Re: Re: fr0.5: logging: UNKNOWN-NAS, although ip entered?
hi, there. well - thanks a lot, that was it. looking thru the docs i saw the UNKNOWN-NAS problem being fixed since 0.6. anyway - once againg: thanks a lot! (upgrading was quite easy, i must admit. as i'm addicted to never change a running system i feared my whole work being spoiled when upgrading but it was smooth, painless and quite comfortable :) regards, -mp. Message: 4 From: Alan DeKok [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: fr0.5: logging: UNKNOWN-NAS, although ip entered? Date: Wed, 09 Oct 2002 12:11:56 -0400 Reply-To: [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: well, i think i've got a problem with logging the names or ip-addresses of the nas'es that users try to authenticate from. although there are ip-addresses and shortnames set in clients.conf, fr0.5 Yuck. Why don't you upgrade to 0.7.1? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
fr0.5: logging: UNKNOWN-NAS, although ip entered?
hello, everybody. well, i think i've got a problem with logging the names or ip-addresses of the nas'es that users try to authenticate from. although there are ip-addresses and shortnames set in clients.conf, fr0.5 just logs the sentence Auth: Login OK: [username] (from nas UNKOWN-NAS port x cli x.x.x.x) (where x.x.x.x is the ip address of our netview machine). excerpt from clients.conf: client 10.0.0.1 { secret = shortname = just-a-funny-cisco-nas } i'm also using access verification based on huntgroups where i just configured the NAS-IP-Address, nothing more. what's wrong with my configuration? the evil thing is that i can't see from which (cisco) nas authentication has been requested (quite good for analysing problems). i'll gladly appreciate hints and tips. thank you in advance. regards, m. pawlowski. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
freerad0.5: huntgroups
hello everybody. i am currently setting up a radius-server using freeradius 0.5 under redhat 7.1 for several cisco-routers. well, at least i'm trying to. currently, i've got huntgroups working, but it's quite uncomfortable to handle adding a not-so-small-list of users under every NAS-IP-Address in the huntgroups-file. It gets quite monstrous and unreadable. when i set this server up i tried to $INCLUDE a list of users (editable, extra textfile for every huntgroup) under every NAS-IP-Address, but that didn't work the way i wanted (acutally, it did not work at all - which means that even users whose huntgroup-access did not match were able to logon to the system). to display what i mean: ---file: huntgroups (now) hgr NAS-IP-Address == 10.1.1.1 User-Name = acre, User-Name = hunbun, [...] etc. what did not work was this: hgr NAS-IP-Address == 10.1.1.1 $INCLUDE users.allow hgr NAS-IP-Address == 10.1.1.2 $INCLUDE users.allow etc. i'm now looking for a way to cut those files down to a minimum (design it to be more comfortable for admins like me :) and organize it in a way that makes the files more comfortable to read and more scriptable, perhaps, to add users/systems, delete users/systems etc. i'll gladly appreciate ideas, tips and hints. thank you very much in advance. kind regards, m. pawlowski. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html