Dear Hugh, In the setup (Surfnet Thuisnet) we are using all that we have to send back is Access-Accept or Access-Denied. I think this last problem could very well be to a communication problem between our Radius and the upstream server.
[RAS-requestor] -username/pw/number-> [Central Radius]-u/p/n-> [Utrecht University Radiator] -u/p/n-> [KTU Radiator] [KTU Radiator] - Accept or Denied ->[UU] -A/D->[Central]-A/D->[RAS requestor] I'll check this first thing tomorrow (Monday, its 23:00 Sunday-evening here) when I'm back at the University. In the Utrecht University radiator log-file they must be able to find more info. I'll let you know. By the way: I'm impressed by your swift responses especially considering the time-differences and even during the weekend! Greetings Nico ----- Original Message ----- From: "Hugh Irvine" <[EMAIL PROTECTED]> To: "Nico de Groot" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Sunday, February 23, 2003 10:08 PM Subject: Re: (RADIATOR) Re: Radiator on Windows 2000 AuthbyNT hangs (addition) > > Hello Nico - > > Thanks for sending the debug information. > > It looks to me like the NAS is retrying the access requests because you > are not sending back any reply attributes in the Access-Accept's. You > should add at least the following to your AuthBy FILE clause: > > <AuthBy FILE> > .... > AddToReply Service-Type = Framed-User, \ > Framed-Protocol = PPP > .... > <AuthBy> > > regards > > Hugh > > > > On Sunday, Feb 23, 2003, at 21:18 Australia/Melbourne, Nico de Groot > wrote: > > > Hello Hugh, > > > > Below the info you asked for. I'll try sniffing later. I have to > > locate a > > new sniffing program (old one on the crashed disk, sniff ). > > > > Thanks, > > Nico > > > > --action ----- > > Local request, localhost to localhost: one request one answer. > > External request, relayed by radius1(41) or radius2.uu.nl(40) to > > radius1.ktu.nl alternating > > > > o two or four requests from radius2 on 1840 with each time one > > positive > > reply by us > > o one sometimes three requests from radius1 each positive replied by > > us > > > > exact structure: (40)*3,41,40,41,41.,4040,41,(40)*4,41,41,41... > > see trace 4 below > > > > --config-file----- > > Trace 4 > > > > # The name of the file where the radiusd PID will be > > # written after startup > > PidFile ./radiusd.pid > > # AuthPort specifies the port to list on for authentication requests > > AuthPort 1645 > > # AcctPort specifies the port to list on for accounting requests > > AcctPort 1646 > > # LogDir is the directory where logfiles are put > > LogDir ./log > > # DbDir is the directory where database and config are put > > DbDir ./db > > # LogFile is the name of the log file. > > LogFile %L/logfile > > # DictionaryFile is the name of the Radius dictionary file > > DictionaryFile %D/dictionary > > # <Client hostname> is used to define each radius client to which > > # we will respond. Requests received from clients that arent named by > > # Client clauses in this file here will be ignored > > # radius1.surf.nl=radius1.studentennet.nl > > # radius2.surf.nl=radius2.studentennet.nl > > <Client DEFAULT> > > Secret een.geheimpje!! > > DupInterval 0 > > IgnoreAcctSignature > > </Client> > > <Client radius1.uu.nl> > > Secret *** > > IgnoreAcctSignature > > DupInterval 2 > > </Client> > > <Client radius2.uu.nl> > > Secret *** > > IgnoreAcctSignature > > DupInterval 2 > > </Client> > > <Client radius1.surf.nl> > > Secret *** > > IgnoreAcctSignature > > </Client> > > # voor lokaal testen met radpwst > > <Client localhost> > > Secret alles.is.ijdelheid! > > DupInterval 0 > > IgnoreAcctSignature > > </Client> > > <Client kt183.ktu.nl> > > Secret mysecret > > DupInterval 0 > > IgnoreAcctSignature > > </Client> > > > > <Realm ktu.nl> > > RewriteUsername s/^([EMAIL PROTECTED]).*/$1/ > > MaxSessions 9999 > > AcctLogFileName %L/ktu.detail > > WtmpFileName %L/ktu.wtmp > > # PasswordLogFileName %L/ktu.passwd > > <AuthBy FILE> > > Filename %D/ktu.users > > </AuthBy> > > </Realm> > > > > <Realm DEFAULT> > > RewriteUsername s/^([EMAIL PROTECTED]).