(RADIATOR) Radmin with MSSQL-2000 on Windows 2000 problem
Dear All, I have install RADmin 1.5 and Radiator 2.19 on Windows 2000 with MS-SQL server for the RAdmin; I have also install ActivePerl after I setup the IIS5.0 and I have try to go to the http://localhost/Scripts/private/editUser.pl , the system prompt me: Error A serious error has occurred: Sorry, you do not have permission to do that(A_USER). Please report problems with this system to webmaster -- please help thx Billy === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Authlog Failure Reason problems.
The only value that I get for a failure reason is Bad encrypted password... I installed 2.19 in a test environment and configured up the AuthLog SQL and everything worked fine. I ran make and make test, but I didn't run make install do to the configuration of our servers. I ran radiator manually as it described in the docs and it worked like a charm. I would see No such user, Bad encrypted password, etc when running radpwtst. When I went to upgrade the production servers (they were on 2.17.1) I ran make install and everything seemed to work just fine. Radiator runs and we have not had any problems except for the fact that now I only see Bad encrypted password for the reason. Did I miss something? I checked all of the perl modules with the distribution ones and I am running the latest. I am using the exact same configuration file and dictionary file as in the test environment... I'm stumped. Any help would be appreciated. Thanks, Kevin Leier DBA Basin Telecommunications, Inc. www.btinet.net === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Authlog Failure Reason problems.
Hello Kevin - Could you please send me a copy of your configuration file (no secrets) together with a trace 4 debug from Radiator showing what is happening. thanks Hugh On Tue, 11 Dec 2001 02:40, Kevin Leier wrote: The only value that I get for a failure reason is Bad encrypted password... I installed 2.19 in a test environment and configured up the AuthLog SQL and everything worked fine. I ran make and make test, but I didn't run make install do to the configuration of our servers. I ran radiator manually as it described in the docs and it worked like a charm. I would see No such user, Bad encrypted password, etc when running radpwtst. When I went to upgrade the production servers (they were on 2.17.1) I ran make install and everything seemed to work just fine. Radiator runs and we have not had any problems except for the fact that now I only see Bad encrypted password for the reason. Did I miss something? I checked all of the perl modules with the distribution ones and I am running the latest. I am using the exact same configuration file and dictionary file as in the test environment... I'm stumped. Any help would be appreciated. Thanks, Kevin Leier DBA Basin Telecommunications, Inc. www.btinet.net === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Radmin with MSSQL-2000 on Windows 2000 problem
Hello Billy - Can you please send me a copy of the IIS log file? What error messages are there? thanks Hugh On Mon, 10 Dec 2001 19:13, Billy Li wrote: Dear All, I have install RADmin 1.5 and Radiator 2.19 on Windows 2000 with MS-SQL server for the RAdmin; I have also install ActivePerl after I setup the IIS5.0 and I have try to go to the http://localhost/Scripts/private/editUser.pl , the system prompt me: Error A serious error has occurred: Sorry, you do not have permission to do that(A_USER). Please report problems with this system to webmaster -- please help thx Billy === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Anyone Done This?
I am new to this so I thought that I would throw this out to the group. I would like run Radiator on an NT 4.0 box connected to a separate box running mySQL which will hold the user database. I am using an Equinox digital modem pool. I have sum users who are currently authenticated through the NT database but would like either move them to the SQL database or authenticate using both databases. Has anyone tried this before or does anyone have any suggestions/warnings that I should be aware of before I attempt this? Eric Johnson _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Anyone Done This?
