date:20000618

Re: (RADIATOR) Setting up a Dynamic Pool

2000-06-18 Thread Mike McCauley

--- Forwarded mail from [EMAIL PROTECTED]

Date: Sat, 17 Jun 2000 09:40:13 +1000 (EST)
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: BOUNCE [EMAIL PROTECTED]:Non-member submission from [Simon
Hackett [EMAIL PROTECTED]]

From mikem  Sat Jun 17 09:40:09 2000
Received: by oscar.open.com.au (8.9.0/8.9.0) id JAA04584
for [EMAIL PROTECTED]; Sat, 17 Jun 2000 09:40:09 +1000 (EST)
Received: from hamish.internode.com.au (hamish.internode.com.au
[192.83.231.113]) by perki.connect.com.au with ESMTP id JAA28862
  (8.8.8/IDA-1.7 for [EMAIL PROTECTED]); Sat, 17 Jun 2000 09:27:15 +1000
(EST)
Received: from hamish.internode.com.au (hamish.internode.com.au
[192.83.231.113]) by perki.connect.com.au with ESMTP id JAA28862
  (8.8.8/IDA-1.7 for [EMAIL PROTECTED]); Sat, 17 Jun 2000 09:27:15 +1000
(EST)
Received: (from simon@localhost)
by hamish.internode.com.au (8.9.2/8.9.2) id IAA87843;
Sat, 17 Jun 2000 08:57:11 +0930 (CST)
(envelope-from simon)
From: Simon Hackett [EMAIL PROTECTED]
Message-Id: [EMAIL PROTECTED]
Subject: Re: (RADIATOR) Setting up a Dynamic Pool
In-Reply-To: [EMAIL PROTECTED] from
Todd Knaus at "Jun 16, 2000 12:27:59 pm"
To: [EMAIL PROTECTED] (Todd Knaus)
Date: Sat, 17 Jun 2000 08:57:11 +0930 (CST)
Cc: [EMAIL PROTECTED] (Radiator)
X-Mailer: ELM [version 2.4ME+ PL54 (25)]
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=US-ASCII

 In the past we had the actuall server (a livingston Portmaster) do the
 assignment.  However, we have purchased a new CISCO AS5300 and evidently
 the 5300 cannot do this.  Well, actaully I guess it can however, if we
 set it up using a dynamic Pool then our Static customer have problems.
 So we are being told that either you have Radius do everything or you
 have the CISCO do everything.but you can't have the CISCO hand out
 dynamic and Radius hand out static.

You've been misinformed. You can do what you want with Cisco IOS, and we
and have done just that for quite some time.

Go dig around in the CCO documentation a bit more, or
get yourself 'told' what is possible by someone with more experience with
Cisco IOS than the person you've been listening to so far.

Essentially, just define a local pool on the cisco and if the radius response
doesn't specify an explicit ip address, the cisco will default back to using
its local pool. There really isn't much of a problem to solve here.

For the ultimate in configurability, you can even use cisco avpairs to
download an ip address pool definition to the 5x00 from the radius
server (we don't do this - don't really see the point at our existing
size)

http://www.cisco.com/univercd/cc/td/doc/product/software/ios112/peruser.htm

Anyway:

An example of the cisco side config lines that are relevant is:

ip address-pool local

then define a local pool, e.g.:

   ip local pool default start-ip end-ip

on each async (or group-async) interface that's relevant, or
sync interface if you also want to work this way for isdn calls,
you use the command

peer default ip address pool default

Which tells IOS to use the pool called 'default' to assign the ip
address if the radius response doesn't provide an IP address. However,
if it does, then this is respected in preference to using the local
pool to assign one.

And you're done!

Simon

---End of forwarded mail from [EMAIL PROTECTED]

-- 
Mike McCauley   [EMAIL PROTECTED]
Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985   Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc 
on Unix, Win95/8, 2000, NT, MacOS X
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

(RADIATOR) Re: (Fwd) Simultaneous Logins with 2.14

2000-06-18 Thread Hugh Irvine



Hello John -

 
 I wanted to see if there were any known problems with version 2.14 of
 Radiator using AuthBy Emerald and the entry...
 
   AuthSelect ,sa.LoginLimit
 
 One of our customers has his users loginlimit set to 1 for all but 2 users.
 And for some reason, everyone can login as many times as they want.
 

