Re: (RADIATOR) User Groups
Hugh, Yes it will, but what I really need to do is assign different sites a different class of addresses (eg, 10.0.0.x /24 for one site, 10.0.1.x for another, etc). Theses all get passed through the one NAS (Telstra) but Data points go through different Routers. One of our selection criteria for a Radius Product was to be able to do this. If you are able to help in some way, it would be appreciated. Regards, Shane - Original Message - From: "Hugh Irvine" <[EMAIL PROTECTED]> To: "Shane Malden" <[EMAIL PROTECTED]>; "Shane Malden" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Monday, November 19, 2001 3:55 PM Subject: Re: (RADIATOR) User Groups > > Hello Shane - > > On Monday 19 November 2001 13:04, Shane Malden wrote: > > I am looking for some support on configuring users in groups. We have > > several NAS in different locations. All come back to the one Radius Server > > for authentication. What i would like to do is add users to a group under > > Radiator and issue this group addresses, based on the location of the NAS. > > The next issue is these users are authenticated by RSA ACE/Server > > (SecurID). How would i add these to groups?? If anyone is able to help in > > any way, it would be appreciated. > > > > Radiator itself has no notion of groups, but it sounds like you want to do > address allocation based on NAS. In a previous reply to you I indicated how > to do this using the Identifier tag in the Client clauses - will this not > work for you? If it won't work for you, can you tell me what the groups you > refer to above are based on? > > regards > > Hugh > > > -- > Radiator: the most portable, flexible and configurable RADIUS server > anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. > - > Nets: internetwork inventory and management - graphical, extensible, > flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Password Tries
Hello Andrew - On Monday 19 November 2001 12:11, Andrew wrote: > Hi, > > Is there an option I can specify in the configuration file to set the > number times a client will be prompted for a username and password? > Or is that generally just a NAS thing?. > It is the NAS that issues the username/password prompt. Radiator only receives the access request after the username and password are entered. regards Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Do not want to log AcctAlivePackets
Hello Nick - On Monday 19 November 2001 14:46, Nick Black wrote: > Hi, > > We have radiator running in AuthBy EMERALD mode with Platypus, and our > radius server sends out Start, Stop, and Alive requests. What is the > easiest way to log only Start and Stop requests in the SQL Database > It is probably easiest to do this with Handlers: # define AuthBy EMERALD Identifier UseEmerald . # define Handlers AuthBy UseEmerald . AcctResult ACCEPT AuthBy UseEmerald . Note that you should not mix Realms and Handlers in the same configuration file. regards Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Size of log files
Hello Roy - It is generally much easier to use special characters in the file names for logging and so on. Here is an example to create a new file every day. LogFile %L/logfile-%Y-%m-%d The files are opened, written and closed for every event. Of course you will still need to clean up the old files via a cron job or whatever. regards Hugh On Monday 19 November 2001 16:13, Roy Jordan wrote: > Hi, > > I was wondering if there is a limit to the size of the Radiator log files. > I am currently working on a procedure to begin rotating the log files as > huge log files are harder to work with. If a log file limit is reached what > affect would that have. Would the existing log file be overwritten with a > clean logfile or would it create a new log file. > > > Regards > > > Roy > > - > Roy Jordan > Remex Consulting > Tel +61 (0)2 8436 9500 > Fax +61 (0)2 8436 9599 > mailto:[EMAIL PROTECTED] > http://www.remex.com.au > - > Information contained in this email is intended for the addressees only. > > > > === > Archive at http://www.open.com.au/archives/radiator/ > Announcements on [EMAIL PROTECTED] > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) User Groups
Hello Shane - On Monday 19 November 2001 13:04, Shane Malden wrote: > I am looking for some support on configuring users in groups. We have > several NAS in different locations. All come back to the one Radius Server > for authentication. What i would like to do is add users to a group under > Radiator and issue this group addresses, based on the location of the NAS. > The next issue is these users are authenticated by RSA ACE/Server > (SecurID). How would i add these to groups?? If anyone is able to help in > any way, it would be appreciated. > Radiator itself has no notion of groups, but it sounds like you want to do address allocation based on NAS. In a previous reply to you I indicated how to do this using the Identifier tag in the Client clauses - will this not work for you? If it won't work for you, can you tell me what the groups you refer to above are based on? regards Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Size of log files
