Re: (RADIATOR) Radiator 2.14.1 - AuthEmerald
On Wed, 04 Aug 1999, Eric Reeves wrote: I'm attempting to use the AuthEmerald module with Radiator v2.14.1 on an NT4-SP5 system. The error I am getting is as follows: C:\Radiatorperl radiusd Can't locate object method "new" via package "Radius::AuthEmerald" at Radius/Handler.pm line 68, FILE chunk 52. My guess is that AuthEmerald is supposed to use the "new" sub from the AuthSQL package, but Handler.pm is looking for the "new" sub directly in AuthEmerald. Is there a problem w/ Radiator, or (more likely) have I goofed up somewhere along the line? You don't include your configuration file, but it looks like you have specified AuthBy Emerald rather than AuthBy EMERALD note EMERALD in UPPER case - the debug correctly says it can't find Radius::AuthEmerald. You will see AuthEMERALD.pm in the Radius directory in your installation directory. hth Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8, NT, Rhapsody === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Cisco And Session-Timeout
Hi all I really hope i can find answers to my problem, so please anybody with any idea HELP... we have here Cisco 5200 with IOS 11.3T release7 and Cisco 3640 with IOS 11.3T release9 we configure the Radiator and its working great but we are facing one problem... We want to automatically disconnect users basing on how much time they have left, so we are sending session-time out like this: AuthBy SQL AuthSelect select Password,TimeBalance from users where username='%n' AuthColumnDef 0,Password,check AuthColumnDef 1,Session-Timeout,reply using Trace 4 we see it in the log file ok.. but nobody gets disconnected?? we are using PPP for connection in the routers. i feel its a router configuration but i'm not sure.. is anybody successful in using Session-Timeout with Cisco with PPP??? Thanks all Adam === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Cisco And Session-Timeout
On Wed, Aug 04, 1999 at 01:58:50PM +0300, Adam wrote: Hi all I really hope i can find answers to my problem, so please anybody with any idea HELP... we have here Cisco 5200 with IOS 11.3T release7 and Cisco 3640 with IOS 11.3T release9 we configure the Radiator and its working great but we are facing one problem... We want to automatically disconnect users basing on how much time they have left, so we are sending session-time out like this: AuthBy SQL AuthSelect select Password,TimeBalance from users where username='%n' AuthColumnDef 0,Password,check AuthColumnDef 1,Session-Timeout,reply Try using Ascend-Maximum-Time instead. That worked for us (and Session-Timeout didn't). [EMAIL PROTECTED] === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Unwanted Session Limits
I have a customer who has a Radiator users file entry as follows: davidm Auth-Type = System Client-Id = pm1, Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Address = 203.63.235.213, Framed-MTU = 1500, Idle-Timeout = 99 This works fine, when he logs into my PortMaster (pm1), he gets his permanent IP address. The trouble is when he tries a second login to my Tigris he cannot connect (Before changing to Radiator this was not a problem). This could be due to one of two things: 1) Could Radiator be not allowing the second session (I did not explicitly configure radius.cfg to do this) 2) Or could Radiator be assigning the static IP address when he logs into the Tigris. This IP address is already in use so the connection fails. I suspect that Radiator is seeing the second login on the Tigris and allocating the address from the users file, which is wrong, as the davidm rule is only for the pm1 NAS not the dm1 NAS. How could I sort this problem out? Regards. Paul === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Cisco And Session-Timeout
