Hello Hugh, By now, our some customers don't be happy about bad login limits. They want us to disable this feature for their account cause they don't want to make a call to us to reset bad login to 0 when it get to 5.
Well, I read RAdmin manual , and I found that if we leave this field blank ,
then no bad login limits will be applied. But it's not work!!.
In log file you will find that there have 2 login attempts . First login
attempt is occured after I set bad login to be empty and second is occured
after I set it to 0
Regards,
Chairath
P.S. How can I expand login limit .
----- Original Message -----
From: "Hugh Irvine" <[EMAIL PROTECTED]>
To: "Chairath K" <[EMAIL PROTECTED]>
Cc: "Radiator" <[EMAIL PROTECTED]>
Sent: Wednesday, December 12, 2001 11:29 AM
Subject: Re: (RADIATOR) Bad login count
>
> Hello Chairath -
>
> I apologise, but I don't understand the question. Could you please provide
me
> with more details and a trace 4 debug showing the problem.
>
> thanks
>
> Hugh
>
>
> On Tue, 11 Dec 2001 17:51, Chairath K wrote:
> > Hello Hugh,
> >
> > Our Nas send a user with realm. And when I set Bad login count to zero ,
I
> > can login with user2@test2 also.
> >
> > Regards,
> > Chairath
> >
> > > Hello Chairath -
> > >
> > > The log message shown below is due to the username "user2@test2" not
> > > being found in the database. This is probably because you have not
used a
> > > RewriteUsername in the Handler to strip the realm (you should use the
> > > same one that you used in the Realm clause).
> > >
> > > regards
> > >
> > > Hugh
> > >
> > > On Tue, 11 Dec 2001 15:17, Chairath K wrote:
> > > > Hello Hugh,
> > > >
> > > > I have got problem about Bad login count. According to section 5.1.9
in
> > > > reference manual of RAdmin version 1.4 , it said that if we leave
this
> > > > field blank, then no bad login limits will be applied. But !! when I
> > > > try
> >
> > ,
> >
> > > > I can't login . In log file shows a message like these
> > > >
> > > >
> > > > Tue Dec 11 10:53:56 2001: INFO: Access rejected for user2@test2: No
> > > > such user Tue Dec 11 10:53:56 2001: DEBUG: Packet dump:
> > > > *** Sending to 10.20.0.2 port 49156 ....
> > > > Code: Access-Reject
> > > > Identifier: 159
> > > > Authentic: <0><0>4G<0><0><13><21><0><0><31>><0><0>/<172>
> > > > Attributes:
> > > > Reply-Message = "Request Denied"
> > > >
> > > > So how can I fixed it .
> > > > Futhermore , how can I expand login limit to more than 5
> > > >
> > > > Regards,
> > > > Chairath
> > > >
> > > > P.S. Our system are running with Radiator 2.18 and Radmin 1.4
> > > >
> > > > Foreground
> > > > LogStdout
> > > > LogDir d:/Radiator-2.18/log
> > > > DbDir d:/Radiator-2.18
> > > > LogFile %L/logfile-%d-%m-%Y
> > > >
> > > > # Dont turn this up too high, since all log messages are logged
> > > > # to the RADMESSAGES table in the database. 3 will give you
everything
> > > > # except debugging messages
> > > > Trace 4
> > > >
> > > >
> > > > # PreClientHook to add NAS-Port attribute
> > > > PreClientHook file:"%D/addNASPort"
> > > >
> > > > # You will probably want to change this to suit your site.
> > > > # You should list all the clients you have, and their secrets
> > > > # If you are using the Radmin Clients table, you wil probably
> > > > # want to disable this.
> > > > #<Client DEFAULT>
> > > > # Secret mysecret
> > > > # DupInterval 0
> > > > #</Client>
> > > >
> > > > # You can put additonal (or all) client details in your Radmin
> > > > # database table
> > > > # and get their details from there with something like this:
> > > > # You can then use the Radmin 'Add Radius Client' to add new
clients.
