No Subject
--- Forwarded mail from [EMAIL PROTECTED] From: [EMAIL PROTECTED] Date: Thu, 21 Jun 2001 23:53:01 -0500 To: [EMAIL PROTECTED] Subject: BOUNCE [EMAIL PROTECTED]:Non-member submission from ["asi" <[EMAIL PROTECTED]>] >From [EMAIL PROTECTED] Thu Jun 21 23:53:01 2001 Received: from votw.com (IDENT:[EMAIL PROTECTED] [192.117.124.253]) by server1.open.com.au (8.11.0/8.11.0) with ESMTP id f5M4r0D24530 for <[EMAIL PROTECTED]>; Thu, 21 Jun 2001 23:53:00 -0500 Received: from domain ([192.117.124.3]) by votw.com (8.9.3/8.9.2) with SMTP id JAA20133 for <[EMAIL PROTECTED]>; Fri, 22 Jun 2001 09:38:27 +0300 Message-ID: <000c01c0faf0$2ee74f60$037c75c0@domain> From: "asi" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Subject: Date: Fri, 22 Jun 2001 09:51:44 +0200 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="=_NextPart_000_0009_01C0FB00.F206AF30" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2314.1300 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 This is a multi-part message in MIME format. --=_NextPart_000_0009_01C0FB00.F206AF30 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable hello I buy the radiator in 20.06.2001 I need to know if I can put the = radiator as a service in the server and how I can do so I need to put the radiator as a service thanks=20 asaf cohen tropic telecom=20 --=_NextPart_000_0009_01C0FB00.F206AF30 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable hello I buy the radiator in 20.06.2001 = I need to=20 know if I can put the radiator as a service in the server and how I can do so I need to put = the radiator=20 as a service thanks asaf cohen tropic telecom=20 --=_NextPart_000_0009_01C0FB00.F206AF30-- ---End of forwarded mail from [EMAIL PROTECTED] -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR)
unsubscribe end Cesar Garcia. Dept. Sistemas de IdecNet SA Edificio IdecNet. C/Juan XXIII 44, Centro de Gestion de Red, E-35004, Las Palmas de Gran Canaria, Islas Canarias - Spain. Tfn: +34 828 111 000 === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Digest::MD4 on RedHat???
I am having a problem with Radiator 2.18.2 dying after receiving MS-CHAP autentication requests. Perl complains about not being able to find Digest/MD4.pm, which I can't find anywhere. I'm running RedHat 6.2, so the previous posts concerning Activestate Perl do not apply. Does anyone know of SRPMS that will provide this module? Carl Litt Network Administrator Execulink Internet === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Dual accounting
I am running Radiator on BSDI4.1. I have the accounting logging to a file via AcctLogFileName in the cfg. We use a billmax billing system that needs this information sent to it, to be added to its db. Can I fork the accounting so that it will send the info to Billmax AND keep logging to my files? Thanks, Chris
(RADIATOR) Attribute Length
Ive had a request to reduce attribute 242 (Ascend Data Filter) from 28 to 26 characters. Anyone have any idea how to do this? Also, any idea how to strip off the 2nd proxy-state attribute when a request is proxied mutiple levels? BrandonDialup USA, Inc.
(RADIATOR) PostAuthHook question.
Hello,
I'm in need of adding specific attributes to the reply packets for one
of the routers I have to authenticate (out of hundreds). Since I only
have need for one handler and we don't use realms, I figure the best
thing to do would be to have a little PostAuthHook that tested my
request for the right IP address and if it passes, add the apprpriate
attributes to the reply packet. I used to have a problem with
NAS-IP-Address fields not matching the actual IP address of the router
sending the packet, so now I have an 'identifier' in every client block
with the IP address that I want to be associated with each router (it's
actual IP address.) That 'identifier' is used in my AUthBy module that I
wrote to test various things about each router (allowing certain
customers access only on certain routers, etc.)
When I put in the following PostAuthHook, it won't compile, and quite
honestly I'm not sure if I've done this right. Any help would be
appreciated. I tried to steal this straight out of the manual, so I'm a
little surprised at the error I get.