Hi, Cisco don't support the session timeout attribute for PPP connections in any release of IOS 11.x. I think it's supported in technology releases of IOS 12.0 from 12.0.3-T but I can't find confirmation of that on CCO. Hope this helps. Regards, Simon. At 13:58 04/08/99 +0300, you wrote: Hi all I really hope i can find answers to my problem, so please anybody with any idea HELP... we have here Cisco 5200 with IOS 11.3T release7 and Cisco 3640 with IOS 11.3T release9 we configure the Radiator and its working great but we are facing one problem... We want to automatically disconnect users basing on how much time they have left, so we are sending session-time out like this: AuthBy SQL AuthSelect select Password,TimeBalance from users where username='%n' AuthColumnDef 0,Password,check AuthColumnDef 1,Session-Timeout,reply using Trace 4 we see it in the log file ok.. but nobody gets disconnected?? we are using PPP for connection in the routers. i feel its a router configuration but i'm not sure.. is anybody successful in using Session-Timeout with Cisco with PPP??? Thanks all Adam - Simon Rainey Direct Line: 01235 823238 Principal Internet Consultant Fax: 01235 823424 RM Internet for LearningE-mail: [EMAIL PROTECTED] New Mill House, 183 Milton Park, Abingdon, Oxfordshire, OX14 4SE, England === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Cisco And Session-Timeout
Adam wrote: i feel its a router configuration but i'm not sure.. is anybody successful in using Session-Timeout with Cisco with PPP??? The standard Radius attributes Session-Timeout and Idle-Tiemout work in Cisco only with async interfaces, not with ISDN. You need to work with virtual-profiles and Cisco or Ascend attributes for ISDN timeouts support. Félix __ DATAGRAMA SERVICIOS GLOBALES IP C/ Acer 30 Pho: +34 93 223 00 98 08038 Barcelona ( SPAIN )Fax: +34 93 223 12 66 mailto:[EMAIL PROTECTED] http://www.datagrama.net __ ÿ Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Ipass Perl Module and FreeBSD 3
There were no complilation errors in the make phase. -oliver
On Wed, 28 Jul 1999, Mike McCauley wrote:
Hello,
We are currently running FreeBSD 3.x and using Radiator to
authenticate users. We are trying to implement Ipass. I have already
installed Ipass and it tests properly. We have hit a snag trying to
install the Ipass Perl Module from Open Systems. Here are the errors we
have gotten:
~~~
root[ancillary]/home/oliver/SRC/IpassPerl-1.3 {132}# make test
PERL_DL_NONLAZY=1 /usr/bin/perl -Iblib/arch -Iblib/lib
-I/usr/libdata/perl/5.00503/mach -I/usr/libdata/perl/5.00503 test.pl
1..6
Can't load 'blib/arch/auto/Ipass/Ipass.so' for module Ipass:
blib/arch/auto/Ipass/Ipass.so: Undefined symbol "ipass_debug" at
/usr/libdata/perl/5.00503/DynaLoader.pm line 169.
That looks a lot like the compilation of the IpassPerl module failed. Did you
see any errors when you did the "make" phase?
Cheers.
at test.pl line 19
BEGIN failed--compilation aborted at test.pl line 19.
not ok 1
*** Error code 255
Stop.
~
I have run the LIB with and without the -lndbm flag and it has made no
difference. Any suggestions?
Thanks,
Oliver Stockhammer
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
-- End of excerpt from Hugh Irvine
--
Mike McCauley [EMAIL PROTECTED]
Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) handler regex question
Hello Aaron - On Thu, 05 Aug 1999, Aaron Holtz wrote: I seem to be getting some accounting records from my Ascends that do not include the User-Name attribute (I think they are dropped connections or some type of report from the Ascend.) I have my handlers setup to only take requests from usernames that are valid as I seem to get a lot of "garbage" requests from misbehaving units and I don't want to even parse them. But I would like to log the Ascend logs that come in, but they never match any handler I have as no User-Name attribute is in there. What I'd like to do is create a handler that works with these records. Will the following make a match on a request where NO User-Name attribute is sent or will it only match a User-Name attribute that exists, but is empty? Handler Realm="", User-Name="" /Handler I can't seem to find another attribute in the record that is unique to it and isn't included in a "good" looking accounting request. Any thoughts are appreciated on how I can handle these. I would be inclined to put an empty Handler after all your other Handlers (note that Handlers are checked sequentially until there is a match): # This will catch anything else after all other Handlers are checked Handler /Handler -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8, NT, Rhapsody === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) wierd things happening...
