On the total control (assuming it has an HiperARC), you can use the "monitor radius" command and test with both cistron radius and freeradius to make totally sure the same attributes are sent from the radius server to the total control chassis.
Jeremy Kusnetz a écrit : > This is really weird. > > We are migrating our customers from cistron 1.6.6 to freeradius 0.5. All > our customers with Ciscos and Ascends are working just fine. One of our > customers uses USR Total Control units for their NASs. > > Seemed like everything was going smooth for them, but they reported that > some of their customers weren't able to get to certain https secure > websites. > > Sure enough when testing, I could go to some secure https sites, like > Amazon's shopping cart, but I couldn't go to Turbo Tax's online tax filing > system. I click on their secure link, and it just times out. > > We rolled back their nases back to authenticating off of cistron, and Turbo > Tax's secure site came up just fine. Went back to Freeradius, and it timed > out. As far as I can tell every other networking protocal is working with > Freeradius, just not certain https sites. > > I'm authenticating off of a mysql database for freeradius, not a userfile, > but the radreply attributes on freeradius is using the exact same attributes > I'm using for cistron. > > Here is the cistron user detail file for one user: > > nastest Auth-Type = Local, Password = "XXXXXXX" > NAS-Port-Type=Async, > Service-Type = Framed, > Framed-Protocol = PPP, > Framed-Routing = None, > Ascend-Route-IP = Route-IP-Yes, > Ascend-Assign-IP-Pool=0, > Ascend-Idle-Limit = 900, > Ascend-Metric = 2 > > And the database for freeradius > > +--------+------------------------+-----------------------+--------------+-- > ----+ > | id | UserName | Attribute | Value | > op | > +--------+------------------------+-----------------------+--------------+-- > ----+ > | 180898 | nastest | NAS-Port-Type | Async | NULL | > | 180899 | nastest | Service-Type | Framed | NULL | > | 180900 | nastest | Framed-Protocol | PPP | NULL | > | 180901 | nastest | Framed-Routing | None | NULL | > | 180902 | nastest | Ascend-Route-IP | Route-IP-Yes | NULL | > | 180903 | nastest | Ascend-Assign-IP-Pool | 0 | NULL | > | 180904 | nastest | Ascend-Idle-Limit | 900 | NULL | > | 180905 | nastest | Ascend-Metric | 2 | NULL | > +--------+------------------------+-----------------------+--------------+-- > ----+ > > Any ideas what so ever? > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
