Well, I finally was able to get one of the NAS's all to myself for some
testing, and it seems that radius is sending back different attributes to
the NAS that it is when I was running my tests with radtest and tcpdump off
a different server. So here are some new tcpdumps.. radius2toradius1 is
from a server to a server ( and replies correctly ) .. tc6toradius1 is from
the NAS to the server ( and replies with extra attributes that seem to be
throwing the NAS )
here are the reply attr's from the database
id | username | attribute | value
------+----------------+--------------------+-------------------------------
----
1154 | [EMAIL PROTECTED] | User-Service-Type | Framed-User
1155 | [EMAIL PROTECTED] | Framed-Protocol | PPP
1156 | [EMAIL PROTECTED] | Framed-MTU | 1500
1157 | [EMAIL PROTECTED] | Framed-Routing | None
1158 | [EMAIL PROTECTED] | Framed-Compression | Van-Jacobson-TCP-IP
1159 | [EMAIL PROTECTED] | Framed-IP-Address | 209.131.199.97
1160 | [EMAIL PROTECTED] | Framed-IP-Netmask | 255.255.255.255
1162 | [EMAIL PROTECTED] | Idle-Timeout | 0
1161 | [EMAIL PROTECTED] | Framed-Route | 209.131.201.8/29
209.131.199.97 1
So where do we go from here? Would this be a problem with the dictionary
file or somewhere in the code itself? Thx again for any help
-jason
> At 01:28 PM 10/31/2001 -0600, jason wrote:
> >Indeed it is more readable, here are the cleaned up versions.. one thing
I
> >did notice is that tcpdump shows "(DF)" after the freeradius's version of
> >the reply packet? I have no idea what that means tho.
>
> DF == Don't Fragment.
>
> The attributes being sent back appear identical to tcpdump. Not sure
> what else we can look at. I suspect the NAS, as we've now verified that
> the packets contain the same attribute/value pairs.
>
> -Chris
> --
> \\\|||/// \ Chris Parker - Manager, Development Engineering
> \ ~ ~ / \ WX *is* Wireless! \ [EMAIL PROTECTED]
> | @ @ | \ http://www.starnetwx.net \ (847) 963-0116
> oOo---(_)---oOo--\------------------------------------------------------
> \ Without C we would have 'obol', 'basi', and 'pasal'
>
>
> -
> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
>
21:24:15.851500 radius2.egix.net.32768 > radius1.egix.net.1645: rad-access-req 63 [id
116] Attr[
User{[EMAIL PROTECTED]}
Pass
NAS_ipaddr{255.255.255.255}
NAS_port_id{5} ] (DF)
0x0000 4500 005b 0000 4000 4011 e6aa d183 d870 E..[..@[email protected]
0x0010 d183 d86f 8000 066d 0047 8b0f 0174 003f ...o...m.G...t.?
0x0020 ae77 5f5a 04db 4f0c 55c0 ff43 d4c8 d004 .w_Z..O.U..C....
0x0030 0110 726f 646e 6579 4069 6569 2e6e 6574 [EMAIL PROTECTED]
0x0040 0212 d09c 8969 440a 23f8 13da acd1 4e24 .....iD.#.....N$
0x0050 62ac 0406 ffff ffff 5703 35 b.......W.5
21:24:15.875160 radius1.egix.net.1645 > radius2.egix.net.32768: rad-access-accept 103
[id 116] Attr[
Service_type{#519}
Framed_proto{#268}
Framed_mtu{1500}
Framed_routing{#13}
Framed_compress{#264}
Framed_ipaddr{rodney.dip.iei.net}
Framed_ipnet{255.255.255.255}
Framed_route{209.131.201.8/29 209.131.199.97 1}
Idle_timeout{00 secs} ] (DF)
0x0000 4500 0083 0000 4000 4011 e682 d183 d86f E.....@[email protected]
0x0010 d183 d870 066d 8000 006f f9dc 0274 0067 ...p.m...o...t.g
0x0020 fc67 4c57 e668 f8b4 ad20 7ff9 3e5b 4d69 .gLW.h......>[Mi
0x0030 0606 0000 0002 0706 0000 0001 0c06 0000 ................