Hi all, I have some weird unexplained phenomena happening with Radiator which I'm wondering if anyone can explain. In our situation, we have an AuthBy FILE, then either the user is authenticated or (by default) the auth is passed onto Identifier System, which does an AuthBy SYSTEM and an AuthBy SQL. We were using Radiator 2.13.1, and my problem (i'm getting to that bit :) was happening with both the old SqlDb.pm and the new one (ie the patch). What was happening was: 1) User tries to auth, password in users file.. access accepted. fine. 2) User tries to auth, password is wrong. rejected by AuthSYSTEM before AuthSQL. fine. 3) User tries to auth, password is right, passed by AuthSYSTEM, AuthSQL just hangs. I then need to kill radiusd will kill -9 pid - or else it just doesn't respond to anything. Trying this with trace level 4 showed nothing - it just said "Handling by AuthSQL" and then went dead... We are using an Oracle8 database... this has worked pretty much fine for about a month.. (although with similar problems to this randomly - but a restart usually fixed that). The database connection in general was fine - I have a perl script which connects and does a transaction using DBI which I can run to test htis... and that worked fine... I was able to connect and execute a query using the same username, password, etc... basically, same conditions to radiator... Upgrading the system to 2.14.1 seems to have fixed this problem.. but I am wondering if anyone knows what was causing this in 2.13.1? I would like to make sure that it is not something that is going to raise its ugly head again :) thanks, Jeremy -- Jeremy Burton Database Administrator, Netspace Online Systems [EMAIL PROTECTED] [EMAIL PROTECTED], [EMAIL PROTECTED] === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Ipass Perl Module and FreeBSD 3
Hi Oliver,
I cant really explain that one.
The compiled module has not found the ipass_debug symbol that should be defined
in the ipass libraries. On my Solaris system its defined in
/usr/ipass/lib/libip.a:
oscar$ nm libip.a |grep debug
[64]| 1868| 280|FUNC |GLOB |0|1 |debug_dump_mem
[15]| 8| 4|OBJT |GLOB |0|3 |ipass_debug
perhaps you can do the same thing and see if its defined in your lib. If not,
could you send me the complete iPASS directory /usr/ipass for your BSD, and I
will try to get to the bottom of it?
Cheers.
On Aug 4, 4:25pm, O Stockhammer wrote:
Subject: Re: (RADIATOR) Ipass Perl Module and FreeBSD 3
There were no complilation errors in the make phase. -oliver
On Wed, 28 Jul 1999, Mike McCauley wrote:
Hello,
We are currently running FreeBSD 3.x and using Radiator to
authenticate users. We are trying to implement Ipass. I have already
installed Ipass and it tests properly. We have hit a snag trying to
install the Ipass Perl Module from Open Systems. Here are the errors we
have gotten:
~~~
root[ancillary]/home/oliver/SRC/IpassPerl-1.3 {132}# make test
PERL_DL_NONLAZY=1 /usr/bin/perl -Iblib/arch -Iblib/lib
-I/usr/libdata/perl/5.00503/mach -I/usr/libdata/perl/5.00503 test.pl
1..6
Can't load 'blib/arch/auto/Ipass/Ipass.so' for module Ipass:
blib/arch/auto/Ipass/Ipass.so: Undefined symbol "ipass_debug" at
/usr/libdata/perl/5.00503/DynaLoader.pm line 169.
That looks a lot like the compilation of the IpassPerl module failed. Did
you
see any errors when you did the "make" phase?
Cheers.
at test.pl line 19
BEGIN failed--compilation aborted at test.pl line 19.
not ok 1
*** Error code 255
Stop.
~
I have run the LIB with and without the -lndbm flag and it has made no
difference. Any suggestions?