Hi, I was wondering if there is a limit to the size of the Radiator log files. I am currently working on a procedure to begin rotating the log files as huge log files are harder to work with. If a log file limit is reached what affect would that have. Would the existing log file be overwritten with a clean logfile or would it create a new log file. Regards Roy - Roy Jordan Remex Consulting Tel +61 (0)2 8436 9500 Fax +61 (0)2 8436 9599 mailto:[EMAIL PROTECTED] http://www.remex.com.au - Information contained in this email is intended for the addressees only. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
RE: (RADIATOR) HydraRADIUS
Title: RE: (RADIATOR) HydraRADIUS Hello all, BTW why not use Radiator . The price vs performance is good. You can make 2 box for primary and secondary radius. The hardware switch is too expensive. Regards, Harrison Ng SmarTone Mobile Communication Limited -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Chris Given Sent: Monday, November 19, 2001 6:37 AM To: '[EMAIL PROTECTED]' Subject: FW: (RADIATOR) HydraRADIUS Check out foundry networks, they make a nice product to do this. http://www.foundrynetworks.com/ -Original Message- From: Mike McCauley [mailto:[EMAIL PROTECTED]] Sent: Sunday, November 18, 2001 3:18 PM To: [EMAIL PROTECTED] Subject: Re: (RADIATOR) HydraRADIUS -- Forwarded Message -- Subject: BOUNCE [EMAIL PROTECTED]: Non-member submission from ["David M. Lloyd" <[EMAIL PROTECTED]>] Date: Fri, 16 Nov 2001 07:40:08 -0600 From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] From [EMAIL PROTECTED] Fri Nov 16 07:40:08 2001 Received: from lowblow.svc.tds.net (lowblow.svc.tds.net [204.246.1.39]) by server1.open.com.au (8.11.0/8.11.0) with ESMTP id fAGDe8300652 for <[EMAIL PROTECTED]>; Fri, 16 Nov 2001 07:40:08 -0600 Received: from homebody.freemm.org ([216.170.141.248]) by lowblow.svc.tds.net with ESMTP id <[EMAIL PROTECTED]>; Fri, 16 Nov 2001 09:21:39 -0600 Date: Fri, 16 Nov 2001 09:29:21 -0600 (CST) From: "David M. Lloyd" <[EMAIL PROTECTED]> X-X-Sender: [EMAIL PROTECTED] To: "Ricardo D. Albano" <[EMAIL PROTECTED]> cc: [EMAIL PROTECTED] Subject: Re: (RADIATOR) HydraRADIUS In-Reply-To: <[EMAIL PROTECTED]> Message-ID: <[EMAIL PROTECTED]> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII On Thu, 15 Nov 2001, Ricardo D. Albano wrote: > Any know HydraRADIUS ? > > I'm searching for a radius load balancer (I have 20 radiators), I read > about HydraRADIUS in the Radiator Manual, but I can't contact with > this company. The web page > (http://www.hydraweb.com/products/hydraradius/index.asp) is down (and > the DNS too)... :( HydraWeb is the company that made those things. We got a couple of them right before HydraWeb went out of business... what a nightmare. They were the worst pieces of hardware I've ever had the displeasure of dealing with. Not only that, but people we were trying to contact kept getting laid off. The only reason we got our money back is because one of my coworkers finagled the cellphone number of the VP out of someone. If you want a good loadbalancing appliance, look at F5's BigIP product. That's what most of the big ISPs use. It costs about the same as the Hydras did, but it actually *works*. I would recommend to Hugh/Mike/etc that you drop reference to Hydra since they don't seem to exist anymore. - D <[EMAIL PROTECTED]> --- -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Do not want to log AcctAlivePackets
Hi, We have radiator running in AuthBy EMERALD mode with Platypus, and our radius server sends out Start, Stop, and Alive requests. What is the easiest way to log only Start and Stop requests in the SQL Database Thanks Nick === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) User Groups
I am looking for some support on configuring users in groups. We have several NAS in different locations. All come back to the one Radius Server for authentication. What i would like to do is add users to a group under Radiator and issue this group addresses, based on the location of the NAS. The next issue is these users are authenticated by RSA ACE/Server (SecurID). How would i add these to groups?? If anyone is able to help in any way, it would be appreciated. Regards, Shane
(RADIATOR) Password Tries
Hi, Is there an option I can specify in the configuration file to set the number times a client will be prompted for a username and password? Or is that generally just a NAS thing?. -- Andrew [EMAIL PROTECTED] === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) can snmpget query NAS w/ Cisco-NAS-Port?
