Re: (RADIATOR) multiple cisco-avpair attributes
Hello I've downloaded 2.15 but still have problems with multiple attributes with the same name stored in LDAP and fetched via replaceIfNotExistProfiles: ... DEBUG: LDAP got radiuscisco-avpair: ip:dns-servers=212.117.64.86 \ 212.117.67.2 ip:addr-pool=setup_pool ... DEBUG: Access accepted for 8W13000a ... DEBUG: Packet dump: *** Sending to 127.0.0.1 port 2132 Code: Access-Accept Identifier: 62 Authentic: 1234567890123456 Attributes: User-Name = "8W13000a TEST dynamisch" Framed-Protocol = PPP Framed-Routing = None Service-Type = Framed-User cisco-avpair = "ip:dns-servers=212.117.64.86 212.117.67.2" There's still missing the second cisco-avpair with the ip-pool, although it is fetched as you can see in the first line. Any hints? bye, -christian- -- Christian HammersWESTEND GmbH - Aachen und Dueren Tel 0241/701333-0 [EMAIL PROTECTED] Internet Security for ProfessionalsFax 0241/911879 === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
RE: (RADIATOR) Some problems with mixed access servers
Title: RE: (RADIATOR) Some problems with mixed access servers
Here is the code in question from Radius/Nas.pm:
#
sub isOnlineAscendSNMP
{
my ($name, $nas_id, $nas_port, $session_id, $client) = @_;
return 1 unless Radius::SNMP::snmpgetprogExists();
my $result = Radius::SNMP::snmpget($nas_id,
$client-{SNMPCommunity},
$Radius::Nas::AscendMIB.12.2.1.3.$nas_port);
if ($result =~ /^.*\([^]+).*$/)
{
return $1 eq $name;
}
return 0;
}
If you would like to try to test your theory, you can change the line
$Radius::Nas::AscendMIB.12.2.1.3.$nas_port);
to
$Radius::Nas::AscendMIB.12.2.1.4.$session_id);
Please let us know what you find, and tell us which version of Ascend code you
are running if the above does work.
I made the change in Nas.PM but it doesnt effect to my situation
Do I need to change SessSQL.PM too?
Regards
Lutfi
NB - if you change the module in the distribution directory, and you have
previously installed Radiator into the Perl directory structure, you will need
to copy the changed module into the Perl directory and restart Radiator.
Otherwise you can just change the copy in the Perl directory directly, but
don't forget to save the original and save your changed copy in either case.
many thanks
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
Re: (RADIATOR) Compatibility with Livingston
Hello William - On Tue, 16 May 2000, William Hernandez wrote: We're thinking of converting from Cistron Radius and would like to minimize conversion of our users file. Is the conversion as simple as using the sample configuration file in goodies/livingCompat.cfg (i.e, with this configuration can I use my users file unchanged)? That's the theory, yes. If you send me a couple of example users from your existing users file (no passwords), I'll have a look and let you know. regards Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
RE: (RADIATOR) Some problems with mixed access servers
Thanks Lutfi -
Could you tell me what was wrong and what you did? You mention the Ascend
Mailing list, but there is no reference.
regards
Hugh
On Tue, 16 May 2000, Lutfi YUNUSOGLU wrote:
Hi
I made a mistake. It works now.
My TAOS ver. is 8.0.2
I found this from a old mail in Ascend Mailing List. I think it would work
with old versions too. But don't believe me, check it ;-))
Thanks
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
Behalf Of Lutfi YUNUSOGLU
Sent: Monday, May 15, 2000 12:14 PM
To: [EMAIL PROTECTED]
Subject: RE: (RADIATOR) Some problems with mixed access servers
Here is the code in question from "Radius/Nas.pm":
#
sub isOnlineAscendSNMP
{
my ($name, $nas_id, $nas_port, $session_id, $client) = @_;
return 1 unless Radius::SNMP::snmpgetprogExists();
my $result = Radius::SNMP::snmpget($nas_id,
$client-{SNMPCommunity},
"$Radius::Nas::AscendMIB.12.2.1.3.$nas_port");
if ($result =~ /^.*\"([^"]+)".*$/)
{
return $1 eq $name;
}
return 0;
}
If you would like to try to test your theory, you can change the
line
"$Radius::Nas::AscendMIB.12.2.1.3.$nas_port");
to
"$Radius::Nas::AscendMIB.12.2.1.4.$session_id");
Please let us know what you find, and tell us which version of
Ascend code you
are running if the above does work.
I made the change in Nas.PM but it doesnt effect to my situation
Do I need to change SessSQL.PM too?
