Hello Josh -
You can see the hex dumps of the received packets by running at trace 5. If there are no errors when decoding the incoming request, then the attributes are not in the packets and you will need to configure something in the NAS to get them.
regards
Hugh
On 01/11/2003, at 5:58 AM, Ward, Josh wrote:
I'm actually having a similar problem right now. I'm not sure if I'm not seeing the VSA's or if my VPN 3000 isn't sending them.
When I get the authentication request I see:
Fri Oct 31 10:06:16 2003: DEBUG: Packet dump: *** Received from 132.241.67.38 port 3323 .... Code: Access-Request Identifier: 189 Authentic: Attributes: User-Name = "jward" User-Password = "" NAS-Port = 10492 Service-Type = Framed-User Framed-Protocol = PPP Tunnel-Client-Endpoint = 132.241.67.22 NAS-IP-Address = 132.241.67.38 NAS-Port-Type = Virtual
I know that there are other VSAs that should come in with the Access-Request, but I'm not seeing them. I'm not sure if my VPN concentrator is configured wrong or if I'm not accepting them.
Any thoughts or insight?
Thanks!!!
-Josh Network Operations California State University, Chico
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Karl Gaissmaier Sent: Friday, October 31, 2003 12:30 AM To: Hugh Irvine Cc: [EMAIL PROTECTED] Subject: Re: (RADIATOR) VSA's (26/3076/x) for the Cisco VPN 3000 Firmware Version 4.x
Hi Hugh,
Hugh Irvine schrieb:
Hi Charly -
Thanks for your mail.
The Radiator 3.7.1 standard dictionary already has most of the definitions you list below.
I will add the additional ones that you have sent, but they will have
the existing "Altiga" prefix.
I'll send you a copy of the modified dictionary in a seperate mail.
thanks
NB: have you included a copy of your configuration file (no secrets), together with a trace 4 debug showing what is happening?
I just stumled over this error in the first:
Fri Oct 31 09:23:17 2003: ERR: Attribute number 32 (vendor 3076) is not defined in your dictionary Fri Oct 31 09:23:17 2003: DEBUG: Packet dump: *** Received from 134.60.112.177 port 1287 .... Code: Access-Request ...
I can't trigger all missing attributes, since I use not all features of the VPN Concentrator. The most useful info for all new/old attributes is:
http://www.cisco.com/en/US/customer/products/hw/vpndevc/ps2284/ products_
tech_note09186a0080094e96.shtml
from where I've the definitions and values, from the other sources I took the mnemonics for the names.
Regards Charly
-- Karl Gaissmaier KIZ/Infrastructure, University of Ulm, Germany Email:[EMAIL PROTECTED] Service Group Network Tel.: ++49 731 50-22499
=== Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
NB: have you included a copy of your configuration file (no secrets), together with a trace 4 debug showing what is happening?
-- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. - CATool: Private Certificate Authority for Unix and Unix-like systems.
=== Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