Hello Dave -
On Monday 19 November 2001 07:26, Dave Kitabjian wrote:
> Oh, I see. You just mean renaming the attribute, but keeping its value
> the same:
>
> sub
> {
> my $p = ${$_[0]};
>
> my $nasport;
>
> if ($nasport = $p->get_attr('Cisco-NAS-Port'))
> {
> &main::log($main::LOG_DEBUG,
> "Cisco-NAS-Port = $nasport");
> $p->change_attr('NAS-Port', $nasport);
> # $p->delete_attr('Cisco-NAS-Port');
> }
> return;
> }
>
> That's fine with me, but will snmpget know what to do with as Nas-Port
> that looks like "Async5/94", "Serial7/0:21:17", or "Virtual-Access25"
> when it goes to see if the user is still online? That's my main
> concern...
>
I think you will need to look at what you actually get in the result to the
SNMP query by running it manually and then decide what you will need to
compare it to.
There is a second hook in "goodies/hooks.txt" (included below) which does
fancier things with the encoded NAS-Port that you can optionally set in the
Cisco configuration.
# cisco-nas-port.pl
# PreClientHook to extract NAS-Port information.
#
# Cisco encodes information in the NAS-Port attribute as follows:
#
# nl-rt-sh-vpn-aer11(config)#radius-server attribute nas-port format ?
# a Format is type, channel, port
# b Either interface(16) or isdn(16), async(16)
# c Data format(bits): shelf(2), slot(4), port(5), channel(5)
# d Data format(bits): slot(4), module(1), port(3), vpi(8), vci(16)
#
# This hook is written for Cisco format "d" above (ATM vpi/vci).
#
# The encoded information is extracted and the individual data elements
# are added to the request packet as pseudo-attributes.
#
# Hugh Irvine, Open System Consultants, 20010622
sub
{
my $p = ${$_[0]};
my $nasport = $p->get_attr('NAS-Port');
if (defined($nasport))
{
my ($slot, $module, $port, $vpi, $vci);
$vci = $nasport & 0x;
$nasport = $nasport >> 16;
$vpi = $nasport & 0xff;
$nasport = $nasport >> 8;
$port = $nasport & 0x7;
$nasport = $nasport >> 3;
$module = $nasport & 0x1;
$nasport = $nasport >> 1;
$slot = $nasport & 0xf;
$p->add_attr('Cisco-NAS-Port-Vci', $vci)
if defined $vci;
$p->add_attr('Cisco-NAS-Port-Vpi', $vpi)
if defined $vpi;
$p->add_attr('Cisco-NAS-Port-Port', $port)
if defined $port;
$p->add_attr('Cisco-NAS-Port-Module', $module)
if defined $module;
$p->add_attr('Cisco-NAS-Port-Slot', $slot)
if defined $slot;
}
}
regards
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
FW: (RADIATOR) HydraRADIUS
Check out foundry networks, they make a nice product to do this. http://www.foundrynetworks.com/ -Original Message- From: Mike McCauley [mailto:[EMAIL PROTECTED]] Sent: Sunday, November 18, 2001 3:18 PM To: [EMAIL PROTECTED] Subject: Re: (RADIATOR) HydraRADIUS -- Forwarded Message -- Subject: BOUNCE [EMAIL PROTECTED]:Non-member submission from ["David M. Lloyd" <[EMAIL PROTECTED]>] Date: Fri, 16 Nov 2001 07:40:08 -0600 From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] >From [EMAIL PROTECTED] Fri Nov 16 07:40:08 2001 Received: from lowblow.svc.tds.net (lowblow.svc.tds.net [204.246.1.39]) by server1.open.com.au (8.11.0/8.11.0) with ESMTP id fAGDe8300652 for <[EMAIL PROTECTED]>; Fri, 16 Nov 2001 07:40:08 -0600 Received: from homebody.freemm.org ([216.170.141.248]) by lowblow.svc.tds.net with ESMTP id <[EMAIL PROTECTED]>; Fri, 16 Nov 2001 09:21:39 -0600 Date: Fri, 16 Nov 2001 09:29:21 -0600 (CST) From: "David M. Lloyd" <[EMAIL PROTECTED]> X-X-Sender: [EMAIL PROTECTED] To: "Ricardo D. Albano" <[EMAIL PROTECTED]> cc: [EMAIL