(RADIATOR) MaxSessions
Hello, I've recently started using the MaxSession clause in my default realm and see something strange. It would appear that it's working properly and only allowing the user to login once unless the user uses a capital letter in their username (ie bert and Bert are being treated as different usernames). I am using the following in my default realm: RewriteUsername tr/A-Z/a-z/ RewriteUsername s/^([^@]+).*/$1/ I assume this is the reason for the behaviour described above? If it makes and difference, I'm running Radiator-2.14.1 on BSDI 4.01. Is there a way of disabling this? Thank you in advance, Robert === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) radwho?
I am having a problem with the radwho.cgi script it keeps giving the error premature end of line We are useing all of the other goodies scripts with no problems radaccount.cgi works fine we are useing the default set of table in the radonline mysql database and I have data being added and removed from it Rick === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Fwd: Me encuentro fuera de la oficina de vacaciones, vuelvo el 18/2/2002.: Re: (RADIATOR) Session-Timeout.
-- Forwarded Message -- Subject: Me encuentro fuera de la oficina de vacaciones, vuelvo el 18/2/2002.: Re: (RADIATOR) Session-Timeout. Date: Sat, 2 Feb 2002 11:44:15 +1100 From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Hello Rick - You would use an AuthBy FILE with DEFAULT entries. # define DEFAULT's for different times DEFAULT Time = "...", Auth-Type = .. Session-Timeout = ., DEFAULT Time = "...", Auth-Type = .. Session-Timeout = ., Have a look at sections 13.1.6 and 13.1.13 in the Radiator 2.19 reference manual (included in the distribution in the file "doc/ref.html"). regards Hugh On Sat, 2 Feb 2002 11:25, Ricky Chilcott wrote: > Hello, > > How could I accomplish the following with session timout. > > 1.No timeout between 00:00 and 10:00 and a 4 hour timeout all other > times. > > 2.No timeout between 00:00 and 10:00 , 4 Hour timeout between 10:00 and > 19:00 and 2 Hour timeout between 19:00 and 00:00. > > Thanks > > Rick > > === > Archive at http://www.open.com.au/archives/radiator/ > Announcements on [EMAIL PROTECTED] > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. --- -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Session-Timeout.
Hello Rick - You would use an AuthBy FILE with DEFAULT entries. # define DEFAULT's for different times DEFAULT Time = "...", Auth-Type = .. Session-Timeout = ., DEFAULT Time = "...", Auth-Type = .. Session-Timeout = ., Have a look at sections 13.1.6 and 13.1.13 in the Radiator 2.19 reference manual (included in the distribution in the file "doc/ref.html"). regards Hugh On Sat, 2 Feb 2002 11:25, Ricky Chilcott wrote: > Hello, > > How could I accomplish the following with session timout. > > 1.No timeout between 00:00 and 10:00 and a 4 hour timeout all other > times. > > 2.No timeout between 00:00 and 10:00 , 4 Hour timeout between 10:00 and > 19:00 and 2 Hour timeout between 19:00 and 00:00. > > Thanks > > Rick > > === > Archive at http://www.open.com.au/archives/radiator/ > Announcements on [EMAIL PROTECTED] > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Question
Hello Steve - We offer on-site training and consulting services on a contract basis. I have copied Joanne on this mail and she will send you the details. You can set up a users file with a DEFAULT entry like this: # define DEFAULT to accept everything DEFAULT Auth-Type = Accept regards Hugh On Sat, 2 Feb 2002 03:44, Steve Rainbow wrote: > 1. Are there any training courses for Radiator in the UK. > > 2. All calls that come into my NAS are automatically forwarded to the > radius for authentication. Normally, I set up the username/pasword in a > User file but also now need to authenticate without a username/password. If > I set up a User file with DEFAULT will that allow calls through. > > Thanks, > > Steve > > === > Archive at http://www.open.com.au/archives/radiator/ > Announcements on [EMAIL PROTECTED] > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Fwd: Simultaneous Errors
Hello Cameron - We will need to see a copy of your configuration file and a trace 4 debug from Radiator showing the problems. The usual cause for problems with session limits is missing accounting records. regards Hugh On Sat, 2 Feb 2002 10:00, Mike McCauley wrote: > -- Forwarded Message -- > > Subject: Simultaneous Errors > Date: Fri, 1 Feb 2002 18:43:08 +1100 > From: <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > > Hi Hugh and Mike (and other subscribers, > > We use radiator with the authemerald module to validate users from our > Platypus database. > We have run into a problem that has been growing steadily. Users have been > denied access due to a violation of the simultaneous use limit. However, > the user has not