Re: (RADIATOR) Why is radiator rejecting auth request ?

tom minchin Tue, 13 Jul 1999 22:29:56 -0700
Just ignore them. Those are special users (see Ascend Max manual or website
for details) which can define stuff like static routes and ip pools via
RADIUS.

[EMAIL PROTECTED]

On Wed, Jul 14, 1999 at 12:11:13AM -0500, postmaster wrote:
> 
> Hello,
> 
> I am using Radiator-2.13.1 on Solaris 2.5.1. I have radiator setup to
> do mSQL Accounting and Auth by File. My radius.cfg is shown below:
> 
> Note: NAS is is Ascend MAX
> -----------------------------------------------------------------------------
> Foreground
> LogStdout
> AuthPort        1645
> AcctPort        1646
> LogDir          .
> # LogFile               %L/%Y-logfile
> DbDir           .
> DictionaryFile  %D/dictionary.ascend
> FingerProg      /bin/finger
> Trace 4
> 
> <Client DEFAULT>
>         Secret  xxxxxxx
>         NasType Ascend
> </Client>
> 
> <Realm DEFAULT>
>         AuthByPolicy ContinueUntilAccept
>         RewriteUsername tr/[A-Z]/[a-z]/
>         MaxSessions 1
>         RejectHasReason
>         <AuthBy SQL>
>                 AuthSelect
>                 DBSource        dbi:mSQL:radius
>                 AccountingTable ACCOUNTING
>                 AcctColumnDef   Username,User-Name
>                 AcctColumnDef  the_date,Timestamp,formatted-date,'%e-%m-%Y'
>                 AcctColumnDef the_time,Timestamp,formatted-date,'%H:%M:%S'
>                 AcctColumnDef   NAS_Identifier,NAS-Identifier
>                 AcctColumnDef   NAS_Port,NAS-Port,integer
>                 AcctColumnDef   Acct_Status_Type,Acct-Status-Type
>                 AcctColumnDef   Acct_Delay_Time,Acct-Delay-Time,integer
>                 AcctColumnDef   Acct_Session_Id,Acct-Session-Id
>                 AcctColumnDef Acct_Session_Time,Acct-Session-Time,integer
>                 AcctColumnDef Acct_Input_Octets,Acct-Input-Octets,integer
>                 AcctColumnDef Acct_Output_Octets,Acct-Output-Octets,integer
>                 AcctColumnDef   Acct_Term_Cause,Acct-Terminate-Cause
>                 AcctColumnDef   Framed_Address,Framed-IP-Address
>                 AcctColumnDef   Framed_Protocol,Framed-Protocol
>                 AcctColumnDef   Connect_Rate,Ascend-Data-Rate
>                 AcctColumnDef   Disconnect_Cause,Ascend-Disconnect-Cause
>                 AcctColumnDef   First_Destination,Ascend-First-Dest
>                 AcctColumnDef   Client_Port_DNIS,Client-Port-DNIS
>         </AuthBy>
> #       If SQL fails then authenticate from flat file
>         <AuthBy FILE>
>                 DefaultSimultaneousUse 1
>                 Filename ./users
>         </AuthBy>
> </Realm>
> 
> <SessionDatabase SQL>
>         DBSource        dbi:mSQL:radius
> 
>         AddQuery insert into RADONLINE (Username, Time_Stamp, \
>         NAS_Identifier, NAS_Port, Acct_Session_Id, Framed_Address, \
>         Nas_Port_Type, Service_Type) values ('%n', %{Timestamp},'%N', \
>         %{NAS-Port}, '%{Acct-Session-Id}', '%{Framed-IP-Address}', \
>         '%{Port-Type}', '%{Service-Type}')
> 
>         DeleteQuery delete from RADONLINE where Username='%n' and \
>         NAS_Identifier='%N' and NAS_Port=%{NAS-Port}
> 
>         ClearNasQuery delete from RADONLINE where NAS_Identifier='%N'
> 
>         CountQuery select NAS_Identifier, NAS_Port, Acct_Session_Id from \
>         RADONLINE where Username='%n'
> </SessionDatabase>
> 
> 
> -------------------------------------------------------------------
> 
> this works fine in 'radpwtst'. But, when the users connect, I get the foll
> errors, Has anyone seen these errors: If so, please let me know:
> 
> Note: Note that instead of the actual Username it's sending incorrect data
>       like 'route-max4-1', "pools-max4", "permconn-max4-1" as the
>       username. 
> 
> PS: the xxx.xxx.xxx.xxx are the actual IP Addresses.
> 
> *** Received from xxx.xxx.xxx.xxx port 1025 ....
> Code:       Access-Request
> Identifier: 1
> Authentic:  ...................................
> Attributes:
>         User-Name = "route-max4-1"
>         User-Password = "............."
>         NAS-Identifier = xxx.xxx.xxx.xxx
>         NAS-Port = 0
>         NAS-Port-Type = Virtual
>         Service-Type = Dialout-Framed-User
> 
> Tue Jul 13 23:54:16 1999: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
> Tue Jul 13 23:54:16 1999: DEBUG: Rewrote user name to route-max4-1
> Tue Jul 13 23:54:16 1999: DEBUG: Query is: select NAS_Identifier,
> NAS_Port, Acct_Session_Id from RADONLINE where Username='route-max4-1'
> 
> Tue Jul 13 23:54:16 1999: DEBUG: Handling with Radius::AuthSQL
> Tue Jul 13 23:54:16 1999: DEBUG: Handling with Radius::AuthFILE
> Tue Jul 13 23:54:16 1999: DEBUG: Radius::AuthFILE looks for match with
> route-max4-1
> Tue Jul 13 23:54:16 1999: INFO: Access rejected for route-max4-1: No such
> user
> Tue Jul 13 23:54:16 1999: DEBUG: Packet dump:
> *** Sending to xxx.xxx.xxx.xxx port 1025 ....
> Code:       Access-Reject
> Identifier: 1
> Authentic:  ..................................................
> Attributes:
>         Reply-Message = "Request Denied"
>         Reply-Message = "No such user"
> 
> Tue Jul 13 23:54:16 1999: DEBUG: Packet dump:
> 
> 
> 
> ===
> Archive at http://www.thesite.com.au/~radiator/
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.

===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Why is radiator rejecting auth request ?

Reply via email to