RewriteUsername s/^([^@]+).*/$1/
AuthByPolicy ContinueUntilAccept
# authorize by the module AuthQuikRadAcct.pm
# Fork
# authorize by the module AuthQuikRad.pm
# Handle the Router 65.89.75.8
PostAuthHook sub { if ${$_[2]} eq $main::ACCEPT && \
${$_[0]}->{Client}->{Identifier} eq "65.89.75.8" { \
${$_[1]}->add_attr('Ascend-Data-Filter','ip in forward tcp
est'); \
${$_[1]}->add_attr('Ascend-Data-Filter','ip in forward dstip
216.176.28.1/32'); \
${$_[1]}->add_attr('Ascend-Data-Filter','ip in drop tcp
dstport=25'); \
${$_[1]}->add_attr('Ascend-Data-Filter','ip in forward'); \
${$_[1]}->change_attr('Service-Type','Framed'); \
} \
}
# Log accounting to the detail file in LogDir/
AcctLogFileName %L/%c/detail
# MaxSessions 1
The error in the log file is:
Thu Jun 21 10:10:35 2001: ERR: Compilation error in PostAuthHook: syntax
error at (eval 77) line 1, near "if $"
syntax error at (eval 77) line 2, at EOF
Missing right bracket at (eval 77) line 2, at end of line
Thu Jun 21 10:10:35 2001: ERR: Unknown keyword
'${$_[1]}->add_attr('Ascend-Data-Filter','ip' in /etc/radius.cfg line
109
It appears to be failing right away at my conditional. Are conditionals
unacceptable?
Griff Hamlin, III
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
RE: (RADIATOR) I need to change the symbol that is used to sepera te username and realm.
This worked very nicely!!:) I completely replaced the Realm statement with the Handler, and used a radius attribute that was unique to each server requesting the authentication. Thanks alot! Steve -Original Message- From: Hugh Irvine [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 21, 2001 3:05 AM To: Kitabjian, Dave; 'Felicetti, Stephen A.'; '[EMAIL PROTECTED]' Subject: RE: (RADIATOR) I need to change the symbol that is used to sepera te username and realm. Hello Steve, Hello Dave - Dave is correct, you should use Handlers instead of Realms. # define Handlers . .. regards Hugh At 4:36 PM -0400 6/20/01, Kitabjian, Dave wrote: >I don't know how easy it is to change the definition of "realm", so I'll >defer that answer to someone else. > >However, you can set aside the feature and use the feature >along with a Perl regexp to look for whatever character you want as the >delimiter. > >Dave >:) > >> -Original Message- >> From: Felicetti, Stephen A. [mailto:[EMAIL PROTECTED]] >> Sent: Wednesday, June 20, 2001 3:24 PM >> To: '[EMAIL PROTECTED]' >> Subject: (RADIATOR) I need to change the symbol that is used >> to seperate username and realm. >> >> >> I'm using 2.16.1 on Solaris. >> I have 2 realms in my config file. >> One is the default of no realm, and the other is used to >> handle my firewall >> authentications: >> It works nicely when I use: username@firewall for most >> authentications. However, the problem I'm running into, is in >> order for my firewall to authenticate FTP sessions, it uses a >> goofy syntax in the form of: >> >> ftp-account-name@[EMAIL PROTECTED] >> >> See all those @ symbols? The firewall uses them as field >> delimiters, so I can't use the old username format of >> username@firewall. If I can get Radiator to use a different >> symbol other then @ to determine the realm, it would make >> life a whole lot easier. Modifying the firewall isn't an option. >> >> Is this possible? >> >> Thanks a lot!! >> Steve >> >> >> >> >> >> >> >> >> >> Stephen A. FelicettiFox Chase Cancer Center >> Sr. Network Engineer215-728-2956 (v) >> Research Information Technology Facility215-728-2513 (f) >> [EMAIL PROTECTED] >> >> >> >> >=== >Archive at http://www.open.com.au/archives/radiator/ >Announcements on [EMAIL PROTECTED] >To unsubscribe, email '[EMAIL PROTECTED]' with >'unsubscribe radiator' in the body of the message. -- NB: I am travelling this week, so there may be delays in our correspondence. Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) help regarding radiator configuration
