Hello Patricia -
You may be seeing spurious timeout problems due to the default timeout in
radpwtst which is 5 seconds. If your remote radius takes a relatively long time
to respond you may need to adjust the timeouts in both the AuthBy RADIUS clause
and in radpwtst with the -timeout parameter.
hth
Hugh
>
> Hi there,
>
> I wonder whether someone has a hint concerning the following problem:
>
> Radiator (2.16.1 on FreeBSD 4.0) authenticates incoming users via MySQL.
> If it can't find a matching entry, it hands over to a SQL-patched Livingstone
> derivative on another box which I haven't much control over.
>
> Whilst testing this scenario with radpwst, I found a strange but reproduceable
> behaviour: In case the user can't be authenticated by Radiator but
> by the Livingstone, radpwst returns with
> sending Access-Request...
> No reply
>
> ... and the log says:
>
> *** Received from 1*5.2*4.2*0.2*1 port 1645 ....
> Code: Access-Accept
> Identifier: 5
> Authentic: <176><19><225>!<229>3<200><127><166><141>v*<165>}<201><154>
> Attributes:
> Service-Type = Framed-User
>
> Tue Jul 25 17:04:58 2000: WARNING: Unknown reply received in AuthRADIUS
> for request 5 from 1*5.2*4.2*0.2*1:1645
> Tue Jul 25 17:05:03 2000: INFO: AuthRADIUS: No reply after 3
> retransmissions to 1645 for bayRS1400 (238)
> Tue Jul 25 17:05:03 2000: INFO: AuthRADIUS: No response from any RADIUS
> hosts. Ignoring
>
>
> However, as soon as I repeat the whole request, it suddenly succeeds:
>
> *** Received from 1*5.2*4.2*0.2*1 port 1645 ....
> Code: Access-Accept
> Identifier: 6
> Authentic: <153><230>p<134><237>&3-<153><169>zAD<188>\<182>
> Attributes:
> Service-Type = Framed-User
>
> Tue Jul 25 17:07:59 2000: DEBUG: Received reply in AuthRADIUS for req 6
> from 1*5.2*4.2*0.2*1:1645
> Tue Jul 25 17:07:59 2000: DEBUG: Packet dump:
> *** Sending to 127.0.0.1 port 4312 ....
> Code: Access-Accept
> Identifier: 179
> Authentic: 1234567890123456
> Attributes:
> Service-Type = Framed-User
>
>
> Anyone an idea? The Radiator configuration looks as follows:
>
> <AuthBy GROUP>
>
> AuthByPolicy ContinueWhileReject
>
> <AuthBy SQL>
>
> DBSource dbi:mysql:radius
> DBUsername ***
> DBAuth ***
>
> FailureBackoffTime 300
>
> AuthSelect select PASSWORD from SUBSCRIBERS where USERNAME='%n'
>
> AuthColumnDef 0, Encrypted-Password, check
>
>
> </AuthBy>
>
> <AuthBy RADIUS>
> Host ***
> Secret ***
> AuthPort 1645
> </AuthBy>
>
> </AuthBy>
>
>
> Thanks for taking time,
>
>
> Patricia
>
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