> > > > <ClientListSQL>
> > > > DBSource dbi:ODBC:Radmin
> > > > DBUsername xxx
> > > > DBAuth xxxx
> > > > </ClientListSQL>
> > > >
> > > > #<AuthBy RADIUS>
> > > > # Identifier ProxyTofunk
> > > > # Host 10.2.0.6
> > > > # Secret test
> > > > #</AuthBy>
> > > >
> > > > #<Realm funk>
> > > > # strip Realm
> > > > # RewriteUsername s/^([^@]+).*/$1/
> > > > # AuthBy ProxyTofunk
> > > > #</Realm>
> > > >
> > > > <AuthBy RADMIN>
> > > > Identifier RADMINAUTH
> > > > # Change DBSource, DBUsername, DBAuth for your database
> > > > # See the reference manual. You will also have to
> > > > # change the one in <SessionDatabse SQL> below
> > > > # so its the same
> > > > DBSource dbi:ODBC:Radmin
> > > > DBUsername xxx
> > > > DBAuth xxxx
> > > > DateFormat %e %m %Y %T
> > > > # You can add to or change these if you want, but you
> > > > # will probably want to change the database schema first
> > > > AccountingTable RADUSAGE
> > > > AcctColumnDef USERNAME,User-Name
> > > > AcctColumnDef TIME_STAMP,Timestamp,integer
> > > > AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type,integer
> > > > AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
> > > > AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
> > > > AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
> > > > AcctColumnDef ACCTSESSIONID,Acct-Session-Id
> > > > AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
> > > > AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause,integer
> > > > AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
> > > > AcctColumnDef NASIDENTIFIER,NAS-Identifier
> > > > AcctColumnDef NASIDENTIFIER,NAS-IP-Address
> > > > AcctColumnDef NASPORT,NAS-Port,integer
> > > > AcctColumnDef DNIS,Called-Station-Id
> > > > AcctColumnDef DATE,Timestamp,integer-date
> > > > # This updates the time and octets left
> > > > # for this user
> > > > AcctSQLStatement update RADUSERS set
> > > > TIMELEFT=TIMELEFT-0%{Acct-Session-Time},
> > > > OCTETSINLEFT=OCTETSINLEFT-0%{Acct-Input-Octets},
> > > > OCTETSOUTLEFT=OCTETSOUTLEFT-0%{Acct-Output-Octets} where
USERNAME='%n'
> > > >
> > > > </AuthBy>
> > > >
> > > > <AuthBy GROUP>
> > > > Identifier WithIdleTimeout
> > > > AuthBy RADMINAUTH
> > > > # These are the classic things to add to each users
> > > > # reply to allow a PPP dialup session. It may be
> > > > # different for your NAS. This will add some
> > > > # reply items to everyone's reply
> > > > AddToReply Framed-Protocol = PPP,\
> > > > Service-Type = Framed-User,\
> > > > Framed-IP-Netmask = 255.255.255.255,\
> > > > Framed-Routing = None,\
> > > > Framed-MTU = 1500,\
> > > > Framed-Compression = Van-Jacobson-TCP-IP,\
> > > > Idle-Timeout = 600,\
> > > > Class = %{NAS-Port}
> > > > </AuthBy>
> > > >
> > > > <AuthBy GROUP>
> > > > Identifier WithOutIdleTimeout
> > > > AuthBy RADMINAUTH
> > > > # These are the classic things to add to each users
> > > > # reply to allow a PPP dialup session. It may be
> > > > # different for your NAS. This will add some
> > > > # reply items to everyone's reply
> > > > AddToReply Framed-Protocol = PPP,\
> > > > Service-Type = Framed-User,\
> > > > Framed-IP-Netmask = 255.255.255.255,\
> > > > Framed-Routing = None,\
> > > > Framed-MTU = 1500,\
> > > > Framed-Compression = Van-Jacobson-TCP-IP,\
> > > > Class = %{NAS-Port}
> > > > </AuthBy>
> > > >
> > > > <AuthBy FILE>
> > > > Identifier TimeZone
> > > > Filename %D/adsl.users
> > > > </AuthBy>
> > > >
> > > > <Handler Request-Type=Accounting-Request>
> > > > AuthBy RADMINAUTH
> > > > </Handler>
> > > >
> > > > <Handler Realm=test1>
> > > > AuthBy TimeZone
> > > > </Handler>
> > > >
> > > > <Handler Realm=test2>
> > > > AuthBy WithOutIdleTimeout
> > > > </Handler>
> > > >
> > > > <Handler>
> > > > AuthBy WithIdleTimeout
> > > > </Handler>
> > > >
> > > >
> > > > # Handle User with NO Realm with RADMIN
> > > > #<Realm>
> > > > # AuthBy RADMINAUTH
> > > > #</Realm>
> > > >
> > > > # Handle everyone with RADMIN
> > > > #<Realm DEFAULT>
> > > > # AuthBy RADMINAUTH
> > > > #</Realm>
> > > >
> > > > <SessionDatabase SQL>
> > > > # This database spec usually should be exactly the same
> > > > # as in <AuthBy RADMIN> above
> > > > DBSource dbi:ODBC:Radmin
> > > > DBUsername xxxx
> > > > DBAuth xxxx
> > > > ClearNasQuery
> > > > </SessionDatabase>
> > >
> > > --
> > > Radiator: the most portable, flexible and configurable RADIUS server
> > > anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> > > -
> > > Nets: internetwork inventory and management - graphical, extensible,
> > > flexible with hardware, software, platform and database independence.
> > > ===
> > > Archive at http://www.open.com.au/archives/radiator/
> > > Announcements on [EMAIL PROTECTED]
> > > To unsubscribe, email '[EMAIL PROTECTED]' with
> > > 'unsubscribe radiator' in the body of the message.
> >
> > ===
> > Archive at http://www.open.com.au/archives/radiator/
> > Announcements on [EMAIL PROTECTED]
> > To unsubscribe, email '[EMAIL PROTECTED]' with
> > 'unsubscribe radiator' in the body of the message.
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
logfile-13-12-2001
Description: Binary data