PROTECTED] Subject: Re: (RADIATOR) HydraRADIUS In-Reply-To: <[EMAIL PROTECTED]> Message-ID: <[EMAIL PROTECTED]> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII On Thu, 15 Nov 2001, Ricardo D. Albano wrote: > Any know HydraRADIUS ? > > I'm searching for a radius load balancer (I have 20 radiators), I read > about HydraRADIUS in the Radiator Manual, but I can't contact with > this company. The web page > (http://www.hydraweb.com/products/hydraradius/index.asp) is down (and > the DNS too)... :( HydraWeb is the company that made those things. We got a couple of them right before HydraWeb went out of business... what a nightmare. They were the worst pieces of hardware I've ever had the displeasure of dealing with. Not only that, but people we were trying to contact kept getting laid off. The only reason we got our money back is because one of my coworkers finagled the cellphone number of the VP out of someone. If you want a good loadbalancing appliance, look at F5's BigIP product. That's what most of the big ISPs use. It costs about the same as the Hydras did, but it actually *works*. I would recommend to Hugh/Mike/etc that you drop reference to Hydra since they don't seem to exist anymore. - D <[EMAIL PROTECTED]> --- -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) HydraRADIUS
-- Forwarded Message -- Subject: BOUNCE [EMAIL PROTECTED]:Non-member submission from ["David M. Lloyd" <[EMAIL PROTECTED]>] Date: Fri, 16 Nov 2001 07:40:08 -0600 From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] >From [EMAIL PROTECTED] Fri Nov 16 07:40:08 2001 Received: from lowblow.svc.tds.net (lowblow.svc.tds.net [204.246.1.39]) by server1.open.com.au (8.11.0/8.11.0) with ESMTP id fAGDe8300652 for <[EMAIL PROTECTED]>; Fri, 16 Nov 2001 07:40:08 -0600 Received: from homebody.freemm.org ([216.170.141.248]) by lowblow.svc.tds.net with ESMTP id <[EMAIL PROTECTED]>; Fri, 16 Nov 2001 09:21:39 -0600 Date: Fri, 16 Nov 2001 09:29:21 -0600 (CST) From: "David M. Lloyd" <[EMAIL PROTECTED]> X-X-Sender: [EMAIL PROTECTED] To: "Ricardo D. Albano" <[EMAIL PROTECTED]> cc: [EMAIL PROTECTED] Subject: Re: (RADIATOR) HydraRADIUS In-Reply-To: <[EMAIL PROTECTED]> Message-ID: <[EMAIL PROTECTED]> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII On Thu, 15 Nov 2001, Ricardo D. Albano wrote: > Any know HydraRADIUS ? > > I'm searching for a radius load balancer (I have 20 radiators), I read > about HydraRADIUS in the Radiator Manual, but I can't contact with > this company. The web page > (http://www.hydraweb.com/products/hydraradius/index.asp) is down (and > the DNS too)... :( HydraWeb is the company that made those things. We got a couple of them right before HydraWeb went out of business... what a nightmare. They were the worst pieces of hardware I've ever had the displeasure of dealing with. Not only that, but people we were trying to contact kept getting laid off. The only reason we got our money back is because one of my coworkers finagled the cellphone number of the VP out of someone. If you want a good loadbalancing appliance, look at F5's BigIP product. That's what most of the big ISPs use. It costs about the same as the Hydras did, but it actually *works*. I would recommend to Hugh/Mike/etc that you drop reference to Hydra since they don't seem to exist anymore. - D <[EMAIL PROTECTED]> --- -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
RE: (RADIATOR) can snmpget query NAS w/ Cisco-NAS-Port?
