I'd be very interested in any performance figures for this, when you get it
running. I assume that you are going to use the stored IP address to
retrieve user info later on? And how many users?
Best regards,
Ingvar Berg
-Original Message-
From: Paul van der Zwan [mailto:[EMAIL
Hi!
Is it posible to install Radiator ( in Unix ) in a separate directory
out of the perl directories? I wish to have Radiator installed in
something like /opt/radiator because the posible perl changes of
version, with the .pm files in /opt/radiator/lib, but I don't know how
to get that. It's
Hi,
Is there a way to get this to work in series? Try one, if it fails,
then try the next one?
Thanks,
Mickey
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
Behalf Of Mike McCauley
Sent: mercredi, 9. juin 1999 16:11
To: Mickey Coggins; Radiator Users List
Hi Barry,
On Jun 28, 11:25pm, Barry W Anderson wrote:
Subject: (RADIATOR) Radiator seems to have a lock on the ACCOUNTING table.
using DBD-Sybase-0.18, DBI-1.11. As soon as I try and do a "SELECT
* FROM ACCOUNTING", the process goes into lock sleep state. Anyone
seen/fixed this puppy?
Hmmm,
Hi Mickey,
On Jun 28, 5:47pm, Mickey Coggins wrote:
Subject: RE: (RADIATOR) AuthByPolicy ContinueUntilAccept
Hi,
Is there a way to get this to work in series? Try one, if it fails,
then try the next one?
AuthBy RADIUS can fall back to alternate radius servers if it gets no response,
You
Hello Gustavo,
On Jun 28, 1:38pm, Gustavo A. Barreto A. wrote:
Subject: (RADIATOR) platypus import?
Hi all, anyone here has tested an import from the passwd/shadow system
from UNIX to platypus need I to insert decrypted passwords into the
platypus DB??? or can I insert encrypted
hey, i am authenticating through platypus, and
falling back to a flat file if sql times out. however, i want to log a
text detail file ONLY if authby platypus isnt working.
any ideas?
thanks
Derek
Would anyone who knows please tell me where I can get a list of registered
vendor numbers? I understand that Vendor nos. for devices and
services such as RADIUS Vendor-Specific attributes and Network Inteface
Card MAC addresses are listed somewhere.
For Ethernet NICs, see
On Jun 24, 4:41pm, John Vorstermans wrote:
Subject: (RADIATOR) db: do failed
Hi.
Just installed the latest Radiator with all patches talking to an SQL
database.
However we have suddenly started seeing these messages:
[root@ankh etc]# DB::Synapse::dB do failed: Server message number=233
In getting Radiator to work with a Nortel CVX 1800, I found
that it sends NAS-Identifier but not NAS-IP-Address.
As a result Radiator doesn't do quite what you expect
unless you tell the Nortel box to send its
IP address in NAS-Identifier.
There should probably be a warning in the manual about
Hello,
We know the radius can process all about authentication, authorization,
and accounting. Whether it is possible if I use radius for
authentication/accounting, LDAP for authorization ? Could anyone give
me some suggestions ?
Authur
===
Archive at http://www.thesite.com.au/~radiator/
Hi Authur,
On Jun 24, 9:41pm, Authur Lin wrote:
Subject: (RADIATOR) Give me some suggestions for Authentication, Authoriza
Hello,
We know the radius can process all about authentication, authorization,
and accounting. Whether it is possible if I use radius for
authentication/accounting,
Hi,
Would anyone who knows please tell me where I can get a list of registered
vendor numbers? I understand that Vendor nos. for devices and
services such as RADIUS Vendor-Specific attributes and Network Inteface
Card MAC addresses are listed somewhere.
L L Richi Plana 8^) ,-,-.
Hi Mike,
I store account records by the month. Thus the accounting table is
defined as
AccountingTable access_log_%Y%m
Now because the delay in the packets, I found records of the previous
month were logged in the next month. Does RADIATOR provide the year and
month of the packet
Anyone seen this before?
This is an accounting packet from a Xyplex NAS. Note the very unusual
Acct-Session-Id. Can anyone shed any light on why a Xyplex does this, and how
to stop it?
Tue Jun 22 12:46:15 1999: DEBUG: Packet dump:
*** Received from 210.208.161.225 port 1646
Code:
I have been asked to implement Radiator on a site using an LDAP server as
a user database. They have some extra requirements:
1 On succesful login the current time has to be put in an attribute in the
users entry
2 While the user has an active session the ip address he was allocated has
Hi All,
Just wondering if it is possible to get NoDefaultIfFound and
Fall-Through to work together. We have an AuthBy FILE file which has some
users with passwords in the file, some with passwords in AuthBy SYSTEM.
