Re: (RADIATOR) AuthBy SQL question
Hello Hugh, Thanks for responding ... On Sat, 10 Jun 2000, Hugh Irvine wrote: > I notice that your Postgress table definitions are in lower case, and your > AuthSelect is in upper case. Is this correct? Postgres is not case-sensitive. radiator=> select PASSWORD from SUBSCRIBERS where USERNAME = 'mikem'; password fred (1 row) > Also, if you want to use the > "checkattr" and "replyattr" fields, you will need to modify your AuthSelect > statement together with the corresponding AuthColumnDef's. Of course. Only I would like to do the most simple auth method first before complicating things for me :) > And does the inbound test packet in fact contain a password of "fred"? Of course. I even tried NULLING the password in the postgres database (as it said in the docs that if the password is NULL, it would accept ANY password), to no avail. > You might try something like this: > > > RewriteUsername s/^([^@]+).*/$1/ > > DBSourcedbi:Pg:dbname=radiator > DBUsername postgres > DBAuth MYPOSTGRESPASSWORD > > AuthSelect select password from subscribers where \ > username='%n' > AuthColumnDef 0, User-Password, check > > AccountingTable accounting > AcctColumnDef USERNAME,User-Name > AcctColumnDef TIME_STAMP,Timestamp,integer > AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type > AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer > AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer > AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer > AcctColumnDef ACCTSESSIONID,Acct-Session-Id > AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer > AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause > AcctColumnDef NASIDENTIFIER,NAS-Identifier > AcctColumnDef NASIDENTIFIER,NAS-IP-Address > AcctColumnDef NASPORT,NAS-Port,integer > AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address > > > > > > If the field names are indeed case-sensitive, you will have to change the > AcctColumnDef's as well. I did, however, still tried your config above, changing the case of the letters. I still get this: Sat Jun 10 10:44:37 2000: DEBUG: Handling request with Handler 'Realm=testroy' Sat Jun 10 10:44:37 2000: DEBUG: Rewrote user name to mikem Sat Jun 10 10:44:37 2000: DEBUG: Deleting session for mikem@testroy, 208.155.152.42, 1025 Sat Jun 10 10:44:37 2000: DEBUG: Handling with Radius::AuthSQL Sat Jun 10 10:44:37 2000: DEBUG: Handling with Radius::AuthSQL Sat Jun 10 10:44:37 2000: DEBUG: Query is: select password from subscribers where username='mikem' Sat Jun 10 10:44:37 2000: DEBUG: Radius::AuthSQL looks for match with mikem Sat Jun 10 10:44:37 2000: DEBUG: Radius::AuthSQL REJECT: Bad Password Sat Jun 10 10:44:37 2000: DEBUG: Query is: select password from subscribers where username='DEFAULT' Sat Jun 10 10:44:37 2000: INFO: Access rejected for mikem: Bad Password Sat Jun 10 10:44:37 2000: DEBUG: Packet dump: *** Sending to 208.155.152.42 port 1645 Additional question -- Why do I get Query is: select password from subscribers where username='DEFAULT'. This might be the cause ... Hoping for your continued support ... Thanks. Sincerely, Froilan C. Mendoza Manager - Systems Management Tridel Technologies, Inc. http://www.tridel.net === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) AuthBy SQL question
