(RADIATOR) Multiple radius servers & RADONLINE table

Tue, 29 Jan 2002 13:04:25 -0800 


----------  Forwarded Message  ----------

Subject: BOUNCE [EMAIL PROTECTED]:    Non-member submission from ["Gordon 
Smith" <[EMAIL PROTECTED]>]
Date: Tue, 29 Jan 2002 13:34:01 -0600
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]

>From [EMAIL PROTECTED] Tue Jan 29 13:34:00 2002
Received: from morenet.net.nz (mail.morenet.net.nz [210.185.31.14])
        by server1.open.com.au (8.11.0/8.11.0) with SMTP id g0TJXx307006
        for <[EMAIL PROTECTED]>; Tue, 29 Jan 2002 13:34:00 -0600
Received: (qmail 20700 invoked by uid 504); 29 Jan 2002 21:04:16 -0000
Received: from [EMAIL PROTECTED] by mail.morenet.net.nz with
 qmail-scanner-1.03 (. Clean. Processed in 0.028611 secs); 29 Jan 2002
 21:04:16 -0000 Received: from unknown (HELO gordonlaptop) (210.185.16.221)
  by 0 with SMTP; 29 Jan 2002 21:04:16 -0000
Reply-To: <[EMAIL PROTECTED]>
From: "Gordon Smith" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Subject: Multiple radius servers & RADONLINE table
Date: Wed, 30 Jan 2002 10:10:39 +1300
Message-ID: <[EMAIL PROTECTED]>
MIME-Version: 1.0
Content-Type: text/plain;
        charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0)
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4807.1700

Hi Hugh,

I'm setting up 2 radius servers that talk to a backend database (MySQL) on a
separate box.

Problem is, for some reason the local RADONLINE table is updated, which I
don't want, as the user can be processed by either radius server. I want the
sessions to be checked against the backend DB, which I thought was
configured with the SessionDatabase attribute.

Can you shed some light on this for me? The goal is to have both front end
servers checking the back end radonline table for enforcing simultaneous use
policies.

Cheers,
Gordon


This is the relevent config:

<AuthBy SQL>
        Identifier AcctSQL
        DBSource dbi:mysql:radmin:d3.morenet.net.nz
        DBUsername xxxx
        DBAuth zzzzzz
        AuthSelect

        AccountingTable RADUSAGE
        AcctColumnDef USERNAME,User-Name
        AcctColumnDef TIME_STAMP,Timestamp,integer
        AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type,integer
        AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
        AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
        AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
        AcctColumnDef ACCTSESSIONID,Acct-Session-Id
        AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
        AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
        AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
        AcctColumnDef NASIDENTIFIER,NAS-IP-Address
        AcctColumnDef NASPORT,NAS-Port,integer
        AcctColumnDef DNIS,Called-Station-Id
        AcctColumnDef CALLERID,Calling-Station-Id
</AuthBy>

<AuthBy RADMIN>
        Identifier AuthSQL
        DBSource dbi:mysql:radmin
        DBUsername xxx
        DBAuth zzz

AddToReply  \
                Framed-Protocol = PPP,\
                Framed-IP-Netmask = 255.255.255.255,\
                Framed-Routing = None,\
                Framed-MTU = 1500,\
                Framed-Compression = Van-Jacobson-TCP-IP,\
                Service-Type = Framed-User,\
                Session-Timeout = 14400,\
                Idle-Timeout = 900,\
                Ascend-Client-Primary-DNS = 210.185.31.4,\
                Ascend-Client-Secondary-DNS = 210.185.31.5
</AuthBy>

<SessionDatabase SQL>
        Identifier SessSQL
        DBSource dbi:mysql:radmin:d3.morenet.net.nz
        DBUsername xxx
        DBAuth zzz
</SessionDatabase>

<AuthLog SQL>
        Identifier logAuth
        DBSource dbi:mysql:radmin:d3.morenet.net.nz
        DBUsername radmin
        DBAuth radminpw

        Table AUTH_LOG

        LogSuccess 0
        LogFailure 1

        SuccessQuery INSERT INTO AUTH_LOG \
                (ACCESS_OK,TIME_STAMP,USERNAME,SEVERITY,REASON) \
                VALUES \
                ('OK','%t','%n','%0','%1')

        FailureQuery INSERT INTO AUTH_LOG \
                (ACCESS_OK,TIME_STAMP,USERNAME,SEVERITY,REASON) \
                VALUES \
                ('NO','%t','%n','%0','%1')
</AuthLog>


<Realm infogen.net.nz>
        AuthByPolicy ContinueAlways
        AuthBy AcctSQL
        AuthBy AuthSQL
        AuthLog logAuth
        SessionDatabase SessSQL

</Realm>

<Realm morenet.net.nz>
        AuthByPolicy ContinueAlways
        AuthBy AcctSQL
        AuthBy AuthSQL
        AuthLog logAuth
        SessionDatabase SessSQL
</Realm>

-------------------------------------------------------

-- 
Mike McCauley                               [EMAIL PROTECTED]
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985                       Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc 
on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.















    











					Reply via email to