*/$1/ > > MaxSessions 9999 > > AcctLogFileName %L/detail > > WtmpFileName %L/wtmp > > <AuthBy FILE> > > Filename %D/ktu.users > > </AuthBy> > > </Realm> > > <AuthBy NT> > > Identifier NT-Theologie > > Domain THEOLOGIE > > DomainController \\DIENAAR01 > > IgnorePasswordChange > > </AuthBy> > > <AuthBy NT> > > Identifier NT-Studenten > > Domain STUDENTEN > > DomainController \\BONIFATIUS > > IgnorePasswordChange > > </AuthBy> > > > > --trace 4 ----- > > # first one succesfull communication one request one (correct)denial > > (localhost) > > # rest loops (approximate 20 times until requesting remote acces client > > times out) > > Sat Feb 22 19:04:03 2003: DEBUG: Packet dump: > > *** Received from 131.211.69.246 port 3144 .... > > Code: Access-Request > > Identifier: 228 > > Authentic: 1234567890123456 > > Attributes: > > User-Name = "[EMAIL PROTECTED]" > > Service-Type = Framed-User > > NAS-IP-Address = 203.63.154.1 > > NAS-Port = 1234 > > Called-Station-Id = "123456789" > > Calling-Station-Id = "302533568" > > NAS-Port-Type = Async > > User-Password = "8<4>B<209>^<167>w._<144>2ZS<11><172><191>" > > > > Sat Feb 22 19:04:03 2003: DEBUG: Handling request with Handler > > 'Realm=ktu.nl' > > Sat Feb 22 19:04:03 2003: DEBUG: Rewrote user name to test > > Sat Feb 22 19:04:03 2003: DEBUG: Deleting session for [EMAIL PROTECTED], > > 203.63.154.1, 1234 > > Sat Feb 22 19:04:03 2003: DEBUG: Handling with Radius::AuthFILE: > > Sat Feb 22 19:04:03 2003: DEBUG: Radius::AuthFILE looks for match with > > test > > Sat Feb 22 19:04:03 2003: WARNING: Could not find Identifier for > > Auth-Type > > 'NT-Studenten' > > Sat Feb 22 19:04:03 2003: DEBUG: Radius::AuthFILE REJECT: Could not > > find > > Identifier for Auth-Type 'NT-Studenten' > > Sat Feb 22 19:04:03 2003: INFO: Access rejected for test: Could not > > find > > Identifier for Auth-Type 'NT-Studenten' > > Sat Feb 22 19:04:03 2003: DEBUG: Packet dump: > > *** Sending to 131.211.69.246 port 3144 .... > > Code: Access-Reject > > Identifier: 228 > > Authentic: 1234567890123456 > > Attributes: > > Reply-Message = "Request Denied" > > > > Sat Feb 22 19:11:26 2003: DEBUG: Packet dump: > > *** Received from 131.211.16.40 port 1840 .... > > Code: Access-Request > > Identifier: 145 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > Framed-Protocol = PPP > > User-Name = "[EMAIL PROTECTED]" > > User-Password = > > "<157>.<234>.<192><228><1><233><143>+2<3><151><166>4<26>" > > NAS-Port-Type = Async > > Calling-Station-Id = "207798110" > > Called-Station-Id = "877880070" > > Service-Type = Framed-User > > NAS-IP-Address = 195.169.131.8 > > > > Sat Feb 22 19:11:26 2003: DEBUG: Handling request with Handler > > 'Realm=ktu.nl' > > Sat Feb 22 19:11:26 2003: DEBUG: Rewrote user name to ndegroot > > Sat Feb 22 19:11:26 2003: DEBUG: Deleting session for [EMAIL PROTECTED], > > 195.169.131.8, > > Sat Feb 22 19:11:26 2003: DEBUG: Handling with Radius::AuthFILE: > > Sat Feb 22 19:11:26 2003: DEBUG: Radius::AuthFILE looks for match with > > ndegroot > > Sat Feb 22 19:11:26 2003: DEBUG: Handling with NT > > Sat Feb 22 19:11:26 2003: DEBUG: Radius::AuthFILE ACCEPT: > > Sat Feb 22 19:11:26 2003: DEBUG: Access accepted for ndegroot > > Sat Feb 22 19:11:26 2003: DEBUG: Packet dump: > > *** Sending to 131.211.16.40 port 1840 .... > > Code: Access-Accept > > Identifier: 145 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > > > Sat Feb 22 19:11:29 2003: DEBUG: Packet dump: > > *** Received from 131.211.16.40 port 1840 .... > > Code: Access-Request > > Identifier: 146 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > Framed-Protocol = PPP > > User-Name = "[EMAIL PROTECTED]" > > User-Password = > > "<157>.<234>.