(RADIATOR) Packet Format
Hello, Does anyone have a doc listing the RADIUS packet format?? Using snoop I performed a dump with `snoop -V -x 0 udp port 1645' and saw my username show up. I am curious if the username and password are passed in plain text from the AS ( Cisco 5300 ) to Radiator?? If this is the case what can be done to shield username/password information from sniffers/password harvestors?? I would like this data to be encrypted from the AS -> RADIUS Server. If anyone has any comments, docs or info I would appreciate anything. Thanks, Ryan Matteson UNIX Administrator Allegan ISD === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) HOw to increase time limits
I am curious if Radiator can handle this internally or if I need to continue using a cron job. I want my user's to have 2 hour session limits from 8 a.m. to 12 p.m. and 4 hour time limits from 12 p.m. till 8 a.m. We presently use Merit RADIUS, and have a cron job setup to increase/decrease time limits at selected times. Can I do this through a config file?? Thanks for any information, Ryan === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Logfile size
Hello everyone, I am curious what size my daily logfiles will be with 1+ logins a day. I am doing some capicity planning and want to add a couple disks to store logging info on. I would appreciate any average sizes you have. I have looked at the entries in the detail log and 1 login/logout is roughyl 800 bytes. I multiplies this out by 1 and got 8,000,000 so I am assuming roughly 10 Megs a day?? I plan on archiving these for up to a year for various reasons so was hoping to get 2 20 gig Disks to do this. I also plan on using some form of compression scheme. Thanks for any info anyone can get back to me, Thanks again, Ryan === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) SNMP w/ radiator
Anyone here pulling stats from radiator into mrtg?? I am looking to see any example .cfg files you may have. What stat's are people getting from radiator?? Also does anyone use mrtg to poll there Cisco AS's?? I would like to get any .cfg files as I have gotten limited info from the mrtg site. I have gone through the Cisco OID and MIB dir's but they do not have OID's with names classified. Thanks a bundle for any information, Ryan === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) ftp access to patches
Is there anyway you can open up ftp access to the files so we can pull down the necessary files with an mget through an ftp client running from the console of a UNIX machine?? We do not have browsers on any of our servers and I really do not want to install lynx for this sole purpose. Thanks for any suggestions/info. Ryan === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Keeping lines open
Has anyone implemented a way to keep 2/4/6 phone lines open by booting the user who has been logged on the longest?? Where we have 200 modems in a pool the ppl that have been on the longest are usually the ppl who are trying to stay on 24/7. We want to keep 2-4 phone lines open so a user will never get a busy signal. Also does anyone know if it is possible to disconnect users who are pinging servers to stay online?? I want to boot users who are not doing anything for hours on end trying to stay connected or whatever. Thanks for any input/feedback I would appreciate any info. Ryan === To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) A Couple of Questions I cannot find answers for
Hello fellow Radiator users, I cannot seem to figure out how to do a couple of things or where there are documents on doing the following with radiator 1) When trying to do RewriteUsername tr/[A-Z]/[a-z]/ to make LARRY/Larry/LaRrY appear as larry does not work. Is this regexp correct? It works with a perl program I wrote sometime ago to do password translation 2) When you have several Access Servers/ Portmasters do you just specify them like the following: Secret mysecret Secret myOtherSecret ... I have 12 PM's/AS's I need to hit this radius server. 3) How do you define rejection messages for ppl who do not fit any of the general < AuthBy> clauses?? These would be ppl dialing in but not listed in our user files. 4) Are there any documents' on setting up MS PPTP to work with radiator when dialing in? I need to specify tunnel address and the such for there end of the connection. Thanks a bundle for any information anyone can pass back to me. Thanks again, Ryan === To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) 2 Questions I cannot find the answers for
Hello, I am reading the about he clause in the documentation and If I have 6 NAS's with diff Secret's can I just do Secret thisIsASecret Secret aDiffSecret such as that?? Also has anyone experienced passwd's getting corrupted?? When running radpwtst USERNAME -password pass It keeps rejecting all authentication attempts and I get this in my logs: *** Received from 127.0.0.1 port 33276 Code: Access-Request Identifier: 48 Authentic: 1234567890123456 Attributes: User-Name = "[EMAIL PROTECTED]" Service-Type = Framed-User NAS-IP-Address = 203.63.154.1 NAS-Port = 1234 NAS-Port-Type = Async Password = "<141><238>,<217><198>2c<246><188>8<9><160><216>}x<153>" Wed Apr 28 16:28:18 1999: DEBUG: Handling request with Handler 'Realm=MY.DOMAIN' Wed Apr 28 16:28:18 1999: DEBUG: Rewrote user name to full Wed Apr 28 16:28:18 1999: DEBUG: Handling with Radius::AuthFILE Wed Apr 28 16:28:18 1999: DEBUG: Radius::AuthFILE looks for match with full Wed Apr 28 16:28:19 1999: DEBUG: Radius::AuthFILE looks for match with DEFAULT Wed Apr 28 16:28:19 1999: DEBUG: Handling with Radius::AuthFILE Wed Apr 28 16:28:19 1999: DEBUG: Radius::AuthFILE looks for match with full Wed Apr 28 16:28:19 1999: DEBUG: Radius::AuthFILE REJECT: Bad Password Wed Apr 28 16:28:19 1999: DEBUG: Radius::AuthFILE REJECT: Bad Password Wed Apr 28 16:28:19 1999: INFO: Access rejected for full: Bad Password Wed Apr 28 16:28:19 1999: DEBUG: Packet dump: *** Sending to 127.0.0.1 port 33276 Code: Access-Reject Identifier: 48 Authentic: 1234567890123456 Attributes: Reply-Message = "Request Denied" The Password is corrupted somewhere along the way. I would appreciate any info on these topics. Thanks a lot, Ryan === To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Problems
Hello fellow Radiator Users, I am trying to get radiator to do some complex fall-through statements. This is what I am trying to achieve. I want to setup my users databsae to check for 2 realms realm1.org and commnet.realm1.org. If it finds a [EMAIL PROTECTED] I want it to set the timelimit to 2 hours and allow logins 24/7. If it finds commnet.realm1.org afte username@ I want to restrict these user's to Monday-Friday from 12 p.m. till 12 a.m. and force session limits of 10 minutes on them and no more than 5 logins per day. After reading through the various documentation I came up with DEFAULT Service-Type = Full MaxSessions = 1 Idle-Timeout = 900 SessionTimeout = 7200 DEFAULT Service-Type = Restricted MaxSessions = 1 IdleTimeout = 600 SessionTimeout = 900 fullUser-Password = "test",Service-Type = Full Framed-Protocol = PPP, Framed-IP-Netmask = 255.255.255.0, Framed-Routing = None, Framed-MTU = 1500, Framed-Compression = Van-Jacobson-TCP-IP restUser-Password = "test",Service-Type = Restricted Framed-Protocol = PPP, Framed-IP-Netmask = 255.255.255.0, Framed-Routing = None, Framed-MTU = 1500, Framed-Compression = Van-Jacobson-TCP-IP realm.org Service-Type = Full MaxSessions = 1 Idle-Timeout = 900 SessionTimeout = 7200 commnet.realm.org Service-Type = Restricted, Time = "MoTuWeThFr-1200" MaxSessions = 1 IdleTimeout = 600 SessionTimeout = 900 If anyone can provide me with any hints/suggestions fixes I would appreciate it after spending hour after hour reading doc's and trying things It just does not seem to work correctly or how I want it to. Also does anyone know why there is not a logfile created contiuosly?? For some reason only errors are getting send to my logfile. Thanks for any information I would apprecaite any help, Ryan === To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
