Hello Blake -
On Thu, 02 Mar 2000, Blake Golliher wrote:
>
> Hugh, and all,
>
> I'm having a configuration problem with proxy authentication. We are trying
> to proxy a request from Radiator to another host, but I don't seem to be
> making the connection. On the receiving end, the primary radius that will
> authenticate the member, is just running a standard outta the box config
> file. Both are pasted below. Any help, or sample configs are always
> welcome.
>
> ###########<simple.cfg>################
> Foreground
> LogStdout
> LogDir .
> DbDir .
>
> <Client DEFAULT>
> Secret mysecret
> DupInterval 0
> </Client>
>
> <Realm DEFAULT>
> <AuthBy FILE>
> Filename ./users
> </AuthBy>
> # Log accounting to the detail file in LogDir
> AcctLogFileName ./detail
> </Realm>
>
> ###########<proxy_file.cfg>###########
> Foreground
> LogStdout
> LogDir .
> DbDir .
>
> <Client 216.32.32.190>
> Secret mysecret
> DupInterval 0
> </Client>
> <Client 127.0.0.1>
> Secret mysecret
> DupInterval 0
> </Client>
>
> <Handler Realm=DEFAULT>
> AcctLogFileName ./detail
> <AuthBy RADIUS>
> Identifier Radius
> Host 10.0.0.100
> Secret supercoolsecret
> Host 127.0.0.1
> Secret supercoolsecret
> AuthPort 1812
> AcctPort 1813
> Retries 3
> RetryTimeout 5
> </AuthBy>
> </Handler>
>
The shared secrets configured above are not the same. Your AuthBy RADIUS
specifies Secret supercoolsecret, while the receiving Radiator has this:
<Client DEFAULT>
Secret mysecret
....
</Client>
You will have to add a Client Clause in the simple.cfg to match the AuthBy
RADIUS in the proxy.cfg.
hth
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