Hello. I am curious with AuthBy SQL and decided to try it out. After a few tries, however, I can't get logged in, using the most basic AuthSelect and the tables/data contained in goodies/postgresCreate.sql. I get this error complaining about incorrect password: Fri Jun 9 20:42:02 2000: DEBUG: Handling request with Handler 'Realm=testroy' Fri Jun 9 20:42:02 2000: DEBUG: Rewrote user name to mikem Fri Jun 9 20:42:02 2000: DEBUG: Deleting session for mikem@testroy, 208.155.152.42, 1025 Fri Jun 9 20:42:02 2000: DEBUG: Handling with Radius::AuthSQL Fri Jun 9 20:42:02 2000: DEBUG: Handling with Radius::AuthSQL Fri Jun 9 20:42:02 2000: DEBUG: Query is: select PASSWORD from SUBSCRIBERS where USERNAME='mikem' Fri Jun 9 20:42:02 2000: DEBUG: Radius::AuthSQL looks for match with mikem Fri Jun 9 20:42:02 2000: DEBUG: Radius::AuthSQL REJECT: Bad Password Fri Jun 9 20:42:02 2000: DEBUG: Query is: select PASSWORD from SUBSCRIBERS where USERNAME='DEFAULT' Here's my AuthBy SQL config: RewriteUsername s/^([^@]+).*/$1/ DBSourcedbi:Pg:dbname=radiator DBUsername postgres DBAuth MYPOSTGRESPASSWORD AccountingTable accounting AuthSelect select PASSWORD from SUBSCRIBERS where USERNAME='%n' AuthColumnDef 0, User-Password, check AcctColumnDef USERNAME,User-Name AcctColumnDef TIME_STAMP,Timestamp,integer AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer AcctColumnDef ACCTSESSIONID,Acct-Session-Id AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause AcctColumnDef NASIDENTIFIER,NAS-Identifier AcctColumnDef NASIDENTIFIER,NAS-IP-Address AcctColumnDef NASPORT,NAS-Port,integer AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address My subscribers table (from the goodies directory): radiator=> select * from subscribers; username|password|encryptedpassword|checkattr |replyattr ++-+--+ mikem |fred|1xMKc0GIVUNbE|Service-Type = Framed-User|Framed-Protocol = PPP,Framed-IP-Netmask = 255.255.255.0,cisco-avpair = "testing testing" (1 row) What am I missing? TIA. Sincerely, Froilan C. Mendoza Manager - Systems Management Tridel Technologies, Inc. http://www.tridel.net === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Re: More Roaming Problems
On Thu, 27 Apr 2000, Hugh Irvine wrote: > > Both traces above show Access accepted. The line below refers to the session > database that is always updated with the original username as it arrives from > the NAS (or proxy). The logs show its accepted, however, the connection was never started. On the side of the person dialling, it keeps on asking for the password. According to the logs on Merit: Wed Apr 26 18:49:48 2000: Received-Authentication: 234/629 '[EMAIL PROTECTED]' from pop2.i-iloilo.com.ph port 2 PPP Wed Apr 26 18:49:48 2000: child_end: DNS update finished Wed Apr 26 18:49:48 2000: Authentication: 234/629 'roytest\0i-manila.com.ph' via pop2.i-iloilo.com.ph from 208. 155.154.130 port 2 PPP - OK -- total 0, holding 0 Wed Apr 26 18:50:14 2000: Received-Authentication: 235/630 '[EMAIL PROTECTED]' from pop2.i-iloilo.com.ph port 2 PPP Wed Apr 26 18:50:14 2000: Authentication: 235/630 'roytest\0i-manila.com.ph' via pop2.i-iloilo.com.ph from 208. 155.154.130 port 2 PPP - OK -- total 0, holding 0 Wed Apr 26 18:50:21 2000: Received-Authentication: 236/631 '[EMAIL PROTECTED]' from pop2.i-iloilo.com.ph port 2 PPP Wed Apr 26 18:50:21 2000: Authentication: 236/631 'roytest\0i-manila.com.ph' via pop2.i-iloilo.com.ph from 208. 