been logged in when the request was denied. The only > solution we've found to this problem is to increase the login limit on the > account by one. This is not a permanent solution because customers are > having trouble again in the future. Has anyone else encountered this > problem? Is there a simple cause? Is it an issue with caching the > usernames in radiator? > > Also, with the AuthEmerald module, we're finding that customers who are on > a block usage plan with 0 minutes or negative minutes remaining are still > allowed to access the system, although their sessions expire after 1 > minute. Surely they should be denied access in the first place? > > Any help to either of these problems would be greatly appreciated. > > Cheers, > Cameron > > --- > Cameron Watson > Billing System Administrator > Bigfoot Internet Pty Ltd > +61 3 98607520 > +61 4 03073400 > [EMAIL PROTECTED] > > --- -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Cisco PPOE support questions
Hello - On Sat, 2 Feb 2002 08:21, ListServ wrote: > Does anyone know if Radiator can support the Cisco PPOE equipment/protocol, > and what entries would I have to make in my dictionary file. > As long as the equipment can be configured to do radius authentication, Radiator can be configured to deal with it. You should check the Cisco web site for IOS versions and the details of radius configurations. regards Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Session-Timeout.
Hello, How could I accomplish the following with session timout. 1.No timeout between 00:00 and 10:00 and a 4 hour timeout all other times. 2.No timeout between 00:00 and 10:00 , 4 Hour timeout between 10:00 and 19:00 and 2 Hour timeout between 19:00 and 00:00. Thanks Rick === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Fwd: Me encuentro fuera de la oficina de vacaciones, vuelvo el 18/2/2002.: (RADIATOR) Cisco PPOE support questions
-- Forwarded Message -- Subject: Me encuentro fuera de la oficina de vacaciones, vuelvo el 18/2/2002.: (RADIATOR) Cisco PPOE support questions Date: Fri, 1 Feb 2002 16:21:34 -0500 From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Does anyone know if Radiator can support the Cisco PPOE equipment/protocol, and what entries would I have to make in my dictionary file. Any help, would be great. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. --- -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Fwd: Simultaneous Errors
-- Forwarded Message -- Subject: Simultaneous Errors Date: Fri, 1 Feb 2002 18:43:08 +1100 From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Hi Hugh and Mike (and other subscribers, We use radiator with the authemerald module to validate users from our Platypus database. We have run into a problem that has been growing steadily. Users have been denied access due to a violation of the simultaneous use limit. However, the user has not been logged in when the request was denied. The only solution we've found to this problem is to increase the login limit on the account by one. This is not a permanent solution because customers are having trouble again in the future. Has anyone else encountered this problem? Is there a simple cause? Is it an issue with caching the usernames in radiator? Also, with the AuthEmerald module, we're finding that customers who are on a block usage plan with 0 minutes or negative minutes remaining are still allowed to access the system, although their sessions expire after 1 minute. Surely they should be denied access in the first place? Any help to either of these problems would be greatly appreciated. Cheers, Cameron --- Cameron Watson Billing System Administrator Bigfoot Internet Pty Ltd +61 3 98607520 +61 4 03073400 [EMAIL PROTECTED] --- -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Cisco PPOE support questions
Does anyone know if Radiator can support the Cisco PPOE equipment/protocol, and what entries would I have to make in my dictionary file. Any help, would be great. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
RE: (RADIATOR) Question
Hi Steve,
A handler like the one below will not perform any authentication:
AuthByPolicy ContinueWhileAccept
AuthBy AllocateIPAddressForGPRS
AcctLogFileName %L/%N-gprs-%{GlobalVar:HostId}-detail%Y%m%d.log
PostAuthHook file:"filename"
However remember that you may still need to send back some appropriate reply
attributes which you could do with an 'AddToReply' as per below:
Identifier AllocateIPAddressForGPRS
Allocator ORACLEallocatorGPRS
PoolHint pool-%{Called-Station-Id}-%N
MapAttributeyiaddr, Framed-IP-Address
StripFromReply PoolHint
AddToReply Service-Type = "Framed-User", Framed-Protocol = "PPP",
Framed-Compression = "Van-Jacobson-TCP-IP", Framed-MTU = "1500",
Framed-IP-Netmask = 255.255.255.255, Framed-Routing = None
These are just examples, you'll will need to tailor them to your specific
needs.
