Hello AL -
This is what your configuration file is set up to return to the NAS:
*** Sending to 64.91.105.5 port 1812 ....
Code: Access-Accept
Identifier: 107
Authentic: mp}<198><236><229><167>/<153><179>m<189><149>z<31>d
Attributes:
Service-Type = Framed-User
Framed-Protocol = PPP
What other attributes do you want to send? And how do you want to manage those attributes?
regards
Hugh
On Saturday, Aug 30, 2003, at 06:06 Australia/Melbourne, Charles Alexander McCain wrote:
Hello,
I'm having an issue with my redbacks. They cannot allocate ip addresses.
In my trace 4, i notice that the user is not getting the attributes they
need.
How can this be fixed?
Here is my config and trace4
Thanks, AL
--------- Fri Aug 29 14:08:30 2003: DEBUG: Packet dump: *** Received from 1.2.3.4 port 1812 .... Code: Access-Request Identifier: 107 Authentic: mp}<198><236><229><167>/<153><179>m<189><149>z<31>d Attributes: User-Name = "user" User-Password = "~~1<223><156><248><145><196><250><0>W<219><246><204><21>:" NAS-Identifier = "rb" NAS-IP-Address = 1.2.3.4 RB-NAS-Real-Port = 402850582 Service-Type = Framed-User Framed-Protocol = PPP NAS-Port = 3892318919 Connect-Info = "ubrc"
Fri Aug 29 14:08:30 2003: DEBUG: Rewrote user name to user
Fri Aug 29 14:08:30 2003: DEBUG: Rewrote user name to user
Fri Aug 29 14:08:30 2003: DEBUG: Rewrote user name to user
Fri Aug 29 14:08:30 2003: DEBUG: Rewrote user name to user
Fri Aug 29 14:08:30 2003: ERR: Error while rewriting username user: syntax
error at (eval 1787) line 2, at EOF
Fri Aug 29 14:08:30 2003: DEBUG: Rewrote user name to user
Fri Aug 29 14:08:30 2003: ERR: Error in PreHandlerHook(): Can't use string
("") as a subroutine ref while "strict refs" in use at
/usr/local/lib/perl5/site_perl/5.6.1/Radius/Client.pm line 338.
Fri Aug 29 14:08:30 2003: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Fri Aug 29 14:08:30 2003: DEBUG: Rewrote user name to user
Fri Aug 29 14:08:30 2003: DEBUG: SQLS Deleting session for user, 1.2.3.4,
3892318919
Fri Aug 29 14:08:30 2003: DEBUG: do query is: delete from RADONLINE where
USERNAME = 'user' and NASIDENTIFIER='1.2.3.4' and NASPORT='3892318919'
Fri Aug 29 14:08:30 2003: DEBUG: Handling with Radius::AuthLDAP2
Fri Aug 29 14:08:30 2003: DEBUG: Attempting to bind with
uid=searchuser,dc=domain,dc=net, password
Fri Aug 29 14:08:30 2003: DEBUG: LDAP got result for
uid=user,ou=People,dc=domain,dc=net
Fri Aug 29 14:08:30 2003: DEBUG: LDAP got userPassword:
{crypt}cgoHd/FmCIXh.
