RE: Freeradius + Nomadix AG2000W + Bandwidth Management
Upgraded to CVS snapshot. Identified the problem as an extra attribute that gets sent by the NAS in the accounting requests when Bandwidth Management is enabled. It's all working now. Thanks, Olmo. > -Mensaje original- > De: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] En nombre de > Alan DeKok > Enviado el: martes, 02 de diciembre de 2003 20:07 > Para: [EMAIL PROTECTED] > Asunto: Re: Freeradius + Nomadix AG2000W + Bandwidth Management > > =?iso-8859-1?Q?Olmo_Gonz=E1lez?= <[EMAIL PROTECTED]> wrote: > > Thanks for your reply Alan. Is there any way I can see what > attributes > > the accounting request paquets have (other than sniffing it)? > > No. > > > When I run in > > debug mode (-X) and a "bogus" accounting packet is received all the > > information I get is that warning, with no information at > all on what > > the packet contains. > > Then upgrade to the CVS snapshot. > > Alan DeKok. > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > Este mensaje ha sido analizado y protegido por la tecnologia antivirus www.trendmicro.es - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius + Nomadix AG2000W + Bandwidth Management
=?iso-8859-1?Q?Olmo_Gonz=E1lez?= <[EMAIL PROTECTED]> wrote: > Thanks for your reply Alan. Is there any way I can see what attributes the > accounting request paquets have (other than sniffing it)? No. > When I run in > debug mode (-X) and a "bogus" accounting packet is received all the > information I get is that warning, with no information at all on what the > packet contains. Then upgrade to the CVS snapshot. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Freeradius + Nomadix AG2000W + Bandwidth Management
Hi, Thanks for your reply Alan. Is there any way I can see what attributes the accounting request paquets have (other than sniffing it)? When I run in debug mode (-X) and a "bogus" accounting packet is received all the information I get is that warning, with no information at all on what the packet contains. In the meanwhile, I'll give the latest CVS snapshot a try. I think this will suffice, I don't need to do anything with the Nomadix-Bw-Down attribute that is causing the trouble in the accounting requests. Regards, Olmo > -Mensaje original- > De: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] En nombre de > Alan DeKok > Enviado el: lunes, 01 de diciembre de 2003 20:38 > Para: [EMAIL PROTECTED] > Asunto: Re: Freeradius + Nomadix AG2000W + Bandwidth Management > > The NAS is sending garbage attributes. > > Upgrade to the latest CVS snapshot, and the server will > accept those garbage attributes, but you won't be able to do > much of anything useful with them. > > Alan DeKok. > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius + Nomadix AG2000W + Bandwidth Management
=?iso-8859-1?Q?Olmo_Gonz=E1lez?= <[EMAIL PROTECTED]> wrote: > However, when I receive an Accouting Update or Accounting Stop packet, I get > the following error: > > Mon Dec 1 13:16:38 2003 : Error: WARNING: Malformed RADIUS packet from host > 213.96.98.136: Vendor specific attribute has invalid length -2 > > I have checked that this error is caused by the Nomadix-Bw-Down attribute, > because if I remove this attribute from the Auth Reply query, accounting > works OK again. The NAS is sending garbage attributes. Upgrade to the latest CVS snapshot, and the server will accept those garbage attributes, but you won't be able to do much of anything useful with them. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Freeradius + Nomadix AG2000W + Bandwidth Management
Hi,
I have the following setup:
Nomadix AG2000W Access Gateway (Radius Client)
Freeradius 0.9.3 + rml_sql + rml_sql_unixODBC + FreeTDS driver.
MSSQL Database
AAA is working OK, and I am now adding Bandwidth Management. I have included
dictionary.nomadix.
