(RADIATOR) Password length

2002-04-03 Thread Tony B 








Hello,

 

    We have
been testing radiator for a while now and just moved it to our live environment.  The transaction was very smooth except for
two things.   

 

Does radiator limit the size of the password that the user
is aloud to use?  We have one customer
that has a 22 character password and we are unable to get radiator to let the
user connect.  We can reproduce the error.  We are using AuthBy SQL and when I run the
sql command it returns the correct value. 
I can authenticate from the command line using radpwtst.  I want to blame it on the NAS but the user
was able to connect fine with our old radius server. I turned on password
logging and it looks like it is not decrypting the password correctly.  Below is the line from the password log (the
actual password is half xed out).

 

Wed Apr 
3 13:45:37
2002:1017859537:kittenxx:xxtheservice/v‘N¥Aõ±:xxtheserviceyouwant:FAIL

 

When I run radpwtst it works fine but from the NAS it puts “/v‘N¥Aõ±”
as part of the password.

 

The second questing has to do with ISDN and DefaultSimultaneousUse.  I only want users to be able to dial in once
but it looks as if for 128k ISDN I must have to set DefaultSimultaneousUse to
2.  Can I set DefaultSimultaneousUse at
the handler level and then have separate handler for ISDN and use the same
authby clause for both isdn and dial up customers using identifiers?

 

Thanks,

Tony B, CCNA, Network+

Systems Administration

GO Concepts, Inc. / www.go-concepts.com

Are you on the GO yet?

What about those you know, are they on the GO?

513.934.2800

1.888.ON.GO.YET

 

(RADIATOR) 3.0

2002-03-15 Thread Tony B 








Is their a release date for radiator 3.0?

 

Also, will it use the same config as 2.19?

 

Thanks,

Tony B, CCNA, Network+

Systems Administration

GO Concepts, Inc. / www.go-concepts.com

Are you on the GO yet?

What about those you know, are they on the GO?

513.934.2800

1.888.ON.GO.YET

 

RE: (RADIATOR) Logging to MSSQL 7.0

2002-03-11 Thread Tony B 

Here is my conf:

# radius.cfg
#
# You should consider this file to be a starting point only
# $Id: linux-radius.cfg,v 1.2 2001/08/30 03:41:02 mikem Exp $

#Foreground
#LogStdout
LogDir  /var/log/radius
DbDir   /etc/radiator
DictionaryFile %D/dictionary
# Use a low trace level in production systems. Increase
# it to 4 or 5 for debugging, or use the -trace flag to radiusd
Trace   3


#Lower case
RewriteUsername   tr/A-Z/a-z/

#Remove Spaces
RewriteUsername  s/\s+//g


#this is part of the MS SQL database
DBSource DBI:Sybase:database=databasename;server=server
DBUsername username
DBAuth x
GetClientQuery select
NASIDENTIFIER,SECRET,IGNOREACCTSIGNATURE,DUPINTERVAL,DEFAULTREALM,NASTYP
E,SNMPCOMMUNITY,LIVINGSTONOFFS,LIVINGSTONHOLE,FRAMEDGROUPBASEADDRESS,FRA
MEDGROUPMAXPORTSPERCLASSC,REWRITEUSERNAME,NOIGNOREDUPLICATES,PREHANDLERH
OOK from NASClients




DBSource dbi:mysql:radius:xxx.xxx.xxx.xxx
DBUsername radiusd
DBAuth  ch2900



RewriteUsername s/^([^@]+).*/$1/

Identifier GOCsql
DefaultReply
Ascend-Shared-Profile-Enable=0,User-Service=Framed-User,Framed-Protocol=
PPP,Framed-Routing=None,Ascend-Base-Channel-Count=1,Ascend-Minimum-Chann
els=1,Ascend-Maximum-Channels=1,Ascend-Assign-IP-Pool=1,Ascend-Multicast
-Client=Multicast-Yes

DBSource DBI:Sybase:database=datbasename;server=server
DBUsername username
DBAuth x

AuthSelect AuthSelect %n

AuthColumnDef 0, User-Password, check
AuthColumnDef 1, Framed-Address, reply
AuthColumnDef 2, Framed-Protocol, reply
AuthColumnDef 3, Ascend-Maximum-Channels, reply
AuthColumnDef 4, Ascend-IP-Direct, reply
AuthColumnDef 5, Ascend-Assign-IP-Pool, reply
AuthColumnDef 6, GENERAL, reply