Regards
Lutfi
NB - if you change the module in the distribution directory, and you have
previously installed Radiator into the Perl directory structure, you will
need
to copy the changed module into the Perl directory and restart Radiator.
Otherwise you can just change the copy in the Perl directory directly, but
don't forget to save the original and save your changed copy in either case.
many thanks
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) CGI/Perl scripts to change passwords in MySQL database
*This message was transferred with a trial version of CommuniGate(tm) Pro*
Asif:
Let me tell u first, I am not a pro in Perl or CGIs. I would like to
know whether anyone knows about any CGI/Perl scripts available to
change passwords in the MySQL database.
I'm using mSQL (similar with MySQL, but less powerful) with radiator
2.14.1 too. Well the CGI I have were wrote by me. I sugest you do the
same thing. I'm not a Perl CGI pro neither, but is too easy to learn
perl to make cgi and other cool stuff (maybe this is one of the reasons
radiator was writen with). :)
there is a little example how to make a password change via CGI
#!/usr/bin/perl
use DBI;
use CGI;
q= new CGI;
$newpass = $q-param("newpassword");
$username = $q-param("loginname");
$dbhandler = DBI-connect('DBI:mSQL:radius')
or die "Couldn't make connection because: ".DBI-errstr;
# you will need also a password to access MySQL.
$sthandler = $dbhandler-prepare("UPDATE SUBSCRIBERS SET PASSWORD = ?
WHERE USERNAME = ?")
or die "Couldn't prepare query because: ".$dbh-errstr;
$sthandler-execute($newpass,$username);
$sthandler-finish;
$dbhandler-disconnect;
of course you have to receive via cgi post the loginname and the
newpassword variables from a html form.
I think a brief introduction of the setup would be useful to u.. I am
using Radiator 2.14 which interacts with MySQL database. In a table
inside a MySQL database usernames and passwords are stored. We are
running Apache webserver where I would like the CGI/Perl script to
reside and work. And yes.. one more thing, if possible can this script
have some kind of encryption, so that the username and passwords are
encrypted during the transfer.
Well in Perl 5.003 (i'm not sure about older ones), there is a function
called crypt that receives a salt, a string and returns the string
encrypted with the salt (usually to alpha-numeric caracters). I think
this will be useful to you to acomplish the crypt task you need. In fact
radiator can receive either plain or ecrypted password to make the
authentication. It's up to you to realice what method to use.
Any help on the above issue would be highly appreciated.
Thanks in advance for your help..
hth
--
Sergio Gonzalez
Calle 100 #8A-55 Torre C oficina 711
[EMAIL PROTECTED]
NOC- SkyNet de Colombia.
(57) +1 6422020
(57) +3 2277871
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
(RADIATOR) Re: Add to Reply
Hello Vincent - On Tue, 16 May 2000, Vincent Torres wrote: Hello, As far as I understand the docs, add to reply works only on access-accepts. Is there a way to add reply items to access requests which are denied? Any attributes that have been added to the reply packet prior to the request being denied will be returned to the NAS. Perhaps you could explain what you are trying to accomplish? BTW - if you want to add a reject message, you will need to add the "RejectHasReason" parameter to your Realm or Handler. (Its not in the manual, but that will be fixed in the next release.) hth Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Re: Blocking Access based on Caller Id
Edgar, Check the hooks.txt in the patches area on the webserver. You will find some examples there that will be of help. - Joost. Edgar R Gutierrez wrote: Hi there, I would like to implement black listing caller ids which have known to have been used to hack into SYstems or into ISP accounts. Of course, I also need to know how to get the value of the Calling-Station-Id inside the PreAuthHook Code so that I could make a check if the caller id is black listed. If it is, Radiator will deny access. A pseudo code of what I want to implement is written below: a) Get value of Calling Station Id b) Search Black List Table for that caller id c) If caller id is black listed, then deny access Hoping for any support from all Radiator Guru out there..=) Egie --- Edgar R Gutierrez NOC- Network Services Manager Impact Information Systems - Original Message - From: Hugh Irvine [EMAIL PROTECTED] To: [EMAIL PROTECTED]; Randy Cosby [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Saturday, May 13, 2000 8:59 AM Subject: RE: (RADIATOR) Merged ISP's Hi Randy - On Sat, 13 May 2000, Randy Cosby wrote: How do I BEST deal with the fall-through to the next radius if the first fails? You would specify multiple Host parameters in the AuthBy RADIUS clauses. Have a look at section 6.25.1 in the Radiator 2.15 reference manual. regards Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Joost Stegeman Service Developer Integration Services KPN OVN BBT/IP Integration Services tel. 070 - 371 37 83 fax. 070 - 371 26 38 E-mail: [EMAIL PROTECTED] === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