<192><228><1><233><143>+2<3><151><166>4<26>" > > NAS-Port-Type = Async > > Calling-Station-Id = "207798110" > > Called-Station-Id = "877880070" > > Service-Type = Framed-User > > NAS-IP-Address = 195.169.131.8 > > > > Sat Feb 22 19:11:29 2003: DEBUG: Handling request with Handler > > 'Realm=ktu.nl' > > Sat Feb 22 19:11:29 2003: DEBUG: Rewrote user name to ndegroot > > Sat Feb 22 19:11:29 2003: DEBUG: Deleting session for [EMAIL PROTECTED], > > 195.169.131.8, > > Sat Feb 22 19:11:29 2003: DEBUG: Handling with Radius::AuthFILE: > > Sat Feb 22 19:11:29 2003: DEBUG: Radius::AuthFILE looks for match with > > ndegroot > > Sat Feb 22 19:11:29 2003: DEBUG: Handling with NT > > Sat Feb 22 19:11:29 2003: DEBUG: Radius::AuthFILE ACCEPT: > > Sat Feb 22 19:11:29 2003: DEBUG: Access accepted for ndegroot > > Sat Feb 22 19:11:29 2003: DEBUG: Packet dump: > > *** Sending to 131.211.16.40 port 1840 .... > > Code: Access-Accept > > Identifier: 146 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > > > Sat Feb 22 19:11:31 2003: DEBUG: Packet dump: > > *** Received from 131.211.16.40 port 1840 .... > > Code: Access-Request > > Identifier: 145 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > Framed-Protocol = PPP > > User-Name = "[EMAIL PROTECTED]" > > User-Password = > > "<157>.<234>.<192><228><1><233><143>+2<3><151><166>4<26>" > > NAS-Port-Type = Async > > Calling-Station-Id = "207798110" > > Called-Station-Id = "877880070" > > Service-Type = Framed-User > > NAS-IP-Address = 195.169.131.8 > > > > Sat Feb 22 19:11:31 2003: DEBUG: Handling request with Handler > > 'Realm=ktu.nl' > > Sat Feb 22 19:11:31 2003: DEBUG: Rewrote user name to ndegroot > > Sat Feb 22 19:11:31 2003: DEBUG: Deleting session for [EMAIL PROTECTED], > > 195.169.131.8, > > Sat Feb 22 19:11:31 2003: DEBUG: Handling with Radius::AuthFILE: > > Sat Feb 22 19:11:31 2003: DEBUG: Radius::AuthFILE looks for match with > > ndegroot > > Sat Feb 22 19:11:31 2003: DEBUG: Handling with NT > > Sat Feb 22 19:11:31 2003: DEBUG: Radius::AuthFILE ACCEPT: > > Sat Feb 22 19:11:31 2003: DEBUG: Access accepted for ndegroot > > Sat Feb 22 19:11:31 2003: DEBUG: Packet dump: > > *** Sending to 131.211.16.40 port 1840 .... > > Code: Access-Accept > > Identifier: 145 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > > > Sat Feb 22 19:11:32 2003: DEBUG: Packet dump: > > *** Received from 131.211.16.41 port 49278 .... > > Code: Access-Request > > Identifier: 145 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > Framed-Protocol = PPP > > User-Name = "[EMAIL PROTECTED]" > > User-Password = > > "<157>.<234>.<192><228><1><233><143>+2<3><151><166>4<26>" > > NAS-Port-Type = Async > > Calling-Station-Id = "207798110" > > Called-Station-Id = "877880070" > > Service-Type = Framed-User > > NAS-IP-Address = 195.169.131.8 > > > > Sat Feb 22 19:11:32 2003: DEBUG: Handling request with Handler > > 'Realm=ktu.nl' > > Sat Feb 22 19:11:32 2003: DEBUG: Rewrote user name to ndegroot > > Sat Feb 22 19:11:32 2003: DEBUG: Deleting session for [EMAIL PROTECTED], > > 195.169.131.8, > > Sat Feb 22 19:11:32 2003: DEBUG: Handling with Radius::AuthFILE: > > Sat Feb 22 19:11:32 2003: DEBUG: Radius::AuthFILE looks for match with > > ndegroot > > Sat Feb 22 19:11:32 2003: DEBUG: Handling with NT > > Sat Feb 22 19:11:33 2003: DEBUG: Radius::AuthFILE ACCEPT: > > Sat Feb 22 19:11:33 2003: DEBUG: Access accepted for ndegroot > > Sat Feb 22 19:11:33 2003: DEBUG: Packet dump: > > *** Sending to 131.211.16.41 port 49278 .... > > Code: Access-Accept > > Identifier: 145 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > > > Sat Feb 22 19:11:34 2003: DEBUG: Packet dump: > > *** Received from 131.211.16.40 port 1840 .... > > Code: Access-Request > > Identifier: 146 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > Framed-Protocol = PPP > > User-Name = "[EMAIL PROTECTED]" > > User-Password = > > "<157>.<234>.