Our solution to this problem is to make an snmpwalk to another SNMP variable and then
grep the result for the username. This works perfectly for Simultaneous-Use=1 but not
for more since it always checks with the first occurence of the username in the
snmpwalk output
Vangelis
Hugh Irvine wrote:
> Hello Utku -
>
> Please send the code (a "diff -c ..." preferably) to Mike and we will take a look.
>
> I have also been working an a different approach with another customer, and I should
>be posting something soon.
>
> regards
>
> Hugh
>
> On Friday, November 1, 2002, at 05:14 AM, Utku Er wrote:
>
> Hi everyone,
>
> This is discussed on this list before... We have problems getting information
>with snmp on ISDN users from the Cisco access servers. RADIATOR can doublecheck the
>session table entries when needed from the Cisco NAS with SNMP for the ASYNC users.
>RADIATOR uses the SNMP request of
>".iso.org.dod.internet.private.enterprises.9.2.9.2.1.18.NASPORT" to get the username
>connected to that port.
>
> However, when RADIATOR tries to doublecheck the NAS for the ISDN users, this
>SNMP request is not working. Since radiator cannot verify this user is still
>connected, session check problems occur... Like discussed in
>http://www.open.com.au/archives/radiator/2000-02/msg00246.html and in many of the
>others.
>
> I contacted TAC and they've said it's not possible to get this username/nasport
>relation via SNMP for the ISDN users. Since we agree on they cannot provide it (maybe
>they'll do it in later IOS releases) I alter the radiator source a little and create
>my solution.
>
> Cisco ISDN nas_port are structured like 2XXYY in the start record. I guess this
>means SerialXX:YY. I altered /usr/lib/perl5/site_perl/5.6.0/Radius/Nas/Cisco.pm to
>finger to NAS if NAS-Port is higher than 20000 and use the normal snmp procedure for
>the other users. This procedure searches "SeXX:YY username" in this finger output.
>(of course XX and YY can be zero or include zero and username is printed only 10
>characters)
>
> This is working quite well and ISDN users cannot connect more than their
>simultaneous-use allow them to. I can send this updated Cisco.pm code if writer or
>Open System Consultants allow me to.
>
> regards,
>
> Utku Er
> http://www.utkuer.com
>
> NB: I am travelling this week, so there may be delays in our correspondence.
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
