Re: (RADIATOR) Authby GROUP + AuthBy RADIUS + Accounting

Mon, 6 Mar 2000 14:23:41 -0800 


Hello Robin -

On Tue, 07 Mar 2000, Robin Vissers wrote:
> Hi all,
> 
> short problem description : 
> ---------------------------
> Accounting information is stored locally and not forwarded to 
> the other radius server using Authby GROUP.
> 
> Configuration overview
> ----------------------
> As a temporary solution during migration of user database;
> users will first be authenticated using DBFILE; if rejected, we'll try 
> authentication to anorther radius server.
> So far so good but:
> Authentications is nicely forwarded, but Accounting information is not.
> 

The problem you have is that the AuthBy DBFile accepts the Accounting-Request
and that satisfies the AuthByPolicy in the AuthBy GROUP.

Here is a better approach:

<AuthBy DBFILE>
        Identifier CheckUsers
        Filename %D/users
        DefaultReply Service-Type = Framed-User, \
        Framed-Protocol = PPP, \
        Framed-Routing = None, \
        Framed-MTU = 1500, \
        Framed-Compression = Van-Jacobson-TCP-IP 
</AuthBy>

<AuthBy RADIUS>
        Identifer CheckRadius
        Host my.host.domain.tld
        Secret bubu
        AuthPort 1645
        AcctPort 1646
</AuthBy>

<Handler Request-Type = Accounting-Request>
        RewriteUsername tr/A-Z/a-z/
        RewriteUsername s/ //g
        AuthBy CheckRadius
        AcctLogFileName %L/radacct
        AcctLogFileFormat %{Acct-Session-Id} \
                %{User-Name} \
                %{Timestamp} \
                %{Acct-Session-Time} \
                %{Framed-IP-Address} \
                %{Calling-Station-Id}
</Handler>

<Handler Request-Type = Authentication-Request>
        RewriteUsername tr/A-Z/a-z/
        RewriteUsername s/ //g
        AuthByPolicy ContinueUntilAccept
        AuthBy CheckUsers
        AuthBy CheckRadius
        PasswordLogFileName %L/password.log 
</Handler>

Note that the support for Request-Type checking is in Radiator 2.15.

hth

Hugh


-- 
Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.



===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Reply via email to