Hello Faisal - I suggest you start by having a look at the example configuration file called "radius.cfg" in the distribution, and also have a look at the example configuration files in the "goodies" directory. And of course you should have a quick read through the manual in the file called "doc/ref.html" also included in the distribution. The easiest way to connect from Radiator on Linux to MS SQL is to use the Sybase client libraries included in the free version of Sybase for Linux. regards Hugh At 4:06 PM +0500 6/21/01, Syed Faisal Qadri wrote: >Hello Everybody, > >I have just downloaded Radiator for LINUX to evaluate. I have following >things running on my network. > >- Livingston PM2e >- MAX 3000 >- MS SQL 6.5 as Accounting server > >could somebody kindly help me in building a configuration for Radiator >that will support Flat linux passwd file for authentication and log >accouting logs to MS SQL server through ODBC, additionally how could I >activate CLI feature for MAX 3000 (that would check users telephone no >and authenticate accordingly) > >Looking forward for help, > >Faisal Qadri. > >=== >Archive at http://www.open.com.au/archives/radiator/ >Announcements on [EMAIL PROTECTED] >To unsubscribe, email '[EMAIL PROTECTED]' with >'unsubscribe radiator' in the body of the message. -- NB: I am travelling this week, so there may be delays in our correspondence. Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Re: Problem about Time check item
Title: Re: Problem about Time check
item
Hello Chairarth -
You cannot configure Radiator as you have shown below - you will
need to use cascaded AuthBy clauses, something like this:
# define AuthBy FILE
Identifier CheckUsers
Filename %D/adsl.users
# define Realms
AuthBy
CheckUsers
Then in the file "adsl.users", something like
this:
# define DEFAULT users
DEFAULT Prefix = S, Time =
"SaSu-2359", Auth-Type RADMINAUTH
DEFAULT Prefix = P, Time =
"Wk2200-", Auth-Type RADMINAUTH
hth
Hugh
At 5:16 PM +0700 6/21/01, chairarth wrote:
Hi
Hugh,
Our concept
is customer who login with username Sxxx@qnetadsl will be
allowed to log on only on Saturday-Sunday , and only on Monday -
Friday from 22:00 - 00:00 for username Pxxx@qnetadsl
So I try to use Time and Prefix check
item but it show error like these
ERR : Unknow keyword 'DEFAULT'
ERR : Unknow keyword
'Time'
How can I
fix it ?
Thanks in
advance,
Chairath
P.S. Now
I'm implement RADIATOR version 2.18.2 and RADMIN version 1.4 based on
Windows NT
Foreground
LogStdout
LogDir
d:/Radiator-Demo-2.18/log
DbDir
d:/Radiator-Demo-2.18
LogFile %L/logfile-%d-%m-%Y
# Dont turn
this up too high, since all log messages are logged
# to the RADMESSAGES table in the
database. 3 will give you everything
# except debugging messages
Trace 4
# You will
probably want to change this to suit your site.
# You should list all the clients you
have, and their secrets
# If you are using the Radmin Clients
table, you wil probably
# want to disable this.
#
# Secret mysecret
# DupInterval 0
#
# You can
put additonal (or all) client details in your Radmin
# database table
# and get their details from there with
something like this:
# You can then use the Radmin 'Add
Radius Client' to add new clients.
DBSource dbi:ODBC:Radmin
DBUsername xxx
DBAuth xxx
#
# Identifier ProxyTofunk
# Host xxx
# Secret xxx
#
#
# strip Realm
# RewriteUsername
s/^([^@]+).*/$1/
# AuthBy ProxyTofunk
#
Identifier RADMINAUTH
# Change DBSource, DBUsername,
DBAuth for your database