The default user has their password in AuthBy SYSTEM. Some users have
Anyone seen this before?
This is an accounting packet from a Xyplex NAS. Note the very unusual
Acct-Session-Id. Can anyone shed any light on why a Xyplex does this, and how
to stop it?
If you issue a 'def server identification whatever', it will prepend
the "whatever: " to the
Hi Paul,
I must agree with a previous poster on this topic:
Putting that data into LDAP is not really what LDAP was designed for.
If you really have to do it, you could do it by adding a PostAuthHook, and at
least avoid having to change the distributed Radiator code.
Hope that helps.
Cheers.
Hi Karl,
OK, here is a new version that uses a similar sorting to radwho.cgi. Let me
know how you go.
Cheers.
On Jun 22, 9:29am, Karl Gaissmaier wrote:
Subject: (RADIATOR) radacct.cgi and numerical sort order for summary by IP
Hi Mike,
it would be nice if in one of the next patches of
Mike,
Saw this come across my mailbox. Is this supported by Radiator in
the 2.13.1?
_/_/_/ Peter Chow Chief Technical Advisor
_/_/_/ interQ Corporation - System Division
_/_/_/ [EMAIL
How can I fix it though? It was working fine until I upgraded the kernel to 2.2.9,
but I fail to see what the kernel has to do it. Is it something wrong with the config
file? I did
install the version of ucd-snmp from the link on your web site. Can I hard code the
snmp community string in
I have installed the "radacct.cgi" in apache server successfully.
I do authentication, accounting by SQL (use default tables SUBSCRIBERS,
ACCOUNTING, RADONLINE, RADLOG). I have some problems as following:
1. When I run "radacct.cgi" program (http://myserver/cgi-bin/radacct.cgi),
every fields
Ok, I looked through Nas.pm and extracted the following command line. Can you tell me
if this is the same command line radiator would construct? I picked an active session
from my session database and ran the command:
snmpget xxx.xxx.xxx.xxx somecommunity
I have been asked to implement Radiator on a site using an LDAP server as
a user database. They have some extra requirements:
1 On succesful login the current time has to be put in an attribute in the
users entry
2 While the user has an active session the ip address he was allocated has
to be
Hi All,
I have a copy of Radius Radiator running on Linux Redhat 6.0, which I would
like to have authenticate against a Platypus server running on top of
Windows NT and Microsoft SQL server. I understand in order to do this I
need the Perl 5.004 DBD:ODBC and related drivers. I got the DBD:ODBC
sh: somecommunity: command not found
So, that last line is actually printed out by snmpget or Radiator?
I am not sure. It looks like a shell error. Just as if I typed somecommunity at the
prompt and bash gave that error.
So it looks like radiator is not parsing the config file
My problem is that when authentication check fail then
radiator tries to match user with other DEFAULT entries in users
file e.g. tries to match other groups.
correction and addition - my user is defined separately in users file
so my statement "other DEFAULT" is wrong - should be just
"DEFAULT"
We're in the process of switching to Radiator 2.13.1 from an ugly mix of
Merit, Cistron, and Ascend Access Control. It's looking good so far, but
I've run into a bit of a snag. I'm trying to specify what gets written
into the accounting files with AcctLogFileFormat statement, but I'm not
Hey, I'm trying to accomplish several things, but just cant get them to work
together. I Authenticate using AuthBy PLATYPUS, and also send additional
accounting information and log info to a MySQL server. The biggest problem
is that my stinking Windows NT box that runs SQL server throws a
Hello Didier,
On Jun 18, 11:44am, Didier Lancry wrote:
Subject: (RADIATOR) accouting with IdenticalClient proxy radius
Hello,
Radiator recieves authentification requests from a proxy server.
There are several NAS's which use this proxy.
I have declared the proxy thru the CLIENT xxx tag.
Hi Richard,
On Jun 18, 1:47pm, Richard Hawley wrote:
Subject: (RADIATOR) snmpget errors.
I've suddenly started getting snmpget errors. The only thing that has
changed is I upgraded the linux kernel to 2.2.9 Here is my config.
# radius.cfg
Trace 4
PidFile
Hello Mikael.
The strategy Radiator uses when SQL fails is this:
1. Try to fallback to another SQL server. You can have multiple fallback
servers by specifying multiple DBSource lines.
