Re: (RADIATOR) Radiator - Double Authen
Hello Arthur - I am still not clear on what you want to do, however I am relatively certain that you will be able to do it with Radiator. You should set up a basic configuration file and look at a trace 4 debug from Radiator to see what requests you receive from the NAS. regards Hugh On Fri, 3 May 2002 11:42, Arthur Ho wrote: Hello Hugh, What we have to do is the TNT/proxy RADIUS will pass the CLI and username and password to authentication RADIUS. The TNT will firstly check the Calling Station ID, we use :- DEFAULTPassword=Ascend=CLID Ascend-Require-Auth=Require-Auth Then, after bypass this level of authen, then go to next level authen: - a1234567Authentication-Type=Unix-PW As a result, is it possible to perform the same authentication process at the Radiator? Regards, Arthur -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Ascend-Data-Filter...
Hello Chris - The reason for the different behaviour is that you will only get one or the other (but not both) of DefaultReply or AddToReply. See sections 6.17.8 and 6.17.10 in the Radiator 3.0 reference manual. (doc/ref.html). regards Hugh On Fri, 3 May 2002 09:42, Chris Craft wrote: This works: Realm unlimitedDUP RewriteUsername s/^([^@]+).*/$1/ AuthBy FILE Filename /etc/raddb/users.unlimited.dup DefaultReply Service-Type=Framed-User,\ Framed-Protocol=PPP,\ Framed-IP-Address=255.255.255.254,\ Framed-IP-Netmask=255.255.255.255,\ Ascend-Data-Filter=ip in forward tcp est,\ Ascend-DataFilter=ip in forward dstip 216.127.146.0/24,\ Ascend-DataFilter=ip in forward dstip 63.80.49.5,\ Ascend-DataFilter=ip in forward dstip 65.89.75.10,\ Ascend-Data-Filter=ip in drop tcp dstport = 25,\ Ascend-Data-Filter=ip in forward /AuthBy AcctLogFileName %L/%N.dup/detail /Realm ...but the following didn't: Realm unlimitedDUP RewriteUsername s/^([^@]+).*/$1/ AuthBy FILE Filename /etc/raddb/users.unlimited.dup DefaultReply Service-Type=Framed-User,\ Framed-Protocol=PPP,\ Framed-IP-Address=255.255.255.254,\ Framed-IP-Netmask=255.255.255.255 AddToReply Ascend-Data-Filter=ip in forward tcp est,\ Ascend-DataFilter=ip in forward dstip 216.127.146.0/24,\ Ascend-DataFilter=ip in forward dstip 63.80.49.5,\ Ascend-DataFilter=ip in forward dstip 65.89.75.10,\ Ascend-Data-Filter=ip in drop tcp dstport = 25,\ Ascend-Data-Filter=ip in forward /AuthBy AcctLogFileName %L/%N.dup/detail /Realm Thanks again. Chris Craft, Postmaster/NOC Meister SpringSips.com On Wednesday 01 May 2002 02:46, Hugh Irvine wrote: Hello Chris - Could you send me a copy of what works and what doesn't so I can check it? thanks Hugh (who also loves Radiator) Uh oh... first day on the list, and already I'm doing the answering my own post faux-pas! For some reason, nothing in my AddToReply directives is being added. When I added the stuff under AddToReply to the DefaultReply directive, all was good in the world. Go figure. Thanks for being there. (I just love Radiator! :) Chris Craft, Postmaster/NOC Meister SpringSips.com CHOP === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) PPPOE
Hello, Is there a way that BBSM (Building Broadband Service Manager) by Cisco to recognized session-timeout of Radiator? How? Ray === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) re: Cisco BBSM
Hello, Is there a way we can use radiator as a prepaid platform in PPPOE (ppp over ethernet) Specifically cisco BBSM? Ray === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) re: Cisco BBSM
Hello Ray - If the Cisco supports standard Radius authentication, together with the Session-Timeout reply attribute, it is relatively easy to build a configuration file for prepaid services (using an SQL database). regards Hugh On Fri, 3 May 2002 17:02, [EMAIL PROTECTED] wrote: Hello, Is there a way we can use radiator as a prepaid platform in PPPOE (ppp over ethernet) Specifically cisco BBSM? Ray === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) PPPOE
Hello Ray - You should check with your vendor, or have a look at the Cisco web site. regards Hugh On Fri, 3 May 2002 16:43, [EMAIL PROTECTED] wrote: Hello, Is there a way that BBSM (Building Broadband Service Manager) by Cisco to recognized session-timeout of Radiator? How? Ray === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) VPN-Neighbor Attribute not in Accounting Log
Hello everyone, I set the Class attribute and the VSA VPN-Neighbor attribute in a postauthhook. And I can see that both attributes are being set in a trace 4 log. The problem is that I can see the Class attribute in the accounting log file, but not the VPN-Neighbor attribute. Here's an excerpt from the trace 4 log. Code: Accounting-Response Identifier: 229 Authentic: 20A177177^b11.A208195W132+136247 Attributes: Session-Timeout = 50040 Class = xstop: R 25 110 I, R ANAR CHAT CRIMI DRUGS GAMB HATE OBSC PORN RRATED I, 1 Ascend-IP-Direct = 208.249.78.41 VPN-Neighbor = 208.249.78.41 Any suggestions? Thanks in advance, William === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.