Hello Eric - On Tue, 11 Dec 2001 10:44, Eric Johnson wrote: I am new to this so I thought that I would throw this out to the group. I would like run Radiator on an NT 4.0 box connected to a separate box running mySQL which will hold the user database. I am using an Equinox digital modem pool. I have sum users who are currently authenticated through the NT database but would like either move them to the SQL database or authenticate using both databases. Has anyone tried this before or does anyone have any suggestions/warnings that I should be aware of before I attempt this? This is very easy to do. # define AuthBy clauses AuthBy NT Identifier CheckNT . /AuthBy AuthBy SQL Identifier CheckSQL . /AuthBy # define Realm(s) or Handler(s) Realm ... AuthByPolicy ContinueUntilAccept AuthBy CheckNT AuthBy CheckSQL . /Realm There are also numerous examples from the mailing list on the archive site. regards Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Bad login count
Hello Hugh, I have got problem about Bad login count. According to section 5.1.9 in reference manual of RAdmin version 1.4 , it said that if we leave this field blank, then no bad login limits will be applied. But !! when I try , I can't login . In log file shows a message like these Tue Dec 11 10:53:56 2001: INFO: Access rejected for user2@test2: No such userTue Dec 11 10:53:56 2001: DEBUG: Packet dump:*** Sending to 10.20.0.2 port 49156 Code: Access-RejectIdentifier: 159Authentic: 004G001321003100/172Attributes:Reply-Message = "Request Denied" So how can I fixed it . Futhermore , how can I expand login limit to more than 5 Regards, Chairath P.S. Our system are running with Radiator 2.18 and Radmin 1.4 ForegroundLogStdoutLogDird:/Radiator-2.18/logDbDird:/Radiator-2.18LogFile %L/logfile-%d-%m-%Y # Dont turn this up too high, since all log messages are logged# to the RADMESSAGES table in the database. 3 will give you everything# except debugging messagesTrace 4 # PreClientHook to add NAS-Port attributePreClientHook file:"%D/addNASPort" # You will probably want to change this to suit your site.# You should list all the clients you have, and their secrets# If you are using the Radmin Clients table, you wil probably# want to disable this.#Client DEFAULT#Secretmysecret#DupInterval 0#/Client # You can put additonal (or all) client details in your Radmin# database table# and get their details from there with something like this:# You can then use the Radmin 'Add Radius Client' to add new clients.ClientListSQLDBSourcedbi:ODBC:RadminDBUsernamexxx DBAuth /ClientListSQL #AuthBy RADIUS#Identifier ProxyTofunk#Host 10.2.0.6#Secret test#/AuthBy #Realm funk# strip Realm#RewriteUsername s/^([^@]+).*/$1/#AuthBy ProxyTofunk#/Realm AuthBy RADMINIdentifier RADMINAUTH# Change DBSource, DBUsername, DBAuth for your database# See the reference manual. You will also have to # change the one in SessionDatabse SQL below# so its the sameDBSourcedbi:ODBC:RadminDBUsernamexxxDBAuthDateFormat %e %m %Y %T# You can add to or change these if you want, but you# will probably want to change the database schema firstAccountingTableRADUSAGEAcctColumnDefUSERNAME,User-NameAcctColumnDefTIME_STAMP,Timestamp,integerAcctColumnDefACCTSTATUSTYPE,Acct-Status-Type,integerAcctColumnDefACCTDELAYTIME,Acct-Delay-Time,integerAcctColumnDefACCTINPUTOCTETS,Acct-Input-Octets,integerAcctColumnDefACCTOUTPUTOCTETS,Acct-Output-Octets,integerAcctColumnDefACCTSESSIONID,Acct-Session-IdAcctColumnDefACCTSESSIONTIME,Acct-Session-Time,integerAcctColumnDefACCTTERMINATECAUSE,Acct-Terminate-Cause,integerAcctColumnDefFRAMEDIPADDRESS,Framed-IP-AddressAcctColumnDefNASIDENTIFIER,NAS-IdentifierAcctColumnDefNASIDENTIFIER,NAS-IP-AddressAcctColumnDefNASPORT,NAS-Port,integerAcctColumnDefDNIS,Called-Station-IdAcctColumnDefDATE,Timestamp,integer-date# This updates