My current situation is the following:
Mon Dec 1 13:12:59 2003 : Debug: Thread 5 handling request 4, (1 handled so
far)
User-Name = "probando"
User-Password = "123456"
NAS-IP-Address = 172.16.0.2
NAS-Port = 0
Service-Type = Login-User
Acct-Session-Id = "961F"
Called-Station-Id = "00-50-E8-02-00-10"
Calling-Station-Id = "00-40-D0-32-C9-63"
Nomadix-Logoff-URL = "http://1.1.1.1";
NAS-Identifier = "123456789"
Sending Access-Accept of id 112 to 213.96.98.136:16161
Session-Timeout := 2466
Idle-Timeout := 300
Acct-Interim-Interval := 2
Nomadix-Bw-Down := 128
Up to here, everything is OK: Downstream Bandwidth is limited to 128kbit.
However, when I receive an Accouting Update or Accounting Stop packet, I get
the following error:
Mon Dec 1 13:16:38 2003 : Error: WARNING: Malformed RADIUS packet from host
213.96.98.136: Vendor specific attribute has invalid length -2
I have checked that this error is caused by the Nomadix-Bw-Down attribute,
because if I remove this attribute from the Auth Reply query, accounting
works OK again.
Suggestions are welcome.
Regards,
Olmo.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: nomadix
Yep, thats what I've got configured in clients.config .
I'm running radiusd -X and the nomadix is not hitting at all.
-- just realised what is wrong - my firewall is blocking the ports !
Thanks
Barry
- Original Message -
From: "Alan Litster" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, July 18, 2003 12:22 PM
Subject: RE: nomadix
> Barry,
>
> You don't need to put the USG in the naslist as it is depreciated, just
> create an entry in clients.conf similar to:
>
> client 1.1.1.1 {
> secret = test
> shortname = nomadix
> nastype = other
> }
>
> Where 1.1.1.1 is the 'Network IP Address' and NOT the 'Subscriber IP
> Address' of the Nomadix.
>
> Have you tried running freeradius in debug mode (radiusd -X) ? to see if
the
> Nomadix is hitting the radius server.
>
> Regards,
>
> Alan
>
> > -Original Message-
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED] Behalf Of
> > [EMAIL PROTECTED]
> > Sent: 18 July 2003 10:44
> > To: [EMAIL PROTECTED]
> > Subject: Re: nomadix
> >
> >
> > Hi Alan
> >
> > I've got freeradius working with postgres and its authorization is
working
> > when I use radtest.
> > When I use the nomadix radius test login, it comes back with a
> > server timed
> > out message.
> > I do have the USG setup in the naslist and also as a client (nastype =
> > other) and I'm using the standard ports (1812/1813) on both sides.
> >
> > Thanks + Regards,
> > Barry
> >
> > - Original Message -
> > From: "Alan Litster" <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Friday, July 18, 2003 11:18 AM
> > Subject: RE: nomadix
> >
> >
> > > Hi Barry,
> > >
> > > I'm currently in the process of setting up a Nomadix(USG II) and
> > FreeRADIUS
> > > configuration. I've successfully got the two working together
> > with out any
> > > major problems. The Nomadix is quite useful in that it supprts
> > an account
> > > expiry attribute, you simply set the account expiry datetime and it
will
> > > disable the user when the time comes.
> > > Nomadix-Expiration = "2003-07-18 16:15:00"
> > >
> > > What are you struggling with...?
> > >
> > > Regards,
> > >
> > > Alan
> > >
> > >
> > > -Original Message-
> > > From: [EMAIL PROTECTED]
> > > [mailto:[EMAIL PROTECTED] Behalf Of
> > > [EMAIL PROTECTED]
> > > Sent: 18 July 2003 09:31
> > > To: [EMAIL PROTECTED]
> > > Subject: nomadix
> > >
> > >
> > > Does anyone have any experience in getting FreeRadius to work with a
> > nomadix
> > > xSG product ?
> > > I'm struggling ...
> > >
> > >
> > >
>
> --
> > -
> > > This email, and any files transmitted with it, is copyright and may
> > contain confidential information.
> > > The contents are intended for the use of the addressee(s) only.
> > > Unauthorized use may be unlawful.
