RE: cisco authorization through freeradius
Greetings. I have an Cisco as5300 that I am using for Dial customers. The customer connects, the authentication comes through, but then at the authorization level the connection gets dropped by the nas.. Are there any suggested attributes to put into radgroupreply for ISDN dial in customers to the Cisco 5300 or do I have an incorrect setting on the Nas.. Here is a snapshot of what I have for the cisco config: aaa new-model aaa authentication login default local aaa authentication ppp default group radius aaa authorization network default group radius if-authenticated aaa accounting delay-start interface Serial0:23 ip unnumbered Ethernet0 encapsulation ppp dialer-group 1 isdn switch-type primary-ni isdn tei-negotiation first-call isdn incoming-voice modem peer default ip address pool DIAL6_POOL ppp authentication pap chap interface Group-Async1 ip unnumbered Ethernet0 encapsulation ppp ip tcp header-compression passive no ip mroute-cache async mode interactive peer default ip address pool DIAL6_POOL ppp authentication chap pap group-range 1 96 RADIUS:radgroupreply contains: | 1 | dialerrouter | Session-Timeout| 28800 | == | NULL | 5 | dialerrouter | Idle-Timeout | 1200| == | NULL | | 8 | dialerrouter | Service-Type | Framed-User | == | NULL | | 9 | dialerrouter | Framed-Protocol| PPP | == | NULL | | 10 | dialerrouter | Auth-Type | Local | == | NULL | RADIUS:radcheckcontains diallerouter for the user All modem dial up customers work just fine, but ISDN dial in fails as indicated above. Can anyone shed some pointers on this. I still haven't figured it out.. Regards, John Hengstler - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: MESSAGE
THANK SADDAM! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of [EMAIL PROTECTED] Sent: Thursday, September 18, 2003 4:28 PM To: [EMAIL PROTECTED] Subject: MESSAGE FROM THE DESK OF DR WILLIAMS COLE EMAIL:[EMAIL PROTECTED] ATT:Sir/Madam I feel very sorry to interrupt your peace since you are not expecting to receive any mail from me. However, I was obliged to do so due to the importance and urgency of the message. I crave your indulgence, and want to reassure you that I mean well and that it is only for our mutual good. So please do not be embarrassed or suspicious. My name is Dr. Williams Cole; I am a social worker with an international Non-Governmental/Voluntary organization based in Switzerland. I am the Accounts/ Project Director in-charge of South America regional representation. Our organization, through the local NGO'S and other Agencies and in partnership with the United Nations High Commission for Refugees, UNHCR, UNESCO, etc works and sponsors development projects and social services in some third world/ developing countries, assistance and re-settlement of victims of natural disaster, civil wars and Refugees, displaced/oppressed children and minority people around the world. I am just back from Iraq where in the cause of performing our duties we found a huge amount of cash in an abandoned house, I reached an agreement with the members of my team whom are UN officials (two in number) and we agreed to keep this money to ourselves and they moved the box out of Iraq to Amsterdam (with their immunity as UN officials they are not searched at borders or airports). Now, I am in need of a reliable and trustworthy person or company overseas whom I can confidently work with since my work does not permit me to own a foreign bank account or any personal business until retirement, I have the honor to confide this information in you and to request for your pleasure to assist to receive and secure the money in your account, pending our retirement from service. Please understand that my approach to you is based only on my positive reasoning and on the belief that you will not disappoint or betray me at last. The amount is fairly huge and we have agreed that on completion of the deal, you will retain some reasonable percentage of the money as a compensation for your assistance. By any standard, the money is cool and legal and therefore quite safe and secure for all of us, however to consider our official positions, reputation and integrity, especially, the opportunities in the business itself, it is very necessary that all due care be taken so that we do not miss the opportunity due to carelessness. You are therefore expected and advised to display high degree of maturity, responsibility and understanding in handling this information. There would be a meeting in Europe where we moved the money to, for further discussions and to consummate the transaction at once. I will give you all the details in my next mail when you have indicated your interest and commitment to work with me. Always remember that this is the highest confidence and trust any person can repose on the other, especially when it is considered that we did not know ourselves before. I hope you will honor me too. NOTE: I know there may be scams and junk mails flying here and there on the Internet but certainly, this is not one. Please do not fail to understand that in spite of all that, opportunities of this kind still abound. If you have ever wished or prayed for something good to come your way, now I urge you to take this message seriously and with an open mind. You could never know. This may be an answer to your prayers. So please give it a benefit of doubt, and with good faith and trust join me and I am assuring you now that you will never be disappointed. Please reply urgently and furnish your TELEPHONE AND FAX NUMBERS, for further details. you can reply me on the below email address([EMAIL PROTECTED]) Treat as strictly confidential. Best regards, Dr. Williams Cole. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
cisco accounting attribute
Greetings, Does anybody know why this accounting attribute would be listed this way coming from a cisco. Connect-Info = \320\272\254J721670\000\000\000\000\000\000\000\000\000\000\000 Regards, John Hengstler
RE: I did Bizarre stuff with my pussy
Title: Untitled Document Great The spam has found the list :) John Hengstler -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of samanthaSent: Thursday, February 06, 2003 5:58 PMTo: [EMAIL PROTECTED]Subject: I did Bizarre stuff with my pussy OK GUYS I HAVE FINALLY EVEN SHOCKED MY SELFI HOPE I DIDN'T RUIN MY COOTER FOR EVERLAST NIGHT MY NEW BOYFRIEND GOT HIS ENTIRE FIST IN MY LOVE TACOPEDRO THE TACO EATER WOULD HAVE BEEN OFFENDED.WE FILMED THE ENTIRE THING...HOT SAUCE AND GUACAMOLE AND ALL...I CAN LET YOU IN FOR 1 DAY TO CHECK THIS WEIRD SHIT OUT FOR FREE BEFORE WE HAVE TO CHARGE YA.I KINDA LIKED IT.HUMAN TACOCARLA - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: X-Ascend Atributes?