the time and octets left# for this userAcctSQLStatement update RADUSERS set TIMELEFT=TIMELEFT-0%{Acct-Session-Time}, OCTETSINLEFT=OCTETSINLEFT-0%{Acct-Input-Octets}, OCTETSOUTLEFT=OCTETSOUTLEFT-0%{Acct-Output-Octets} where USERNAME='%n' /AuthBy AuthBy GROUP Identifier WithIdleTimeout AuthBy RADMINAUTH# These are the classic things to add to each users # reply to allow a PPP dialup session. It may be # different for your NAS. This will add some # reply items to everyone's replyAddToReply Framed-Protocol = PPP,\ Service-Type = Framed-User,\ Framed-IP-Netmask = 255.255.255.255,\ Framed-Routing = None,\ Framed-MTU = 1500,\ Framed-Compression = Van-Jacobson-TCP-IP,\ Idle-Timeout = 600,\ Class = %{NAS-Port}/AuthBy AuthBy GROUP Identifier WithOutIdleTimeout AuthBy RADMINAUTH# These are the classic things to add to each users # reply to allow a PPP dialup session. It may be # different for your NAS. This will add some # reply items to everyone's replyAddToReply Framed-Protocol = PPP,\ Service-Type = Framed-User,\ Framed-IP-Netmask = 255.255.255.255,\ Framed-Routing = None,\ Framed-MTU = 1500,\ Framed-Compression = Van-Jacobson-TCP-IP,\ Class = %{NAS-Port}/AuthBy AuthBy FILEIdentifier TimeZoneFilename %D/adsl.users/AuthBy Handler Request-Type=Accounting-RequestAuthBy RADMINAUTH/Handler Handler Realm=test1AuthBy TimeZone/Handler Handler Realm=test2AuthBy WithOutIdleTimeout/Handler HandlerAuthBy WithIdleTimeout/Handler # Handle User with NO Realm with RADMIN#Realm#AuthBy RADMINAUTH#/Realm # Handle everyone with RADMIN#Realm DEFAULT#AuthBy RADMINAUTH#/Realm SessionDatabase SQL# This database spec usually should be exactly the same# as in AuthBy RADMIN aboveDBSourcedbi:ODBC:RadminDBUsernameDBAuthClearNasQuery/SessionDatabase
Re: (RADIATOR) Bad login count
Hello Chairath - The log message shown below is due to the username user2@test2 not being found in the database. This is probably because you have not used a RewriteUsername in the Handler to strip the realm (you should use the same one that you used in the Realm clause). regards Hugh On Tue, 11 Dec 2001 15:17, Chairath K wrote: Hello Hugh, I have got problem about Bad login count. According to section 5.1.9 in reference manual of RAdmin version 1.4 , it said that if we leave this field blank, then no bad login limits will be applied. But !! when I try , I can't login . In log file shows a message like these Tue Dec 11 10:53:56 2001: INFO: Access rejected for user2@test2: No such user Tue Dec 11 10:53:56 2001: DEBUG: Packet dump: *** Sending to 10.20.0.2 port 49156 Code: Access-Reject Identifier: 159 Authentic: 004G001321003100/172 Attributes: Reply-Message = Request Denied So how can I fixed it . Futhermore , how can I expand login limit to more than 5 Regards, Chairath P.S. Our system are running with Radiator 2.18 and Radmin 1.4 Foreground LogStdout LogDir d:/Radiator-2.18/log DbDir d:/Radiator-2.18 LogFile %L/logfile-%d-%m-%Y # Dont turn this up too high, since all log messages are logged # to the RADMESSAGES table in the database. 3 will give you everything # except debugging messages Trace 4 # PreClientHook to add NAS-Port attribute PreClientHook file:%D/addNASPort # You will probably want to change this to suit your site. # You should list all the clients you have, and their secrets # If you are using the Radmin Clients table, you wil probably # want to disable this. #Client DEFAULT # Secret mysecret # DupInterval 0 #/Client # You can put additonal (or all) client details in your Radmin # database table # and get their details from there with something like this: # You can then use the Radmin 'Add Radius Client' to add new clients. ClientListSQL DBSource dbi:ODBC:Radmin DBUsername xxx DBAuth /ClientListSQL #AuthBy RADIUS # Identifier ProxyTofunk # Host 10.2.0.6 # Secret test #/AuthBy #Realm funk # strip Realm # RewriteUsername s/^([^@]+).