<192><228><1><233><143>+2<3><151><166>4<26>" > > NAS-Port-Type = Async > > Calling-Station-Id = "207798110" > > Called-Station-Id = "877880070" > > Service-Type = Framed-User > > NAS-IP-Address = 195.169.131.8 > > > > Sat Feb 22 19:11:34 2003: DEBUG: Handling request with Handler > > 'Realm=ktu.nl' > > Sat Feb 22 19:11:34 2003: DEBUG: Rewrote user name to ndegroot > > Sat Feb 22 19:11:34 2003: DEBUG: Deleting session for [EMAIL PROTECTED], > > 195.169.131.8, > > Sat Feb 22 19:11:34 2003: DEBUG: Handling with Radius::AuthFILE: > > Sat Feb 22 19:11:34 2003: DEBUG: Radius::AuthFILE looks for match with > > ndegroot > > Sat Feb 22 19:11:34 2003: DEBUG: Handling with NT > > Sat Feb 22 19:11:34 2003: DEBUG: Radius::AuthFILE ACCEPT: > > Sat Feb 22 19:11:34 2003: DEBUG: Access accepted for ndegroot > > Sat Feb 22 19:11:34 2003: DEBUG: Packet dump: > > *** Sending to 131.211.16.40 port 1840 .... > > Code: Access-Accept > > Identifier: 146 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > > > Sat Feb 22 19:11:35 2003: DEBUG: Packet dump: > > *** Received from 131.211.16.41 port 49278 .... > > Code: Access-Request > > Identifier: 146 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > Framed-Protocol = PPP > > User-Name = "[EMAIL PROTECTED]" > > User-Password = > > "<157>.<234>.<192><228><1><233><143>+2<3><151><166>4<26>" > > NAS-Port-Type = Async > > Calling-Station-Id = "207798110" > > Called-Station-Id = "877880070" > > Service-Type = Framed-User > > NAS-IP-Address = 195.169.131.8 > > > > Sat Feb 22 19:11:35 2003: DEBUG: Handling request with Handler > > 'Realm=ktu.nl' > > Sat Feb 22 19:11:35 2003: DEBUG: Rewrote user name to ndegroot > > Sat Feb 22 19:11:35 2003: DEBUG: Deleting session for [EMAIL PROTECTED], > > 195.169.131.8, > > Sat Feb 22 19:11:35 2003: DEBUG: Handling with Radius::AuthFILE: > > Sat Feb 22 19:11:35 2003: DEBUG: Radius::AuthFILE looks for match with > > ndegroot > > Sat Feb 22 19:11:35 2003: DEBUG: Handling with NT > > Sat Feb 22 19:11:36 2003: DEBUG: Radius::AuthFILE ACCEPT: > > Sat Feb 22 19:11:36 2003: DEBUG: Access accepted for ndegroot > > Sat Feb 22 19:11:36 2003: DEBUG: Packet dump: > > *** Sending to 131.211.16.41 port 49278 .... > > Code: Access-Accept > > Identifier: 146 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > > > Sat Feb 22 19:11:36 2003: DEBUG: Packet dump: > > *** Received from 131.211.16.40 port 1840 .... > > Code: Access-Request > > Identifier: 145 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > Framed-Protocol = PPP > > User-Name = "[EMAIL PROTECTED]" > > User-Password = > > "<157>.<234>.<192><228><1><233><143>+2<3><151><166>4<26>" > > NAS-Port-Type = Async > > Calling-Station-Id = "207798110" > > Called-Station-Id = "877880070" > > Service-Type = Framed-User > > NAS-IP-Address = 195.169.131.8 > > > > Sat Feb 22 19:11:36 2003: DEBUG: Handling request with Handler > > 'Realm=ktu.nl' > > Sat Feb 22 19:11:36 2003: DEBUG: Rewrote user name to ndegroot > > Sat Feb 22 19:11:36 2003: DEBUG: Deleting session for [EMAIL PROTECTED], > > 195.169.131.8, > > Sat Feb 22 19:11:36 2003: DEBUG: Handling with Radius::AuthFILE: > > Sat Feb 22 19:11:36 2003: DEBUG: Radius::AuthFILE looks for match with > > ndegroot > > Sat Feb 22 19:11:36 2003: DEBUG: Handling with NT > > Sat Feb 22 19:11:36 2003: DEBUG: Radius::AuthFILE ACCEPT: > > Sat Feb 22 19:11:36 2003: DEBUG: Access accepted for ndegroot > > Sat Feb 22 19:11:36 2003: DEBUG: Packet dump: > > *** Sending to 131.211.16.40 port 1840 .... > > Code: Access-Accept > > Identifier: 145 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > > > Sat Feb 22 19:11:36 2003: DEBUG: Packet dump: > > *** Received from 131.211.16.40 port 1840 .... > > Code: Access-Request > > Identifier: 147 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > Framed-Protocol = PPP > > User-Name = "[EMAIL PROTECTED]" > > User-Password = > > "<157>.<234>.