******************************************************************
rad_recv: Access-Request packet from host 127.0.0.1:41445, id=13, length=58
--- Walking the entire request list ---
Waking up in 31 seconds...
Threads: total/active/spare threads = 5/0/5
Thread 1 got semaphore
Thread 1 handling request 0, (1 handled so far)
User-Name = "bakers"
User-Password = "scottb"
NAS-IP-Address = 255.255.255.255
NAS-Port = 10
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
modcall[authorize]: module "chap" returns noop for request 0
modcall[authorize]: module "mschap" returns noop for request 0
rlm_realm: No '@' in User-Name = "bakers", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 0
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 0
users: Matched bakers at 1
users: Matched DEFAULT at 4
modcall[authorize]: module "files" returns ok for request 0
modcall: group authorize returns ok for request 0
auth: type Local
auth: user supplied User-Password matches local User-Password
Sending Access-Accept of id 13 to 127.0.0.1:41445
X-Ascend-Data-Filter += "ip in forward tcp est"
X-Ascend-Data-Filter += "ip in forward dstip 65.182.224.0/26 0"
X-Ascend-Data-Filter += "ip in forward 0"
Session-Timeout = 28800
Idle-Timeout = 3600
Framed-Compression = Van-Jacobson-TCP-IP
Service-Type = Framed-User
Framed-Protocol = PPP
Propel-Accelerate = 0
Framed-MTU = 576
Finished request 0
Going to the next request
Thread 1 waiting to be assigned a request
James Feger wrote:
On Tue, 18 Jan 2005, Scott Baker wrote:
I'm attempting to do a global dial-up solution and they're requiring me to use the ascend-data-filter to open up outbound port 25. Simple enough.
I've configured my users file to include the attributes they provided and it seems to be accepting the data. However when I query the radius with radtest it returns odd results. In my users file I have four ADF lines, but only three are returned after the query. Also, some of the lines that are returned contain a trailing 0. I'm new to this "abinary" type so I'm not sure if this is expected behaviour or not.
------------------ users ------------------
bakers User-Password = "passwd" Fall-Through = Yes
DEFAULT X-Ascend-Data-Filter += "ip in forward tcp est", X-Ascend-Data-Filter += "ip in forward dstip 65.182.224.0/26", X-Ascend-Data-Filter += "ip in drop tcp dstport=25", X-Ascend-Data-Filter += "ip in forward", Simultaneous-Use = 1, Session-Timeout = 28800, Idle-Timeout = 3600, Framed-Compression = Van-Jacobson-TCP-IP, Service-Type = Framed-User, Framed-Protocol = PPP, Propel-Accelerate = 0, Framed-MTU = 576
------------------ radtest output ------------------
[EMAIL PROTECTED] ~]# !radte
radtest bakers scottb localhost 10 localhost
Sending Access-Request of id 128 to 127.0.0.1:1812
User-Name = "bakers"
User-Password = "scottb"
NAS-IP-Address = snikt
NAS-Port = 10
rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=128, length=170
X-Ascend-Data-Filter = "ip in forward tcp est"
X-Ascend-Data-Filter = "ip in forward dstip 65.182.224.0/26 0"
X-Ascend-Data-Filter = "ip in forward 0"
Session-Timeout = 28800
Idle-Timeout = 3600
Framed-Compression = Van-Jacobson-TCP-IP
Service-Type = Framed-User
Framed-Protocol = PPP
Propel-Accelerate = 0
Framed-MTU = 576
Have you tried running freeradius in debug mode to see what the server is spitting out as well? Is it possible that a few of the attributes you are trying to send are not defined in the dictionary file and the radius server is ignoring those statements?
-j
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- Scott Baker Canby Telephone - Network Administrator - RHCE Ph: 503.266.8253
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
