Re: (RADIATOR) ERR: do failed for 'insert into Calls
Hello Philip - This is a problem with the indexes on your database, not with the Total Control. The database is refusing to insert a record into the Calls table because a unique index is being violated. You will need to check the indexes and change whichever one is causing the problem. At 5:11 PM -1000 6/27/01, Philip Clever wrote: Hello, We are trying to toubleshoot a couple of problems. #1. We keep getting these error messages (below). We looked through the archives and went ahead and set the retransmission timeout on our Total Control 1000 from 3 to 20 seconds. From error log: snip Wed Jun 27 16:34:18 2001: ERR: do failed for 'insert into Calls (UserName, CallDate, AcctStatusType, AcctInputOctets, AcctOutputOctets, AcctSessionId, AcctSessionTime, NASIdentifier, NASPort, CallFromId) values ('unauthenticated', 'Jun 27, 2001 16:34', 2, 0, 0, '33554457', 51, '63.72.207.3', 513, '8083238406')': [OpenLink][ODBC][SQL Server]Violation of UNIQUE KEY constraint 'UNQ_Calls': Attempt to insert duplicate key in object 'Calls'. (SQL-S1000)(DBD: st_execute/SQLExecute err=-1) Wed Jun 27 16:34:21 2001: ERR: do failed for 'insert into Calls (UserName, CallDate, AcctStatusType, AcctInputOctets, AcctOutputOctets, AcctSessionId, AcctSessionTime, NASIdentifier, NASPort, CallFromId) values ('unauthenticated', 'Jun 27, 2001 16:34', 2, 0, 0, '33619980', 39, '63.72.207.3', 514, '8089595681')': [OpenLink][ODBC][SQL Server]Violation of UNIQUE KEY constraint 'UNQ_Calls': Attempt to insert duplicate key in object 'Calls'. (SQL-S1000)(DBD: st_execute/SQLExecute err=-1) Wed Jun 27 16:35:19 2001: ERR: do failed for 'insert into Calls (UserName, CallDate, AcctStatusType, AcctInputOctets, AcctOutputOctets, AcctSessionId, AcctSessionTime, NASIdentifier, NASPort, CallFromId) values ('unauthenticated', 'Jun 27, 2001 16:35', 2, 0, 0, '50397207', 4, '63.72.207.3', 770, '8088895755')': [OpenLink][ODBC][SQL Server]Violation of UNIQUE KEY constraint 'UNQ_Calls': Attempt to insert duplicate key in object 'Calls'. (SQL-S1000)(DBD: st_execute/SQLExecute err=-1) Wed Jun 27 16:35:31 2001: ERR: do failed for 'insert into Calls (UserName, CallDate, AcctStatusType, AcctInputOctets, AcctOutputOctets, AcctSessionId, AcctSessionTime, NASIdentifier, NASPort, CallFromId) values ('unauthenticated', 'Jun 27, 2001 16:35', 2, 0, 0, '17956887', 51, '63.72.207.3', 275, '8083238406')': [OpenLink][ODBC][SQL Server]Violation of UNIQUE KEY constraint 'UNQ_Calls': Attempt to insert duplicate key in object 'Calls'. (SQL-S1000)(DBD: st_execute/SQLExecute err=-1) Wed Jun 27 16:36:44 2001: ERR: do failed for 'insert into Calls (UserName, CallDate, AcctStatusType, AcctInputOctets, AcctOutputOctets, AcctSessionId, AcctSessionTime, NASIdentifier, NASPort, CallFromId) values ('unauthenticated', 'Jun 27, 2001 16:36', 2, 0, 0, '51380239', 51, '63.72.207.3', 785, '8083238406')': [OpenLink][ODBC][SQL Server]Violation of UNIQUE KEY constraint 'UNQ_Calls': Attempt to insert duplicate key in object 'Calls'. (SQL-S1000)(DBD: st_execute/SQLExecute err=-1) /snip Besides 'unauthenticated' we get actual usernames as well but they aren't necessarily online which sems really weird. They don't show up on the pass/fail logs, users online, nor do they show up on the Total control failure log either. Problem #2. Our radwho.cgi seems to be working with the exception that the iPass logons do not go away. We have one that is over 100 days old. Any ideas? The only reason that this happens is if you do not receive an Accounting Stop record for the session. You can also remove the stale sessions by hand. regards Hugh -- NB: I am travelling this week, so there may be delays in our correspondence. Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) question
Title: Re: (RADIATOR) question Hello Brandon - If UUnet is mandating this, they must have a specification of what they mean. You will have to check with UUnet directly. regards Hugh At 3:09 AM -0700 6/26/01, Brandon wrote: Wish I knew too. I tried emailing the list and know one seemed to know. The only response I got back was that it was possible in PostAuthHooks. UU.net is now requiring this to use their system. Brandon - Original Message - From: admin To: [EMAIL PROTECTED] Sent: Tuesday, June 26, 2001 2:14 PM Subject: (RADIATOR) question I need to reduce my Ascend-Data-Filter from length 28 to 26 Any ideas how? Thanks Eric -- NB: I am travelling this week, so there may be delays in our correspondence. Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