<192><228><1><233><143>+2<3><151><166>4<26>" > > NAS-Port-Type = Async > > Calling-Station-Id = "207798110" > > Called-Station-Id = "877880070" > > Service-Type = Framed-User > > NAS-IP-Address = 195.169.131.8 > > > > Sat Feb 22 19:11:36 2003: DEBUG: Handling request with Handler > > 'Realm=ktu.nl' > > Sat Feb 22 19:11:36 2003: DEBUG: Rewrote user name to ndegroot > > Sat Feb 22 19:11:36 2003: DEBUG: Deleting session for [EMAIL PROTECTED], > > 195.169.131.8, > > Sat Feb 22 19:11:36 2003: DEBUG: Handling with Radius::AuthFILE: > > Sat Feb 22 19:11:36 2003: DEBUG: Radius::AuthFILE looks for match with > > ndegroot > > Sat Feb 22 19:11:36 2003: DEBUG: Handling with NT > > Sat Feb 22 19:11:36 2003: DEBUG: Radius::AuthFILE ACCEPT: > > Sat Feb 22 19:11:36 2003: DEBUG: Access accepted for ndegroot > > Sat Feb 22 19:11:36 2003: DEBUG: Packet dump: > > *** Sending to 131.211.16.40 port 1840 .... > > Code: Access-Accept > > Identifier: 147 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > > > Sat Feb 22 19:11:38 2003: DEBUG: Packet dump: > > *** Received from 131.211.16.41 port 49278 .... > > Code: Access-Request > > Identifier: 145 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > Framed-Protocol = PPP > > User-Name = "[EMAIL PROTECTED]" > > User-Password = > > "<157>.<234>.<192><228><1><233><143>+2<3><151><166>4<26>" > > NAS-Port-Type = Async > > Calling-Station-Id = "207798110" > > Called-Station-Id = "877880070" > > Service-Type = Framed-User > > NAS-IP-Address = 195.169.131.8 > > > > Sat Feb 22 19:11:38 2003: DEBUG: Handling request with Handler > > 'Realm=ktu.nl' > > Sat Feb 22 19:11:38 2003: DEBUG: Rewrote user name to ndegroot > > Sat Feb 22 19:11:38 2003: DEBUG: Deleting session for [EMAIL PROTECTED], > > 195.169.131.8, > > Sat Feb 22 19:11:38 2003: DEBUG: Handling with Radius::AuthFILE: > > Sat Feb 22 19:11:38 2003: DEBUG: Radius::AuthFILE looks for match with > > ndegroot > > Sat Feb 22 19:11:38 2003: DEBUG: Handling with NT > > Sat Feb 22 19:11:38 2003: DEBUG: Radius::AuthFILE ACCEPT: > > Sat Feb 22 19:11:38 2003: DEBUG: Access accepted for ndegroot > > Sat Feb 22 19:11:38 2003: DEBUG: Packet dump: > > *** Sending to 131.211.16.41 port 49278 .... > > Code: Access-Accept > > Identifier: 145 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > > > Sat Feb 22 19:11:38 2003: DEBUG: Packet dump: > > *** Received from 131.211.16.40 port 1840 .... > > Code: Access-Request > > Identifier: 146 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > Framed-Protocol = PPP > > User-Name = "[EMAIL PROTECTED]" > > User-Password = > > "<157>.<234>.<192><228><1><233><143>+2<3><151><166>4<26>" > > NAS-Port-Type = Async > > Calling-Station-Id = "207798110" > > Called-Station-Id = "877880070" > > Service-Type = Framed-User > > NAS-IP-Address = 195.169.131.8 > > > > Sat Feb 22 19:11:38 2003: DEBUG: Handling request with Handler > > 'Realm=ktu.nl' > > Sat Feb 22 19:11:38 2003: DEBUG: Rewrote user name to ndegroot > > Sat Feb 22 19:11:38 2003: DEBUG: Deleting session for [EMAIL PROTECTED], > > 195.169.131.8, > > Sat Feb 22 19:11:38 2003: DEBUG: Handling with Radius::AuthFILE: > > Sat Feb 22 19:11:38 2003: DEBUG: Radius::AuthFILE looks for match with > > ndegroot > > Sat Feb 22 19:11:38 2003: DEBUG: Handling with NT > > Sat Feb 22 19:11:39 2003: DEBUG: Radius::AuthFILE ACCEPT: > > Sat Feb 22 19:11:39 2003: DEBUG: Access accepted for ndegroot > > Sat Feb 22 19:11:39 2003: DEBUG: Packet dump: > > *** Sending to 131.211.16.40 port 1840 .... > > Code: Access-Accept > > Identifier: 146 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > > > Sat Feb 22 19:11:39 2003: DEBUG: Packet dump: > > *** Received from 131.211.16.40 port 1840 .... > > Code: Access-Request > > Identifier: 148 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > Framed-Protocol = PPP > > User-Name = "[EMAIL PROTECTED]" > > User-Password = > > "<157>.<234>.