Re: (RADIATOR) Errors while starting radiator 3.6 daemon

Fri, 04 Jul 2003 17:13:28 -0700


Hello Freerk -

There is a FAQ item on this problem here:

http://www.open.com.au/radiator/faq.html#127

regards

Hugh


On Saturday, Jul 5, 2003, at 04:34 Australia/Melbourne, Freerk J. Bosscha wrote:

Thanks for reading this question:

When I start my radiator daemon on my redhat linux 9.0 box with perl
5.8 I get the following messages:

Fri Jul 4 20:16:31 2003: ERR: Bad attribute=value pair: Realm=nhl.nl
Fri Jul 4 20:16:31 2003: ERR: Bad attribute=value pair: Realm=""
Fri Jul 4 20:16:31 2003: ERR: Bad attribute=value pair: Realm=/.*/
Fri Jul 4 20:16:31 2003: NOTICE: Server started: Radiator 3.6 on radius.nhl.nl

Also, I though and expexted that all the requests without a realm would
be handled through the default handler. In the loggings I found is is
handled bij de nhl.nl realm handler.
Packet length = 76
01 08 00 4c a3 f9 8d c7 d5 33 53 15 20 a9 76 26
b3 69 0f 7c 04 06 8d fc fd 0d 3d 06 00 00 00 00
01 0a 73 74 68 76 32 5f 35 67 1f 10 31 39 32 2e
31 36 38 2e 32 30 2e 31 38 36 02 12 72 62 32 4a
5d b9 59 3d 7b 6a ec 9c 76 5d f1 8e
Code:       Access-Request
Identifier: 8
Authentic:  <163><249><141><199><213>3S<21> <169>v&<179>i<15>|
Attributes:
        NAS-IP-Address = 141.252.253.13
        NAS-Port-Type = Async
        User-Name = "sthv2_5g"
        Calling-Station-Id = "192.168.20.186"
        User-Password = "rb2J]<185>Y={j<236><156>v]<241><142>"

Fri Jul 4 19:35:01 2003: DEBUG: Handling request with Handler 'Realm=nhl.nl'
Fri Jul 4 19:35:01 2003: DEBUG: Rewrote user name to sthv2_5g
Fri Jul 4 19:35:01 2003: DEBUG: Rewrote user name to sthv2_5g
Fri Jul 4 19:35:01 2003: DEBUG: Deleting session for sthv2_5g, 141.252.253.13,
Fri Jul 4 19:35:01 2003: DEBUG: Handling with Radius::AuthLDAP2: NHL-LDAP


Bij Radiator config file looks like:

# Radiator configuration file.

AcctPort 1813
AuthPort 1812
DbDir /etc/radiator
LogDir /var/log/radius
LogFile /var/log/radius/radius.log.%m%d
Trace 3

<AuthBy PAM>
  Identifier NHL_PAM
  Service passwd
</AuthBy>

<AuthBy FILE>
  AddToReply Tunnel-Private-Group-ID=300
  AutoMPPEKeys
  EAPTLS_CAFile %D/cert/showcase-root-cert.pem
  EAPTLS_CertificateFile %D/cert/radius-nhl.pem
  EAPTLS_CertificateType PEM
  EAPTLS_MaxFragmentSize 1024
  EAPTLS_PrivateKeyFile %D/cert/radius-nhl.pem
  EAPTLS_PrivateKeyPassword ?????
  EAPType TTLS
  Filename %D/users
  Identifier NHL_FILE
  SSLeayTrace 4
  StripFromReply Tunnel-Private-Group-ID
</AuthBy>

<AuthBy LDAP2>
  AuthDN cn=Manager,o=Noordelijke Hogeschool Leeuwarden,c=nl
  AuthPassword ?????
  AutoMPPEKeys
  BaseDN o=Noordelijke Hogeschool Leeuwarden,c=nl
  EAPTLS_CAFile %D/cert/showcase-root-cert.pem
  EAPTLS_CertificateFile %D/cert/radius-nhl.pem
  EAPTLS_CertificateType PEM
  EAPTLS_MaxFragmentSize 1024
  EAPTLS_PrivateKeyFile %D/cert/radius-nhl.pem
  EAPTLS_PrivateKeyPassword ?????
  EAPType TTLS
  Host ldapm.nhl.nl
  Identifier NHL_LDAP
  PasswordAttr userPassword
  Port 380
  SSLeayTrace 4
  UsernameAttr uid
  Version 3
</AuthBy>

<AuthBy RADIUS>
  AcctPort 1813
  AuthPort 1812
  Description Radius server SURFNET
  Host 192.87.116.63
  Identifier SURFNET
  Retries 3
  RetryTimeout 5
  Secret ?????
</AuthBy>

<Client DEFAULT>
  DupInterval 0
  NasType Cisco
  Secret ?????
</Client>

<Client 141.252.253.13>
  DupInterval 0
  NasType Cisco
  Secret ?????
</Client>

<Client 141.252.254.1>
  DupInterval 0
  NasType Cisco
  Secret ?????
</Client>

<Client 141.252.251.40>
  DupInterval 0
  NasType Cisco
  Secret ?????
</Client>

<Client 141.252.251.235>
  DupInterval 0
  NasType Cisco
  Secret ?????
</Client>

<Client 192.87.116.63>
  Description Verkeer vanaf SurfNet
  Secret ????
</Client>

<Handler Realm=nhl.nl>
  AcctLogFileName %L/detail
  AuthBy NHL_LDAP
  AuthByPolicy ContinueWhileIgnore
  RewriteUsername s/^([EMAIL PROTECTED]).*/$1/
  RewriteUsername tr/[A-Z]/[a-z]/
  SessionDatabase
</Handler>

<Handler Realm="">
  AcctLogFileName %L/detail
  AuthBy NHL_PAM
  AuthByPolicy ContinueWhileIgnore
  SessionDatabase
</Handler>

<Handler Realm=/.*/>
  AuthBy SURFNET
  AuthByPolicy ContinueWhileIgnore
  SessionDatabase
</Handler>


--
Freerk J. Bosscha
[EMAIL PROTECTED]
Noordelijke Hogeschool Leeuwarden
The Netherlands


-- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.



NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Reply via email to