RE: Freeradius + Nomadix AG2000W + Bandwidth Management
Upgraded to CVS snapshot. Identified the problem as an extra attribute that gets sent by the NAS in the accounting requests when Bandwidth Management is enabled. It's all working now. Thanks, Olmo. -Mensaje original- De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] En nombre de Alan DeKok Enviado el: martes, 02 de diciembre de 2003 20:07 Para: [EMAIL PROTECTED] Asunto: Re: Freeradius + Nomadix AG2000W + Bandwidth Management =?iso-8859-1?Q?Olmo_Gonz=E1lez?= [EMAIL PROTECTED] wrote: Thanks for your reply Alan. Is there any way I can see what attributes the accounting request paquets have (other than sniffing it)? No. When I run in debug mode (-X) and a bogus accounting packet is received all the information I get is that warning, with no information at all on what the packet contains. Then upgrade to the CVS snapshot. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Este mensaje ha sido analizado y protegido por la tecnologia antivirus www.trendmicro.es - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Freeradius + Nomadix AG2000W + Bandwidth Management
Hi, Thanks for your reply Alan. Is there any way I can see what attributes the accounting request paquets have (other than sniffing it)? When I run in debug mode (-X) and a bogus accounting packet is received all the information I get is that warning, with no information at all on what the packet contains. In the meanwhile, I'll give the latest CVS snapshot a try. I think this will suffice, I don't need to do anything with the Nomadix-Bw-Down attribute that is causing the trouble in the accounting requests. Regards, Olmo -Mensaje original- De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] En nombre de Alan DeKok Enviado el: lunes, 01 de diciembre de 2003 20:38 Para: [EMAIL PROTECTED] Asunto: Re: Freeradius + Nomadix AG2000W + Bandwidth Management The NAS is sending garbage attributes. Upgrade to the latest CVS snapshot, and the server will accept those garbage attributes, but you won't be able to do much of anything useful with them. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Freeradius + Nomadix AG2000W + Bandwidth Management
Hi, I have the following setup: Nomadix AG2000W Access Gateway (Radius Client) Freeradius 0.9.3 + rml_sql + rml_sql_unixODBC + FreeTDS driver. MSSQL Database AAA is working OK, and I am now adding Bandwidth Management. I have included dictionary.nomadix. My current situation is the following: Mon Dec 1 13:12:59 2003 : Debug: Thread 5 handling request 4, (1 handled so far) User-Name = probando User-Password = 123456 NAS-IP-Address = 172.16.0.2 NAS-Port = 0 Service-Type = Login-User Acct-Session-Id = 961F Called-Station-Id = 00-50-E8-02-00-10 Calling-Station-Id = 00-40-D0-32-C9-63 Nomadix-Logoff-URL = http://1.1.1.1; NAS-Identifier = 123456789 Sending Access-Accept of id 112 to 213.96.98.136:16161 Session-Timeout := 2466 Idle-Timeout := 300 Acct-Interim-Interval := 2 Nomadix-Bw-Down := 128 Up to here, everything is OK: Downstream Bandwidth is limited to 128kbit. However, when I receive an Accouting Update or Accounting Stop packet, I get the following error: Mon Dec 1 13:16:38 2003 : Error: WARNING: Malformed RADIUS packet from host 213.96.98.136: Vendor specific attribute has invalid length -2 I have checked that this error is caused by the Nomadix-Bw-Down attribute, because if I remove this attribute from the Auth Reply query, accounting works OK again. Suggestions are welcome. Regards, Olmo. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius + Nomadix AG2000W + Bandwidth Management
=?iso-8859-1?Q?Olmo_Gonz=E1lez?= [EMAIL PROTECTED] wrote: However, when I receive an Accouting Update or Accounting Stop packet, I get the following error: Mon Dec 1 13:16:38 2003 : Error: WARNING: Malformed RADIUS packet from host 213.96.98.136: Vendor specific attribute has invalid length -2 I have checked that this error is caused by the Nomadix-Bw-Down attribute, because if I remove this attribute from the Auth Reply query, accounting works OK again. The NAS is sending garbage attributes. Upgrade to the latest CVS snapshot, and the server will accept those garbage attributes, but you won't be able to do much of anything useful with them. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
nomadix
Does anyone have any experience in getting FreeRadius to work with a nomadix xSG product ? I'm struggling ...