# See the reference manual. You
will also have to
# change the one in
below
# so its the same
DBSource dbi:ODBC:Radmin
DBUsername xxx
DBAuth xxx
DateFormat %e %m %Y
%T
# You can add to or change these
if you want, but you
# will probably want to change the
database schema first
AccountingTable RADUSAGE
AcctColumnDef
USERNAME,User-Name
AcctColumnDef
TIME_STAMP,Timestamp,integer
AcctColumnDef
ACCTSTATUSTYPE,Acct-Status-Type,integer
AcctColumnDef
ACCTDELAYTIME,Acct-Delay-Time,integer
AcctColumnDef
ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef
ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef
ACCTSESSIONID,Acct-Session-Id
AcctColumnDef
ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef
ACCTTERMINATECAUSE,Acct-Terminate-Cause,integer
AcctColumnDef
FRAMEDIPADDRESS,Framed-IP-Address
AcctColumnDef
NASIDENTIFIER,NAS-Identifier
AcctColumnDef
NASIDENTIFIER,NAS-IP-Address
AcctColumnDef
NASPORT,NAS-Port,integer
AcctColumnDef
DNIS,Called-Station-Id
AcctColumnDef
DATE,Timestamp,integer-date
# This updates the time and octets
left
# for this user
AcctSQLStatement update RADUSERS
set TIMELEFT=TIMELEFT-0%{Acct-Session-Time}, OCTETSINLEFT=OCTETSINLEFT-0%{Acct-Input-Octets}, OCTETSOUTLEFT=OCTETSOUTLEFT-0%{Acct-Output-Octets} where USERNAME='%n'
#
These are the classic things to add to each users
# reply to allow a PPP dialup
session. It may be
# different for your NAS. This
will add some
# reply items to everyone's
reply
AddToReply Framed-Protocol =
PPP,\
Service-Type =
Framed-User,\
Framed-IP-Netmask = 255.255.255.255,\
Framed-Routing = None,\
Framed-MTU
= 1500,\
Framed-Compression =
Van-Jacobson-TCP-IP,\
Idle-Timeout = 600
DEFAULT Prefix
= S
Time =
"SaSu-2359"
AuthBy
RADMINAUTH
DEFAULT Prefix =
P
Time =
"Wk2200-"
AuthBy
RADMINAUTH
# Handle
everyone with RADMIN
AuthBy RADMINAUTH
# This database spec usually
should be exactly the same
# as in
above
DBSource dbi:ODBC:Radmin
DBUsername xxx
DBAuth xxx
ClearNasQuery
--
NB:
I am travelling this week, so there may be delays in our
correspondence.
Radiator: the most portable, flexible and configurable RADIUS
server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT,
Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc,
etc.
Available on Unix, Linux,
FreeBSD, Windows 95/98/2000, NT, MacOS X.
Re: (RADIATOR) 128k isdn dialup
Hello Chris -
Thanks for sending the trace output.
The trace shows two Access Requests, each one of which results in an
Access-Accept and as far as I can see there are two accounting Starts
as well.
In other words, Radiator is doing the right thing.
What is happening on the NAS while this is going on?
And what do you see on the PC?
What indication do you have that this is not working as you expect?
thanks
Hugh
At 11:26 AM + 6/21/01, Chris Rockett wrote:
>Hi,
>
>I hope that this is the inf that you were after :
>
>Tue Jun 19 09:57:43 2001: DEBUG: Packet dump:
>*** Received from 213.161.67.204 port 7000
>Code: Access-Request
>Identifier: 207
>Authentic: y<177>iV<156><207><176><26><250>Tl<13><159><2> <28>
>Attributes:
> User-Name = "[EMAIL PROTECTED]"
> User-Password = "<131><0><8><200>5'<199>o<249>aq<136>~mf<205>"
> NAS-Port = 5
> NAS-Port-Type = ISDN-Synchronous
> Acc-Request-Type = User-Authentication
> Service-Type = Framed
> Framed-Protocol = PPP
> Called-Station-Id = "179700"
> Calling-Station-Id = "1243776030"
> NAS-Identifier = "08:00:03:04:06:BC"
>
>Tue Jun 19 09:57:43 2001: DEBUG: Check if Handler
>Realm=education.navaho.net,Time="Wk0800-1800",Called-Station-Id=0820842
>should be used to handle this request
>Tue Jun 19 09:57:43 2001: DEBUG: Check if Handler
>Realm=education.navaho.net,Called-Station-Id=179700 should be used to
