggestions
Thanks
Doug Currey
Interlink Technologies

clip of trace:
-----------------------------------------------------

*** Received from 216.143.197.130 port 42592 ....
Code:       Access-Request
Identifier: 35
Authentic:  <200><143><29><<176> <246>8<143><135><16>)<223><253>T<
Attributes:
        User-Name = "[EMAIL PROTECTED]"
        User-Password = "<229>8mg!
I><241><147><218>S<214><156>u<25><189>"
        NAS-IP-Address = 216.140.11.214
        NAS-Port = 2720
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Called-Station-Id = "9375821111"
        Calling-Station-Id = "5139342884"
        NAS-Port-Type = Async
        Cisco-NAS-Port = "Async1/7/128"

Wed Jan  9 15:28:52 2002: DEBUG: Handling request with
Handler 'Realm=your-net.com'
Wed Jan  9 15:28:52 2002: DEBUG: Rewrote user name to badgdl
Wed Jan  9 15:28:52 2002: DEBUG: Rewrote user name to badgdl
Wed Jan  9 15:28:52 2002: DEBUG: SDBSQL Deleting session for
[EMAIL PROTECTED], 216.140.11.214, 2720
Wed Jan  9 15:28:52 2002: DEBUG: do query is: delete from ONLINE where
USERNAME='badgdl' and NASIDENTIFIER='216.140.11.214$

Wed Jan  9 15:28:52 2002: DEBUG: Handling with Radius::AuthSQL
Wed Jan  9 15:28:52 2002: DEBUG: Handling with Radius::AuthSQL
Wed Jan  9 15:28:52 2002: DEBUG: Query is: select HIGH_PRIORITY
PASSWORD, CHECKATTR, REPLYATTR from USERS where USERNAME='$

Wed Jan  9 15:28:52 2002: DEBUG: Radius::AuthSQL looks for match with
badgdl
Wed Jan  9 15:28:52 2002: DEBUG: Radius::AuthSQL ACCEPT:
Wed Jan  9 15:28:52 2002: DEBUG: Access accepted for badgdl
Wed Jan  9 15:28:52 2002: DEBUG: do query is: insert DELAYED into
RADAUTHLOG  (TIME_STAMP, USERNAME, PASSWORD, STATUS) val$

Wed Jan  9 15:28:52 2002: WARNING: Could not parse Ascend-Data-Filter:
ip in drop tcp dst = 25
Wed Jan  9 15:28:52 2002: DEBUG: Packet dump:
*** Sending to 216.143.197.130 port 42592 ....
Code:       Access-Accept
Identifier: 35
Authentic:  <200><143><29><<176> <246>8<143><135><16>)<223><253>T<
Attributes:
        Ascend-Data-Filter = ip in forward tcp est
        Ascend-Data-Filter = ip in forward dstip 65.89.54.0/24
        Ascend-Data-Filter = ip in drop tcp dst = 25
        Ascend-Data-Filter = ip in forward
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Framed-IP-Address = 255.255.255.254
        Framed-IP-Netmask = 255.255.255.255
        Framed-MTU = 1500
        Framed-Compression = Van-Jacobson-TCP-IP
        Idle-Timeout = 1200
        Session-Timeout = 14400

Wed Jan  9 15:28:53 2002: DEBUG: Packet dump:
*** Received from 216.143.197.130 port 42592 ....
*** Received from 216.143.197.130 port 42592 ....
Code:       Accounting-Request
Identifier: 36
Authentic:
<199><18><148><147>'<16><190><0><254><154><236>.<171><212>.D
Attributes:
        User-Name = "[EMAIL PROTECTED]"
        NAS-IP-Address = 216.140.11.214
        NAS-Port = 2720
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Framed-IP-Address = 65.91.245.30
        Called-Station-Id = "9375821111"
        Calling-Station-Id = "5139342884"
        Acct-Status-Type = Start
        Acct-Delay-Time = 0
        Acct-Session-Id = "0000F6E6"
        Acct-Authentic = RADIUS
        NAS-Port-Type = Async
        Cisco-NAS-Port = "Async1/7/128"
Wed Jan  9 15:28:53 2002: DEBUG: Handling request with
Handler 'Realm=your-net.com'
Wed Jan  9 15:28:53 2002: DEBUG: Rewrote user name to badgdl
Wed Jan  9 15:28:53 2002: DEBUG: Rewrote user name to badgdl
Wed Jan  9 15:28:53 2002: DEBUG: SDBSQL Adding session for badgdl@your-
net.com, 216.140.11.214, 2720
Wed Jan  9 15:28:53 2002: DEBUG: do query is: delete from ONLINE where
USERNAME='badgdl' and NASIDENTIFIER='216.140.11.214$

Wed Jan  9 15:28:53 2002: DEBUG: do query is: insert delayed into
ONLINE (USERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID,$

Wed Jan  9 15:28:53 2002: DEBUG: Handling with Radius::AuthSQL
Wed Jan  9 15:28:53 2002: DEBUG: Handling accounting with
Radius::AuthSQL
Wed Jan  9 15:28:53 2002: DEBUG: Accounting accepted
Wed Jan  9 15:28:53 2002: DEBUG: Packet dump:

-------------------------------------------------------

-- 
Mike McCauley                               [EMAIL PROTECTED]
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985                       Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc 
on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
(RADIATOR) Ascend filter problem

Reply via email to