155.154.130 port 2 PPP - OK -- total 0, holding 0 A successful connection would yield: Wed Apr 26 19:20:45 2000: Received-Authentication: 223/655 '[EMAIL PROTECTED]' via 208.155.152.226 from s alvi.i-iloilo.com.ph port 9 PPP Wed Apr 26 19:20:45 2000: Authentication: 223/655 'roytest\0i-manila.com.ph' via 208.155.152.226 from 208.155.1 54.129 port 9 PPP - OK -- total 0, holding 0 Wed Apr 26 19:20:45 2000: Received-Accounting: 224/1167 '[EMAIL PROTECTED]' via 208.155.152.226 from salv i.i-iloilo.com.ph port 9 $"0073" PPP Start Wed Apr 26 19:20:45 2000: Accounting: 224/1167 'roytest\0i-manila.com.ph' via 208.155.152.226 from salvi.i-iloi lo.com.ph port 9 $"0073" PPP Start - OK -- total 0, holding 0 Notice the difference between the two: i) unsuccessful - Authentication - Received Authentication only ii) successful - Authentication-Received Authentication AND Accounting-Received Accounting. As I notice, this (unsuccessful) only happens on USRNetserver16s, while the CISCO connection was successful. Thanks again for your help. Sincerely, Froilan C. Mendoza Manager - Systems Management Tridel Technologies, Inc. http://www.tridel.net === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) More Roaming Problem -- hmmm, interesting
Hello again. Here's something interesting - whenever they dial into a Cisco, they authenticate (and account) fine. But whenever they connect to a USRNetserver16, they can't. Here are the comparative logs: Cisco: *** Received from 208.155.152.36 port 1026 Code: Access-Request Identifier: 143 Authentic: Cm<182><9><217><221><9>m<234><250>2]<189><22><19><6> Attributes: NAS-IP-Address = 208.155.154.129 NAS-Port = 9 NAS-Port-Type = Async User-Name = "roytest<0>i-manila.com.ph" User-Password = "F<182><201><24><14>`<9><240><176>a<133><187><19>ou<" Service-Type = Framed-User Framed-Protocol = PPP User-Id = "roytest" NAS-Identifier = "salvi.i-iloilo.com.ph" User-Realm = "i-manila.com.ph" Service-Type = Framed-User Framed-Protocol = PPP Login-Service = Rlogin Session-Timeout = 21600 Framed-MTU = 576 Proxy-State = 0 Wed Apr 26 19:20:46 2000: DEBUG: Rewrote user name to roytest^@i-manila.com.ph Wed Apr 26 19:20:46 2000: DEBUG: Rewrote user name to [EMAIL PROTECTED] Wed Apr 26 19:20:46 2000: DEBUG: Handling request with Handler 'Realm=i-manila.com.ph' Wed Apr 26 19:20:46 2000: DEBUG: Rewrote user name to roytest Wed Apr 26 19:20:46 2000: DEBUG: Rewrote user name to roytest Wed Apr 26 19:20:46 2000: DEBUG: Deleting session for roytest^@i-manila.com.ph, 208.155.154.129, 9 Wed Apr 26 19:20:46 2000: DEBUG: Running command: /radius/radauth Wed Apr 26 19:20:47 2000: DEBUG: Access accepted for roytest Wed Apr 26 19:20:47 2000: DEBUG: Packet dump: *** Sending to 208.155.152.36 port 1026 Code: Access-Accept Identifier: 143 Authentic: Cm<182><9><217><221><9>m<234><250>2]<189><22><19><6> Attributes: Proxy-State = 0 Session-Timeout = 21600 -- USR Netserver16 *** Received from 208.155.152.36 port 1026 Code: Access-Request Identifier: 117 Authentic: <237>><148>v<247>M<175>^<168><215><16>*a<173><21><11> Attributes: User-Name = "roytest<0>i-manila.com.ph" User-Password = "]<242><228>2<170><26>Dd<159><221><167><176><233><20>m)" NAS-IP-Address = 208.155.154.130 NAS-Port = 2 Service-Type = Framed-User Framed-Protocol = PPP User-Id = "roytest" NAS-Identifier = "pop2.i-iloilo.com.ph" User-Realm = "i-manila.com.ph" Service-Type = Framed-User Framed-Protocol = PPP Login-Service = Rlogin Session-Timeout = 21600 Framed-MTU = 576 Proxy-State = 0 Wed Apr 26 18:49:49 2000: DEBUG: Rewrote