<192><228><1><233><143>+2<3><151><166>4<26>" > > NAS-Port-Type = Async > > Calling-Station-Id = "207798110" > > Called-Station-Id = "877880070" > > Service-Type = Framed-User > > NAS-IP-Address = 195.169.131.8 > > > > Sat Feb 22 19:11:39 2003: DEBUG: Handling request with Handler > > 'Realm=ktu.nl' > > Sat Feb 22 19:11:39 2003: DEBUG: Rewrote user name to ndegroot > > Sat Feb 22 19:11:39 2003: DEBUG: Deleting session for [EMAIL PROTECTED], > > 195.169.131.8, > > Sat Feb 22 19:11:39 2003: DEBUG: Handling with Radius::AuthFILE: > > Sat Feb 22 19:11:39 2003: DEBUG: Radius::AuthFILE looks for match with > > ndegroot > > Sat Feb 22 19:11:39 2003: DEBUG: Handling with NT > > Sat Feb 22 19:11:39 2003: DEBUG: Radius::AuthFILE ACCEPT: > > Sat Feb 22 19:11:39 2003: DEBUG: Access accepted for ndegroot > > Sat Feb 22 19:11:39 2003: DEBUG: Packet dump: > > *** Sending to 131.211.16.40 port 1840 .... > > Code: Access-Accept > > Identifier: 148 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > > > Sat Feb 22 19:11:40 2003: DEBUG: Packet dump: > > *** Received from 131.211.16.40 port 1840 .... > > Code: Access-Request > > Identifier: 145 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > Framed-Protocol = PPP > > User-Name = "[EMAIL PROTECTED]" > > User-Password = > > "<157>.<234>.<192><228><1><233><143>+2<3><151><166>4<26>" > > NAS-Port-Type = Async > > Calling-Station-Id = "207798110" > > Called-Station-Id = "877880070" > > Service-Type = Framed-User > > NAS-IP-Address = 195.169.131.8 > > > > Sat Feb 22 19:11:40 2003: DEBUG: Handling request with Handler > > 'Realm=ktu.nl' > > Sat Feb 22 19:11:40 2003: DEBUG: Rewrote user name to ndegroot > > Sat Feb 22 19:11:40 2003: DEBUG: Deleting session for [EMAIL PROTECTED], > > 195.169.131.8, > > Sat Feb 22 19:11:40 2003: DEBUG: Handling with Radius::AuthFILE: > > Sat Feb 22 19:11:40 2003: DEBUG: Radius::AuthFILE looks for match with > > ndegroot > > Sat Feb 22 19:11:40 2003: DEBUG: Handling with NT > > Sat Feb 22 19:11:41 2003: DEBUG: Radius::AuthFILE ACCEPT: > > Sat Feb 22 19:11:41 2003: DEBUG: Access accepted for ndegroot > > Sat Feb 22 19:11:41 2003: DEBUG: Packet dump: > > *** Sending to 131.211.16.40 port 1840 .... > > Code: Access-Accept > > Identifier: 145 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > > > Sat Feb 22 19:11:41 2003: DEBUG: Packet dump: > > *** Received from 131.211.16.40 port 1840 .... > > Code: Access-Request > > Identifier: 147 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > Framed-Protocol = PPP > > User-Name = "[EMAIL PROTECTED]" > > User-Password = > > "<157>.<234>.<192><228><1><233><143>+2<3><151><166>4<26>" > > NAS-Port-Type = Async > > Calling-Station-Id = "207798110" > > Called-Station-Id = "877880070" > > Service-Type = Framed-User > > NAS-IP-Address = 195.169.131.8 > > > > Sat Feb 22 19:11:41 2003: DEBUG: Handling request with Handler > > 'Realm=ktu.nl' > > Sat Feb 22 19:11:41 2003: DEBUG: Rewrote user name to ndegroot > > Sat Feb 22 19:11:41 2003: DEBUG: Deleting session for [EMAIL PROTECTED], > > 195.169.131.8, > > Sat Feb 22 19:11:41 2003: DEBUG: Handling with Radius::AuthFILE: > > Sat Feb 22 19:11:41 2003: DEBUG: Radius::AuthFILE looks for match with > > ndegroot > > Sat Feb 22 19:11:41 2003: DEBUG: Handling with NT > > Sat Feb 22 19:11:41 2003: DEBUG: Radius::AuthFILE ACCEPT: > > Sat Feb 22 19:11:41 2003: DEBUG: Access accepted for ndegroot > > Sat Feb 22 19:11:41 2003: DEBUG: Packet dump: > > *** Sending to 131.211.16.40 port 1840 .... > > Code: Access-Accept > > Identifier: 147 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > > > Sat Feb 22 19:11:41 2003: DEBUG: Packet dump: > > *** Received from 131.211.16.41 port 49278 .... > > Code: Access-Request > > Identifier: 146 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > Framed-Protocol = PPP > > User-Name = "[EMAIL PROTECTED]" > > User-Password = > > "<157>.<234>.