*/$1/ # AuthBy ProxyTofunk #/Realm AuthBy RADMIN Identifier RADMINAUTH # Change DBSource, DBUsername, DBAuth for your database # See the reference manual. You will also have to # change the one in SessionDatabse SQL below # so its the same DBSource dbi:ODBC:Radmin DBUsername xxx DBAuth DateFormat %e %m %Y %T # You can add to or change these if you want, but you # will probably want to change the database schema first AccountingTable RADUSAGE AcctColumnDef USERNAME,User-Name AcctColumnDef TIME_STAMP,Timestamp,integer AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type,integer AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer AcctColumnDef ACCTSESSIONID,Acct-Session-Id AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause,integer AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address AcctColumnDef NASIDENTIFIER,NAS-Identifier AcctColumnDef NASIDENTIFIER,NAS-IP-Address AcctColumnDef NASPORT,NAS-Port,integer AcctColumnDef DNIS,Called-Station-Id AcctColumnDef DATE,Timestamp,integer-date # This updates the time and octets left # for this user AcctSQLStatement update RADUSERS set TIMELEFT=TIMELEFT-0%{Acct-Session-Time}, OCTETSINLEFT=OCTETSINLEFT-0%{Acct-Input-Octets}, OCTETSOUTLEFT=OCTETSOUTLEFT-0%{Acct-Output-Octets} where USERNAME='%n' /AuthBy AuthBy GROUP Identifier WithIdleTimeout AuthBy RADMINAUTH # These are the classic things to add to each users # reply to allow a PPP dialup session. It may be # different for your NAS. This will add some # reply items to everyone's reply AddToReply Framed-Protocol = PPP,\ Service-Type = Framed-User,\ Framed-IP-Netmask = 255.255.255.255,\ Framed-Routing = None,\ Framed-MTU = 1500,\ Framed-Compression = Van-Jacobson-TCP-IP,\ Idle-Timeout = 600,\ Class = %{NAS-Port} /AuthBy AuthBy GROUP Identifier WithOutIdleTimeout AuthBy RADMINAUTH # These are the classic things to add to each users # reply to allow a PPP dialup session. It may be # different for your NAS. This will add some # reply items to everyone's reply AddToReply Framed-Protocol = PPP,\ Service-Type = Framed-User,\ Framed-IP-Netmask = 255.255.255.255,\ Framed-Routing = None,\ Framed-MTU = 1500,\ Framed-Compression = Van-Jacobson-TCP-IP,\ Class = %{NAS-Port} /AuthBy AuthBy FILE Identifier TimeZone Filename %D/adsl.users /AuthBy Handler Request-Type=Accounting-Request AuthBy RADMINAUTH /Handler Handler Realm=test1 AuthBy TimeZone /Handler Handler Realm=test2 AuthBy WithOutIdleTimeout /Handler Handler
(RADIATOR) Authentication through DNIS.
Hi All, I want to authenticate few of our users defined in radiator's user file on basis of DNIS. How can we do that through radiator. As first i try to pass Called-Station-ID attribute in users file but strangely it is not authenticating. Here is sumthing detail shows: It is picking 7159 as called-station-Id. Is there any other way to authenticate specific user on the basis on DNIS or otherwise where i m wrong in this whole scenario. Wed Dec 8 12:28:48 1999: INFO: Server started: Radiator 2.18.1 on netops-2 Wed Dec 8 12:31:40 1999: DEBUG: Packet dump: *** Received from 202.63.217.245 port 1645 Code: Access-Request Identifier: 226 Authentic: 15519619166uXV235205168149236234152149$ Attributes: NAS-IP-Address = 202.63.217.245 NAS-Port = 62 Cisco-NAS-Port = Async62 NAS-Port-Type = Async User-Name = cool Called-Station-Id = 7159 Calling-Station-Id = 215219321 User-Password = 240Q142218240K177T? 1@15215z250224 Service-Type = Framed-User Framed-Protocol = PPP Wed Dec 8 12:31:40 1999: DEBUG: Handling request with Handler 'Realm=DEFAULT' Wed Dec 8 12:31:40 1999: DEBUG: Deleting session for cool, 202.63.217.245, 62 Wed Dec 8 12:31:40 1999: DEBUG: Handling with Radius::AuthEMERALD Wed Dec 8 12:31:40 1999: DEBUG: Handling with Radius::AuthEMERALD Wed