Hello Cortney -
You have hit a problem that has been seen before, and there isn't much to be
done about it with the very simplistic facility available with FramedGroup.
We have recently completed a new SQL IP address allocation facility and we
are looking for testers at the moment. Would you be interested? Would anyone
else be interested?
If so, please contact Mike directly ([EMAIL PROTECTED]).
cheers
Hugh
NB - I'm travelling for a couple of weeks ...
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
----- Original Message -----
From: "Cortney Thompson" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, March 26, 2000 6:37 AM
Subject: (RADIATOR) Radiator IP-Pool problem.
> Hi all, I don't know if anyone has ran into this problem before, but any
> help on it would be greatly appreciated.
>
> Here is what I have. I am trying to configure radiator 2.14.1 to assign
> the users IP address during connect using FramedGroupAddress (6.4.7),
which
> I have done correctly.
>
> <Client 204.111.111.11>
> Secret XXXXXX
> DupInterval 3
> FramedGroupBaseAddress 204.111.111.17
> </Client>
>
> <Handler NAS-Identifier=204.111.111.11>
> MaxSessions 2
>
> RewriteUsername tr/A-Z/a-z/
>
> <AuthBy SQL>
> ...
> ...
> FramedGroup = 0
>
> </AuthBy>
> </Handler>
>
> Now here is the good part. The request that the server receives is from
> our test MAX TNT. My next step was to remove the IP-Pool from the TNT,
the
> only thing lucent support could think of, but upon testing I still got a
> Lan Security Error from the TNT and I was not allowed to connect. Looking
> at the debug log in "Trace 4" I get the following:
>
> Tue Mar 21 00:14:23 2000: DEBUG: Packet dump:
> *** Received from 204.111.111.11 port 7022 ....
> Code: Access-Request
> Identifier: 209
> Authentic: G$<205>D<151><157><173>qf<205><172>7<249>*<198><169>
> Attributes:
> User-Name = "user"
> CHAP-Password =
> "<1><213><222>g:M<180><189>Xw<190><213>"e<159><156><231>"
> NAS-Identifier = "204.111.111.11"
> NAS-Port = 6307
> NAS-Port-Type = Async
> Service-Type = Framed-User
> Framed-Protocol = PPP
> State = ""
> Client-Port-DNIS = "748XXXX"
> Acct-Session-Id = "308488437"
> Ascend-Data-Rate = 31200
> Ascend-Xmit-Rate = 33600
>
> Tue Mar 21 00:14:23 2000: DEBUG: Check if Handler Realm=nms should be used
> to handle this request
> Tue Mar 21 00:14:23 2000: DEBUG: Check if Handler
Called-Station-Id=748XXXX
> should be used to handle this request
> Tue Mar 21 00:14:23 2000: DEBUG: Check if Handler
> NAS-Identifier=204.111.111.11 should be used to handle this request
> Tue Mar 21 00:14:23 2000: DEBUG: Handling request with Handler
> 'NAS-Identifier=204.111.111.11'
> Tue Mar 21 00:14:23 2000: DEBUG: Rewrote user name to user
> Tue Mar 21 00:14:23 2000: DEBUG: SDB1 Deleting session for user,
> 204.111.111.11, 6307
> Tue Mar 21 00:14:23 2000: DEBUG: do query is: delete from RADONLINE where
> USERNAME='user' and NASIDENTIFIER='204.111.111.11' and NASPORT=6307
>
> Tue Mar 21 00:14:23 2000: DEBUG: Query is: select NASIDENTIFIER, NASPORT,
> ACCTSESSIONID from RADONLINE where USERNAME='user'
>
> Tue Mar 21 00:14:24 2000: DEBUG: Handling with Radius::AuthSQL
> Tue Mar 21 00:14:24 2000: DEBUG: Handling with Radius::AuthSQL
> Tue Mar 21 00:14:24 2000: DEBUG: Query is: select PASSWORD, CHECKATTR,
> REPLYATTR from AUTHENTICATION where USERNAME='user'
>
> Tue Mar 21 00:14:24 2000: DEBUG: Radius::AuthSQL looks for match with user
> Tue Mar 21 00:14:24 2000: DEBUG: Radius::AuthSQL ACCEPT:
> Tue Mar 21 00:14:24 2000: DEBUG: FramedGroup = 0 address is being assigned
> Tue Mar 21 00:14:24 2000: DEBUG: Access accepted for user
>
> Tue Mar 21 00:14:24 2000: DEBUG: Packet dump:
> *** Sending to 204.111.111.11 port 7022 ....
> Code: Access-Accept
> Identifier: 209
> Authentic: G$<205>D<151><157><173>qf<205><172>7<249>*<198><169>
> Attributes:
> Framed-Address = 204.111.135.204
>
> According to the manual. Radiator takes the FramedBaseAddress and simply
> adds the Nas-Port to the last octet. Which if you do the math on the
above
> Framed-Address works out correctly. The problem here is that the TNT is
> sending the Nas-Port as 6307. This is what I do not understand. If I
put
> this same setup on a Cisco router it would work perfect. Looking at my
> Radonline table of current connections I find that the TNT's are sending
> numbers ranging from 100 all the way up to 7000 as the Nas-port
> attribute. Where the Cisco users Nas-port is usually ranging from
> 1-100. Lucent support has offered hardly any insight into the matter so I
> am hoping someone here can help.
>
> Thanks in advance.
>
> Cortney Thompson
> [EMAIL PROTECTED]
>
> Opinions are mine and do not necessarily reflect
> those of wyoming.com LLC
>
>
> ===
> Archive at http://www.starport.net/~radiator/
> Announcements on [EMAIL PROTECTED]
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
>
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