2. If after trying all the DBSources, it still cant connect, it will say to
IGNORE the request.
So you have
Hello Authur,
I think if you use the example schemas that we provide in the goodies directory
it will do what you want. In those examples, each accounting record has the
NAS-IP-Address stored in the NASIDENTIFIER column. You could then use that
column to select the accounting records for each
Hello LDAP authenticators,
We have recently modified LDAP2 authentication so that it more closely conforms
with what some LDAP server expect: namely it keeps one LDAP connection up as
long as possible, but binds unbinds for each search. This should have some
performance improvements of the
Hi Derek,
On Jun 20, 10:09am, Derek Sanderson wrote:
Subject: (RADIATOR) SQL fallback to flat file
Hey, I'm trying to accomplish several things, but just cant get them to work
together. I Authenticate using AuthBy PLATYPUS, and also send additional
accounting information and log info to a
Hi,
|o| Subject: (RADIATOR) Recommendation on Installation - Root or Not
|o| Do you have any recommendations on whether root should or should not
|o| install Radiator? There will be other non-root users needing to run
|o| Radiator. I am installing as root and do not want to prevent
On 1999-06-18T08:37:13,
Lars Marowsky-Bree [EMAIL PROTECTED] said:
First thing which comes to my mind is that fact that TCP will lose packets
just like UDP on saturated links - it just provides a buildin recovery
mechanism, it resends the packets. The RADIUS protocol does this too.
One
On Fri, Jun 18, 1999 at 03:33:56PM -0500, Josh Bressers wrote:
Does anyone know if a session timeout flag exists in radiator?
Basically if a user is logged on for too long, kick em off.
Radiator can send Session-Timeout or Ascend-Maximum-Time back to
the NAS, but it's up to the NAS to
Do you have any recommendations on whether root should or should not
install Radiator? There will be other non-root users needing to run
Radiator. I am installing as root and do not want to prevent non-root
users from using the application.
John
===
Archive at
I am trying to transfer the conventional radius (use text file to record
users) to Radiator system. I have several NAS devices including Cisco
AS5300 and Xyplex Terminal Server in several location. Now I use central
authentication for all users in different location. In conventional
radius, it
I am trying to transfer the conventional radius (use text file to record
users) to Radiator system. I have several NAS devices including Cisco
AS5300 and Xyplex Terminal Server in several location. Now I use central
authentication for all users in different location. In conventional
radius, it
Hello,
We have a VERSANET 2002 Unit, which support RADIUS functionality. We
require a RADIUS software package (which runs on Windows 95/NT) which will
enable us to maintain users and know WHAT MB amount they have downloaded
and WHAT time they have used per month.
Can your software obtain this
Lars Marowsky-Bree wrote:
On 1999-06-18T09:11:30,
"Mike McCauley" [EMAIL PROTECTED] said:
The theory is that using TCP allows the apps to get a better handle on poor
network connections or down/unreachable radius servers than the
simple UDP protocol.
Does that seem like a good
yes, here i am,
meanwhile, i modify radiator to work in a mixed mode if AuthByAce AuthByFile
standard radiator supports ace only as a "full to configure" radius server.
have fun
steffen
[EMAIL PROTECTED] wrote:
Does anyone have Radiator running with Secure Dynamics ACE server?
I've suddenly started getting snmpget errors. The only thing that has changed is I
upgraded the linux kernel to 2.2.9 Here is my config.
# radius.cfg
Trace 4
PidFile /usr/local/radius/radiusd.pid
AuthPort1645
AcctPort1646
LogDir /usr/local/radius/log
LogFile
Does anyone know if a session timeout flag exists in radiator?
Basically if a user is logged on for too long, kick em off.
JB
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
Hi Ian,
On Jun 17, 4:09pm, Ian Hughes wrote:
Subject: (RADIATOR) Radiator PostAuthHook
Trying to use thePostAuthHook function ot have Radiator generate some
custom logs to give details of all attempted logins. Current PostAuthHook
shown below;
Contrary to the documentation, you need to
Hi Oliver,
Looks to me like you have a patched radiusd running, but the patched Realm.pm
is not installed in the right place. You should check that you really have the
patched Realm.pm in the Radius directory of your distribution. If you have done
a "make install" already, you may need to do it
Dear All,
Hi,
Today I am very happy because I am succeeded to test radiator, I dial
authenticate from radius (/etc/shadow) and log maintain on radius
server and also in oracle server.
It is working fine upto this ..
Now I have three problems
1- I have user named saeed I wants to allocate
On Mon, 14 Jun 1999, Mike McCauley wrote:
Hi James.
