Hi,
to HoraPe: Could you send me your test script and configuration?
cisco_vsa_hack: this hack is only in the preprocess module, and if
you send back anything with radius you don't use this module, therefore
you should have this field turned on or off.
What is important: using the dictionary.cisco file in your radius
configuration.
What does your "debug radius" say in the Cisco equipment? When I
developed my radius script, I used this debugging tool and it was very
good for the troubleshooting.
Thomas
On Fri, 28 Dec 2001 [EMAIL PROTECTED] wrote:
> That is exactly how you should send them.
>
> Make sure you include a return character at the end of your
> print statement. This may or may not make a difference but try
> it.
>
> Also, Do you see the attributes being sent from the RADIUS
> server? try running radius -X and see if you get the attributes
> in readable form at least.
>
> Jose\' L.
> P.S.: I am not sure if this would make a difference but try
> setting the cisco_vsa_hack to no.
>
> Mensaje citado por: Thomas Jalsovsky <[EMAIL PROTECTED]>:
>
> >
> > Hello
> >
> > how did you send AVPairs from the RADIUS server to
> > AS5300?
> >
> > example:
> >
> > #!/usr/bin/perl
> > ...
> > print \"h323-credit-amount =
> > \\\"h323-credit-amount=25\\\",\";
> > print \"h323-return-code = \\\"h323-return-code=0\\\"\";
> > ...
> >
> > I\'m not sure that you need the return-code value but I
> > think it is
> > important for. The sample script did work with AS5300
> > IOS 12.2(1).
> >
> >
> > Regards,
> > Thomas
> >
> >
> > On Wed, 26 Dec 2001 [EMAIL PROTECTED]
> > wrote:
> >
> > > �Hola!
> > >
> > > This is not a freeradius question, but an AS5300 one.
> > (BTW,
> > > is there a cisco list somewhere?)
> > >
> > > I\'m trying to send a h323-credit-amount cisco VSA to a
> > TCL IVR
> > > script on my AS.
> > >
> > > The script goes:
> > >
> > > set avs(h323-credit-amount) 25.00
> > > aaa authorize \"Prueba\" \"\" \"\" \"\" leg_incoming avs
> > >
> > > proc act_Auth {} {
> > > if { [infotag get aaa_avpair_exists
> > h323-credit-amount] } {
> > > set cr [infotag get aaa_avpair
> > h323-credit-amount]
> > > puts \"h323-credit-amount:$cr\"
> > > } else {
> > > puts \"h323-credit-amount doesn\'t
> > exist\"
> > > }
> > >
> > > }
> > > }
> > >
> > > In the radius i sent h323-credit-amount set to 25.00
> > (ie, the same that
> > > i receive from the AS)
> > >
> > > tcpdump: (i expand the interesting attr)
> > >
> > > 13:22:24.810283 200.41.96.114.1645 >
> > 200.69.73.69.1812: [udp sum ok] rad-access-req 201 [id
> > 35] Attr[ NAS_ipaddr{200.41.96.114}
> > Vendor_specific{......ISDN 1:D:6} NAS_port_type{Sync}
> > User{Prueba} Vendor_specific{.....2h323-conf-id=9482DDC3
> > F95311D5 80E4FA8D 2364D729} Pass
> > Vendor_specific{......h323-ivr-out=transactionID:72}
> > Vendor_specific{....e.h323-credit-amount=25.00} ] (ttl
> > 245, id 21831, len 229)
> > > 4500 00e5 5547 0000 f511 359a
> > c829 6072
> > > c845 4945 066d 0714 00d1 3c29
> > 0123 00c9
> > > 771b bb76 034d 96d4 0ddd 4174
> > dc87 57be
> > > 0406 c829 6072 1a12 0000 0009
> > 020c 4953
> > > 444e 2031 3a44 3a36 3d06 0000
> > 0000 0108
> > > 5072 7565 6261 1a38 0000 0009
> > 1832 6833
> > > 3233 2d63 6f6e 662d 6964 3d39
> > 3438 3244
> > > 4443 3320 4639 3533 3131 4435
> > 2038 3045
> > > 3446 4138 4420 3233 3634 4437
> > 3239 0212
> > > ad75 4fe3 7c96 15c1 0c57 e9b8
> > 7205 280a
> > > 1a25 0000 0009 011f 6833 3233
> > 2d69 7672
> > > 2d6f 7574 3d74 7261 6e73 6163
> > 7469 6f6e
> > > 4944 3a37 32
> > >
> > > 1a20 0000 0009 651a 6833 3233 2d63 7265
> > > 6469 742d 616d 6f75 6e74 3d32 352e 3030
> > >
> > > VSA (1a), CISCO (0000 0009),
> > > h323-credit-amount (65)
> > > Data: \"h323-credit-amount=25.00\"
> > >
> > > 13:22:24.927087 200.69.73.69.1812 >
> > 200.41.96.114.1645: [udp sum ok] rad-access-accept 52
> > [id 35] Attr[
> > Vendor_specific{....e.h323-credit-amount=25.00} ] (ttl
> > 64, id 11594, len 80)
> > > 4500 0050 2d4a 0000 4011 132d
> > c845 4945
> > > c829 6072 0714 066d 003c e482
> > 0223 0034
> > > c558 0b38 9637 6067 c6b1 09b1
> > 46b0 7ec0
> > >
> > > 1a20 0000 0009 651a 6833 3233
> > 2d63 7265
> > > 6469 742d 616d 6f75 6e74 3d32
> > 352e 3030
> > >
> > > (the exact same bytes that in the request)
> > >
> > > Although the attr radius is sending to the AS is
> > exactly the same
> > > that the AS sends (so the codification is ok by cisco
> > standards),
> > > the script says that \"h323-credit-amount doesn\'t
> > exist\"
> > >
> > > Some help?
> > > HoraPe
> > > ---
> > > Horacio J. Pe�a
> > > [EMAIL PROTECTED]
> > > [EMAIL PROTECTED]
> > > [EMAIL PROTECTED]
> > > [EMAIL PROTECTED]
> > >
> > > -
> > > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
> > >
> >
> > --
> >
> >
> -------------------------------------------------------------------
> > Thomas Jalsovsky, Project Manager at
> > PosTel, Plc.
> > PosTel, a.s. Kvacalova 53,82108
> > Bratislava 2
> > Tel.: +421-2-50203160, Fax.:
> > +421-2-50203198
> > http://www.postel.sk,
> > http://www.globalphone.sk
> > GlobalPhone, As long as you want
> >
> >
> > -
> > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
> >
>
>
> ------------------------------------------------------------------------
> Mail enviado desde PortalMail 1.4.2 Web based email system.
> PaloSanto Solutions, Sunnyvale CA.
> http://www.palosanto.com
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
--
-------------------------------------------------------------------
Thomas Jalsovsky, Project Manager at PosTel, Plc.
PosTel, a.s. Kvacalova 53,82108 Bratislava 2
Tel.: +421-2-50203160, Fax.: +421-2-50203198
http://www.postel.sk, http://www.globalphone.sk
GlobalPhone, As long as you want
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