<192><228><1><233><143>+2<3><151><166>4<26>" > > NAS-Port-Type = Async > > Calling-Station-Id = "207798110" > > Called-Station-Id = "877880070" > > Service-Type = Framed-User > > NAS-IP-Address = 195.169.131.8 > > > > Sat Feb 22 19:11:41 2003: DEBUG: Handling request with Handler > > 'Realm=ktu.nl' > > Sat Feb 22 19:11:41 2003: DEBUG: Rewrote user name to ndegroot > > Sat Feb 22 19:11:41 2003: DEBUG: Deleting session for [EMAIL PROTECTED], > > 195.169.131.8, > > Sat Feb 22 19:11:41 2003: DEBUG: Handling with Radius::AuthFILE: > > Sat Feb 22 19:11:41 2003: DEBUG: Radius::AuthFILE looks for match with > > ndegroot > > Sat Feb 22 19:11:41 2003: DEBUG: Handling with NT > > Sat Feb 22 19:11:41 2003: DEBUG: Radius::AuthFILE ACCEPT: > > Sat Feb 22 19:11:41 2003: DEBUG: Access accepted for ndegroot > > Sat Feb 22 19:11:41 2003: DEBUG: Packet dump: > > *** Sending to 131.211.16.41 port 49278 .... > > Code: Access-Accept > > Identifier: 146 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > > > Sat Feb 22 19:11:42 2003: DEBUG: Packet dump: > > *** Received from 131.211.16.41 port 49278 .... > > Code: Access-Request > > Identifier: 147 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > Framed-Protocol = PPP > > User-Name = "[EMAIL PROTECTED]" > > User-Password = > > "<157>.<234>.<192><228><1><233><143>+2<3><151><166>4<26>" > > NAS-Port-Type = Async > > Calling-Station-Id = "207798110" > > Called-Station-Id = "877880070" > > Service-Type = Framed-User > > NAS-IP-Address = 195.169.131.8 > > > > Sat Feb 22 19:11:42 2003: DEBUG: Handling request with Handler > > 'Realm=ktu.nl' > > Sat Feb 22 19:11:42 2003: DEBUG: Rewrote user name to ndegroot > > Sat Feb 22 19:11:42 2003: DEBUG: Deleting session for [EMAIL PROTECTED], > > 195.169.131.8, > > Sat Feb 22 19:11:42 2003: DEBUG: Handling with Radius::AuthFILE: > > Sat Feb 22 19:11:42 2003: DEBUG: Radius::AuthFILE looks for match with > > ndegroot > > Sat Feb 22 19:11:42 2003: DEBUG: Handling with NT > > Sat Feb 22 19:11:42 2003: DEBUG: Radius::AuthFILE ACCEPT: > > Sat Feb 22 19:11:42 2003: DEBUG: Access accepted for ndegroot > > Sat Feb 22 19:11:42 2003: DEBUG: Packet dump: > > *** Sending to 131.211.16.41 port 49278 .... > > Code: Access-Accept > > Identifier: 147 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > > > Sat Feb 22 19:11:42 2003: DEBUG: Packet dump: > > *** Received from 131.211.16.41 port 49278 .... > > Code: Access-Request > > Identifier: 145 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > Framed-Protocol = PPP > > User-Name = "[EMAIL PROTECTED]" > > User-Password = > > "<157>.<234>.<192><228><1><233><143>+2<3><151><166>4<26>" > > NAS-Port-Type = Async > > Calling-Station-Id = "207798110" > > Called-Station-Id = "877880070" > > Service-Type = Framed-User > > NAS-IP-Address = 195.169.131.8 > > > > Sat Feb 22 19:11:42 2003: DEBUG: Handling request with Handler > > 'Realm=ktu.nl' > > Sat Feb 22 19:11:42 2003: DEBUG: Rewrote user name to ndegroot > > Sat Feb 22 19:11:42 2003: DEBUG: Deleting session for [EMAIL PROTECTED], > > 195.169.131.8, > > Sat Feb 22 19:11:42 2003: DEBUG: Handling with Radius::AuthFILE: > > Sat Feb 22 19:11:42 2003: DEBUG: Radius::AuthFILE looks for match with > > ndegroot > > Sat Feb 22 19:11:42 2003: DEBUG: Handling with NT > > Sat Feb 22 19:11:42 2003: DEBUG: Radius::AuthFILE ACCEPT: > > Sat Feb 22 19:11:42 2003: DEBUG: Access accepted for ndegroot > > Sat Feb 22 19:11:42 2003: DEBUG: Packet dump: > > *** Sending to 131.211.16.41 port 49278 .... > > Code: Access-Accept > > Identifier: 145 > > Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > > Attributes: > > > > > > > > > > > > #repeats likes this some until timeout by requesting remote access > > client > > > > > > ----- Original Message ----- > > From: "Hugh Irvine" <[EMAIL PROTECTED]> > > To: "Nico de Groot" <[EMAIL PROTECTED]> > > Cc: <[EMAIL PROTECTED]> > > Sent: Sunday, February 23, 2003 12:04 AM > > Subject: Re: (RADIATOR) Re: Radiator on Windows 2000 AuthbyNT hangs > > (addition) > > > > > >> > >> Hello Nico - > >> > >> Thanks for keeping us up to date with your testing. > >> > >> It would be very helpful to see a copy of your configuration file (no > >> secrets), together with a more complete trace 4 debug showing what is > >> going on with multiple requests and responses. > >> > >> You should use a packet sniffer to check the actual requests received > >> and sent on the wire (I think Windows NT includes one - I don't know > >> about 2000). The port number that is being used by your radius client > >> to send the radius request is 49278 as shown