0x0040 05dc 0a06 0000 0000 0d06 0000 0001 0806 ................
0x0050 d183 c761 0906 ffff ffff 1623 3230 392e ...a.......#209.
0x0060 3133 312e 3230 312e 382f 3239 2032 3039 131.201.8/29.209
0x0070 2e31 3331 2e31 3939 2e39 3720 311c 0600 .131.199.97.1...
0x0080 0000 00 ...
19:21:10.491938 tc6.iei.net.1645 > radius1.egix.net.1645: rad-access-req 187 [id 41]
Attr[
User{[EMAIL PROTECTED]}
CHAP-Pass
NAS_ipaddr{tc6.iei.net}
NAS_port{2}
Acct_session_id{65537}
Vendor_specific{.......C....}
Vendor_specific{............}
Service_type{#519}
Framed_proto{#282}
Vendor_specific{............}
Vendor_specific{............}
Vendor_specific{............}
Vendor_specific{.......#....}
Calling_station
Called_station{7130600}
NAS_port_type{#57} ]
0x0000 4500 00d7 dc0f 0000 ff11 8abc d183 d8d2 E...............
0x0010 d183 d86f 066d 066d 00c3 7ffa 0129 00bb ...o.m.m.....)..
0x0020 459b 8402 a01f 7379 2cdb 0684 6b0a e013 E.....sy,...k...
0x0030 0110 726f 646e 6579 4069 6569 2e6e 6574 [EMAIL PROTECTED]
0x0040 0313 033e b837 d3e0 e3b0 dd9f 8609 3374 ...>.7........3t
0x0050 a85f 8104 06d1 83d8 d205 0600 0000 022c ._.............,
0x0060 0736 3535 3337 1a0e 0000 01ad 0000 9843 .65537.........C
0x0070 0000 04ea 1a0e 0000 01ad 0000 9889 0000 ................
0x0080 0000 0606 0000 0002 0706 0000 0001 1a0e ................
0x0090 0000 01ad 0000 9019 0000 0001 1a0e 0000 ................
0x00a0 01ad 0000 901a 0000 0001 1a0e 0000 01ad ................
0x00b0 0000 901b 0000 0002 1a0e 0000 01ad 0000 ................
0x00c0 9023 0000 0001 1f02 1e09 3731 3330 3630 .#........713060
0x00d0 303d 0600 0000 00 0=.....
19:21:10.500930 radius1.egix.net.1645 > tc6.iei.net.1645: rad-access-accept 133 [id
41] Attr[
Framed_ipaddr{NAS_select}
Framed_mtu{576}
Service_type{#519}
Framed_proto{#269}
Framed_compress{#262}
Service_type{#519}
Framed_proto{#268}
Framed_mtu{1500}
Framed_routing{#13}
Framed_compress{#264}
Framed_ipaddr{rodney.dip.iei.net}
Framed_ipnet{255.255.255.255}
Framed_route{209.131.201.8/29 209.131.199.97 1}
Idle_timeout{00 secs} ] (DF)
0x0000 4500 00a1 0000 4000 4011 e602 d183 d86f E.....@[email protected]
0x0010 d183 d8d2 066d 066d 008d efac 0229 0085 .....m.m.....)..
0x0020 0ee3 856f da23 7c1f 0a6f b8e2 e795 9e2f ...o.#|..o...../
0x0030 0806 ffff fffe 0c06 0000 0240 0606 0000 ...........@....
0x0040 0002 0706 0000 0001 0d06 0000 0001 0606 ................
0x0050 0000 0002 0706 0000 0001 0c06 0000 05dc ................
0x0060 0a06 0000 0000 0d06 0000 0001 0806 d183 ................
0x0070 c761 0906 ffff ffff 1623 3230 392e 3133 .a.......#209.13
0x0080 312e 3230 312e 382f 3239 2032 3039 2e31 1.201.8/29.209.1
0x0090 3331 2e31 3939 2e39 3720 311c 0600 0000 31.199.97.1.....
0x00a0 00 .