RE: nomadix
Hi Barry, I'm currently in the process of setting up a Nomadix(USG II) and FreeRADIUS configuration. I've successfully got the two working together with out any major problems. The Nomadix is quite useful in that it supprts an account expiry attribute, you simply set the account expiry datetime and it will disable the user when the time comes. Nomadix-Expiration = 2003-07-18 16:15:00 What are you struggling with...? Regards, Alan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of [EMAIL PROTECTED] Sent: 18 July 2003 09:31 To: [EMAIL PROTECTED] Subject: nomadix Does anyone have any experience in getting FreeRadius to work with a nomadix xSG product ? I'm struggling ... --- This email, and any files transmitted with it, is copyright and may contain confidential information. The contents are intended for the use of the addressee(s) only. Unauthorized use may be unlawful. If you receive this email by mistake, please advise sender immediately. The views of the author may not necessarily constitute the views of Telco Electronics Limited. Nothing in this mail shall bind Telco Electronics Limited in any contract or obligation. Telco Electronics Limited 6-8 Oxford Court Brackley Northants NN13 7XY Tel 07000 701999 Fax 07000 701777 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: nomadix
Hi Alan I've got freeradius working with postgres and its authorization is working when I use radtest. When I use the nomadix radius test login, it comes back with a server timed out message. I do have the USG setup in the naslist and also as a client (nastype = other) and I'm using the standard ports (1812/1813) on both sides. Thanks + Regards, Barry - Original Message - From: Alan Litster [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, July 18, 2003 11:18 AM Subject: RE: nomadix Hi Barry, I'm currently in the process of setting up a Nomadix(USG II) and FreeRADIUS configuration. I've successfully got the two working together with out any major problems. The Nomadix is quite useful in that it supprts an account expiry attribute, you simply set the account expiry datetime and it will disable the user when the time comes. Nomadix-Expiration = 2003-07-18 16:15:00 What are you struggling with...? Regards, Alan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of [EMAIL PROTECTED] Sent: 18 July 2003 09:31 To: [EMAIL PROTECTED] Subject: nomadix Does anyone have any experience in getting FreeRadius to work with a nomadix xSG product ? I'm struggling ... -- - This email, and any files transmitted with it, is copyright and may contain confidential information. The contents are intended for the use of the addressee(s) only. Unauthorized use may be unlawful. If you receive this email by mistake, please advise sender immediately. The views of the author may not necessarily constitute the views of Telco Electronics Limited. Nothing in this mail shall bind Telco Electronics Limited in any contract or obligation. Telco Electronics Limited 6-8 Oxford Court Brackley Northants NN13 7XY Tel 07000 701999 Fax 07000 701777 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: nomadix
Barry,
You don't need to put the USG in the naslist as it is depreciated, just
create an entry in clients.conf similar to:
client 1.1.1.1 {
secret = test
shortname = nomadix
nastype = other
}
Where 1.1.1.1 is the 'Network IP Address' and NOT the 'Subscriber IP
Address' of the Nomadix.
Have you tried running freeradius in debug mode (radiusd -X) ? to see if the
Nomadix is hitting the radius server.
Regards,
Alan
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of
[EMAIL PROTECTED]
Sent: 18 July 2003 10:44
To: [EMAIL PROTECTED]
Subject: Re: nomadix
Hi Alan
I've got freeradius working with postgres and its authorization is working
when I use radtest.
When I use the nomadix radius test login, it comes back with a
server timed
out message.
I do have the USG setup in the naslist and also as a client (nastype =
other) and I'm using the standard ports (1812/1813) on both sides.
Thanks + Regards,
Barry
- Original Message -
From: Alan Litster [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, July 18, 2003 11:18 AM
Subject: RE: nomadix
Hi Barry,
I'm currently in the process of setting up a Nomadix(USG II) and
FreeRADIUS
configuration. I've successfully got the two working together
with out any
major problems. The Nomadix is quite useful in that it supprts
an account
expiry attribute, you simply set the account expiry datetime and it will
disable the user when the time comes.
Nomadix-Expiration = 2003-07-18 16:15:00
What are you struggling with...?
Regards,
Alan
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of
[EMAIL PROTECTED]
Sent: 18 July 2003 09:31
To: [EMAIL PROTECTED]
Subject: nomadix
Does anyone have any experience in getting FreeRadius to work with a
nomadix
xSG product ?