Re: (RADIATOR) Blocktime from a proxy server
Hello Ken - At 10:59 PM +1100 6/28/01, Ken Kirkby wrote: Im just having some difficulty in getting my head around block time from a proxy server, as to how the transfer of variables takes place in order to set a session time. I have the time available returned from the proxy server which I wish to set as a session-limit. While our SQL derived block time works ok, I cant come up with a combination that works. Version is 2.18.2 I have the following AuthBy Radius config in theory anyway, but I keep getting either av-pair errors, or errors on parsing the config file. AuthBy RADIUS Host xxx.xxx.xxx.xxx Secret xx AuthPort 1645 AcctPort 1646 RetryTimeout 10 AddToRequest Session-Time AllowInReply Session-Timeout AcctFailedLogFileName %L/misseddetails.%Y%m%d But would the PostAuthCheckBlockTimeLeft or similar be needed here. /AuthBy Hugh mentioned a request attribute in his reply on Blocktime around 22nd of April, but that was tied up with AuthColumnDef with AuthBy SQL. I cant see any proxy radius configs in the archive that are relevant. Correct. I was discussing an AuthBy SQL specifically. If you are proxying to a remote radius server, and that radius server sends back a Session-Timeout reply attribute, then there is nothing that you have to do on your end. But perhaps I don't understand the problem? regards Hugh -- NB: I am travelling this week, so there may be delays in our correspondence. Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Oracle SQL timeout causing crash
Hello, We are using v2.18.1 on Linux x86. Whenever there is a SQL timeout, the Radiator process just exits. Thu Jun 28 08:57:40 2001: ERR: Execute failed for 'select ...': SQL Timeout It then exits with error code 0. We have the restart_wrapper in place which restarts it, but is there a reason why it would die? I have not placed it in a higher trace level yet because it is in production, getting a large # of requests (about 20-40/sec), and this happens rarely. Though if needed I can do this. Thanks for any help. Viraj. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Session Database
I've got this directive in my Realm DEFAULT. However, when an user logs onto the system, and is authenticated by Radiator, it fails to put an entry into the session table. What am I doing wrong? Radiator-2.18.2 with RH-7.0 and mySql-3.23.38. SessionDatabase SQL ## Set the database Identifier Identifier SDB1 ## Set the database source DBSource dbi:mysql:** DBUsername** DBAuth** AddQuery insert into RADONLINE (USERNAME, \ NASIDENTIFIER, NASPORT, \ ACCTSESSIONID, TIME_STAMP, FRAMEDADDRESS, PORTTYPE, \ SERVICETYPE) values ('%n','%N',%{NAS-Port}, \ '%{Acct-Session-Id}', %{Timestamp}, \ '%{Framed-Address}','%{Port-Type}','%{Service-Type}') DeleteQuery delete from RADONLINE where USERNAME='%n' and \ NASIDENTIFIER='%N' and NASPORT=%{NAS-Port} ClearNasQuery delete from RADONLINE where NASIDENTIFIER=%N' CountQuery select NASIDENTIFIER,NASPORT,ACCTSESSIONID from \ RADONLINE where USERNAME='%n' /SessionDatabase === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
RE: (RADIATOR) Session Database
Hello Kyle - I will also need to see a copy of the configuration file (no secrets). thanks Hugh At 11:56 AM -0400 6/28/01, Kitabjian, Dave wrote: Hey. 1) Have you tested INSERTing to your DB from the command line to make sure it's working? Perhaps from a Perl command line? 2) Put Trace 4 in your config file, restart Radiator, try again, and then let us know what shows up in your logfile. I'd like to know if it's even TRYING to do the INSERT... Dave -Original Message- From: Kyle [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 28, 2001 5:51 AM To: [EMAIL PROTECTED] Subject: (RADIATOR) Session Database I've got this directive in my Realm DEFAULT. However, when an user logs onto the system, and is authenticated by Radiator, it fails to put an entry into the session table. What am I doing wrong? Radiator-2.18.2 with RH-7.0 and mySql-3.23.38. SessionDatabase SQL ## Set the database Identifier Identifier SDB1 ## Set the database source DBSource dbi:mysql:** DBUsername** DBAuth** AddQuery insert into RADONLINE (USERNAME, \ NASIDENTIFIER, NASPORT, \ ACCTSESSIONID, TIME_STAMP, FRAMEDADDRESS, PORTTYPE, \ SERVICETYPE) values ('%n','%N',%{NAS-Port}, \ '%{Acct-Session-Id}', %{Timestamp}, \ '%{Framed-Address}','%{Port-Type}','%{Service-Type}') DeleteQuery delete from RADONLINE where USERNAME='%n' and \ NASIDENTIFIER='%N' and NASPORT=%{NAS-Port} ClearNasQuery delete from RADONLINE where NASIDENTIFIER=%N' CountQuery select NASIDENTIFIER,NASPORT,ACCTSESSIONID from \ RADONLINE where USERNAME='%n' /SessionDatabase === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- NB: I am travelling this week, so there may be delays in our correspondence. Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Working with Cisco IVR