Thanks,
Oliver Stockhammer
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
-- End of excerpt from Hugh Irvine
--
Mike McCauley [EMAIL PROTECTED]
Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody
-- End of excerpt from O Stockhammer
--
Mike McCauley [EMAIL PROTECTED]
Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
(RADIATOR) radiator on oracle
hi, can somebody help me. i have installed oracle 8.0i client software on a linux 6.0 server to be used for radiator but i cannot install DBD:Oracle module because it is looking for oracle.pm or proc.pm. the oracle.pm do not exist in the installation cd of oracle but it does exist in oracle 7.3.3. is there a way that i can do in order for me to use radiators authby sql in oracle 8i. thank you dennis === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Cisco 5260 Weirdness
Hi All, Does anybody know why the 5260 will not allow people on when it receives this reply packet? The user can login fine on the pm3's. Does the Attribute 0 with length 0 thing have anything to do with it? Maybe the zero for the Idle-Timeout? If you can't use zero though, how do you say "no timeout" for permanent customers ? TIA Code: Access-Accept Identifier: 71 Authentic: 2231503714223191210^ 159140178146166232 Attributes: Framed-IP-Address = 210.8.138.20 Service-Type = Framed-User Framed-Protocol = PPP Idle-Timeout = 0 Thu Aug 5 12:32:29 1999: WARNING: Malformed request packet: Attribute 0 with length 0: ignored Simon Lindsay[EMAIL PROTECTED] Technical Manager Icq. 1485568 The Internet Company Pty. Ltd. http://www.iweb.net.au/~simon InterWeb Connections and Portal.net Ph. (08) 8221 5444 --- Speed with Service Fx. (08) 8221 5450 === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Cisco 5260 Weirdness
Hi Simon, Im not sure I understand the log you sent. It looks like an Access-Accept received by Radiator. It also looks liek that packet has some corruption in it, but Im not sure if you have omittted some of the log file messges? I presume that this packets was received from a proxy, and would have been sent back to your Cisco? I guess Im saying that I would like to see more description of your setup, plus more from your log file. On the face of it, that Access-Accept looks OK, provided the user was actually trying to log in by PPP. Ciscos are very particular that they get a Service-Type in the reply that matches the Service-Type in the request. Cheers. On Aug 5, 12:54pm, Simon Lindsay wrote: Subject: (RADIATOR) Cisco 5260 Weirdness Hi All, Does anybody know why the 5260 will not allow people on when it receives this reply packet? The user can login fine on the pm3's. Does the Attribute 0 with length 0 thing have anything to do with it? Maybe the zero for the Idle-Timeout? If you can't use zero though, how do you say "no timeout" for permanent customers ? TIA Code: Access-Accept Identifier: 71 Authentic: 2231503714223191210^ 159140178146166232 Attributes: Framed-IP-Address = 210.8.138.20 Service-Type = Framed-User Framed-Protocol = PPP Idle-Timeout = 0 Thu Aug 5 12:32:29 1999: WARNING: Malformed request packet: Attribute 0 with length 0: ignored Simon Lindsay[EMAIL PROTECTED] Technical Manager Icq. 1485568 The Internet Company Pty. Ltd. http://www.iweb.net.au/~simon InterWeb Connections and Portal.net Ph. (08) 8221 5444 --- Speed with Service Fx. (08) 8221 5450 === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- End of excerpt from Simon Lindsay -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8, NT, Rhapsody === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) radiator on oracle
Hi Dennis, On Aug 5, 11:28am, Dennis G. Villanueva wrote: Subject: (RADIATOR) radiator on oracle hi, can somebody help me. i have installed oracle 8.0i client software on a linux 6.0 server to be used for radiator but i cannot install DBD:Oracle module because it is looking for oracle.pm or proc.pm. the oracle.pm do not exist in the installation cd of oracle but it does exist in oracle 7.3.3. is there a way that i can do in order for me to use radiators authby sql in oracle 8i. I think this is a question for the DBD-Oracle people. We havent built an Oracle 8 DBD on Linux, but I would normally just expect to do perl Makefile.PL, make, make test, make install in the usual way Perhaps you could do a build of your DBD-Oracle from scratch and post the transcript? Cheers. -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8, NT, Rhapsody === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