I'm struggling ...
--
-
This email, and any files transmitted with it, is copyright and may
contain confidential information.
The contents are intended for the use of the addressee(s) only.
Unauthorized use may be unlawful.
If you receive this email by mistake, please advise sender immediately.
The views of the author may not necessarily constitute the
views of Telco
Electronics Limited.
Nothing in this mail shall bind Telco Electronics Limited in
any contract
or obligation.
Telco Electronics Limited
6-8 Oxford Court
Brackley
Northants
NN13 7XY
Tel 07000 701999
Fax 07000 701777
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
---
This email, and any files transmitted with it, is copyright and may contain
confidential information.
The contents are intended for the use of the addressee(s) only.
Unauthorized use may be unlawful.
If you receive this email by mistake, please advise sender immediately.
The views of the author may not necessarily constitute the views of Telco Electronics
Limited.
Nothing in this mail shall bind Telco Electronics Limited in any contract or
obligation.
Telco Electronics Limited
6-8 Oxford Court
Brackley
Northants
NN13 7XY
Tel 07000 701999
Fax 07000 701777
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: nomadix
Yep, thats what I've got configured in clients.config .
I'm running radiusd -X and the nomadix is not hitting at all.
-- just realised what is wrong - my firewall is blocking the ports !
Thanks
Barry
- Original Message -
From: Alan Litster [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, July 18, 2003 12:22 PM
Subject: RE: nomadix
Barry,
You don't need to put the USG in the naslist as it is depreciated, just
create an entry in clients.conf similar to:
client 1.1.1.1 {
secret = test
shortname = nomadix
nastype = other
}
Where 1.1.1.1 is the 'Network IP Address' and NOT the 'Subscriber IP
Address' of the Nomadix.
Have you tried running freeradius in debug mode (radiusd -X) ? to see if
the
Nomadix is hitting the radius server.
Regards,
Alan
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of
[EMAIL PROTECTED]
Sent: 18 July 2003 10:44
To: [EMAIL PROTECTED]
Subject: Re: nomadix
Hi Alan
I've got freeradius working with postgres and its authorization is
working
when I use radtest.
When I use the nomadix radius test login, it comes back with a
server timed
out message.
I do have the USG setup in the naslist and also as a client (nastype =
other) and I'm using the standard ports (1812/1813) on both sides.
Thanks + Regards,
Barry
- Original Message -
From: Alan Litster [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, July 18, 2003 11:18 AM
Subject: RE: nomadix
Hi Barry,
I'm currently in the process of setting up a Nomadix(USG II) and
FreeRADIUS
configuration. I've successfully got the two working together
with out any
major problems. The Nomadix is quite useful in that it supprts
an account
expiry attribute, you simply set the account expiry datetime and it
will
disable the user when the time comes.
Nomadix-Expiration = 2003-07-18 16:15:00
What are you struggling with...?
Regards,
Alan
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of
[EMAIL PROTECTED]
Sent: 18 July 2003 09:31
To: [EMAIL PROTECTED]
Subject: nomadix
Does anyone have any experience in getting FreeRadius to work with a
nomadix
xSG product ?
I'm struggling ...
--
-
This email, and any files transmitted with it, is copyright and may
contain confidential information.
The contents are intended for the use of the addressee(s) only.
Unauthorized use may be unlawful.
If you receive this email by mistake, please advise sender
immediately.
The views of the author may not necessarily constitute the
views of Telco
Electronics Limited.
Nothing in this mail shall bind Telco Electronics Limited in
any contract
or obligation.
Telco Electronics Limited
6-8 Oxford Court
Brackley
Northants
NN13 7XY
Tel 07000 701999
Fax 07000 701777
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
--
-
This email, and any files transmitted with it, is copyright and may
contain confidential information.
The contents are intended for the use of the addressee(s) only.
Unauthorized use may be unlawful.
If you receive this email by mistake, please advise sender immediately.
The views of the author may not necessarily constitute the views of Telco
Electronics Limited.
Nothing in this mail shall bind Telco Electronics Limited in any contract
or obligation.
Telco Electronics Limited
6-8 Oxford Court
Brackley
Northants
NN13 7XY
Tel 07000 701999
Fax 07000 701777
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