below. This is the port > >> number that Radiator is sending the response to. > >> > >>> Sat Feb 22 19:12:16 2003: DEBUG: Packet dump: > >>> *** Received from 131.211.16.41 port 49278 .... > >> > >> regards > >> > >> Hugh > >> > >> > >> On Sunday, Feb 23, 2003, at 07:01 Australia/Melbourne, Nico de Groot > >> wrote: > >> > >>> First question > >>> > >>> I switched to Radiator 3.5 (done a lot of switching lately) This > >>> gives > >>> some > >>> more information. And now Radiator doesn't hang . The logfile > >>> records > >>> that > >>> request are received. After that a successful lookup is done en the > >>> Access-Accept is send (see below). But directly after that new > >>> requests are > >>> received and returned. It seems that the upsteam Radiusserver isn't > >>> listening or that reverse communication is blocked. Is the port > >>> number > >>> ok? > >>> My cfg says 1840. > >>> Is there anything I can do to to improve or check the reverse > >>> communication? > >>> > >>> Second question > >>> > >>> At least my Radius server is doing the NT lookup correctly. Except, > >>> the > >>> console output gives for a succesfull lookup > >>> result 1 error 87 > >>> This error code means ERROR_INVALID_PARAMETER But it is working. > >>> source :errorcodes > >>> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/ > >>> debug/base/ > >>> system_error_codes.asp > >>> > >>> Nico de Groot > >>> KTU > >>> > >>>> From log ---- > >>> > >>> Sat Feb 22 19:12:16 2003: DEBUG: Packet dump: > >>> *** Received from 131.211.16.41 port 49278 .... > >>> Code: Access-Request > >>> Identifier: 151 > >>> Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > >>> Attributes: > >>> Framed-Protocol = PPP > >>> User-Name = "[EMAIL PROTECTED]" > >>> User-Password = > >>> "<157>.<234>.<192><228><1><233><143>+2<3><151><166>4<26>" > >>> NAS-Port-Type = Async > >>> Calling-Station-Id = "207798110" > >>> Called-Station-Id = "877880070" > >>> Service-Type = Framed-User > >>> NAS-IP-Address = 195.169.131.8 > >>> > >>> Sat Feb 22 19:12:16 2003: DEBUG: Handling request with Handler > >>> 'Realm=ktu.nl' > >>> Sat Feb 22 19:12:16 2003: DEBUG: Rewrote user name to ndegroot > >>> Sat Feb 22 19:12:16 2003: DEBUG: Deleting session for > >>> [EMAIL PROTECTED], > >>> 195.169.131.8, > >>> Sat Feb 22 19:12:16 2003: DEBUG: Handling with Radius::AuthFILE: > >>> Sat Feb 22 19:12:16 2003: DEBUG: Radius::AuthFILE looks for match > >>> with > >>> ndegroot > >>> Sat Feb 22 19:12:16 2003: DEBUG: Handling with NT > >>> Sat Feb 22 19:12:16 2003: DEBUG: Radius::AuthFILE ACCEPT: > >>> Sat Feb 22 19:12:16 2003: DEBUG: Access accepted for ndegroot > >>> Sat Feb 22 19:12:16 2003: DEBUG: Packet dump: > >>> *** Sending to 131.211.16.41 port 49278 .... > >>> Code: Access-Accept > >>> Identifier: 151 > >>> Authentic: <216>|<239><162>L<136>W<5>@<139>bc<155><16><170><183> > >>> Attributes: > >>> > >>> === > >>> Archive at http://www.open.com.au/archives/radiator/ > >>> Announcements on [EMAIL PROTECTED] > >>> To unsubscribe, email '[EMAIL PROTECTED]' with > >>> 'unsubscribe radiator' in the body of the message. > >>> > >>> > >> > >> -- > >> Radiator: the most portable, flexible and configurable RADIUS server > >> anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. > >> - > >> Nets: internetwork inventory and management - graphical, extensible, > >> flexible with hardware, software, platform and database independence. > >> > > > > === > > Archive at http://www.open.com.au/archives/radiator/ > > Announcements on [EMAIL PROTECTED] > > To unsubscribe, email '[EMAIL PROTECTED]' with > > 'unsubscribe radiator' in the body of the message. > > > > > > -- > Radiator: the most portable, flexible and configurable RADIUS server > anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. > - > Nets: internetwork inventory and management - graphical, extensible, > flexible with hardware, software, platform and database independence. > === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
