Hi folks,
has anybody out there successfully set up a proxy connection between an Ascend
Navis Radius System and Radiator? We're having a bear of a time with it, and I'd
appreciate any help.
Here's the setup: <NAS>----<Navis Radius (acting as a proxy)
>----<Radiator>
We want to use the connection strictly for authentication purposes. Our radiator
is successfully authenticating, and is sending "access-accept" packerts back to
the Navis Radius system. Here's an excerpt from our Radiator log:
################### Radiator logfile excerpt (/var/log/radius/logfile) Start
##################
#### <Excerpt> /var/log/radius/logfile
Mon Oct 11 09:55:52 1999: DEBUG: Packet dump:
*** Received from "some funky ip address" port 33109 ....
Code: Access-Request
Identifier: 84
Authentic: <0><0>\<137><0><0>Y<205><0><0>u<252><0><0>[<196>
Attributes:
User-Name = "[EMAIL PROTECTED]"
CHAP-Password = "<1>7jDa<223><181>m<5><250>N<180><187><167><135>J<237>"
NAS-IP-Address = some funky ip address :-)
NAS-Port = 10103
NAS-Port-Type = Sync
Service-Type = Framed-User
Framed-Protocol = PPP
State = ""
Called-Station-Id = "181920"
Acct-Session-Id = "302097239"
CHAP-Challenge = "<147><11>\hp<251><214><242><158><209>+<235><216>pM<196>"
Proxy-State = 0
Mon Oct 11 09:55:52 1999: DEBUG: Check if Handler Realm=ldap.realm should be
used to handle this request
Mon Oct 11 09:55:52 1999: DEBUG: Handling request with Handler
'Realm=ldap.realm'
Mon Oct 11 09:55:52 1999: DEBUG: Handling with Radius::AuthLDAP
Mon Oct 11 09:55:53 1999: DEBUG: LDAP got result for cn=Testuser2, ou=TIC,
ou=TI, o=Technik Innovation, c=DE
Mon Oct 11 09:55:53 1999: DEBUG: LDAP got info: garbledpassword
Mon Oct 11 09:55:53 1999: DEBUG: Radius::AuthLDAP looks for match with
[EMAIL PROTECTED]
Mon Oct 11 09:55:53 1999: DEBUG: Radius::AuthLDAP ACCEPT:
Mon Oct 11 09:55:53 1999: DEBUG: Access accepted for [EMAIL PROTECTED]
Mon Oct 11 09:55:53 1999: DEBUG: Packet dump:
*** Sending to "some funky ip address" port 33109 ....
Code: Access-Accept
Identifier: 84
Authentic: <0><0>\<137><0><0>Y<205><0><0>u<252><0><0>[<196>
Attributes:
User-Name = "[EMAIL PROTECTED]"
State = ""
Proxy-State = 0
Service-Type = Framed-User
Framed-Protocol = PPP
################### Radiator logfile excerpt (/var/log/radius/logfile) End
##################
As far as I can tell, everything on our side is working correctly.
################### Ascend Radius Server Clients Logfile Start
###############################
Mon Oct 11 08:30:22 1999: Received-Authentication: 159/57 '[EMAIL PROTECTED]'
from "some funky ip address" port 10128 PPP
Mon Oct 11 08:30:22 1999: rad_2rad_recv: Invalid reply accept digest from "some
funky ip address"[1645] id 57 digest 863087ADF05C95C5ECCC36F6E0E9AC59, 1 matches
Mon Oct 11 08:30:22 1999: Hex dump at 0x16a424/0 for 55 bytes
Mon Oct 11 08:30:22 1999: 0x16a424: 0x0000| 02390037 863087AD F05C95C5 ECCC36F6|
|.9.7.0...\....6.|
Mon Oct 11 08:30:22 1999: 0x16a434: 0x0010| E0E9AC59 21033001 12544553 54324045|
|...Y!.0..TEST2@E|
Mon Oct 11 08:30:22 1999: 0x16a444: 0x0020| 4C41422E 44452E54 44180206 06000000|
|LAB.DE.TD.......|
Mon Oct 11 08:30:22 1999: 0x16a454: 0x0030| 02070600 000001.. ........ ........|
|.......||||||||||
################### Ascend Radius Server Clients Logfile End
###############################
I have no idea whether or not the "Invalid reply accept digest" message is going
to help me get to the bottom of this.
Any help here would be _greatly_ appreciated.
Carl K. Cunningham
______________________________________________________________________
DeTeSystem Deutsche Telekom Systeml�sungen GmbH
Hahnstra�e 43 d, 60528 Frankfurt am Main
Postfach 71 02 45, 60492 Frankfurt am Main
Telefon: (069) 6 65 31 -0, Telefax: (069) 6 65 31 -4 99
Aufsichtsrat: Josef Brauner (Vorsitzender)
Gesch�ftsf�hrung: Christian A. Hufnagl (Vorsitzender), Joseph Eisenried, Horst
Joachim Grieme, J�rgen Dostal, Peter Ruland
Eintrag Amtsgericht Frankfurt am Main HR B 37649; USt-IdNr. DE 811 575 332
�
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