user name to roytest^@i-manila.com.ph Wed Apr 26 18:49:49 2000: DEBUG: Rewrote user name to [EMAIL PROTECTED] Wed Apr 26 18:49:49 2000: DEBUG: Handling request with Handler 'Realm=i-manila.com.ph' Wed Apr 26 18:49:49 2000: DEBUG: Rewrote user name to roytest Wed Apr 26 18:49:49 2000: DEBUG: Rewrote user name to roytest Wed Apr 26 18:49:49 2000: DEBUG: Deleting session for roytest^@i-manila.com.ph, 208.155.154.130, 2 Wed Apr 26 18:49:49 2000: DEBUG: Running command: /radius/radauth Wed Apr 26 18:49:50 2000: DEBUG: Access accepted for roytest Wed Apr 26 18:49:50 2000: DEBUG: Packet dump: *** Sending to 208.155.152.36 port 1026 Code: Access-Accept Identifier: 117 Authentic: <237>><148>v<247>M<175>^<168><215><16>*a<173><21><11> Attributes: Proxy-State = 0 Session-Timeout = 21600 What's the difference between the two setup? Thanks again. Sincerely, Froilan C. Mendoza Manager - Systems Management Tridel Technologies, Inc. http://www.tridel.net === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) More Roaming Problems
Hello. I tried Hugh's solution on my query last March 23 (yes, I only had the chance to do this a month after) re: <0> symbol in the realm field. Well, there still seems to be problem. Here is the current setup: I-Manila is local ISP (i-manila.com.ph) I-Cebu is provincial ISP (i-cebu.com.ph) The idea is I-Manila users in Cebu should be able to connect using [EMAIL PROTECTED] in Cebu's trunks. The I-Manila setup is: Secret RewriteUsername s/\0/@/ <-- remove that <0> from Merit Radius DupInterval 15 IgnoreAcctSignature RewriteUsername s/^([^@]+).*/$1/ <-- get just the username RewriteUsername tr/0-9|a-z|\-|_//cd <-- remove any characters #other than [a-z], [0-9], dash and underscore Command /radius/radauth DecryptPassword PasswordLogFileName %L/password.imanila.log The logs however show: For local I-Manila user who uses [EMAIL PROTECTED], this example was able to authenticate properly: Wed Apr 26 11:04:54 2000: DEBUG: Rewrote user name to [EMAIL PROTECTED] Wed Apr 26 11:04:54 2000: DEBUG: Handling request with Handler 'Realm=i-manila.com.ph' Wed Apr 26 11:04:54 2000: DEBUG: Rewrote user name to daleones Wed Apr 26 11:04:54 2000: DEBUG: Rewrote user name to daleones Wed Apr 26 11:04:54 2000: DEBUG: Deleting session for [EMAIL PROTECTED], 203.167.0.34, 30 Wed Apr 26 11:04:54 2000: DEBUG: Running command: /radius/radauth Wed Apr 26 11:04:55 2000: DEBUG: Access accepted for daleones Wed Apr 26 11:04:55 2000: DEBUG: Packet dump: For I-Manila users roaming in Cebu: Wed Apr 26 15:02:14 2000: DEBUG: Rewrote user name to roytest^@i-manila.com.ph Wed Apr 26 15:02:14 2000: DEBUG: Rewrote user name to [EMAIL PROTECTED] Wed Apr 26 15:02:14 2000: DEBUG: Handling request with Handler 'Realm=i-manila.com.ph' Wed Apr 26 15:02:14 2000: DEBUG: Rewrote user name to roytest Wed Apr 26 15:02:14 2000: DEBUG: Rewrote user name to roytest Wed Apr 26 15:02:14 2000: DEBUG: Deleting session for roytest^@i-manila.com.ph, 208.164.193.180, 12 Wed Apr 26 15:02:14 2000: DEBUG: Running command: /radius/radauth Wed Apr 26 15:02:14 2000: DEBUG: Access accepted for roytest Wed Apr 26 15:02:14 2000: DEBUG: Packet dump: Note the differenct between [EMAIL PROTECTED] after deleting session when successful, and username^@i-manila.com.ph if not successful Any workaround? TIA. Sincerely, Froilan C. Mendoza Manager - Systems Management Tridel Technologies, Inc. http://www.tridel.net === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Oh Dear - Possible Authentication Bug