Title: Message Hmm. I don't think there was anything too complicated about setting up the Gateway to do the IVR part. But I didn't do that part :) I handled the Radius part. That was a little tricky. For the IVR script that we chose on the Gateway, it works like this: 1. Phone call comes in 2. Before the IVR says ANYTHING, the IVR does PRE-authentication to RADIUS, using User-Name = CallerId and Password = "". 3. If that authentication passes, then the IVR asks for the destination number and the call is placed. But if the authentication fails, the IVR asks for the Account# and PIN, and then does the SECOND RADIUS authentication, using User-Name = Account# and Password = PIN. Assuming the second one passes, then the call is placed. To handle both cases, we put the following hook in the main Client clause: # Get the decoded password from the input packet and add an attribute # to the input packet if it is blank. Set the decoded password equal # to the user name attribute. PreHandlerHook sub {if (${$_[0]}-decodedPassword() eq '') \ {${$_[0]}-add_attr('ANI-No-Pass', 'true'); \ ${$_[0]}-{DecodedPassword} =${$_[0]}-get_attr('User-Name');}} and then we use two Handlers for the two different cases: # Handler for BLANK password Handler ANI-No-Pass = true AuthBy LDAP_AUTH_NO_PASSWORD /Handler # Handler for "catch-all"Handler AuthBy LDAP_AUTH /Handler Then, in LDAP_AUTH AuthBy we have: UsernameAttr uid PasswordAttrpass whereas in the LDAP_AUTH_NO_PASSWORD AuthBy we use: UsernameAttr uid PasswordAttr uid It works quite nicely. If there's a smoother solution, I'd love to know of it! Dave -Original Message-From: J. Esteban Saa Barona. [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 28, 2001 1:37 PMTo: [EMAIL PROTECTED]Subject: prepaid calling cards with Cisco Hi Dave, I'm triying to do prepaid calling cards using Cisco Gateways, we have many 1750 and I don't know how to make them do Interactive Voice Responce and check input against a DB. Can you please point me in the right direction ? You may want to check my website I developed I Call Detail Recorder for Cisco Gateways. Usefull for postpaid and QOS Reports. Thank you in advance, Esteban newagetelco.com
(RADIATOR) Vendor Specific Attributes
I'm getting errors regarding Attribute number # (vendor 5624) not in dictionary. Radiator is receiving packets from an Enterasys SSR8600. Do I need to get a hold of attributes for the SSR8600? Will this aid in receiving info on Accounting-Requests? I am rather new to radiator and have got Authentication working but I need to find out what commands users are making on the SSR8600. The SSR is set up to send every command issued to radiator. thanks Jason === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) md5 encryption
I'm having a problem with authenticating md5 encrypted passwords. Here is my config : AuthBy SQL # Adjust DBSource, DBUsername, DBAuth to suit your DB DBSourcedbi:Pg:dbname=radiusdb DBUsername postgres DBAuth password RejectEmptyPassword AuthSelect select ENCRYPTEDPASSWORD,CHECKATTR,REPLYATTR from SUBSCRIBERS where USERNAME='%U' AuthColumnDef 0, User-Password, check /AuthBy I'm getting the following message - Access rejected for user: Bad Password ENCRYPTEDPASSWORD is $1$md5 encrypted password I don't know what I am missing. Thanks Jason === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) md5 encryption
Hi, I had a similar problem, and then realized that the column I had defined in my db was a couple of bytes too short to hold the entire md5 password. Mickey At 06:08 29-06-01, Separovic, Jason wrote: -Start of Original Message- I'm having a problem with authenticating md5 encrypted passwords. Here is my config : AuthBy SQL # Adjust DBSource, DBUsername, DBAuth to suit your DB DBSourcedbi:Pg:dbname=radiusdb DBUsername postgres DBAuth password RejectEmptyPassword AuthSelect select ENCRYPTEDPASSWORD,CHECKATTR,REPLYATTR from SUBSCRIBERS where USERNAME='%U' AuthColumnDef 0, User-Password, check /AuthBy I'm getting the following message - Access rejected for user: Bad Password ENCRYPTEDPASSWORD is $1$md5 encrypted password I don't know what I am missing. -End of Original Message- === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.