---------- Forwarded Message ----------
Subject: BOUNCE [EMAIL PROTECTED]: Non-member submission from ["Robert
Blayzor" <[EMAIL PROTECTED]>]
Date: Tue, 14 May 2002 19:03:31 -0500
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
>From [EMAIL PROTECTED] Tue May 14 19:03:30 2002
Received: from mx1.inoc.net (mx1.inoc.net [64.246.131.30])
by server1.open.com.au (8.11.0/8.11.0) with ESMTP id g4F03U322623;
Tue, 14 May 2002 19:03:30 -0500
Received: from nimbus (cm-24-161-8-135.nycap.rr.com [24.161.8.135]) by
mx1.inoc.net (Vircom SMTPRS 5.2.204) with ESMTP id
<[EMAIL PROTECTED]>;
Tue, 14 May 2002 21:29:33 -0400
From: "Robert Blayzor" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]>
Subject: RE: (RADIATOR) Email only Radius Profile
Date: Tue, 14 May 2002 21:29:24 -0400
Organization: INOC, LLC
Message-ID: <02a101c1fbaf$f26a8400$[EMAIL PROTECTED]>
MIME-Version: 1.0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.3416
In-Reply-To: <[EMAIL PROTECTED]>
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Importance: Normal
Emily,
I could be wrong, but in some of the latest versions of IOS, your
Radiator user entry would in most cases fail on a Cisco access server.
You are specifying a "Filter-Id" which Cisco can and does use if
configured; if that access-list does not exist on the AS5xxx, the call
will get dropped.
On the PM3, it should work, and the cisco-avpair should just be ignored.
This could be *part* of the problem if you are seeing calls immediately
hang up on the ASxxx shortly after or during auth.
--
Robert Blayzor, BOFH
INOC, LLC
[EMAIL PROTECTED]
Any sufficiently advanced bug is indistinguishable from a feature. -
Kulawiec
> > On the RAS BOX
> >
> > ip policy route-map email
> > route-map email permit 10
> > match ip address 103
> >
> > access-list 103 permit tcp any any eq 25
> > access-list 103 permit udp any any eq 53
> > access-list 103 permit tcp any any eq 110
> > access-list 103 permit tcp any any eq 113
> > access-list 103 deny any any
> >
> >
> > On PM3
> >
> > 1 permit 0.0.0.0/0 206.40.79.2/32 tcp dst eq 25
> > 2 permit 0.0.0.0/0 206.40.79.2/32 udp dst eq 53
> > 3 permit 0.0.0.0/0 206.40.79.2/32 tcp dst eq 80
> > 4 permit 0.0.0.0/0 206.40.79.2/32 tcp dst eq 110
> > 5 permit 0.0.0.0/0 206.40.79.2/32 tcp src eq 113
> > 6 permit 0.0.0.0/0 206.40.79.2/32 tcp dst eq 443
> > 7 permit 0.0.0.0/0 206.40.79.2/32 icmp
> >
> > add filter email.sec
> > set filter email.sec 1 permit 0.0.0.0/0 0.0.0.0/0 tcp src
>
> eq 25 dst eq 25
>
> > estab set filter email.sec 1 permit 0.0.0.0/0 0.0.0.0/0 tcp
>
> src eq 53 dst
>
> > eq 53 estab set filter email.sec 1 permit 0.0.0.0/0
>
> 0.0.0.0/0 tcp src eq
>
> > 110 dst eq 110 estab
> > set filter email.sec 1 permit 0.0.0.0/0 0.0.0.0/0 tcp src
>
> eq 113 dst eq 113
>
> > estab
> > set filter email.sec 1 deny 0.0.0.0/0 0.0.0.0/0 tcp
> > set filter email.sec 1 deny 0.0.0.0/0 0.0.0.0/0 udp
> >
> >
> > Let me know what you think!
> >
> > Thanks,
> > Emily Whitworth
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on [EMAIL PROTECTED]
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
-------------------------------------------------------
--
Mike McCauley [EMAIL PROTECTED]
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc
on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X etc etc
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