Dec 8 12:31:40 1999: DEBUG: Query is: select DateAdd(Day, ma.extension+ma.overdue, maExpireDate), DateAdd(Day, sa.extension, saExpireDate), sa.AccountID, sa.AccountType, sa.password, sa.login, sa.shell, sa.TimeLeft ,sa.LoginLimit from masteraccounts ma, subaccounts sa where (sa.login = 'cool' or sa.shell = 'cool') and ma.customerid = sa.customerid and sa.active 0 and ma.active 0 Wed Dec 8 12:31:41 1999: DEBUG: Query is: insert into badattempt (date,userid,password,cli) values ('12/8/1999 12:31:40','cool','ðQÚðK±T?1@×zúà','215219321') Wed Dec 8 12:31:41 1999: DEBUG: Radius::AuthEMERALD looks for match with cool Wed Dec 8 12:31:41 1999: DEBUG: Query is: select DateAdd(Day, ma.extension+ma.overdue, maExpireDate), DateAdd(Day, sa.extension, saExpireDate), sa.AccountID, sa.AccountType, sa.password, sa.login, sa.shell, sa.TimeLeft ,sa.LoginLimit from masteraccounts ma, subaccounts sa where (sa.login = 'DEFAULT' or sa.shell = 'DEFAULT') and ma.customerid = sa.customerid and sa.active 0 and ma.active 0 Wed Dec 8 12:31:42 1999: DEBUG: Query is: insert into badattempt (date,userid,password,cli) values ('12/8/1999 12:31:41','cool','ðQÚðK±T?1@×zúà','215219321') Wed Dec 8 12:31:42 1999: DEBUG: Handling with Radius::AuthFILE Wed Dec 8 12:31:42 1999: DEBUG: Reading users file ./users Wed Dec 8 12:31:42 1999: DEBUG: Radius::AuthFILE looks for match with cool Wed Dec 8 12:31:42 1999: DEBUG: Radius::AuthFILE ACCEPT: Wed Dec 8 12:31:42 1999: DEBUG: Access accepted for cool Wed Dec 8 12:31:42 1999: WARNING: No such attribute Simultaneous-Use Wed Dec 8 12:31:42 1999: DEBUG: Packet dump: *** Sending to 202.63.217.245 port 1645 Code: Access-Accept Identifier: 226 Authentic: 15519619166uXV235205168149236234152149$ Attributes: Service-Type = Framed-User Framed-Protocol = PPP Simultaneous-Use = 4 Called-Station-Id = 13155131 Wed Dec 8 12:31:42 1999: DEBUG: Packet dump: *** Received from 202.63.217.245 port 1646 Code: Accounting-Request Identifier: 227 Authentic: 139232b;:g212J226199248155210L17517 Attributes: NAS-IP-Address = 202.63.217.245 NAS-Port = 62 Cisco-NAS-Port = Async62 NAS-Port-Type = Async User-Name = cool Called-Station-Id = 7159 Calling-Station-Id = 215219321 Acct-Status-Type = Start Acct-Authentic = RADIUS Service-Type = Framed-User Acct-Session-Id = 0123 Framed-Protocol = PPP Acct-Delay-Time = 0 Wed Dec 8 12:31:42 1999: DEBUG: Handling request with Handler 'Realm=DEFAULT' Wed Dec 8 12:31:42 1999: DEBUG: Adding session for cool, 202.63.217.245, 62 Wed Dec 8 12:31:42 1999: DEBUG: Handling with Radius::AuthEMERALD Wed Dec 8 12:31:42 1999: DEBUG: Handling accounting with Radius::AuthEMERALD Wed Dec 8 12:31:42 1999: DEBUG: do query is: insert into Calls (UserName, CallDate, AcctStatusType, AcctDelayTime, AcctSessionId, NASIdentifier, CallerID, NASPort) values ('cool', 'Dec 8, 1999 12:31', 1, 0, '0123', '202.63.217.245', '215219321', 62) Wed Dec 8 12:31:43 1999: DEBUG: Accounting accepted Wed Dec 8 12:31:43 1999: DEBUG: Packet dump: *** Sending to 202.63.217.245 port 1646 Regards, Wasim Ahmed Khan. Application Programmer. eWorld Internet Services. Karachi, Pakistan. Ph:(92-21)111-246-246. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Bad login count
Hello Hugh, Our Nas send a user with realm. And when I set Bad login count to zero , I can login with user2@test2 also. Regards, Chairath Hello Chairath - The log message shown below is due to the username user2@test2 not being found in the database. This is probably because you have not used a RewriteUsername in the Handler to strip the realm (you should use the same one that you used in the Realm clause). regards Hugh On Tue, 11 Dec 2001 15:17, Chairath K wrote: Hello Hugh, I have got problem about Bad login count. According to section 5.1.9 in reference manual of RAdmin version 1.4 , it said that if