You might try setting a DefaultSimultaneousUse parameter in the AuthBy clause:

AuthBy EMERALD
DefaultSimultaneousUse 1

/AuthBy

And could you send me a trace 4 debug showing what is happening?

BTW - the latest version of Radiator is 2.16.1.

regards

Hugh

-- 
Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.



===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

(RADIATOR) AuthByDynaddress

2000-06-18 Thread Dean Brandt



Hi Guys,

I am still getting this error in my logs when attempting to use
authbydynaddress:

Jun 19 10:36:57 contender ./radiusd[24050]: Handling with
Radius::AuthRADIUS 
Jun 19 10:36:57 contender ./radiusd[24050]: Handling with
Radius::AuthDYNADDRESS 
Jun 19 10:36:57 contender ./radiusd[24050]: do query is: update RADPOOL
set STATE=0, TIME_STAMP=961375017 where YIADDR='' 

My cfg looks like this:

AddressAllocator SQL
 Identifier xxx

 DBSourcedbi:mysql:radius
 DBUsername  root
 DBAuth  radiator

 AddressPool pool1
 Subnetmask  255.255.255.0
 Range   203.44.90.130 203.44.90.134
 /AddressPool
 /AddressAllocator


Realm xxx.net.au
RewriteUsername s/^([^@]+).*/$1/
AuthBy RADIUS
Host xxx.xxx.xxx.xxx
Secret 
/AuthBy
AcctLogFileName %L/detail.xxx

 AuthBy DYNADDRESS
 Allocator xxx
 PoolHint %{Reply:PoolHint}
 StripFromReply PoolHint
/AuthBy

/Realm

See any glaring faults? :)

I am getting the PoolHint from the /etc/raddb/users file using:

username Password = ""
 PoolHint = pool1

Regards


-- 

Dean Brandt

Technical Director
Cain Internet Services Pty Ltd
ACN 091949405
Ph 61-3-95231065
Satellite Access - $29.95 - no limits


===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) Sim. use control by Ping

2000-06-18 Thread Clement


Yes, it works well.  Thank you very much.

Hugh Irvine wrote:
 
 Hello all -
 
 On Thu, 15 Jun 2000, Aaron Holtz wrote:
  I'm not sure that is correct.  If you look at the code, DeleteQuery runs
  right before a new session is entered into the online database.  So if
  your query includes removing the Framed IP from the database you should be
  good to go.  Using the ping type and changing up your DeleteQuery should
  keep your online database almost perfect.  The only instance where things
  can get goofy are when a Stop packet is lost and the next user who gets
  the Framed IP of the lost Stop packet user has their Start packet lost.
  Just modify your DeleteQuery statement per Mike's previous suggestion and
  you should be all set.
 
 
 Aaron is correct, here is the code from SessSQL.pm:
 
 sub add
 {
 my ($self, $name, $nas_id, $nas_port, $p) = @_;
 
 # (Re)-connect to the database if necessary,
 return undef
 if !$self-reconnect;
 
 main::log($main::LOG_DEBUG,
"$self-{Identifier} Adding session for $name, $nas_id, $nas_port
 ");
 # Delete any existing session on this port first: its clearly defunct
 my $q = Radius::Util::format_special($self-{DeleteQuery}, $p);
 $self-do($q);
 
 # Now add the new one
 $q = Radius::Util::format_special($self-{AddQuery}, $p);
 $self-do($q);
 }
 
 As you can see, the DeleteQuery is run immediately before the new session is
 added. I've copied this to Mike so he can add something to the documentation.
 
 Thanks
 
 Hugh
 
 --
 Radiator: the most portable, flexible and configurable RADIUS server
 anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
 Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
 Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
 
 ===
 Archive at http://www.starport.net/~radiator/
 Announcements on [EMAIL PROTECTED]
 To unsubscribe, email '[EMAIL PROTECTED]' with
 'unsubscribe radiator' in the body of the message.

-- 

Regards,

Clement
ANS Communications P/L
===
Post Addr:  P O Box 6626 Blacktown BC, NSW 2148
Tel: (02) 9552 1655 Fax: (02) 9972 2633

===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) Setting up a Dynamic Pool

(RADIATOR) Re: (Fwd) Simultaneous Logins with 2.14

(RADIATOR) AuthByDynaddress

Re: (RADIATOR) Sim. use control by Ping

4 matches

Site Navigation

Mail list logo

Footer information