Woops, I did miss that subtle X- in the dictionary Fixed that. Now to the variable... If I use the %{Ascend-Disconnect-Cause:-X-Ascend-Disconnect-Cause} method to insert the variable, it inserts X-Ascend-Disconnect-Cause as a string into the table, not the actual contents of the variable, but if I change it to %{X-Ascend-Disconnect-Cause} it inserts properly. My only question here is, if there is a mixture of NASes (ie portmasters and ciscos), the above statement would loose the good AcctTerminateCause variables. Is that correct??? Thanks for the simple assistance John Hengstler -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Chris Parker Sent: Monday, December 30, 2002 9:21 AM To: [EMAIL PROTECTED] Subject: RE: X-Ascend Atributes? At 09:10 AM 12/30/2002 -0800, John A. Hengstler wrote: I can live with that for the connect start/stop information, but what about the acctterminatecause line. Isn't radius supposed to translate the codes from the dictionary files to the actual string? Example, X-Ascend-Disconnect-Cause = 45 should be translated to : VALUE Ascend-Disconnect-Cause PPP-Rcv-Terminate-Req 45 No. Note the suble difference in the entries. One is Ascend-*, the other is X-Ascend-*. If you want it to translate the numerical value into a string, you'll need to duplicate the 'Ascend-*' 'VALUE' entries for 'X-Ascend-*'. So what variable would I change in sql.conf to have this inserted to acctterminatecause? The current query looks something like: AcctStopQuery = Insert into foo ( bar, baz ) values ( %{User-Name}, %{Ascend-Disconnect-Cause} ) If you want to have it log other values you may need to add them like this: AcctStopQuery = Insert into foo ( bar, baz ) values ( %{User-Name}, %{Ascend-Disconnect-Cause:-X-Ascend-Disconnect-Cause} ) to get it to use 'Ascend-Disconnect-Cause' value to insert, or if it doesn't exist, to try to use the 'X-Ascend-Disconnect-Cause' value to insert. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: X-Ascend Atributes?
Chris, thanks. I relooked at that after I sent the email. All is well Thanks for the help.. John Hengstler -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Chris Parker Sent: Monday, December 30, 2002 9:54 AM To: [EMAIL PROTECTED] Subject: RE: X-Ascend Atributes? At 09:48 AM 12/30/2002 -0800, John A. Hengstler wrote: Woops, I did miss that subtle X- in the dictionary Fixed that. Now to the variable... If I use the %{Ascend-Disconnect-Cause:-X-Ascend-Disconnect-Cause} method to insert the variable, it inserts X-Ascend-Disconnect-Cause as a string into the table, not the actual contents of the variable, but if I change it to %{X-Ascend-Disconnect-Cause} it inserts properly. Yup, my bad. See 'doc/variables.txt' for a better explanation of how to do conditional syntax translation for your SQL inserts. You would need to actually do: %{Ascend-Disconnect-Cause:-%{X-Ascend-Disconnect-Cause}} -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
X-Ascend Atributes?
Hello, We use 2 different wholesale Dial ISP's that do pass-thru authentication/accounting with our radius server. Both companies are using cisco equipment. Everything seems to work well, except the following: The connection attributes are not getting put inserted into our mysql tables with the rest of the info. ie, the "connectinfo_start", "connectinfo_stop", "acctterminatecause" The following is a STOP detail from the detail log: NAS-Port = 1458 NAS-Port-Type = Async Called-Station-Id = "3608382437" Calling-Station-Id = "3608353229" Acct-Status-Type = Stop Acct-Authentic = RADIUS Service-Type = Framed-User Acct-Session-Id = "0002BDAF" Framed-Protocol = PPP Framed-IP-Address = 209.63.4.246 X-Ascend-PreSession-Time = 21 X-Ascend-Pre-Input-Octets = 125 X-Ascend-Pre-Output-Octets = 111 X-Ascend-Pre-Input-Packets = 5 X-Ascend-Pre-Output-Packets = 5 Acct-Input-Octets = 183894 Acct-Output-Octets = 10389406 Acct-Input-Packets = 1 Acct-Output-Packets = 19176 Acct-Session-Time = 3723 X-Ascend-Disconnect-Cause = 45 X-Ascend-Data-Rate = 28800 X-Ascend-Xmit-Rate = 33600 Acct-Delay-Time = 0 I see the "X-Ascend" codes, but they aren't getting translated properly? What can I do to have this inserted properly? All of the dictionary files are current including the cisco and ascend files. All other columns in the tables are being translated properly... Regards, John Hengstler
RE: installing radius
I emailed him a couple weeks ago (the maintainer), and haven't received a response yet. Regards John Hengstler -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Vitaliy Karlov Sent: Thursday, December 26, 2002 10:22 PM To: [EMAIL PROTECTED] Subject: Re: installing radius On Fri, Dec 27, 2002 at 04:18:16PM -0800, Matt Peterson wrote: Since you're using FreeBSD, its easier to use the ports collection.. cd /usr/ports/net/freeradius make install Now in ports still Version of FreeRadius is 7.0... Mainteiner: MAINTAINER= [EMAIL PROTECTED] May be anybody know why? -- WBR, Vitaliy Karlov [KV1670-RIPE] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html