hi fellow Radiator users.  I'm attempting to get myself configured and am
running into a few problems.

Our dial up hardware consists of 3com Total Control HiperDSP's, currently
running esva radius on BSDI.

All of my dial up users have a "P" prefix in front of the username.


my radius.cfg file looks like this:

LogDir /var/log/radius

# Set this to the database directory. It should contain these files:
# users           The user database
# dictionary      The dictionary for your NAS
DbDir /usr/local/etc/raddb

AuthPort 1645
AcctPort 1646
BindAddress 206.31.149.200
#NasType TotalControl

Foreground
LogStdout
Trace 4


# This clause defines a single client to listen to
<Client usr2.insolwwb.net>
        Secret   blahblah
</Client>
<Client usr1.insolwwb.net>
        Secret   blahblah
</Client>
<Client usr3.insolwwb.net>
        Secret   blahblah
</Client>
<Client usr5.insolwwb.net>
        Secret   blahblah
</Client>

# This clause handles all users from all realms by looking them up
# in the users file at /usr/local/etc/raddb/users
<Realm DEFAULT>
        <AuthBy FILE>
                # The filename defaults to %D/users
        </AuthBy>
        # Log accounting to the detail file in LogDir
        AcctLogFileName %L/detail
</Realm>


<Realm dummyrealmforholdingauthbyunix>
        <AuthBy UNIX>
                Identifier System
                Filename /etc/master.passwd
        </AuthBy>


------ END radius.cfg

The dummy realm is because I need the power of being able to authby file for
multiple users but I need
the unix password authentication.

and my users file is quite simple at this point, as I just want something
functioning
for my dial up users:

DEFAULT Prefix=P, Auth-Type = System
        Reply-Message = You are a prefix PPP user


Now, to test things, I've been trying to use the _auth command provided by
the Hiper DSP card...
on esva radius, when I run
HiPer>> _auth Pmgrommet password
CLI - User: Pmgrommet is Authenticated
HiPer>>

Ok, so I then run radiator,and run from the command line:

HiPer>> _auth Pmgrommet !wizman!
CLI - User: Pmgrommet failed Authentication (status: 536870912)
msg=Request Denied



I've placed Radiator in debug mode 4, and heres the info it gives me on the
authentication request:

Attributes:
        User-Name = "Pmgrommet"
        User-Password =
"<141><140>Q<146><246><206>9<155><177><205>x<134><13>Z`<17>"
        Client-Id = 206.31.149.4
        NAS-Port = 14081
        Acct-Session-Id = "Pmgrommet1"
        USR-Interface-Index = 0
        Service-Type = Login-User
        Chassis-Call-Slot = 56
        Chassis-Call-Span = 1
        Chassis-Call-Channel = 1
        Calling-Station-Id = ""
        Called-Station-Id = ""
        NAS-Port-Type = Virtual

Mon Mar  8 13:53:19 1999: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Mon Mar  8 13:53:19 1999: DEBUG: Handling with Radius::AuthFILE
Mon Mar  8 13:53:19 1999: DEBUG: Radius::AuthFILE looks for match with
Pmgrommet
Mon Mar  8 13:53:19 1999: DEBUG: Radius::AuthFILE looks for match with
DEFAULT
Mon Mar  8 13:53:19 1999: DEBUG: Handling with Radius::AuthUNIX
Mon Mar  8 13:53:19 1999: DEBUG: Radius::AuthUNIX looks for match with
mgrommet
Mon Mar  8 13:53:19 1999: DEBUG: Radius::AuthUNIX REJECT: Bad
Encrypted-Password
Mon Mar  8 13:53:19 1999: DEBUG: Radius::AuthFILE REJECT: Bad
Encrypted-Password
Mon Mar  8 13:53:19 1999: INFO: Access rejected for Pmgrommet: Bad
Encrypted-Password
Mon Mar  8 13:53:19 1999: DEBUG: Packet dump:*




Any ideas on what/where to check? If I hard code a user and password into
the users file it works fine.



===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Reply via email to