Hello Hugh, Our Nas send a user with realm. And when I set Bad login count to zero , I can login with user2@test2 also.
Regards, Chairath > > Hello Chairath - > > The log message shown below is due to the username "user2@test2" not being > found in the database. This is probably because you have not used a > RewriteUsername in the Handler to strip the realm (you should use the same > one that you used in the Realm clause). > > regards > > Hugh > > > On Tue, 11 Dec 2001 15:17, Chairath K wrote: > > Hello Hugh, > > > > I have got problem about Bad login count. According to section 5.1.9 in > > reference manual of RAdmin version 1.4 , it said that if we leave this > > field blank, then no bad login limits will be applied. But !! when I try , > > I can't login . In log file shows a message like these > > > > > > Tue Dec 11 10:53:56 2001: INFO: Access rejected for user2@test2: No such > > user Tue Dec 11 10:53:56 2001: DEBUG: Packet dump: > > *** Sending to 10.20.0.2 port 49156 .... > > Code: Access-Reject > > Identifier: 159 > > Authentic: <0><0>4G<0><0><13><21><0><0><31>><0><0>/<172> > > Attributes: > > Reply-Message = "Request Denied" > > > > So how can I fixed it . > > Futhermore , how can I expand login limit to more than 5 > > > > Regards, > > Chairath > > > > P.S. Our system are running with Radiator 2.18 and Radmin 1.4 > > > > Foreground > > LogStdout > > LogDir d:/Radiator-2.18/log > > DbDir d:/Radiator-2.18 > > LogFile %L/logfile-%d-%m-%Y > > > > # Dont turn this up too high, since all log messages are logged > > # to the RADMESSAGES table in the database. 3 will give you everything > > # except debugging messages > > Trace 4 > > > > > > # PreClientHook to add NAS-Port attribute > > PreClientHook file:"%D/addNASPort" > > > > # You will probably want to change this to suit your site. > > # You should list all the clients you have, and their secrets > > # If you are using the Radmin Clients table, you wil probably > > # want to disable this. > > #<Client DEFAULT> > > # Secret mysecret > > # DupInterval 0 > > #</Client> > > > > # You can put additonal (or all) client details in your Radmin > > # database table > > # and get their details from there with something like this: > > # You can then use the Radmin 'Add Radius Client' to add new clients. > > <ClientListSQL> > > DBSource dbi:ODBC:Radmin > > DBUsername xxx > > DBAuth xxxx > > </ClientListSQL> > > > > #<AuthBy RADIUS> > > # Identifier ProxyTofunk > > # Host 10.2.0.6 > > # Secret test > > #</AuthBy> > > > > #<Realm funk> > > # strip Realm > > # RewriteUsername s/^([^@]+).*/$1/ > > # AuthBy ProxyTofunk > > #</Realm> > > > > <AuthBy RADMIN> > > Identifier RADMINAUTH > > # Change DBSource, DBUsername, DBAuth for your database > > # See the reference manual. You will also have to > > # change the one in <SessionDatabse SQL> below > > # so its the same > > DBSource dbi:ODBC:Radmin > > DBUsername xxx > > DBAuth xxxx > > DateFormat %e %m %Y %T > > # You can add to or change these if you want, but you > > # will probably want to change the database schema first > > AccountingTable RADUSAGE > > AcctColumnDef USERNAME,User-Name > > AcctColumnDef TIME_STAMP,Timestamp,integer > > AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type,integer > > AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer > > AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer > > AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer > > AcctColumnDef ACCTSESSIONID,Acct-Session-Id > > AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer > > AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause,integer > > AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address > > AcctColumnDef NASIDENTIFIER,NAS-Identifier > > AcctColumnDef NASIDENTIFIER,NAS-IP-Address > > AcctColumnDef NASPORT,NAS-Port,integer > > AcctColumnDef DNIS,Called-Station-Id > > AcctColumnDef DATE,Timestamp,integer-date > > # This updates the time and octets left > > # for this user > > AcctSQLStatement update RADUSERS set > > TIMELEFT=TIMELEFT-0%{Acct-Session-Time}, > > OCTETSINLEFT=OCTETSINLEFT-0%{Acct-Input-Octets}, > > OCTETSOUTLEFT=OCTETSOUTLEFT-0%{Acct-Output-Octets} where USERNAME='%n' > > > > </AuthBy> > > > > <AuthBy GROUP> > > Identifier WithIdleTimeout > > AuthBy RADMINAUTH > > # These are the classic things to add to each users > > # reply to allow a PPP dialup session. It may be > > # different for your NAS. This will add some > > # reply items to everyone's reply > > AddToReply Framed-Protocol = PPP,\ > > Service-Type = Framed-User,\ > > Framed-IP-Netmask = 255.255.255.255,\ > > Framed-Routing = None,\ > > Framed-MTU = 1500,\ > > Framed-Compression = Van-Jacobson-TCP-IP,\ > > Idle-Timeout = 600,\ > > Class = %{NAS-Port} > > </AuthBy> > > > > <AuthBy GROUP> > > Identifier WithOutIdleTimeout > > AuthBy RADMINAUTH > > # These are the classic things to add to each users > > # reply to allow a PPP dialup session. It may be > > # different for your NAS. This will add some > > # reply items to everyone's reply > > AddToReply Framed-Protocol = PPP,\ > > Service-Type = Framed-User,\ > > Framed-IP-Netmask = 255.255.255.255,\ > > Framed-Routing = None,\ > > Framed-MTU = 1500,\ > > Framed-Compression = Van-Jacobson-TCP-IP,\ > > Class = %{NAS-Port} > > </AuthBy> > > > > <AuthBy FILE> > > Identifier TimeZone > > Filename %D/adsl.users > > </AuthBy> > > > > <Handler Request-Type=Accounting-Request> > > AuthBy RADMINAUTH > > </Handler> > > > > <Handler Realm=test1> > > AuthBy TimeZone > > </Handler> > > > > <Handler Realm=test2> > > AuthBy WithOutIdleTimeout > > </Handler> > > > > <Handler> > > AuthBy WithIdleTimeout > > </Handler> > > > > > > # Handle User with NO Realm with RADMIN > > #<Realm> > > # AuthBy RADMINAUTH > > #</Realm> > > > > # Handle everyone with RADMIN > > #<Realm DEFAULT> > > # AuthBy RADMINAUTH > > #</Realm> > > > > <SessionDatabase SQL> > > # This database spec usually should be exactly the same > > # as in <AuthBy RADMIN> above > > DBSource dbi:ODBC:Radmin > > DBUsername xxxx > > DBAuth xxxx > > ClearNasQuery > > </SessionDatabase> > > -- > Radiator: the most portable, flexible and configurable RADIUS server > anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. > - > Nets: internetwork inventory and management - graphical, extensible, > flexible with hardware, software, platform and database independence. > === > Archive at http://www.open.com.au/archives/radiator/ > Announcements on [EMAIL PROTECTED] > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.