Hello Anton -
Please send me a copy of your configuration file (no secrets) together with a trace 4 debug from Radiator showing what is happening. thanks Hugh On Fri, 1 Mar 2002 16:42, Anton Krall wrote: > Ive tested that using the StripFromReply removes the idletimeout and > sessiontimeout attributes from the proxy but it also removes them from > the authby file after that.... Will the allowinreply do the same? Ir > just remove the ones on the proxy authby radius clause and then let any > attrbiute from authby file be appended? > > Saludos > > Anton Krall > Director de Tecnolog�a > Inter.net M�xico / Panam� > > Tel; 5241-7609 Directo > Tel: 5241-7600 Conmutador > Celular: 0445-105-5160 Mobile > ICQ: 4979450 > email: [EMAIL PROTECTED] > web: http://www.mx.inter.net > > Outside Mexico: > Office: +52(555)241-7609 > PBX: +52(555)241-7600 > Mobile: +52(555)105-5160 > > > Original > -----Original Message----- > Original > From: Hugh Irvine [mailto:[EMAIL PROTECTED]] > Original > Sent: Jueves, 28 de Febrero de 2002 07:05 p.m. > Original > To: [EMAIL PROTECTED]; [EMAIL PROTECTED] > Original > Subject: Re: (RADIATOR) double attributes > Original > > Original > > Original > > Original > Hello Anton - > Original > > Original > You should use the StripFromReply in the AuthBy > Original > RADIUS clause. If you are > Original > concerned about reply attributes in general, you can > Original > explicitly specify the > Original > list of attributes that you will accept from a proxy > Original > in an AllowInReply. > Original > > Original > See section 6.17.7 in the Radiator 2.19 reference > Original > manual. ("doc/ref.html"). > Original > > Original > regards > Original > > Original > Hugh > Original > > Original > > Original > On Fri, 1 Mar 2002 11:48, Anton Krall wrote: > Original > > Guys... Im doing some AUTHBYFILE combined with a > Original > AUTHBY RADIUS and I > Original > > have a problem.. the radius AUTHBY RADIproxying is > Original > returning an > Original > > Idle-timeout and Session-Timeout settings..... but > Original > what I need is a > Original > > way to override those and put in my own... which > Original > are passed from a > Original > > AUTHBY FILE, here is the config: > Original > > > Original > > <Realm mx.inter.net> > Original > > AuthByPolicy ContinueUntilAccept > Original > > AuthBy acct > Original > > AuthBy CheckUserAttributes-mx.inter.net > Original > > </Realm> > Original > > > Original > > <AuthBy SQL> > Original > > Identifier acct > Original > > DBSource dbi:mysql:radius:localhost > Original > > DBUsername root > Original > > DBAuth net721009 > Original > > AuthSelect > Original > > DateFormat %Y%m%d %T > Original > > AccountingTable accounting > Original > > # AccountingStopsOnly > Original > > AcctColumnDef username,%U,formatted > Original > > AcctColumnDef domain,%R,formatted > Original > > AcctColumnDef time_stamp,Timestamp,integer > Original > > AcctColumnDef acctstatustype,Acct-Status-Type > Original > > AcctColumnDef > Original > acctdelaytime,Acct-Delay-Time,integer > Original > > AcctColumnDef > Original > acctinputoctets,Acct-Input-Octets,integer > Original > > AcctColumnDef > Original > acctoutputoctets,Acct-Output-Octets,integer > Original > > AcctColumnDef acctsessionid,Acct-Session-Id > Original > > AcctColumnDef > Original > acctsessiontime,Acct-Session-Time,integer > Original > > AcctColumnDef > Original > acctterminatecause,Ascend-Disconnect-Cause > Original > > AcctColumnDef nasidentifier,NAS-IP-Address > Original > > AcctColumnDef nasport,NAS-Port,integer > Original > > AcctColumnDef framedipaddress,Framed-IP-Address > Original > > AcctColumnDef time,Timestamp,integer-date > Original > > AcctColumnDef nasipaddress,NAS-IP-Address > Original > > AcctColumnDef calledstationid,Called-Station-Id > Original > > AcctColumnDef callingstationid,Calling-Station-Id > Original > > AcctColumnDef > Original > disconnectioncause,Ascend-Connect-Progress > Original > > AcctColumnDef telco,Class > Original > > AcctColumnDef zone,%{State},formatted > Original > > DefaultSimultaneousUse 1 > Original > > </AuthBy> > Original > > > Original > > <AuthBy FILE> > Original > > Identifier CheckUserAttributes-mx.inter.net > Original > > Filename %D/atributos-mx.inter.net > Original > > Nocache > Original > > DefaultSimultaneousUse 1 > Original > > </AuthBy> > Original > > > Original > > Contents of atributos-mx.inter.net: > Original > > > Original > > akrall Auth-Type = CheckUser-nasc > Original > > Service-Type = Framed-User, > Original > Framed-Protocol = PPP DEFAULT > Original > > Auth-Type = CheckUser-nasc > Original > > Service-Type = Framed-User, Framed-Protocol = PPP, > Original > > Idle-Timeout = 600, Session-Timeout = 14500 > Original > > > Original > > ---- > Original > > > Original > > The radius server is returning something like this: > Original > > > Original > > Code: Access-Accept > Original > > Identifier: 5 > Original > > Authentic: '<148><168><158><188>z+<231>,<191>|7<254">T@ > Original > > <mailto:T@;<170> > Original > <170>'<148><168><158><188>z+<231>,<191>|7<254> > Original > > Attributes: > Original > > Framed-IP-Address = 255.255.255.254 > Original > > Port-Limit = 1 > Original > > Session-Timeout = 14400 > Original > > Idle-Timeout = 1800 > Original > > Framed-IP-Netmask = 255.255.255.255 > Original > > Class = "38616/217030/10803096/41/NASC" > Original > > > Original > > As you can see. there is some Idle and Session > Original > timeoutouts here... but > Original > > what I need to do is replace them with the ones in > Original > > atributos-mx.inter.net if the user is not found > Original > (DEFAULT user) and if > Original > > he is on the list (akrall for example) then strip > Original > all Idle and Sesion > Original > > timeouts.... > Original > > > Original > > Problem is that I cant seem to override the radius > Original > sent ones... and if > Original > > I use something like StripFromReply... all idle > Original > and session attributes > Original > > are stripped.. incluind mine or the radius server > Original > sent ones.... > Original > > > Original > > Any ideas? > Original > > > Original > > Saludos > Original > > > Original > > Anton Krall > Original > > Director de Tecnolog�a > Original > > Inter.net M�xico / Panam� > Original > > > Original > > Tel; 5241-7609 Directo > Original > > Tel: 5241-7600 Conmutador > Original > > Celular: 0445-105-5160 Mobile > Original > > ICQ: 4979450 > Original > > email: [EMAIL PROTECTED] > Original > > web: http://www.mx.inter.net <http://www.mx.inter.net/> > Original > > > Original > > Outside Mexico: > Original > > Office: +52(555)241-7609 > Original > > PBX: +52(555)241-7600 > Original > > Mobile: +52(555)105-5160 > Original > > Original > -- > Original > Radiator: the most portable, flexible and > Original > configurable RADIUS server anywhere. Available on > Original > *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. > Original > - > Original > Nets: internetwork inventory and management - > Original > graphical, extensible, flexible with hardware, > Original > software, platform and database independence. > Original > > Original > -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