Hope this helps.
Paul
___
Paul O'Shea
Level9 Networks
___
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
Behalf Of Steve Rainbow
Sent: Friday, February 01, 2002 4:44 PM
To: [EMAIL PROTECTED]
Subject: (RADIATOR) Question
1. Are there any training courses for Radiator in the UK.
2. All calls that come into my NAS are automatically forwarded to the radius
for authentication. Normally, I set up the username/pasword in a User file
but also now need to authenticate without a username/password. If I set up a
User file with DEFAULT will that allow calls through.
Thanks,
Steve
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Radiator going down after Oracle SQL Timeout
Hi Hugh, well... time passed and this happened again but, alas, there is no message whatsoever that indicates what happened. I kept using supervise which, instead of mailing me, is sending all of standard output + standard error through a logger (multilog) which timestamps it and writes it to a file. Here's Radiator's log of the moment of the problem: ===START OF RADIATOR LOG=== Wed Jan 30 01:21:44 2002: DEBUG: SNMPAgent: received request from 192.168.1.2, 128, 535302554, snmp-community Wed Jan 30 01:22:15 2002: DEBUG: Packet dump: *** Received from 10.133.56.33 port 1645 Code: Access-Request Identifier: 124 Authentic: <236>0<179><185>W@"-)A4<194>r?w- Attributes: NAS-IP-Address = 10.133.56.33 NAS-Port = 30 NAS-Port-Type = Async User-Name = "uncliente@pbm" Called-Station-Id = "0380" Calling-Station-Id = "1141399338" User-Password = "<<247>:<232><232>d<224><135>@<255>`QRs.<218>" Service-Type = Framed-User Framed-Protocol = PPP Wed Jan 30 01:22:15 2002: DEBUG: Rewrote user name to uncliente@pbm Wed Jan 30 01:22:15 2002: DEBUG: Check if Handler Pert-PreRegUser-Flag = 1, Request-Type = Access-Request should be used to handle this request Wed Jan 30 01:22:15 2002: DEBUG: Check if Handler Request-Type = Access-Request should be used to handle this request Wed Jan 30 01:22:15 2002: DEBUG: Handling request with Handler 'Request-Type = Access-Request' Wed Jan 30 01:22:15 2002: DEBUG: Rewrote user name to uncliente@pbm Wed Jan 30 01:22:15 2002: DEBUG: SessDBUsers Deleting session for uncliente@pbm, 10.133.56.33, 30 Wed Jan 30 01:22:15 2002: DEBUG: do query is: DELETE FROM USUARIOS_EN_LINEA WHERE USUA_IP_NAS='10.133.56.33' AND USUA_PORT=030 Wed Jan 30 01:22:21 2002: DEBUG: Handling with Radius::AuthSQL Wed Jan 30 01:22:21 2002: DEBUG: Handling with Radius::AuthSQL:UserGetPassword Wed Jan 30 01:22:21 2002: DEBUG: Query is: SELECT U.USU_CLAVE, S.SER_CODIGO, S.SER_MAX_SESSION_CONCURRENTES, S.TIMEFRAMEID, S.SER_GEN_CHECK, S.SER_GEN_REPLY, U.USU_IP_NRO_FIJA, U.USU_IP_MASC_FIJA, U.USU_TIEMPO_RESTANTE, U.USU_BYTES_RESTANTES, U.USU_SUSPENDIDO, U.USU_GEN_CHECK, U.USU_GEN_REPLY, VS.VISP_SER_VALID_DNIS FROM USUARIOS U, VISP V, SERVICIOS S, VISP_SERVICIOS VS WHERE U.VISP_CODIGO = V.VISP_CODIGO AND U.SER_CODIGO = S.SER_CODIGO AND