AddToReplyIfNotExist
User-Service=Framed-User,Framed-Protocol=PPP,Framed-Routing=None,Ascend-
Base-Channel-Count=1,Ascend-Minimum-Channels=1,Ascend-Maximum-Channels=1
,Ascend-Assign-IP-Pool=1,Ascend-Multicast-Client=Multicast-Yes



 



Identifier MySQL
DBSource dbi:mysql:radius:xxx.xxx.xxx.xxx
DBUsername username
DBAuth  x 


AuthSelect  

AcctColumnDef   USERNAME,%n,formatted
AcctColumnDef   TIME_STAMP,Timestamp,integer
AcctColumnDef   ACCTSTATUSTYPE,Acct-Status-Type
AcctColumnDef   ACCTDELAYTIME,Acct-Delay-Time,integer
AcctColumnDef
ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef
ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef   ACCTSESSIONID,Acct-Session-Id
AcctColumnDef
ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef   ACCTTERMINATECAUSE,Acct-Terminate-Cause
AcctColumnDef   NASIDENTIFIER,NAS-Identifier
AcctColumnDef   NASPORT,NAS-Port,integer



We do several rewrites to the username, that is why we us %n for the
username field, that way you see the formatted username after all the
rewrites occur.  The Accounting Request are all logged into the mysql
server.  You can define what you want logged into what columns using the
AcctColumnDef command.   We are not yet using this in a production
server but we have tested it may time and it works great.  If you have
any questions feel free to ask. 

Thanks,
Tony B, CCNA, Network+
Systems Administration
GO Concepts, Inc. / www.go-concepts.com
Are you on the GO yet?
What about those you know, are they on the GO?
513.934.2800
1.888.ON.GO.YET


-Original Message-
From: Shane Malden [mailto:[EMAIL PROTECTED]] 
Sent: Sunday, March 10, 2002 11:51 PM
To: tonyb
Subject: Re: (RADIATOR) Logging to MSSQL 7.0

Tony,
I would be interested on more information on how to do
accounting
with SQL. We use Radiator 2.19 and authenticate with SecurID. We don't
have
any direct control over our NAS as they are supported by out
Telecommunications provider. I would be very interested in finding out
how
to see what data and time users are connecting for. If your able to
help, it
would be appreciated.

Regards,
Shane

- Original Message -
From: "tonyb" <[EMAIL PROTECTED]>
To: "Dan Melomedman" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Monday, March 11, 2002 2:38 PM
Subject: RE: (RADIATOR) Logging to MSSQL 7.0


> We are an ISP that just recently evaluated and purchased radiator.
And
> I agree that it is a great radius program...anyway back to sql
>
> We use FreeTDS for many of our perl scripts, not just radiator. If you
> have FreeTDS installed and configured you can use the perl DBD::Sybase
&g

(RADIATOR) Null returned value

2002-01-30 Thread Tony B 








Hello again,

 

    I
am now trying to setup radiator to work with our static ips.  In the database we have a field called StaticIP, which contains the ip
address.  I am using this for the sql command

 

Select password, StaticIP FROM ….

 

Then can I do this in the conf

 

AuthColumnDef 0,
User-Password, check

AuthColumnDef 1,
Framed-Address, reply

 

I know that will work for the people that have a static IP
address but what happens if they do not and it returns a NULL value?

Will it send Framed-Address to the NAS still?

 

Thanks,

Tony B, CCNA, Network+

Systems Administration

GO Concepts, Inc. / www.go-concepts.com

Are you on the GO yet?

What about those you know, are they on the GO?

513.934.2800

1.888.ON.GO.YET

 

(RADIATOR) username w/o realm

2002-01-30 Thread Tony B 








Hello,

    Is
there a way to get the username without the realm?  The %n has the realm but in my sql database I only have the username.  I don’t know if I can do a Usernamerewrite because I have two different realms that
have two different sql commands.

 

Thanks,

Tony B, CCNA, Network+

Systems Administration

GO Concepts, Inc. / www.go-concepts.com

Are you on the GO yet?

What about those you know, are they on the GO?

513.934.2800

1.888.ON.GO.YET