Fri Aug 29 14:08:30 2003: DEBUG: LDAP got gidNumber: 3010
Fri Aug 29 14:08:30 2003: DEBUG: Radius::AuthLDAP2 looks for match with
user
Fri Aug 29 14:08:30 2003: DEBUG: Query is: select NASIDENTIFIER, NASPORT,
ACCTSESSIONID, FRAMEDIPADDRESS from RADONLINE where USERNAME='user'
Fri Aug 29 14:08:30 2003: DEBUG: Radius::AuthLDAP2 ACCEPT: Fri Aug 29 14:08:30 2003: DEBUG: Access accepted for user Fri Aug 29 14:08:30 2003: DEBUG: Packet dump: *** Sending to 64.91.105.5 port 1812 .... Code: Access-Accept Identifier: 107 Authentic: mp}<198><236><229><167>/<153><179>m<189><149>z<31>d Attributes: Service-Type = Framed-User Framed-Protocol = PPP
----------------------------------------------------------------------- ----
#Foreground #LogStdout LogDir /var/adm/radacct DbDir /etc/raddb PreHandlerHook file:"%D/prehook"
SnmpgetProg /usr/local/bin/snmpget Trace 4 RewriteUsername s/^([EMAIL PROTECTED])[EMAIL PROTECTED]/$1/ RewriteUsername s/^([EMAIL PROTECTED])[EMAIL PROTECTED]/$1/ RewriteUsername s/\s+//g RewriteUsername tr/A-Z/a-z/ <Client DEFAULT>
Secret ****** DupInterval 0
</Client>
<SessionDatabase SQL>
DBSource dbi:mysql:radius:host DBUsername radtest DBAuth ****** Identifier SQLS
AddQuery insert into RADONLINE (USERNAME,\ NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,\ FRAMEDIPADDRESS, NASPORTTYPE, SERVICETYPE,DNIS) \ values ('%n', '%N',\ '%{NAS-Port}', '%{Acct-Session-Id}', '%o',\ '%{Framed-IP-Address}', '%{NAS-Port-Type}',\ '%{Service-Type}','%{Called-Station-Id}')
DeleteQuery delete from RADONLINE where \ USERNAME = '%n' and NASIDENTIFIER='%N' \ and NASPORT='%{NAS-Port}'
ClearNasQuery delete from RADONLINE where NASIDENTIFIER='%N'
CountQuery select NASIDENTIFIER, NASPORT, ACCTSESSIONID from RADONLINE \
where ACCTSESSIONID = '%{Acct-Session-Id}'
</SessionDatabase>
<ClientListSQL>
DBSource dbi:mysql:radius DBUsername radtest DBAuth ******
select NASIDENTIFIER,SECRET,IGNOREACCTSIGNATURE,DUPINTERVAL, \ DEFAULTREALM,NASTYPE,SNMPCOMMUNITY,LIVINGSTONOFFS, \ LIVINGSTONHOLE,FRAMEDGROUPBASEADDRESS, \ FRAMEDGROUPMAXPORTSPERCLASSC,REWRITEUSERNAME, \ NOIGNOREDUPLICATES from RADCLIENTLIST
</ClientListSQL> <AuthBy UNIX>
DefaultSimultaneousUse 1 Identifier System Filename /etc/shadow
</AuthBy>
<AuthBy LDAP2>
DefaultSimultaneousUse 1
Identifier LDAP
Host 127.0.0.1
Port 389
AuthDN uid=searchuser,dc=domain,dc=net
AuthPassword *****
BaseDN %0=%1,ou=people,dc=domain,dc=net
Scope base
UsernameAttr uid
PasswordAttr userPassword
HoldServerConnection
SearchFilter (&(gecos=active)(uid=%1))
AuthAttrDef gidNumber, gid-attr, request
DefaultReply Service-Type=Framed-User,Framed-Protocol=PPP
</AuthBy>
<AuthBy SQL>
NoDefault
DefaultSimultaneousUse 1
Identifier CheckSQL
DBSource dbi:mysql:radius:domain DBUsername radtest DBAuth *******
AccountingTable ACCOUNTING
AcctColumnDef USERNAME,User-Name
AcctColumnDef TIME_STAMP,Timestamp,integer
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef
ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
AcctColumnDef NASIDENTIFIER,NAS-Identifier
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AuthSelect select PASSWORD, CHECKATTR, REPLYATTR \ from SUBSCRIBERS \ where USERNAME=%0
AuthColumnDef 0, User-Password, check
AuthColumnDef 1, GENERIC, check
AuthColumnDef 2, GENERIC, reply
DefaultReply Service-Type=Framed-User,Framed-Protocol=PPP
</AuthBy> <Realm DEFAULT> RewriteUsername s/^([EMAIL PROTECTED]).*/$1/
PostAuthHook file:"%D/postHook" AcctLogFileName %L/%N/detail
#AuthByPolicy ContinueWhileReject AuthByPolicy ContinueUntilAccept AuthBy LDAP AuthBy CheckSQL AuthBy System
</Realm>
=== Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
NB: have you included a copy of your configuration file (no secrets), together with a trace 4 debug showing what is happening?
-- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence.
=== Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
