Re: odd error since switching to an L2TP config

2002-04-08 Thread Alan DeKok 

John <[EMAIL PROTECTED]> wrote:
> Since we've switched to the L2TP config, we now see an odd thing when people
> are logging in with a '[EMAIL PROTECTED]' username. If they login with
> '[EMAIL PROTECTED]' we see something like: 
> 
> Sun Apr  7 13:02:12 2002 : Auth: Login incorrect: [realm.com/cisco]
> (from nas l2tp port 35 cli 2015790101)

  That's a "username/password" log message.  It looks to me like your
NAS is sending an additional authentication request to the server.

  Run the server in debugging mode to see whether or not this is
happening.

> Also, am having trouble finding a way to search the list archives at
> http://lists.cistron.nl/archives/freeradius-users/2002/04/ - is there a
> search tool available on that server? 

  Have you read the FAQ?

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

odd error since switching to an L2TP config

2002-04-07 Thread John 

We're using a service that forwards all our calls into our radius
server. We've recently switched to an L2TP config where our provider
(Verizon) forwards lots of stuff through a Cisco L2TP tunnel. i.e.
Verizon owns the access servers and forwards the info out to us. 


Since we've switched to the L2TP config, we now see an odd thing when people
are logging in with a '[EMAIL PROTECTED]' username. If they login with
'[EMAIL PROTECTED]' we see something like: 

Sun Apr  7 13:02:12 2002 : Auth: Login incorrect: [realm.com/cisco]
(from nas l2tp port 35 cli 2015790101)
Sun Apr  7 13:02:12 2002 : Auth: Login OK: [[EMAIL PROTECTED]] (from nas
l2tp port 35 cli 2015790101)
Sun Apr  7 13:02:13 2002 : Auth: Login incorrect: [realm.com/cisco]
(from nas l2tp port 35 cli 2015790101)

For analysis, we'll look at those radius logs as three lines: 

Line 1 and 3 are duplicates because (I assume) I have my radius server
listening on two ip's. That'll change later when the other auth server
goes on line. However, I don't understand why I'm GETTING line 1 and 3
in the first place. Why is it giving me 'realm.com/cisco' errors from
it? How should I make it stop? 

Also, users can login fine, we're just gettin spurious logs that are
annoying. 


If a user logs in with only 'username' (which we allow at this time)
they can login and there's no odd logs messages. 

That would look like: 

Sun Apr  7 12:59:35 2002 : Auth: Login OK: [username] (from nas l2tp port
21 cli 2013830465)


Related info:
radiusd-freeradius-0.4
linux 2.4.17
radacct_to_mysql 

Cisco configs are looking something like: 
aaa new-model
!
!
aaa authentication login default local
aaa authentication ppp default group radius
aaa authorization network default group radius 
aaa accounting network default start-stop group radius
aaa session-id common


Phone numbers and domains have been changed to protect the guilty. ;) 
Any help appreciated. 

Also, am having trouble finding a way to search the list archives at
http://lists.cistron.nl/archives/freeradius-users/2002/04/ - is there a
search tool available on that server? 

John

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html