On Jun 11, 2:21am, James H. Thompson wrote:
Subject: Re: (RADIATOR) Simultaneous use
Since the NAS reply items are different for each NAS, I'd have to setup
3 full sets of check/reply items for each user. That sounds like
too much
On 1999-06-18T09:11:30,
"Mike McCauley" [EMAIL PROTECTED] said:
The theory is that using TCP allows the apps to get a better handle on poor
network connections or down/unreachable radius servers than the
simple UDP protocol.
Does that seem like a good idea to anyone?
Partly a good
Anyone using restartWrapper and screen? I'd like to use restartWrapper but I need to
be able to start and stop radiator remotely. I'd like to use screen to do this but I
am not sure
how to add that to the startup scripts so it launches radiator on the detached screen
at bootup. This is
Hi John,
I dont think there are any patches relevent to your previous question, but you
may want to check for yourself at
http://www.open.com.au/radiator/downloads/patches-2.13.1/README
Cheers.
On Jun 16, 9:56pm, John Abbott wrote:
Subject: (RADIATOR) SQL Logging
Hi Mike,
I will get some
Hello,
We were just installing to our production machine and recieve this
error in the make test:
# make test
PERL_DL_NONLAZY=1 /usr/local/bin/perl -Iblib/arch -Iblib/lib
-I/usr/local/lib/perl5/5.00502/i386-freebsd -I/usr/local/lib/perl5/5.00502
test.pl
Starting tests...
Starting
Trying to use thePostAuthHook function ot have Radiator generate some
custom logs to give details of all attempted logins. Current PostAuthHook
shown below;
PostAuthHook sub { my $filename = "/usr/local/radius/logs/testlog"; \
my $time = time; \
Hi,
i have tried to split our config file in some smaller config files
similar to other radius servers:
schnipp
# clientconfigs are found in : clients.cfg
include %D/clients.cfg
# some numbered and realm based Handlers: proxy.cfg
include %D/proxy.cfg
Handler
#default
/Handler
Hi,
I have attached two files. fil.txt is the one we would like to set as reply
attribute, and the result of it.
Anybody has an idea why this error?
Many thanks,
Ferhat
Mon May 31 11:45:02 1999: DEBUG: Radius::AuthSQL ACCEPT:
Mon May 31 11:45:02 1999: DEBUG: Access accepted for domino
Mon
I had problems with the "tcp" and "port" parameters in earlier versions
of Radiator (2.11), but Mike said he fixed those. When I tested it in
2.12, I still found some strange problems with them so we don't filter
on ports now.
Not sure if these have been fixed in 2.13.
But in any case, your
You have to specify the /32 for the netmask of the ip-address. I found this out
the same way. Check out the code to see what exact syntax is required by
Radiator.
- Joost.
This is a multi-part message in MIME format.
--=_NextPart_000_000B_01BEB732.08F081E0
Content-Type: text/plain;
Hi,
Thanks, but problem is that my oracle is not running on the same machine
that is
used by Radiator server.
Again I wants to explane.
1- I have two machine
A) soalris2.6 server with radiator + DBI + DBD for oracle
B) Windows NT4.0 with oracle8
2- As you suggest
DBSource dbi:Oracle:sid
This
Hello,
We are getting two different sets of data for connection speed
from radiator and merit radius. here is an example.
Merit radius:
Tue Jun 15 15:23:55 1999
User-Name = "core77"
NAS-IP-Address = 207.240.142.3
Acct-Status-Type = Start
I am trying to get Radiator to log bad passwords. Here is the .cfg
file entry:
# Set this to the directory where your logfile and details file are to go
LogDir /var/log/radius
PasswordLogFileName /var/log/radius/passwords
WHen I try to log in I get:
Tue Jun 15 15:56:49 1999: DEBUG:
Hello Murat,
The answer is the same: You have your NAS configured so it prefers to do CHAP
over PAP, but radiator is not able to do CHAP authentication with an NT user
database.
You must change your NAS configuration so it uses PAP.
Hope that helps.
Cheers.
On Jun 11, 4:05pm, Murat Kirmaci
Hello Volker,
You configuration file looks OK. I suspect that perhaps you are using Radiator
version 2.13, which had a problem with Handler selection (it would always
choose the first Handler). There is a patch available, see
http://www.open.com.au/radiator/downloads/patches-2.13/README
The
Hello Abdul.