On Mon, 24 Apr 2000, Mike McCauley wrote: > The problem would only have affected AuthBy SQL, so I dont think it would have > had an impact on external authentication? It did. FYI, our external auth is just really a C-front-end, PostgreSQL-backend. Sincerely, Froilan C. Mendoza Manager - Systems Management Tridel Technologies, Inc. http://www.tridel.net === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Oh Dear - Possible Authentication Bug
On Sat, 22 Apr 2000, Brian Morris wrote: > The error occurs when the user places an apostrophy somewhere in their > username - even though there is not one in their user record on our system, > Radiator will still let them in. (eg: Username johnsmith logs in as > johnsmit'h ) > > The accounting record is written as johnsmit'h so effectively the user does > not get billed for their usage. And I thought it was just our external auth program. Actually, what I noticed was that if they use a string of random characters other than [a-z], [0-9], [-], [_], they are being allowed. Among the successful logins were accounts with more than 15 characters, and those with characters other than those allowed. We only discovered it about two weeks ago, so you can imagine how many successful logins were made without being accounted. Tsktsk. What I did was pruned the username strings to its barest minimum, removing all characters which are not allowed and THEN check our database for auth and acct purposes. RewriteUsernametr/[A-Z]/[a-z]/ RewriteUsername s/^([^@]+).*/$1/ RewriteUsername tr/0-9|a-z|\-|_//cd Seemed to work. Whereas ours pops were usually 95% full, it went down to at most 85%. Sincerely, Froilan C. Mendoza Manager - Systems Management Tridel Technologies, Inc. http://www.tridel.net === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Translating names
How do you strip off usernames so that only valid characters([a-z], [0-9], -, _) are left? I did this: RewriteUsernametr/[A-Z]/[a-z]/ RewriteUsername tr/0-9|.|[a-z]|-|_//cd; HOwever, it strips off the dash and underscore from the username: Thu Apr 13 14:01:46 2000: DEBUG: Rewrote user name to jojo-a Thu Apr 13 14:01:46 2000: DEBUG: Rewrote user name to jojoa Please help. Thanks. Sincerely, Froilan C. Mendoza Manager - Systems Management Tridel Technologies, Inc. http://www.tridel.net === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) assigning fixed ip
Hi all again Here's my setup: Secret x FramedGroupBaseAddress 203.167.8.80 DupInterval 15 IgnoreAcctSignature RewriteUsername s/^([^@]+).*/$1/ Filename users users file: xxxUser-Password = "x", Service-Type = Framed-User Framed-Group = 0, Framed-Protocol = PPP, Framed-IP-Netmask = 255.255.255.255, Framed-Routing = None, Framed-MTU = 1500, Framed-Compression = Van-Jacobson-TCP-IP HOwever, when I try to login: Wed Apr 5 18:41:21 2000: DEBUG: Rewrote user name to xx@vpntest Wed Apr 5 18:41:21 2000: DEBUG: Handling request with Handler 'Realm=vpntest' Wed Apr 5 18:41:21 2000: DEBUG: Rewrote user name to xx Wed Apr 5 18:41:21 2000: DEBUG: Deleting session for x@vpntest, 172.7.10.3, 20210 Wed Apr 5 18:41:21 2000: DEBUG: Handling with Radius::AuthFILE Wed Apr 5 18:41:21 2000: DEBUG: Radius::AuthFILE looks for match with x Wed Apr 5 18:41:21 2000: DEBUG: Radius::AuthFILE ACCEPT: Wed Apr 5 18:41:21 2000: DEBUG: FramedGroup 