> > > If you receive this email by mistake, please advise sender
immediately.
> > > The views of the author may not necessarily constitute the
> > views of Telco
> > Electronics Limited.
> > > Nothing in this mail shall bind Telco Electronics Limited in
> > any contract
> > or obligation.
> > >
> > > Telco Electronics Limited
> > > 6-8 Oxford Court
> > > Brackley
> > > Northants
> > > NN13 7XY
> > >
> > > Tel 07000 701999
> > > Fax 07000 701777
> > >
> > > -
> > > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
> >
> >
> > -
> > List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
> --
-
> This email, and any files transmitted with it, is copyright and may
contain confidential information.
> The contents are intended for the use of the addressee(s) only.
> Unauthorized use may be unlawful.
> If you receive this email by mistake, please advise sender immediately.
> The views of the author may not necessarily constitute the views of Telco
Electronics Limited.
> Nothing in this mail shall bind Telco Electronics Limited in any contract
or obligation.
>
> Telco Electronics Limited
> 6-8 Oxford Court
> Brackley
> Northants
> NN13 7XY
>
> Tel 07000 701999
> Fax 07000 701777
>
> -
> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: nomadix
Barry,
You don't need to put the USG in the naslist as it is depreciated, just
create an entry in clients.conf similar to:
client 1.1.1.1 {
secret = test
shortname = nomadix
nastype = other
}
Where 1.1.1.1 is the 'Network IP Address' and NOT the 'Subscriber IP
Address' of the Nomadix.
Have you tried running freeradius in debug mode (radiusd -X) ? to see if the
Nomadix is hitting the radius server.
Regards,
Alan
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of
> [EMAIL PROTECTED]
> Sent: 18 July 2003 10:44
> To: [EMAIL PROTECTED]
> Subject: Re: nomadix
>
>
> Hi Alan
>
> I've got freeradius working with postgres and its authorization is working
> when I use radtest.
> When I use the nomadix radius test login, it comes back with a
> server timed
> out message.
> I do have the USG setup in the naslist and also as a client (nastype =
> other) and I'm using the standard ports (1812/1813) on both sides.
>
> Thanks + Regards,
> Barry
>
> - Original Message -
> From: "Alan Litster" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Friday, July 18, 2003 11:18 AM
> Subject: RE: nomadix
>
>
> > Hi Barry,
> >
> > I'm currently in the process of setting up a Nomadix(USG II) and
> FreeRADIUS
> > configuration. I've successfully got the two working together
> with out any
> > major problems. The Nomadix is quite useful in that it supprts
> an account
> > expiry attribute, you simply set the account expiry datetime and it will
> > disable the user when the time comes.
> > Nomadix-Expiration = "2003-07-18 16:15:00"
> >
> > What are you struggling with...?
> >
> > Regards,
> >
> > Alan
> >
> >
> > -Original Message-
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED] Behalf Of
> > [EMAIL PROTECTED]
> > Sent: 18 July 2003 09:31
> > To: [EMAIL PROTECTED]
> > Subject: nomadix
> >
> >
> > Does anyone have any experience in getting FreeRadius to work with a
> nomadix
> > xSG product ?
> > I'm struggling ...
> >
> >
> >
> --
> -
> > This email, and any files transmitted with it, is copyright and may
> contain confidential information.
> > The contents are intended for the use of the addressee(s) only.
> > Unauthorized use may be unlawful.
> > If you receive this email by mistake, please advise sender immediately.
> > The views of the author may not necessarily constitute the
> views of Telco
> Electronics Limited.
> > Nothing in this mail shall bind Telco Electronics Limited in
> any contract
> or obligation.
> >
> > Telco Electronics Limited
> > 6-8 Oxford Court
> > Brackley
> > Northants
> > NN13 7XY
> >
> > Tel 07000 701999
> > Fax 07000 701777
> >
> > -
> > List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
> -
> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
---
This email, and any files transmitted with it, is copyright and may contain
confidential information.
