Hello,
I've recently purchased RADIATOR and I think most of the system (standard
analog dial-up users) is working. However, I also have a few dozen Pipeline
85 router customers who are configured as small office LAN's with
255.255.255.248 subnets. All of them are currently working on AAC (Ascends
Access Control RADIUS) but we would like to convert to RADIATOR ASAP (AAC
has many bugs!).
I've performed some fairly detailed troubleshooting but have not come up
with the answer as of yet. I've included the config file and the trace if
anyone cares to view.
I'm wondering is anyone else out there has the same system configuration and
would be willing to share their config file. I think the issue has
something to do with the reply items being sent back to the NAS servers
(Ascend MAX 4000's).
Anyone else have any advice?
The config file:
<Realm sp>
<AuthBy GROUP>
AuthByPolicy ContinueWhileAccept
<AuthBy SQL>
DBSource dbi:ODBC:remacc
DBUsername admin
DBAuth pword
AuthSelect select PASSWORD, \
CALLED_STATION_ID, \
EXPIRATION, \
FRAMED_IP_ADDRESS, \
FRAMED_IP_NETMASK, \
FRAMED_PROTOCOL, \
FRAMED_ROUTE, \
FRAMED_ROUTING, \
ASCEND_IDLE_LIMIT, \
ASCEND_ASSIGN_IP_POOL, \
SERVICE_TYPE \
from
AUTHENTICATION \
where
USER_NAME='%U'
AuthColumnDef 0, Password,
check
AuthColumnDef 1, Called_Station_Id,
check
AuthColumnDef 2, Expiration,
check
AuthColumnDef 3, Framed_IP_Address,
reply
AuthColumnDef 4, Framed_IP_Netmask,
reply
AuthColumnDef 5, Framed_Protocol,
reply
AuthColumnDef 6, Framed_Route,
reply
AuthColumnDef 7, Framed_Routing,
reply
AuthColumnDef 8, Ascend_Idle_Limit,
reply
AuthColumnDef 9, Ascend_Assign_IP_Pool,
reply
AuthColumnDef 10, Service_Type,
reply
AccountingTable ACCOUNTING1
AcctColumnDef User_Name,
User-Name
AcctColumnDef NAS_IP_Address,
NAS-IP-Address
AcctColumnDef NAS_Port,
NAS-Port
AcctColumnDef NAS_Port_Type,
NAS-Port-Type
AcctColumnDef Billing_Id,
Billing-Id
AcctColumnDef Acct_Status_Type,
Acct-Status-Type
AcctColumnDef Acct_Delay_Time,
Acct-Delay-Time
AcctColumnDef Acct_Session_Id,
Acct-Session-Id
AcctColumnDef Acct_Authentic,
Acct-Authentic
AcctColumnDef Acct_Session_Time,
Acct-Session-Time
AcctColumnDef Acct_Input_Octets,
Acct-Input-Octets
AcctColumnDef Acct_Output_Octets,
Acct-Output-Octets
AcctColumnDef Acct_Input_Packets,
Acct-Input-Packets
AcctColumnDef Acct_Output_Packets,
Acct-Output-Packets
AcctColumnDef Ascend_Disconnect_Cause,
Ascend-Disconnect-Cause, integer, '%s'
AcctColumnDef Ascend_Connect_Progress,
Ascend-Connect-Progress, integer, '%s'
AcctColumnDef Ascend_Xmit_Rate,
Ascend-Xmit-Rate
AcctColumnDef Ascend_Data_Rate,
Ascend-Data-Rate
AcctColumnDef Ascend_PreSession_Time,
Ascend-PreSession-Time
AcctColumnDef Ascend_Pre_Input_Octets,
Ascend-Pre-Input-Octets
AcctColumnDef Ascend_Pre_Output_Octets,
Ascend-Pre-Output-Octets
AcctColumnDef Ascend_Pre_Input_Packets,
Ascend-Pre-Input-Packets
AcctColumnDef Ascend_Pre_Output_Packets,
Ascend-Pre-Output-Packets
AcctColumnDef Ascend_First_Dest,
Ascend-First-Dest
AcctColumnDef Ascend_Multilink_ID,
Ascend-Multilink-ID
AcctColumnDef Ascend_Num_In_Multilink,
Ascend-Num-In-Multilink
AcctColumnDef Acct_Multi_Session_Id,
Acct-Multi-Session-Id
AcctColumnDef Ascend_Modem_PortNo,
Ascend-Modem-PortNo
AcctColumnDef Ascend_Modem_SlotNo,
Ascend-Modem-SlotNo
AcctColumnDef Calling_Station_Id,
Calling-Station-Id
AcctColumnDef Called_Station_Id,
Called-Station-Id
AcctColumnDef Framed_IP_Address,
Framed-IP-Address
AcctColumnDef Framed_IP_Netmask,
Framed-IP-Netmask
AcctColumnDef Framed_Protocol,
Framed-Protocol
AcctColumnDef Start_Time,
Timestamp, formatted-date, '%a
%b %d %H:%M:%S %Y'
AcctColumnDef Stop_Time,
Timestamp, formatted-date, '%a
%b %d %H:%M:%S %Y'
</AuthBy>
</AuthBy>
AcctLogFileName d:/radiator/logs/detail
</Realm>
The trace (log) file:
*** Received from 129.4.247.253 port 1025 ....
Code: Access-Request
Identifier: 23
Authentic: <181>'<128><193>F<238><245><128><168>J<169><245><134>9<28>:
Attributes:
User-Name = "s105571@sp"
CHAP-Password =
"<1>D<245><145><29>2<193>r9<244>,<218><242><167>D<199><185>"
NAS-IP-Address = 129.4.247.253
NAS-Port = 10112
NAS-Port-Type = Sync
Service-Type = Framed-User
Framed-Protocol = PPP
State = ""
Calling-Station-Id = "3105249702"
Called-Station-Id = "5249256"
Acct-Session-Id = "310860438"
Thu Dec 9 09:51:33 1999: DEBUG: Handling request with Handler 'Realm=sp'
Thu Dec 9 09:51:33 1999: DEBUG: Deleting session for s105571@sp,
129.4.247.253, 10112
Thu Dec 9 09:51:33 1999: DEBUG: Handling with Radius::AuthGROUP
Thu Dec 9 09:51:33 1999: DEBUG: Handling with Radius::AuthSQL
Thu Dec 9 09:51:34 1999: DEBUG: Handling with Radius::AuthSQL
Thu Dec 9 09:51:34 1999: DEBUG: Query is: select PASSWORD,
CALLED_STATION_ID, EXPIRATION, FRAMED_IP_ADDRESS, FRAMED_IP_NETMASK,
FRAMED_PROTOCOL, FRAMED_ROUTE, FRAMED_ROUTING, ASCEND_IDLE_LIMIT,
ASCEND_ASSIGN_IP_POOL, SERVICE_TYPE from AUTHENTICATION where
USER_NAME='s105571'
Thu Dec 9 09:51:34 1999: DEBUG: Radius::AuthSQL looks for match with
s105571@sp
Thu Dec 9 09:51:34 1999: DEBUG: Expiration date converted to: 1262332800
Thu Dec 9 09:51:34 1999: DEBUG: Radius::AuthSQL ACCEPT:
Thu Dec 9 09:51:34 1999: DEBUG: Access accepted for s105571@sp
Thu Dec 9 09:51:34 1999: WARNING: No such attribute Service_Type
Thu Dec 9 09:51:34 1999: WARNING: No such attribute Framed_IP_Address
Thu Dec 9 09:51:34 1999: WARNING: No such attribute Framed_IP_Netmask
Thu Dec 9 09:51:34 1999: WARNING: No such attribute Framed_Routing
Thu Dec 9 09:51:34 1999: WARNING: No such attribute Ascend_Idle_Limit
Thu Dec 9 09:51:34 1999: DEBUG: Packet dump:
*** Sending to 129.4.247.253 port 1025 ....
Code: Access-Accept
Identifier: 23
Authentic: <181>'<128><193>F<238><245><128><168>J<169><245><134>9<28>:
Attributes:
Service_Type = 2
Framed_IP_Address = 129.4.140.49
Framed_IP_Netmask = 255.255.255.248
Framed_Routing = 0
Ascend_Idle_Limit = 0
Thu Dec 9 09:51:37 1999: DEBUG: Packet dump:
*** Received from 129.4.247.253 port 1062 ....
Code: Accounting-Request
Identifier: 55
Authentic: c8&<154>B<18><181>H|<242><159>:}<244><127>+
Attributes:
...
...
...
Kirk
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