0 address is being assigned Wed Apr 5 18:41:21 2000: DEBUG: Access accepted for x Wed Apr 5 18:41:21 2000: DEBUG: Packet dump: *** Sending to 172.7.10.1 port 1040 Code: Access-Accept Identifier: 60 Authentic: w<7><0><0><188><26><0><0>d+<0><0>s<4><0><0> Attributes: Proxy-State = 0 Framed-IP-Address = 203.167.87.145 <--- where did THIS come from??? Framed-Protocol = PPP Framed-IP-Netmask = 255.255.255.255 Framed-Routing = None Framed-MTU = 1500 Framed-Compression = Van-Jacobson-TCP-IP Thanks again for your usual speedy response. Sincerely, Froilan C. Mendoza Manager - Systems Management Tridel Technologies, Inc. http://www.tridel.net === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Radiator-CISCO-ASCEND Accounting Problem (long)
Hello (again) I guess I should have been a little more clear on my previous email, so here goes. This is our current setup: Radius Server -- CISCO 2600 -- ASCEND RadiatorVPN Setup We are using the VPDN feature of CISCO to simulate tunneling between our side and the TELCO. When a user dials in, it throws authentication to our Radiator and then checks our database. However, based on the logs, a dialin user cannot get an IP address (or it seems accounting records) for the connection to go through (hence my previous question in my email on how to set specific IPs). Here is the snippet of the logs: *** Received from 172.7.10.1 port 1067 Code: Access-Request Identifier: 16 Authentic: V[<0><0><224><29><0><0><198>v<0><0><184>p<0><0> Attributes: User-Name = "username1" User-Password = "i<6><191><237>j <182><175><195><127>BEE<190><127><165>" NAS-IP-Address = 172.7.10.3 NAS-Port = 6159 NAS-Port-Type = Async Service-Type = Framed-User Framed-Protocol = PPP State = "" Called-Station-Id = "xxx5721" Acct-Session-Id = "322572039" Proxy-State = 0 Tue Apr 4 13:51:24 2000: DEBUG: Rewrote user name to username1 Tue Apr 4 13:51:24 2000: DEBUG: Handling request with Handler 'Realm=' Tue Apr 4 13:51:24 2000: DEBUG: Deleting session for username1, 172.7.10.3, 6159 Tue Apr 4 13:51:24 2000: DEBUG: Running command: /radius/radauth Tue Apr 4 13:51:24 2000: DEBUG: Access accepted for username1 <--- authentication procedure finished Tue Apr 4 13:51:24 2000: DEBUG: Packet dump: *** Sending to 172.7.10.1 port 1067 <--- throws it back for accounting Code: Access-Accept Identifier: 16 Authentic: V[<0><0><224><29><0><0><198>v<0><0><184>p<0><0> Attributes: Proxy-State = 0 Session-Timeout = 21600 As you can see, it doesn't give out the complete information needed to complete the accounting process. For comparison purposes, here is a successful login from one of our RAS: *** Received from 208.155.152.30 port 1645 Code: Access-Request Identifier: 194 Authentic: f!8f88!fff8!Offf Attributes: User-Name = "xxxuser" User-Password = "Ky<160><158><251><161><22><191><159><22><131>l`<241>Bg" NAS-IP-Address = 208.155.152.30 NAS-Port = 39 Service-Type = Framed-User Framed-Protocol = PPP Tue Apr 4 13:51:29 2000: DEBUG: Rewrote user name to xxxuser Tue Apr 4 13:51:29 2000: DEBUG: Handling request with Handler 'Realm=' Tue Apr 4 13:51:29 2000: DEBUG: Deleting session for xxxuser, 208.155.152.30, 39 Tue Apr 4 13:51:29 2000: DEBUG: Running command: /radius/radauth *** Sending to 208.155.152.30 port 1645 Code: Access-Accept Identifier: 194 Authentic: f!8f88!fff8!Offf Attributes: Session-Timeout = 21600 *** Received from 208.155.152.30 port 1645 <-- ACCOUNTING RESPONSE Code: Accounting-Request Identifier: 195 Authentic: <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> Attributes: Acct-Session-Id = "0293" User-Name = "xxxuser" NAS-IP-Address = 208.155.152.30 NAS-Port = 39 Acct-Status-Type = Start Where could the problem lie? TIA! Sincerely, Froilan C. Mendoza Manager - Systems Management Tridel Technologies, Inc. http://www.tridel.net === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) assigning fixed ip