U.USU_CODIGO = 'uncliente' AND U.VISP_CODIGO = 'pbm' AND V.VISP_CODIGO = VS.VISP_CODIGO AND S.SER_CODIGO = VS.SER_CODIGO AND '0380' LIKE VS.VISP_SER_VALID_DNIS Wed Jan 30 01:22:37 2002: DEBUG: Radius::AuthSQL looks for match with uncliente@pbm Wed Jan 30 01:22:37 2002: DEBUG: Query is: SELECT USUA_IP_NAS, USUA_PORT, USUA_SESION_ID FROM USUARIOS_EN_LINEA WHERE USU_CODIGO ='uncliente' AND VISP_CODIGO='pbm' Wed Jan 30 01:23:16 2002: DEBUG: Radius::AuthSQL ACCEPT: Wed Jan 30 01:23:16 2002: DEBUG: Handling with PORTLIMITCHECK Wed Jan 30 01:23:16 2002: DEBUG: Query is: SELECT COUNT(*) FROM USUARIOS_EN_LINEA WHERE VISP_CODIGO = 'pbm' AND SER_CODIGO = 'Teletrabajo_PBM' AND '0380' LIKE VISP_SER_VALID_DNIS Wed Jan 30 01:24:16 2002: ERR: Execute failed for 'SELECT COUNT(*) FROM USUARIOS_EN_LINEA WHERE VISP_CODIGO = 'pbm' AND SER_CODIGO = 'Teletrabajo_PBM' AND '0380' LIKE VISP_SER_VALID_DNIS': SQL Timeout HERE'S WHERE RADIATOR DIED Wed Jan 30 01:25:58 2002: ERR: Could not connect to SQL database with DBI->connect dbi:Oracle:host=db;sid=RADP, oraUser, oraPassword: timeout at /usr/local/lib/perl5/site_perl/5.6.1/Radius/Util.pm line 507, line 20. Wed Jan 30 01:25:58 2002: ERR: Could not connect to any SQL database. Request is ignored. Backing off for 0 seconds Wed Jan 30 01:25:58 2002: DEBUG: Reclaiming expired leases Wed Jan 30 01:25:58 2002: DEBUG: do query is: UPDATE POOL_IP SET OCUPADA = 0, TIME_STAMP = 1012364758 WHERE OCUPADA != 0 AND EXPIRA < 1012364758 Wed Jan 30 01:26:53 2002: WARNING: Unknown service name Wed Jan 30 01:26:53 2002: INFO: Server started: Radiator 2.18.4 on radius1 Wed Jan 30 01:31:12 2002: DEBUG: SNMPAgent: received request from 192.168.1.2, 128, 913637970, snmp-community Wed Jan 30 01:31:12 2002: DEBUG: SNMPAgent: received request from 192.168.1.2, 128, 913637970, snmp-community Wed Jan 30 01:31:12 2002: DEBUG: SNMPAgent: received request from 192.168.1.2, 128, 913637970, snmp-community Wed Jan 30 01:31:12 2002: DEBUG: SNMPAgent: received request from 192.168.1.2, 128, 913637970, snmp-community Wed Jan 30 01:31:12 2002: DEBUG: SNMPAgent: received request from 192.168.1.2, 128, 913637970, snmp-community Wed Jan 30 01:31:43 2002: DEBUG: SNMPAgent: received request from 192.168.1.2, 128, 243092869, snmp-community Wed Jan 30 01:31:45 2002: DEBUG: SNMPAgent: received request from 192.168.1.2, 128, 243092869, snmp-community Wed Jan 30 01:36:43 2002: DEBUG: SNMPAgent: received request from 192.168.1.2, 128, 261688663, snmp-community Wed Jan 3
(RADIATOR) Question
1. Are there any training courses for Radiator in the UK. 2. All calls that come into my NAS are automatically forwarded to the radius for authentication. Normally, I set up the username/pasword in a User file but also now need to authenticate without a username/password. If I set up a User file with DEFAULT will that allow calls through. Thanks, Steve === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