The contents are intended for the use of the addressee(s) only.
Unauthorized use may be unlawful.
If you receive this email by mistake, please advise sender immediately.
The views of the author may not necessarily constitute the views of Telco Electronics
Limited.
Nothing in this mail shall bind Telco Electronics Limited in any contract or
obligation.
Telco Electronics Limited
6-8 Oxford Court
Brackley
Northants
NN13 7XY
Tel 07000 701999
Fax 07000 701777
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: nomadix
Hi Alan I've got freeradius working with postgres and its authorization is working when I use radtest. When I use the nomadix radius test login, it comes back with a server timed out message. I do have the USG setup in the naslist and also as a client (nastype = other) and I'm using the standard ports (1812/1813) on both sides. Thanks + Regards, Barry - Original Message - From: "Alan Litster" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, July 18, 2003 11:18 AM Subject: RE: nomadix > Hi Barry, > > I'm currently in the process of setting up a Nomadix(USG II) and FreeRADIUS > configuration. I've successfully got the two working together with out any > major problems. The Nomadix is quite useful in that it supprts an account > expiry attribute, you simply set the account expiry datetime and it will > disable the user when the time comes. > Nomadix-Expiration = "2003-07-18 16:15:00" > > What are you struggling with...? > > Regards, > > Alan > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of > [EMAIL PROTECTED] > Sent: 18 July 2003 09:31 > To: [EMAIL PROTECTED] > Subject: nomadix > > > Does anyone have any experience in getting FreeRadius to work with a nomadix > xSG product ? > I'm struggling ... > > > -- - > This email, and any files transmitted with it, is copyright and may contain confidential information. > The contents are intended for the use of the addressee(s) only. > Unauthorized use may be unlawful. > If you receive this email by mistake, please advise sender immediately. > The views of the author may not necessarily constitute the views of Telco Electronics Limited. > Nothing in this mail shall bind Telco Electronics Limited in any contract or obligation. > > Telco Electronics Limited > 6-8 Oxford Court > Brackley > Northants > NN13 7XY > > Tel 07000 701999 > Fax 07000 701777 > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: nomadix
Hi Barry,
I'm currently in the process of setting up a Nomadix(USG II) and FreeRADIUS
configuration. I've successfully got the two working together with out any
major problems. The Nomadix is quite useful in that it supprts an account
expiry attribute, you simply set the account expiry datetime and it will
disable the user when the time comes.
Nomadix-Expiration = "2003-07-18 16:15:00"
What are you struggling with...?
Regards,
Alan
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of
[EMAIL PROTECTED]
Sent: 18 July 2003 09:31
To: [EMAIL PROTECTED]
Subject: nomadix
Does anyone have any experience in getting FreeRadius to work with a nomadix
xSG product ?
I'm struggling ...
---
This email, and any files transmitted with it, is copyright and may contain
confidential information.
The contents are intended for the use of the addressee(s) only.
Unauthorized use may be unlawful.
If you receive this email by mistake, please advise sender immediately.
The views of the author may not necessarily constitute the views of Telco Electronics
Limited.
Nothing in this mail shall bind Telco Electronics Limited in any contract or
obligation.
Telco Electronics Limited
6-8 Oxford Court
Brackley
Northants
NN13 7XY
Tel 07000 701999
Fax 07000 701777
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
nomadix
Does anyone have any experience in getting FreeRadius to work with a nomadix xSG product ? I'm struggling ...
Re: FreeRadius and Nomadix?
Chris Boyd <[EMAIL PROTECTED]> wrote: > Sending Access-Accept of id 57 to x.x.x.x:2610 > Service-Type = Framed-User > Framed-MTU = 1500 > Finished request 19 > > which sounds good, but the client on the other side of the USG reports a > network error of broken pipe. RADIUS doesn't use pipes. And in any case, the pipe is on the other side of the NAS. Try getting the *real* error message back from the NAS and the client. That will help you track down the issue. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