Here is a sample configuration file that will authenticate from a file called
users in the same directory, and will reply with all the attributes that a
Cisco likes:
Foreground
LogStdout
LogDir .
DbDir .
# You will probably want to change this to suit your
With some help from Mike I created a logging module for SQL which logs the
reasons that people are rejected. This is great for troubleshooting tech
support calls. The module is small so I went ahead and attached it.
In your configuration file you need:
Log RejectSQL
DBSource
Hi Oliver,
I suspect this is related to the USR attribute numbering issues discussed in
the Radiator FAQ at http://www.open.com.au/radiator/faq.html#29
Hope that helps.
Cheers.
On Jun 15, 5:37pm, O Stockhammer wrote:
Subject: (RADIATOR) (Radiator) dictionary files for USR seem off.
With this DBM file entry:
chrism Auth-Type = "System",
NAS-Port-Type = "Async"
Service-Type = "Framed-User",
Framed-Protocol = "PPP",
Framed-IP-Address = "255.255.255.254",
Framed-MTU = "1500"
Why does this debug output happen:
Tue Jun 15 17:20:34
Hi Chris,
Thats puzzling.
Is it possible that you changed the config and HUPped the server? If so I would
suggest you restart it instead.
No, I killed and restarted it.
BTW, that configuration is basically recursive: when you get it to go to
System, it will then call System again, over
Hi Chris.
OK, I tried it here and it went recursive as I expected. So I cant explain what
you saw. Its not causing you a problem is it?
On Jun 15, 7:33pm, Chris M wrote:
Subject: Re: (RADIATOR) AuthDBFile issue
Hi Chris,
Thats puzzling.
Is it possible that you changed the config and
-Original Message-
From: Murat Kirmaci
Sent: 11 Haziran 1999 Cuma 16:05
To: 'Mike McCauley'; [EMAIL PROTECTED]
Cc:Proje Grubu; Fahrettin Gurkan
Subject: RE: (RADIATOR) terminal screen accounting
-Original Message-
From: Mike McCauley [SMTP:[EMAIL
Hello Bernd,
On Jun 11, 6:15pm, Bernd Strehhuber wrote:
Subject: (RADIATOR) Probs with AccountingHandled
Hi,
at my setup each customer group has his own Realm. I use 'RewriteUsername'
to control this. Now, from time to time (no reboot or anything like
this is done), my NAS (Livingston
On Jun 14, 3:45pm, Josh Bressers wrote:
Subject: (RADIATOR) Speaking to another radius server
Question for you all out there. I need to get radiator to authenticate and
do accounting locally, but I also need it to send another machine the
accounting data, no authentication. I've looked
Hi John,
On Jun 13, 4:00pm, John Abbott wrote:
Subject: (RADIATOR) SQL Logging
Hi,
I have a small query, mainly I think its my understanding of the
logging/duplication of loggs by radiator. I have setup my radius server to
duplicate every 12 hours and to record stops only so I can get a
Hi,
at my setup each customer group has his own Realm. I use 'RewriteUsername'
to control this. Now, from time to time (no reboot or anything like
this is done), my NAS (Livingston PM3) send the following Accounting
Request out:
Acct-Session-Id = ""
NAS-IP-Address =
Hi Mike,
Thanks for your help.
I'm afraid I have more questions.
---
I heard there is a patch for the 'authby ldap', because the current code
does not do the unbind operation which can cause problems with some ldap
servers. My netscape ldap server seems to be resistant to this, but load
is
Hi Mickey,
AuthBy RADIUS is a little different to most other AuthBy clauses. It forwards
the request immediately, then does retransmits until it gets a reply, then
sends the reply back to the original NAS. If you have 2 AuthBy RADIUS chained
together (as you do), then _both_ will transmit
Hi Richi,
On Jun 6, 10:30pm, Richi Plana wrote:
Subject: Re: (RADIATOR) CHAP HOWTO
Hi, Mike, et al.
On Sun, 6 Jun 1999, Mike McCauley wrote:
|o| Just wondering how to check the attributes CHAP-Password and
|o| CHAP-Challenge. Are there methods in any of the Radiator objects that
|o|
I am running the snapshot version from the ftp site.
Kevin
Sofnet, Inc.
-Original Message-
From: Richard Hawley [EMAIL PROTECTED]
To: Kevin Wormington [EMAIL PROTECTED]; Mike McCauley [EMAIL PROTECTED];
[EMAIL PROTECTED] [EMAIL PROTECTED]
Date: Friday, June 04, 1999 3:12 PM
Subject: Re:
80 matches
Mail list logo