Hello Scott,
Actually another really neat feature, especially for those who purchased a new ISP is the Exporting Feature which will allow you to get all a listing of all users and passwords. So let's say you purchase an ISP, it may be useful to have a listing of all usernames versus passwords for your clients as this makes troubleshooting easier some times.
NOTE: Users are only exported if successfully validated.
Just thought I'd mention it…
Merry Xmas and a Happy New Year
Charles Akkerman
Technical Account Manager/Sales Representative
Fax: (514) 845-4817
Phone: (514) 990-2532
Phone: (514) 845-1666 ext 302
Email: [EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
Please check our website at the the following
link for the technical support holiday schedule:
http://www.vircom.com/services/index.htm
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Scott Wolf
Sent: December 24, 2002 10:31 AM
To: [EMAIL PROTECTED]
Subject: [VOP RADIUS] Fallback
* This is the VOP Radius mailing list *
Our situation was we har purchased another ISP who used a proprietary
LDAP patch to cistron radius. So we had to have it fallback to the BSD
Cistron Radius box. I found the keys were chaning the number of attempts
to 1 in the fallback settings, incresing the Radius timeout at the
router, and making sure you have the client definition for the BSD
Radius server set to ROAMER. Once I did all these things it seemed to
work. VOP Radius first hits our MSSQL main database looking for a user,
if it can't find them, it contacts the BSD radius server and looks. This
is a great solution for ISP's to have a temporary fix when they buy a
new ISP between when they buy and import the users into their own master
database. Would also like to say Yves was very helpful in pointing out
my problem with the whole thing. Cisco NAS's like more than just ACK back.
Scott Wolf - [EMAIL PROTECTED]
Network Engineer / VP
Aginet - http://www.aginet.com
Lewis Watson wrote:
>* This is the VOP Radius mailing list *
>Hey Scott,
>I am working on a backup radius server using BSD/ freeRadius. I just started
>with it this afternoon/ evening and am wondering what BSD based Radius you
>are running over there. FreeRadius seems to be really feature packed.
>Thanks.
>Lewis
>
>
>----- Original Message -----
>From: "Scott Wolf" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>
>Sent: Monday, December 23, 2002 11:14 AM
>Subject: [VOP RADIUS] Fallback
>
>
>
>
>>* This is the VOP Radius mailing list *
>>We have gotten VOP Radius to fallback to the BSD based radius server on
>>user not found. Radius server type had to be set to ROAMER. I can see in
>>the BSD logs that a user is AUTH'd ok. Appears to make it back to the
>>VOP Radius server. But the user ends up getting disconnected. Attached
>>is what I see at the NAS Server end. The line that appears to be the
>>error is "Dec 23 17:10:09.296 UTC: RADIUS: no appropriate authorization
>>type for user." Anyone have any ideas. Thanks,
>>
>>Scott Wolf
>>Aginet
>>
>>
>>
>>Scott Wolf wrote:
>>
>>
>>
>>>* This is the VOP Radius mailing list *
>>>I have retries set to 1 as I thought that could be a problem. I load
>>>up voptest, set it to 3 tries (simulate the nas) and it will
>>>authenticate users in the main source (ODBC - rodopi), but it just
>>>times out if I try a user in the fallback source. I can check the logs
>>>of the fallback radius server and not requests are sent to it. To do
>>>some testing I set the primary method to radius server and it did
>>>sucessfully proxy the requests over to the second server (wanted to
>>>verify passwords and connectivity). If this issue is beyond basic
>>>support, just send me an e-mail off the list. I realise we have no
>>>support contract and this is an old version.
>>>
>>>Scott Wolf
>>>
>>>Customer Support wrote:
>>>
>>>
>>>
>>>>* This is the VOP Radius mailing list *
>>>>Scott,
>>>>
>>>>In the RADIUS => Cache/Fallback panel, you have to make sure you
>>>>specify ONE
>>>>retry only. Also, it depends on your primary authentication method.
>>>>For
>>>>instance, fallback doesn't work with NT/SAM authentication as the
>>>>primary
>>>>authentication. Fallback occurs only after the n+2'd retry where
>>>>n=value of
>>>>the retries. So your NAS (or VOPTest) has to send n+2 packets before
>>>>the
>>>>fallback kicks in.
>>>>
>>>>--
>>>>Yves Lacombe
>>>>SPAM Fighting team &
>>>>Technical Support
>>>>
>>>>
>>>>----- Original Message -----
>>>>From: "Scott Wolf" <[EMAIL PROTECTED]>
>>>>To: <[EMAIL PROTECTED]>
>>>>Sent: Friday, December 20, 2002 9:23 PM
>>>>Subject: [VOP RADIUS] Fallback
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>>* This is the VOP Radius mailing list *
>>>>>I am having problems trying to do fallback authentication to another
>>>>>radius server running on BSD. I have the method set to "Radius
>>>>>
>>>>>
>Server",
>
>
>>>>>the ip address of the BSD radius server in the ip box, the "Apply
>>>>>method
>>>>>if user not found box" is checked also. I also have the seconday box
>>>>>set
>>>>>up in clients with the password. I can see in the log file where it
>>>>>forces backup authentication, but it never seems to try it. The BSD
>>>>>server never shows any attempts to contact it. Seems very off.
>>>>>Wondering
>>>>>if this is a known issue (we are running an old version 2.2.211).
>>>>>Thought someone out there might have some idea. I have given up.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>**
>>>>>To leave this list, send an email to [EMAIL PROTECTED]
>>>>>and put the word "LEAVE" in the BODY of the email.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>
>>>>**
>>>>To leave this list, send an email to [EMAIL PROTECTED]
>>>>and put the word "LEAVE" in the BODY of the email.
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>>**
>>>To leave this list, send an email to [EMAIL PROTECTED]
>>>and put the word "LEAVE" in the BODY of the email.
>>>
>>>
>>>
>>
>>**
>>To leave this list, send an email to [EMAIL PROTECTED]
>>and put the word "LEAVE" in the BODY of the email.
>>
>>
>
>
>**
>To leave this list, send an email to [EMAIL PROTECTED]
>and put the word "LEAVE" in the BODY of the email.
>
>
>
**
To leave this list, send an email to [EMAIL PROTECTED]
and put the word "LEAVE" in the BODY of the email.
