(RADIATOR) Server switch algorithm
Anyone know what algorithm terminal servers use to decide whether to switch to the secondary accounting/authentication server? Using Livingston RADIUS I never got things working right. With Radiator it seems to work fine for some reason, but I'd just like to know "tries a connect, waits 5 seconds, tries again, then tries the secondary server." For example. :) Thanks, Chris === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) Re: radiator probs (was Re: FRAMED-ROUTE problem)
i tried altering my dictionary file and change the User-Service to Service-Type. no wonder my Service-Type has the value of "2" instead of "Framed-User". anyhow, the "Framed-Route" is still not set. i wonder if anybody implementing Framed-Routes can show us their configs. Are you sure you need the Framed-Route attribute? You only need it when you route more than one netblock to the same customer. With Bay 5399 we are using these reply items successfuly for our routed ISDN connections: Framed-Protocol = "PPP", Framed-IP-Address = "212.104.xx.yy", Framed-IP-Netmask = "255.255.255.252", Port-Limit = "2" Cheers Stuart === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) FRAMED-ROUTE problem
"Darwin A, Bawasanta" wrote: Hello Mike, i tried removing the reply item "Framed-Routing" and i still seem to get the Framed-Route set. btw, "202.78.93.240/28 208.142.165.60 1" is a valid Framed-Route too. anybody experienced the same problem before? Perhaps it's an invalid sintax for your nas. You must get the same effect with the more simple Frame-Route="202.78.93.240/28", and by default the gateway will be the IP address negotiated in IPCP and the metric will be the default metric for a static route. Is it the first /32 route ( 208.142.165.60 ) installed in the NAS? If this address is unrecheable, the /28 route will be deleted or not instaled in route table. Has your NAS any radius debugging? Félix __ DATAGRAMA SERVICIOS GLOBALES IP C/ Acer 30 Pho: +34 93 223 00 98 08038 Barcelona ( SPAIN )Fax: +34 93 223 12 66 mailto:[EMAIL PROTECTED] http://www.datagrama.net __ ÿ Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Re: radiator probs (was Re: FRAMED-ROUTE problem)
Hello Mike, i tried altering my dictionary file and change the User-Service to Service-Type. no wonder my Service-Type has the value of "2" instead of "Framed-User". anyhow, the "Framed-Route" is still not set. i wonder if anybody implementing Framed-Routes can show us their configs. thanks. Mike McCauley wrote: I see something suspicious in your dictionary: You have the attribute: ATTRIBUTE Service-Type6 integer which you are using like: Service-Type = Framed-User but there is no corresponding VALUE in the dictionary, only these ones for User-Service: VALUE User-ServiceLogin-User 1 VALUE User-ServiceFramed-User 2 VALUE User-ServiceDialback-Login-User 3 VALUE User-ServiceDialback-Framed-User4 VALUE User-ServiceDialout-Framed-User 5 VALUE User-ServiceShell-User 6 The end result will be that the Service-Type will nbot be set properly in the reply. Could that be the problem? You should probably change those User-Service in you dictionary to Service-Type Hope that helps.. Cheers. Regards, -- .._.,+=~`^"-.,,.-"^'~=+,.__.,+=~`^"-.,,.-"^'~=+,.__.,+=~`^"-,, darwin a. bawasanta [EMAIL PROTECTED] pgp-id: 0x367CADAC network security administrator SKYinternet incorporated phils mobile: +63 917.322.6299pager: ec# 963589marsma|ow@IRC .._.,+=~`^"-.,,.-"^'~=+,.__.,+=~`^"-.,,.-"^'~=+,.__.,+=~`^"-,, "The positive thinker sees the invisible, feels the intangible, and achieves the impossible." === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) snmp agent
