Re: Re: fr0.5: logging: UNKNOWN-NAS, although ip entered?

2002-10-16 Thread MPawlowski 

hi, there.

well - thanks a lot, that was it.

looking thru the docs i saw the UNKNOWN-NAS problem being fixed since
0.6.

anyway - once againg: thanks a lot!

(upgrading was quite easy, i must admit. as i'm addicted to never change a
running system i feared my whole work being spoiled when upgrading but it
was smooth, painless and quite comfortable :)

regards,
-mp.




Message: 4
From: Alan DeKok [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: fr0.5: logging: UNKNOWN-NAS, although ip entered?
Date: Wed, 09 Oct 2002 12:11:56 -0400
Reply-To: [EMAIL PROTECTED]

[EMAIL PROTECTED] wrote:
 well, i think i've got a problem with logging the names or ip-addresses
of
 the nas'es that users try to authenticate from.

 although there are ip-addresses and shortnames set in clients.conf, fr0.5

  Yuck.  Why don't you upgrade to 0.7.1?

  Alan DeKok.



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

fr0.5: logging: UNKNOWN-NAS, although ip entered?

2002-10-09 Thread MPawlowski 

hello, everybody.

well, i think i've got a problem with logging the names or ip-addresses of
the nas'es that users try to authenticate from.

although there are ip-addresses and shortnames set in clients.conf, fr0.5
just logs the sentence
Auth: Login OK: [username] (from nas UNKOWN-NAS port x cli x.x.x.x) (where
x.x.x.x is the ip address of our netview machine).

excerpt from clients.conf:

client 10.0.0.1 {
secret = 
shortname = just-a-funny-cisco-nas
}

i'm also using access verification based on huntgroups where i just
configured the NAS-IP-Address, nothing more.

what's wrong with my configuration? the evil thing is that i can't see from
which (cisco) nas authentication has been requested (quite good for
analysing problems).

i'll gladly appreciate hints and tips.

thank you in advance.

regards,
m. pawlowski.


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

freerad0.5: huntgroups

2002-09-23 Thread MPawlowski 

hello everybody.

i am currently setting up a radius-server using freeradius 0.5 under redhat
7.1 for several cisco-routers. well, at least i'm trying to.

currently, i've got huntgroups working, but it's quite uncomfortable to
handle adding a not-so-small-list of users under every NAS-IP-Address in
the huntgroups-file. It gets quite monstrous and unreadable.

when i set this server up i tried to $INCLUDE a list of users (editable,
extra textfile for every huntgroup) under every NAS-IP-Address, but that
didn't work the way i wanted (acutally, it did not work at all - which
means that even users whose huntgroup-access did not match were able to
logon to the system). to display what i mean:

---file: huntgroups (now)
hgr  NAS-IP-Address == 10.1.1.1
 User-Name = acre,
 User-Name = hunbun,
 [...]
 etc.

what did not work was this:

hgr  NAS-IP-Address == 10.1.1.1
 $INCLUDE users.allow
hgr  NAS-IP-Address == 10.1.1.2
 $INCLUDE users.allow
 etc.

i'm now looking for a way to cut those files down to a minimum (design it
to be more comfortable for admins like me :) and organize it in a way that
makes the files more comfortable to read and more scriptable, perhaps, to
add users/systems, delete users/systems etc.

i'll gladly appreciate ideas, tips and hints.

thank you very much in advance.

kind regards,
m. pawlowski.


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html