Hi,

we have been using squid_radius_auth for some time without any problems. Now 
we moved to a new platform (OpenSuSE 10.2) an experience a strange behaviour 
from squid / squid_radius_auth.

Sometimes (random in time, about once per day) some users tell us that they 
cannot use the proxy any more. Squid writes into the logfile:

1183022732.285  30183 172.18.7.13 TCP_DENIED/407 1718 GET http://www.heise.de/ 
misch NONE/- text/html

testing squid_radius_auth manually gives not problem, but when I do a tcpdump 
on port 1812 I see a lot of

proxy -> radius Access-Request
radius -> proxy Access-Accept

packets on the wire. Since the RADIUS server answers with Access-Accept it 
cannot be a problem in authentication. These packets are send about every 
second(!), but it seems that squid somehow does not get the authentication 
correct.

After a while squid writes the 407 to the logfile and the user get a new 
authentication window.

Other users still can surf and sometimes squid accepts the authentication 
after several tries and the user can use the proxy.

Any idea what might be wrong? Any hint welcome. Thanks.

Config:
squid.conf:
auth_param basic \
program /usr/local/squid/libexec/squid_radius_auth -f 
/usr/local/squid/etc/squid_radius_auth.conf
auth_param basic children 5
auth_param basic realm myCompany
auth_param basic credentialsttl 20 minutes
auth_param basic casesensitive off
acl AuthorizedUsers proxy_auth REQUIRED

squid_radius_auth.conf:
server 172.19.1.3
secret testing123

RADIUS Server:
M$ IAS
-- 
Dr. Michael Schwartzkopff
MultiNET Services GmbH
Addresse: Bretonischer Ring 7; 85630 Grasbrunn; Germany
Tel: +49 - 89 - 45 69 11 0
Fax: +49 - 89 - 45 69 11 21
mob: +49 - 174 - 343 28 75

mail: [EMAIL PROTECTED]
web: www.multinet.de

Sitz der Gesellschaft: 85630 Grasbrunn
Registergericht: Amtsgericht München HRB 114375
Geschäftsführer: Günter Jurgeneit, Hubert Martens

---

PGP Fingerprint: F919 3919 FF12 ED5A 2801 DEA6 AA77 57A4 EDD8 979B
Skype: misch42

Reply via email to