>handle this request
>Tue Jun 19 09:57:43 2001: DEBUG: Handling request with Handler
>'Realm=education.navaho.net,Called-Station-Id=179700'
>Tue Jun 19 09:57:43 2001: DEBUG: Rewrote user name to testuser
>Tue Jun 19 09:57:43 2001: DEBUG: Deleting session for
>[EMAIL PROTECTED], 213.161.67.204, 5
>Tue Jun 19 09:57:43 2001: DEBUG: Handling with Radius::AuthLDAP
>Tue Jun 19 09:57:43 2001: DEBUG: Connecting to localhost, port 389
>Tue Jun 19 09:57:43 2001: DEBUG: LDAP got result for uid=testuser,
>dc=education,dc=navaho,dc=net
>Tue Jun 19 09:57:43 2001: DEBUG: LDAP got iphostnumber: 213.161.67.223
>Tue Jun 19 09:57:43 2001: DEBUG: LDAP got userpassword: {clear}unencry
>Tue Jun 19 09:57:43 2001: DEBUG: Radius::AuthLDAP looks for match with
>testuser
>Tue Jun 19 09:57:43 2001: DEBUG: Radius::AuthLDAP ACCEPT:
>Tue Jun 19 09:57:43 2001: DEBUG: Access accepted for testuser
>Tue Jun 19 09:57:43 2001: DEBUG: Packet dump:
>*** Sending to 213.161.67.204 port 7000
>Code: Access-Accept
>Identifier: 207
>Authentic: y<177>iV<156><207><176><26><250>Tl<13><159><2> <28>
>Attributes:
> Framed-IP-Address = 213.161.67.223
> Service-Type = Framed
> Framed-Protocol = PPP
> Framed-MTU = 1500
> Idle-Timeout = 300
>
>Tue Jun 19 09:57:43 2001: DEBUG: Packet dump:
>*** Received from 213.161.67.204 port 7100
>Code: Accounting-Request
>Identifier: 249
>Authentic: <231>P{F<157>3I[<132><209>G<160><255>YV<254>
>Attributes:
> User-Name = "[EMAIL PROTECTED]"
> NAS-Port = 5
> NAS-Port-Type = ISDN-Synchronous
> Acc-Request-Type = User-Accounting
> Service-Type = Framed
> Framed-Protocol = PPP
> Called-Station-Id = "179700"
> Calling-Station-Id = "1243776030"
> NAS-Identifier = "08:00:03:04:06:BC"
> Acct-Status-Type = Start
> Acct-Delay-Time = 0
> Acct-Session-Id = "010619.100829.010761"
> Acc-Dial-Port-Index = 203
> Connect-Info = "64000 "
> Acc-Connect-Tx-Speed = 64000
> Acc-Connect-Rx-Speed = 64000
> Acct-Multi-Session-Id = "010619.100829.010761"
> Acct-Link-Count = 1
> Acct-Authentic = RADIUS
> Acc-Service-Profile = "tigris"
> Framed-IP-Address = 213.161.67.223
> Idle-Timeout = 300
> Framed-MTU = 1500
>
>Tue Jun 19 09:57:43 2001: DEBUG: Check if Handler
>Realm=education.navaho.net,Time="Wk0800-1800",Called-Station-Id=0820842
>should be used to handle this request
>Tue Jun 19 09:57:43 2001: DEBUG: Check if Handler
>Realm=education.navaho.net,Called-Station-Id=179700 should be used to
>handle this request
>Tue Jun 19 09:57:43 2001: DEBUG: Handling request with Handler
>'Realm=education.navaho.net,Called-Station-Id=179700'
>Tue Jun 19 09:57:43 2001: DEBUG: Rewrote user name to testuser
>Tue Jun 19 09:57:43 2001: DEBUG: Adding session for
>[EMAIL PROTECTED], 213.161.67.204, 5
>Tue Jun 19 09:57:43 2001: DEBUG: Handling with Radius::AuthLDAP
>Tue Jun 19 09:57:43 2001: DEBUG: Accounting accepted
>Tue Jun 19 09:57:43 2001: DEBUG: Packet dump:
>*** Sending to 213.161.67.204 port 7100
>Code: Accounting-Response
>Identifier: 249
>Authentic: <231>P{F<157>3I[<132><209>G<160><255>YV<254>
>Attributes:
>
>Tue Jun 19 09:57:43 2001: DEBUG: Packet dump:
>*** Received from 213.161.67.204 port 7000
>Code: Access-Request
>Identifier: 208
>Authentic: =<21><214><226><7>1^\<157><239><1><138>cB.c
>Attributes:
> User-Name = "[EMAIL PROTECTED]"
>
(RADIATOR) help regarding radiator configuration
Hello Everybody, I have just downloaded Radiator for LINUX to evaluate. I have following things running on my network. - Livingston PM2e - MAX 3000 - MS SQL 6.5 as Accounting server could somebody kindly help me in building a configuration for Radiator that will support Flat linux passwd file for authentication and log accouting logs to MS SQL server through ODBC, additionally how could I activate CLI feature for MAX 3000 (that would check users telephone no and authenticate accordingly) Looking forward for help, Faisal Qadri. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) 128k isdn dialup
