Hi Mike,
That's it ... we've been strugling for a week and still stuck!
Any help will be very much appreciated,
KC
>Hello Anthony,
>
>To look closer at this problem, we need some more information:
>
>Can you please post your Radiator configuration (no secrets please) and your
>radiator log file at trace level 4, showing what happens during
>authentication.
>
>Cheers.
>
>On Jun 3, 11:47pm, Anthony Chan wrote:
>> Subject: (RADIATOR) A new user
>> Hi all,
>>
>> I got the Radiator last week and try to make it work. However, up to
>> now, I still can't make users to authenticate and get access through the
>> radius.
>>
>> My system configuration is Ultra 5 under Solaris 2.6. Users
>> authentication system is using NIS+. I also tried to use Unix
>> /etc/passwd but the result is the same.
>>
>> For the Installation, all testcases of Perl and radiators are OK. I
>> start the Radiator as root. I use the most simple configuration for
>> testing. Everything looks good but users just don't get access.
>>
>> If there are anyone with similar system configuration, can you please
>> send me your configuration file to me for testing. Is there any other
>> important thing that I have to take care?
>>
>> --
>> Cheers,
>>
>> Anthony Chan
>> Sun Professional Services Hong Kong
>> 22/F Shui On Centre,
>> 8 Harbour Road, Wanchai,
>> Hong Kong
>>
>> Phone: (852) 2820-0674
>> Fax : (852) 2802-8655
>>
>>
>>
>> ===
>> Archive at http://www.thesite.com.au/~radiator/
>> To unsubscribe, email '[EMAIL PROTECTED]' with
>> 'unsubscribe radiator' in the body of the message.
>>-- End of excerpt from Anthony Chan
>
>
>
>--
>Mike McCauley [EMAIL PROTECTED]
>Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
>24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
>Phone +61 3 9598-0985 Fax +61 3 9598-0955
>
>Radiator: the most portable, flexible and configurable RADIUS server
>anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
>NT, Rhapsody
Mon May 31 19:20:11 1999: INFO: Server started
Mon May 31 19:20:21 1999: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 32902 ....
Packet length = 67
01 6e 00 43 31 32 33 34 35 36 37 38 39 30 31 32
33 34 35 36 01 05 74 31 61 06 06 00 00 00 02 04
06 cb 3f 9a 01 05 06 00 00 04 d2 3d 06 00 00 00
00 02 12 8d ba 3e ad af 5c 04 f6 bc 38 09 a0 d8
7d 78 99
Code: Access-Request
Identifier: 110
Authentic: 1234567890123456
Attributes:
User-Name = "t1a"
Service-Type = Framed-User
NAS-IP-Address = 203.63.154.1
NAS-Port = 1234
NAS-Port-Type = Async
User-Password = "<141><186>><173><175>\<4><246><188>8<9><160><216>}x<153>"
Mon May 31 19:20:21 1999: DEBUG: Handling request with Handler 'Realm=DEFAULT'
Mon May 31 19:20:21 1999: DEBUG: Handling with Radius::AuthSYSTEM
Mon May 31 19:20:21 1999: DEBUG: Radius::AuthSYSTEM looks for match with t1a
Mon May 31 19:20:21 1999: DEBUG: Radius::AuthSYSTEM REJECT: Bad Encrypted-Password
Mon May 31 19:20:21 1999: INFO: Access rejected for t1a: Bad Encrypted-Password
Mon May 31 19:20:21 1999: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 32902 ....
Code: Access-Reject
Identifier: 110
Authentic: 1234567890123456
Attributes:
Reply-Message = "Request Denied"
Mon May 31 19:20:21 1999: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 32902 ....
