Hello Dan - On Fri, 21 Jul 2000, -=X=- wrote: > Hello > > We finally have our Radiator radius server up and running and it seems to > work well. I have noticed, however, errors like this in the logfile: > > INFO: Access rejected for <username>: Check item Service-Type expression > 'Framed-User' does not match '' in request > > > I am assuming that is because we have this in the config file: > > <AuthBy FILE> > Identifier Check_FILE > Filename /usr/adm/radius/users > AddToReply Service-Type=Framed-User,Framed-Protocol=PPP > </AuthBy> > > <AuthBy UNIX> > Identifier System > Filename /usr/adm/radius/password.file > AddToReply Service-Type=Framed-User,Framed-Protocol=PPP > </AuthBy> > > and we had to add the AddToReply in there for the AS5800 we have. It seems > that the only people getting that error are people using Linux or some > other form of Unix to connect. Any ideas? It doesn't seem to matter what > access box they connect to. > The problem you have is due to the way you have configured your users file - you must have those users (or a DEFAULT) with the Service-Type=Framed-User on the first line of the definition - ie as a check item. > On a side note, I did just upgrade to 12.1 code on the AS5800, maybe I > don't need that AddToReply option in there? I'll test that. > We would be interested in any reports on IOS 12.1, however Cisco is well known for requiring a Service-Type reply attribute. thanks Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