Hello. How can one assign a specific IP address to a specific username. I already did this to ther users file: username Password="mypass" Framed-Protocol = PPP, Framed-IP-Address = 192.168.0.1 ... ... I still however can't get this IP when trying to dialup TIA Sincerely, Froilan C. Mendoza Manager - Systems Management Tridel Technologies, Inc. http://www.tridel.net === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) roaming problem
Hello. Im having problems with incorporating Radiator with Merit Radius. This is our setup: LOCAL SETUP (manila): RewriteUsernametr/[A-Z]/[a-z]/ RewriteUsername s/^([^@]+).*/$1/ Command /radius/radauth DecryptPassword where /radius/radauth is our external auth program. Using this setup, I tried logging in using [EMAIL PROTECTED] and the logs show: Authentic: <177><238>;`<144><9>cRa<191>+<184>s<215><227><161> Attributes: User-Name = "[EMAIL PROTECTED]" NAS-IP-Address = 208.155.152.42 Acct-Status-Type = Start -- Framed-IP-Address = 208.160.75.109 Tue Mar 21 15:58:31 2000: DEBUG: Rewrote user name to [EMAIL PROTECTED] Tue Mar 21 15:58:31 2000: DEBUG: Handling request with Handler 'Realm=i-manila.com.ph' Tue Mar 21 15:58:31 2000: DEBUG: Rewrote user name to [EMAIL PROTECTED] Tue Mar 21 15:58:31 2000: DEBUG: Rewrote user name to gerald Tue Mar 21 15:58:31 2000: DEBUG: Adding session for [EMAIL PROTECTED], 208.155.152.42, 3331 Tue Mar 21 15:58:31 2000: DEBUG: Running command: /radius/radauth Tue Mar 21 15:58:32 2000: DEBUG: Accounting accepted However, when I tried incorporating this with Merit Radius in another NODE (cebu, provincial node): REMOTE (Merit Radius) setup: authfile i-manila.com.ph RADIUS 208.155.152.19 Here is the log using username [EMAIL PROTECTED]: Authentic: ~oguQ1Kxc<204><179>B<147>X:> Attributes: User-Name = "gerald<0>i-manila.com.ph" <-- WHAT's the <0> SYMBOL? User-Password = "%<4>#-<209><174>)6`<8><250><25>8<135>T<146>" NAS-IP-Address = 208.164.193.180 -- Service-Type = Framed-User Framed-Protocol = PPP User-Id = "gerald" NAS-Identifier = "prunes.cookie-tech.net" User-Realm = "i-manila.com.ph" -- Proxy-State = 0 Tue Mar 21 16:02:55 2000: DEBUG: Rewrote user name to geraldi-manila.com.ph <--- DIDN't FIND the @ sign Tue Mar 21 16:02:55 2000: DEBUG: Handling request with Handler 'Realm=' Tue Mar 21 16:02:55 2000: DEBUG: Deleting session for geraldi-manila.com.ph, 208.164.193.180, 7 Tue Mar 21 16:02:55 2000: DEBUG: Running command: /radius/radauth Tue Mar 21 16:02:55 2000: INFO: Access rejected for geraldi-manila.com.ph: Tue Mar 21 16:02:55 2000: DEBUG: Packet dump: *** Sending to 208.155.152.48 port 1096 If you notice, the @ symbol was not detected, hence, the problem with the username. FYI, our auth only accepts username and password. Thanks in advance and I hope to hear from you very soon. Sincerely, Froilan C. Mendoza Manager - Systems Management Tridel Technologies, Inc. http://www.tridel.net === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.