Packet length = 65
04 6f 00 41 5d 1a 1e 6e 68 43 77 fa 15 f9 29 5f
66 90 58 60 01 05 74 31 61 06 06 00 00 00 02 04
06 cb 3f 9a 01 05 06 00 00 04 d2 3d 06 00 00 00
00 2c 0a 30 30 30 30 31 32 33 34 28 06 00 00 00
01
Code: Accounting-Request
Identifier: 111
Authentic: ]<26><30>nhCw<250><21><249>)_f<144>X`
Attributes:
User-Name = "t1a"
Service-Type = Framed-User
NAS-IP-Address = 203.63.154.1
NAS-Port = 1234
NAS-Port-Type = Async
Acct-Session-Id = "00001234"
Acct-Status-Type = Start
Mon May 31 19:20:21 1999: DEBUG: Handling request with Handler 'Realm=DEFAULT'
Mon May 31 19:20:21 1999: DEBUG: Handling with Radius::AuthSYSTEM
Mon May 31 19:20:21 1999: DEBUG: Adding session for t1a, 203.63.154.1, 1234
Mon May 31 19:20:21 1999: DEBUG: Accounting accepted
Mon May 31 19:20:21 1999: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 32902 ....
Code: Accounting-Response
Identifier: 111
Authentic: ]<26><30>nhCw<250><21><249>)_f<144>X`
Attributes:
Mon May 31 19:20:21 1999: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 32902 ....
Packet length = 89
04 70 00 59 65 17 5e 4a 0b b2 71 69 26 10 a7 b2
a3 ae 4e 38 01 05 74 31 61 06 06 00 00 00 02 04
06 cb 3f 9a 01 05 06 00 00 04 d2 3d 06 00 00 00
00 2c 0a 30 30 30 30 31 32 33 34 28 06 00 00 00
02 29 06 00 00 00 00 2e 06 00 00 03 e8 2a 06 00
00 4e 20 2b 06 00 00 75 30
Code: Accounting-Request
Identifier: 112
Authentic: e<23>^J<11><178>qi&<16><167><178><163><174>N8
Attributes:
User-Name = "t1a"
Service-Type = Framed-User
NAS-IP-Address = 203.63.154.1
NAS-Port = 1234
NAS-Port-Type = Async
Acct-Session-Id = "00001234"
Acct-Status-Type = Stop
Acct-Delay-Time = 0
Acct-Session-Time = 1000
Acct-Input-Octets = 20000
Acct-Output-Octets = 30000
Mon May 31 19:20:21 1999: DEBUG: Handling request with Handler 'Realm=DEFAULT'
Mon May 31 19:20:21 1999: DEBUG: Handling with Radius::AuthSYSTEM
Mon May 31 19:20:21 1999: DEBUG: Deleting session for t1a, 203.63.154.1, 1234
Mon May 31 19:20:21 1999: DEBUG: Accounting accepted
Mon May 31 19:20:21 1999: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 32902 ....
Code: Accounting-Response
Identifier: 112
Authentic: e<23>^J<11><178>qi&<16><167><178><163><174>N8
Attributes:
# radius.cfg
#
# This is a very simple radius.cfg that you can use to get started.
# only the most important parameters are set here. The full set
# of parameters can be seen in radius.cfg in the top of the distribution tree.
#
# As it stands, it will authenticate a single client and a
# single realm from a flat file
# database, and save the accounting info to a single details file.
#
# Author: Mike McCauley ([EMAIL PROTECTED])
# Copyright (C) 1997 Open System Consultants
# $Id: radius.cfg,v 1.3 1999/01/28 05:13:52 mikem Exp $
# Set this to the directory where your logfile and details file are to go
Trace 5
LogDir /var/log/radius
DictionaryFile /usr/local/etc/dictionary
# Set this to the database directory. It should contain these files:
# users The user database
# dictionary The dictionary for your NAS
DbDir /usr/local/etc/raddb
# This clause defines a single client to listen to
<Client 206.161.55.18>
Secret 1234
</Client>
# For testing: this allows us to honour requests from radpwtst
# on the same host.
<Client localhost>
Secret mysecret
DupInterval 0
</Client>
# This clause handles all users from all realms by looking them up
# in the users file at /usr/local/etc/raddb/users
<Realm DEFAULT>
<AuthBy SYSTEM>
# The filename defaults to %D/users
</AuthBy>
# Log accounting to the detail file in LogDir
AcctLogFileName %L/detail
</Realm>