Hello Ricardo - On Tue, 14 Sep 1999, Ricardo Guerra wrote: sometimes radiator does'nt know when a user has been disconnected and since i use simultaneous use, they can not log in again, then i enabled snmp (cisco) but i get this problem Mon Sep 13 09:53:29 1999: ERR: /usr/bin/snmpget is not executable. Check and configure Nas.pm Mon Sep 13 09:53:34 1999: ERR: /usr/bin/snmpget is not executable. Check and configure Nas.pm Mon Sep 13 09:54:04 1999: ERR: /usr/bin/snmpget is not executable. Check and configure Nas.pm Mon Sep 13 10:00:18 1999: ERR: /usr/bin/snmpget is not executable. Check and configure Nas.pm Mon Sep 13 10:05:40 1999: ERR: /usr/bin/snmpget is not executable. Check and configure Nas.pm Mon Sep 13 10:06:15 1999: ERR: /usr/bin/snmpget is not executable. Check and configure Nas.pm how can i solve it? When you set the NasType in a Client clause to Cisco, Radiator will attempt to execute the snmpget program to query the NAS. By default, Radiator will look for the snmpget program in /usr/bin, but this can be altered with the SnmpgetProg global parameter. See Section 6.3.13 in the Radiator 2.14.1 reference manual. Note that you will also have to configure the NAS to respond to SNMP queries. hth Hugh -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8, NT, Rhapsody === Archive at http://www.thesite.com.au/~radiator/ To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) FRAMED-ROUTE problem
Hello again, sorry i posted a wrong Packet dump. this should be the right one this time. Tue Sep 14 13:15:16 1999: DEBUG: Packet dump: *** Received from 208.142.164.66 port 1645 Packet length = 240 01 ea 00 f0 6b 4b 43 41 55 6b 41 4b 6b 6b 43 57 43 4b 23 43 01 11 76 6f 6e 40 73 6b 79 69 6e 65 74 2e 6e 65 74 02 12 fe cc 24 da 50 cf c6 5e 88 ab 33 7c f7 73 c3 e8 04 06 d0 8e a4 42 05 06 00 00 00 1f 06 06 00 00 00 02 07 06 00 00 00 01 1e 09 34 31 31 39 39 39 39 1f 0c 30 33 32 34 31 32 36 32 37 38 1a 0e 00 00 01 ad 00 00 90 23 00 00 00 0a 1a 0e 00 00 01 ad 00 00 00 6c 00 00 00 13 1a 0e 00 00 01 ad 00 00 00 99 00 00 00 03 1a 0e 00 00 01 ad 00 00 00 c7 00 00 00 01 1a 0e 00 00 01 ad 00 00 90 19 00 00 00 00 1a 0e 00 00 01 ad 00 00 90 1a 00 00 00 00 1a 0e 00 00 01 ad 00 00 90 1b 00 00 00 02 20 1a 75 73 72 2d 6d 62 30 32 2e 63 62 75 2e 73 6b 79 69 6e 65 74 2e 6e 65 74 2c 0a 30 30 30 30 31 31 66 63 3d 06 00 00 00 00 Code: Access-Request Identifier: 234 Authentic: kKCAUkAKkkCWCK#C Attributes: User-Name = "[EMAIL PROTECTED]" Password = "254204$218P207198^1361713|247s195232" NAS-Identifier = 208.142.164.66 NAS-Port = 31 Service-Type = 2 Framed-Protocol = PPP Client-Port-DNIS = "411" Caller-Id = "0324126278" Connect-Speed = 10 Modulation-Type = 19 Simplified-MNP-Levels = 3 Simplified-V42bis-Usage = 1 Chassis-Call-Slot = 0 Chassis-Call-Span = 0 Chassis-Call-Channel = 2 NAS-Name = "usr-mb02.cbu.skyinet.net" Acct-Session-Id = "11fc" NAS-Port-Type = Async Tue Sep 14 13:15:16 1999: DEBUG: Check if Handler Realm="skyinet.net" should be used to handle this request Tue Sep 14 13:15:16 1999: DEBUG: Handling request with Handler 'Realm="skyinet.n et"' Tue Sep 14 13:15:16 1999: DEBUG: Rewrote user name to von Tue Sep 14 13:15:16 1999: DEBUG: Rewrote user name to von Tue Sep 14 13:15:16 1999: DEBUG: Deleting session for [EMAIL PROTECTED], 208.142. 164.66, 31 Tue Sep 14 13:15:16 1999: DEBUG: do query is: delete from RADONLINE where NASIDE NTIFIER='208.142.164.66' and NASPORT=31 Tue Sep 14 13:15:16 1999: DEBUG: Handling with Radius::AuthSQL Tue Sep 14 13:15:16 1999: DEBUG: Handling with Radius::AuthSQL Tue Sep 14 13:15:16 1999: DEBUG: Query is: select r.PASS_WORD, r.MAXLOGINS, IF(d .NAS_ID,d.NAS_ID, '208.142.164.66'), IF(d.NAS_PORT,d.NAS_PORT,'31'), d.FRAMED_A DDRESS, IF(d.FRAMED_NETMASK,d.FRAMED_NETMASK,'255.255.255.255'), d.FRAMED_ROUTE from RADUSERS r, DDUEXTENSION d where r.USERNAME='von' and d.USERNAME=r.USERNAME Tue Sep 14 13:15:16 1999: DEBUG: Radius::AuthSQL looks for match with von Tue Sep 14 13:15:16 1999: DEBUG: Query is: select NASIDENTIFIER, NASPORT, ACCTSE SSIONID from RADONLINE where USERNAME='[EMAIL PROTECTED]' Tue Sep 14 13:15:16 1999: DEBUG: Radius::AuthSQL ACCEPT: Tue Sep 14 13:15:16 1999: DEBUG: Access accepted for von Tue Sep 14 13:15:16 1999: DEBUG: Packet dump: *** Sending to 208.142.164.66 port 1645 Code: Access-Accept Identifier: 234 Authentic: kKCAUkAKkkCWCK#C Attributes: Framed-Address = 208.142.165.60 Framed-Netmask = 255.255.255.255 Framed-Route = "202.78.93.240/28 208.142.165.60 1" Service-Type = Framed-User Framed-Protocol = PPP Framed-MTU = 1500 Framed-Compression = Van-Jacobson-TCP-IP Tue Sep 14 13:15:20 1999: DEBUG: Packet dump: *** Received from 208.142.164.66 port 1645 Packet length = 260 04 eb 01 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2c 0a 30 30 30 30 31 31 66 63 01 11 76 6f 6e 40 73 6b 79 69 6e 65 74 2e 6e 65 74 04 06 d0 8e a4 42 05 06 00 00 00 1f 28 06 00 00 00 01 2d 06 00 00 00 01 1e 09 34 31 31 39 39 39 39 1f 0c 30 33 32 34 31 32 36 32 37 38 1a 0e 00 00 01 ad 00 00 90 23 00 00 00 0a 1a 0e 00 00 01 ad 00 00 00 6c 00 00 00 13 1a 0e 00 00 01 ad 00 00 00 99 00 00 00 03 1a 0e 00 00 01 ad 00 00 00 c7 00 00 00 01 1a 0e 00 00 01 ad 00 00 90 19 00 00 00 00 1a 0e 00 00 01 ad 00 00 90 1a 00 00 00 00 1a 0e 00 00 01 ad 00 00 90 1b 00 00 00 02 1a 0e 00 00 01 ad 00 00 90 1d 00 00 00 14 20 1a 75 73 72 2d 6d 62 30 32 2e 63 62 75 2e 73 6b 79 69 6e 65 74 2e 6e 65 74 3d 06 00 00 00 00 06 06 00 00 00 02 07 06 00 00 00 01 08 06 d0 8e a5 3c 29 06 00 00 00 00 Code: Accounting-Request Identifier: 242 Authentic: Attributes: Acct-Session-Id = "11fc" User-Name = "[EMAIL PROTECTED]" NAS-Identifier = 208.142.164.66 NAS-Port = 31 Acct-Status-Type = Stop Acct-Session-Time = 73 Acct-Terminate-Cause = User-Request Acct-Authentic = RADIUS Client-Port-DNIS = "411" Caller-Id = "0324126278" Connect-Speed = 10 Modulation-Type = 19 Simplified-MNP-Levels = 3 Simplified-V42bis-Usage = 1 Chassis-Call-Slot = 0 Chassis-Call-Span = 0