hi fellow Radiator users. I'm attempting to get myself configured and am
running into a few problems.
Our dial up hardware consists of 3com Total Control HiperDSP's, currently
running esva radius on BSDI.
All of my dial up users have a "P" prefix in front of the username.
my radius.cfg file looks like this:
LogDir /var/log/radius
# Set this to the database directory. It should contain these files:
# users The user database
# dictionary The dictionary for your NAS
DbDir /usr/local/etc/raddb
AuthPort 1645
AcctPort 1646
BindAddress 206.31.149.200
#NasType TotalControl
Foreground
LogStdout
Trace 4
# This clause defines a single client to listen to
<Client usr2.insolwwb.net>
Secret blahblah
</Client>
<Client usr1.insolwwb.net>
Secret blahblah
</Client>
<Client usr3.insolwwb.net>
Secret blahblah
</Client>
<Client usr5.insolwwb.net>
Secret blahblah
</Client>
# This clause handles all users from all realms by looking them up
# in the users file at /usr/local/etc/raddb/users
<Realm DEFAULT>
<AuthBy FILE>
# The filename defaults to %D/users
</AuthBy>
# Log accounting to the detail file in LogDir
AcctLogFileName %L/detail
</Realm>
<Realm dummyrealmforholdingauthbyunix>
<AuthBy UNIX>
Identifier System
Filename /etc/master.passwd
</AuthBy>
------ END radius.cfg
The dummy realm is because I need the power of being able to authby file for
multiple users but I need
the unix password authentication.
and my users file is quite simple at this point, as I just want something
functioning
for my dial up users:
DEFAULT Prefix=P, Auth-Type = System
Reply-Message = You are a prefix PPP user
Now, to test things, I've been trying to use the _auth command provided by
the Hiper DSP card...
on esva radius, when I run
HiPer>> _auth Pmgrommet password
CLI - User: Pmgrommet is Authenticated
HiPer>>
Ok, so I then run radiator,and run from the command line:
HiPer>> _auth Pmgrommet !wizman!
CLI - User: Pmgrommet failed Authentication (status: 536870912)
msg=Request Denied
I've placed Radiator in debug mode 4, and heres the info it gives me on the
authentication request:
Attributes:
User-Name = "Pmgrommet"
User-Password =
"<141><140>Q<146><246><206>9<155><177><205>x<134><13>Z`<17>"
Client-Id = 206.31.149.4
NAS-Port = 14081
Acct-Session-Id = "Pmgrommet1"
USR-Interface-Index = 0
Service-Type = Login-User
Chassis-Call-Slot = 56
Chassis-Call-Span = 1
Chassis-Call-Channel = 1
Calling-Station-Id = ""
Called-Station-Id = ""
NAS-Port-Type = Virtual
Mon Mar 8 13:53:19 1999: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Mon Mar 8 13:53:19 1999: DEBUG: Handling with Radius::AuthFILE
Mon Mar 8 13:53:19 1999: DEBUG: Radius::AuthFILE looks for match with
Pmgrommet
Mon Mar 8 13:53:19 1999: DEBUG: Radius::AuthFILE looks for match with
DEFAULT
Mon Mar 8 13:53:19 1999: DEBUG: Handling with Radius::AuthUNIX
Mon Mar 8 13:53:19 1999: DEBUG: Radius::AuthUNIX looks for match with
mgrommet
Mon Mar 8 13:53:19 1999: DEBUG: Radius::AuthUNIX REJECT: Bad
Encrypted-Password
Mon Mar 8 13:53:19 1999: DEBUG: Radius::AuthFILE REJECT: Bad
Encrypted-Password
Mon Mar 8 13:53:19 1999: INFO: Access rejected for Pmgrommet: Bad
Encrypted-Password
Mon Mar 8 13:53:19 1999: DEBUG: Packet dump:*
Any ideas on what/where to check? If I hard code a user and password into
the users file it works fine.
===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