we leave this field blank, then no bad login limits will be applied. But !! when I try , I can't login . In log file shows a message like these Tue Dec 11 10:53:56 2001: INFO: Access rejected for user2@test2: No such user Tue Dec 11 10:53:56 2001: DEBUG: Packet dump: *** Sending to 10.20.0.2 port 49156 Code: Access-Reject Identifier: 159 Authentic: 004G001321003100/172 Attributes: Reply-Message = Request Denied So how can I fixed it . Futhermore , how can I expand login limit to more than 5 Regards, Chairath P.S. Our system are running with Radiator 2.18 and Radmin 1.4 Foreground LogStdout LogDir d:/Radiator-2.18/log DbDir d:/Radiator-2.18 LogFile %L/logfile-%d-%m-%Y # Dont turn this up too high, since all log messages are logged # to the RADMESSAGES table in the database. 3 will give you everything # except debugging messages Trace 4 # PreClientHook to add NAS-Port attribute PreClientHook file:%D/addNASPort # You will probably want to change this to suit your site. # You should list all the clients you have, and their secrets # If you are using the Radmin Clients table, you wil probably # want to disable this. #Client DEFAULT # Secret mysecret # DupInterval 0 #/Client # You can put additonal (or all) client details in your Radmin # database table # and get their details from there with something like this: # You can then use the Radmin 'Add Radius Client' to add new clients. ClientListSQL DBSource dbi:ODBC:Radmin DBUsername xxx DBAuth /ClientListSQL #AuthBy RADIUS # Identifier ProxyTofunk # Host 10.2.0.6 # Secret test #/AuthBy #Realm funk # strip Realm # RewriteUsername s/^([^@]+).*/$1/ # AuthBy ProxyTofunk #/Realm AuthBy RADMIN Identifier RADMINAUTH # Change DBSource, DBUsername, DBAuth for your database # See the reference manual. You will also have to # change the one in SessionDatabse SQL below # so its the same DBSource dbi:ODBC:Radmin DBUsername xxx DBAuth DateFormat %e %m %Y %T # You can add to or change these if you want, but you # will probably want to change the database schema first AccountingTable RADUSAGE AcctColumnDef USERNAME,User-Name AcctColumnDef TIME_STAMP,Timestamp,integer AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type,integer AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer AcctColumnDef ACCTSESSIONID,Acct-Session-Id AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause,integer AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address AcctColumnDef NASIDENTIFIER,NAS-Identifier AcctColumnDef NASIDENTIFIER,NAS-IP-Address AcctColumnDef NASPORT,NAS-Port,integer AcctColumnDef DNIS,Called-Station-Id AcctColumnDef DATE,Timestamp,integer-date # This updates the time and octets left # for this user AcctSQLStatement update RADUSERS set TIMELEFT=TIMELEFT-0%{Acct-Session-Time}, OCTETSINLEFT=OCTETSINLEFT-0%{Acct-Input-Octets}, OCTETSOUTLEFT=OCTETSOUTLEFT-0%{Acct-Output-Octets} where USERNAME='%n' /AuthBy AuthBy GROUP Identifier WithIdleTimeout AuthBy RADMINAUTH # These are the classic things to add to each users # reply to allow a PPP dialup session. It may be # different for your NAS. This will add some # reply items to everyone's reply AddToReply Framed-Protocol = PPP,\ Service-Type = Framed-User,\ Framed-IP-Netmask = 255.255.255.255,\ Framed-Routing = None,\ Framed-MTU = 1500,\ Framed-Compression = Van-Jacobson-TCP-IP,\ Idle-Timeout = 600,\ Class = %{NAS-Port} /AuthBy AuthBy GROUP Identifier WithOutIdleTimeout AuthBy RADMINAUTH # These are the classic things to add to each users # reply to allow a PPP dialup session. It may be # different for your NAS. This will add some # reply items to everyone's reply AddToReply Framed-Protocol = PPP,\ Service-Type = Framed-User,\ Framed-IP-Netmask = 255.255.255.255,\ Framed-Routing = None,\ Framed-MTU = 1500,\ Framed-Compression = Van-Jacobson-TCP-IP,\ Class =