Oh, I see. You just mean renaming the attribute, but keeping its value
the same:
sub
{
my $p = ${$_[0]};
my $nasport;
if ($nasport = $p->get_attr('Cisco-NAS-Port'))
{
&main::log($main::LOG_DEBUG,
"Cisco-NAS-Port = $nasport");
$p->change_attr('NAS-Port', $nasport);
# $p->delete_attr('Cisco-NAS-Port');
}
return;
}
That's fine with me, but will snmpget know what to do with as Nas-Port
that looks like "Async5/94", "Serial7/0:21:17", or "Virtual-Access25"
when it goes to see if the user is still online? That's my main
concern...
Dave
> -Original Message-
> From: Hugh Irvine [mailto:[EMAIL PROTECTED]]
> Sent: Friday, November 16, 2001 8:09 PM
> To: Dave Kitabjian; Radiator List
> Subject: Re: (RADIATOR) can snmpget query NAS w/ Cisco-NAS-Port?
>
>
>
> Hello Dave -
>
> On Saturday 17 November 2001 01:48, Dave Kitabjian wrote:
> > Problem: we want to query Cisco 5400's for simultaneous
> use, but for
> > VoIP, there is no Nas-Port in the Access-Request, only
> Cisco-Nas-Port.
> >
> > My understanding is that, to double check the Session DB's
> accuracy,
> > snmpget will do a lookup based on NAS-Identifier, NAS-Port, and
> > Username, and a few other things (see Nas.pm, isOnline()):
> >
> > ($name, $nas_id, $nas_port, $session_id, $client,
> > $framed_ip_address)
> >
> > For the Ciscos in particular, it appears to use:
> >
> > ($nas_id,
> > $client->{SNMPCommunity},
> >
> > "$Radius::Nas::CiscoMIB.2.9.2.1.18.$nas_port")
> >
> > and it's all looking under the MIB:
> >
> > .iso.org.dod.internet.private.enterprises.9
> >
> > (See also SessSQL.pm). Obviously, we can modify the
> SessionDatabase's
> > AddQuery to insert the Cisco-NAS-Port rather than the Nas-Port. But
> > how do we get snmpget to query that info in the Cisco MIB?
> >
>
> It is probably easier to use a PreClientHook to take the
> Cisco-NAS-Port value
> and add a NAS-Port attribute to the incoming request. There
> is an example
> hook that does this in the file "goodies/hooks.txt".
>
> regards
>
> Hugh
>
>
> --
> Radiator: the most portable, flexible and configurable RADIUS
> server anywhere. Available on *NIX, *BSD, Windows 95/98/2000,
> NT, MacOS X.
> -
> Nets: internetwork inventory and management - graphical,
> extensible, flexible with hardware, software, platform and
> database independence.
>
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
(RADIATOR) NT Authentication timeouts
I'm have a low key argument about the source of password lockouts in our VPN system. There are those who argue that Radiator attempts to authenticate against the Domain Controller more than once each time some clicks the "Go" button in SecureRemote, causing account lockouts from fewer retries than the Domain properties allows for. I don't agree. I've been through the source code and I can only see Win32::Authenticateuser called once per authentication request. My Perl is OK, as in I can decipher anything resembling well written code, which this is by the way, but I'm not too hot on developing the OO side of Perl, yet. What I know very little about is the comms side. For all I know SecureRemote takes several stabs at it for each entry of the password. So I'm after confirmation that Radiator is only trying the password once per connection attempt, and, if anyone knows what might cause premature account lock-outs I'd appreciate the input. Otherwise I'll have to start debugging Radiator to see how it works, and I really don't have the time. Craig Massey Team Leader - NZ NT/Exchange Administration Oxygen Business Solutions Mobile 025 279-5794 Phone + 64 9 633-0626. Fax + 64 9 633-0601 www.oxygenforbusiness.com === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