Hi,
I hope that this is the inf that you were after :
Tue Jun 19 09:57:43 2001: DEBUG: Packet dump:
*** Received from 213.161.67.204 port 7000
Code: Access-Request
Identifier: 207
Authentic: y<177>iV<156><207><176><26><250>Tl<13><159><2> <28>
Attributes:
User-Name = "[EMAIL PROTECTED]"
User-Password = "<131><0><8><200>5'<199>o<249>aq<136>~mf<205>"
NAS-Port = 5
NAS-Port-Type = ISDN-Synchronous
Acc-Request-Type = User-Authentication
Service-Type = Framed
Framed-Protocol = PPP
Called-Station-Id = "179700"
Calling-Station-Id = "1243776030"
NAS-Identifier = "08:00:03:04:06:BC"
Tue Jun 19 09:57:43 2001: DEBUG: Check if Handler
Realm=education.navaho.net,Time="Wk0800-1800",Called-Station-Id=0820842
should be used to handle this request
Tue Jun 19 09:57:43 2001: DEBUG: Check if Handler
Realm=education.navaho.net,Called-Station-Id=179700 should be used to
handle this request
Tue Jun 19 09:57:43 2001: DEBUG: Handling request with Handler
'Realm=education.navaho.net,Called-Station-Id=179700'
Tue Jun 19 09:57:43 2001: DEBUG: Rewrote user name to testuser
Tue Jun 19 09:57:43 2001: DEBUG: Deleting session for
[EMAIL PROTECTED], 213.161.67.204, 5
Tue Jun 19 09:57:43 2001: DEBUG: Handling with Radius::AuthLDAP
Tue Jun 19 09:57:43 2001: DEBUG: Connecting to localhost, port 389
Tue Jun 19 09:57:43 2001: DEBUG: LDAP got result for uid=testuser,
dc=education,dc=navaho,dc=net
Tue Jun 19 09:57:43 2001: DEBUG: LDAP got iphostnumber: 213.161.67.223
Tue Jun 19 09:57:43 2001: DEBUG: LDAP got userpassword: {clear}unencry
Tue Jun 19 09:57:43 2001: DEBUG: Radius::AuthLDAP looks for match with
testuser
Tue Jun 19 09:57:43 2001: DEBUG: Radius::AuthLDAP ACCEPT:
Tue Jun 19 09:57:43 2001: DEBUG: Access accepted for testuser
Tue Jun 19 09:57:43 2001: DEBUG: Packet dump:
*** Sending to 213.161.67.204 port 7000
Code: Access-Accept
Identifier: 207
Authentic: y<177>iV<156><207><176><26><250>Tl<13><159><2> <28>
Attributes:
Framed-IP-Address = 213.161.67.223
Service-Type = Framed
Framed-Protocol = PPP
Framed-MTU = 1500
Idle-Timeout = 300
Tue Jun 19 09:57:43 2001: DEBUG: Packet dump:
*** Received from 213.161.67.204 port 7100
Code: Accounting-Request
Identifier: 249
Authentic: <231>P{F<157>3I[<132><209>G<160><255>YV<254>
Attributes:
User-Name = "[EMAIL PROTECTED]"
NAS-Port = 5
NAS-Port-Type = ISDN-Synchronous
Acc-Request-Type = User-Accounting
Service-Type = Framed
Framed-Protocol = PPP
Called-Station-Id = "179700"
Calling-Station-Id = "1243776030"
NAS-Identifier = "08:00:03:04:06:BC"
Acct-Status-Type = Start
Acct-Delay-Time = 0
Acct-Session-Id = "010619.100829.010761"
Acc-Dial-Port-Index = 203
Connect-Info = "64000 "
Acc-Connect-Tx-Speed = 64000
Acc-Connect-Rx-Speed = 64000
Acct-Multi-Session-Id = "010619.100829.010761"
Acct-Link-Count = 1
Acct-Authentic = RADIUS
Acc-Service-Profile = "tigris"
Framed-IP-Address = 213.161.67.223
Idle-Timeout = 300
Framed-MTU = 1500
Tue Jun 19 09:57:43 2001: DEBUG: Check if Handler
Realm=education.navaho.net,Time="Wk0800-1800",Called-Station-Id=0820842
should be used to handle this request
Tue Jun 19 09:57:43 2001: DEBUG: Check if Handler
Realm=education.navaho.net,Called-Station-Id=179700 should be used to
handle this request
Tue Jun 19 09:57:43 2001: DEBUG: Handling request with Handler
'Realm=education.navaho.net,Called-Station-Id=179700'
Tue Jun 19 09:57:43 2001: DEBUG: Rewrote user name to testuser
Tue Jun 19 09:57:43 2001: DEBUG: Adding session for
[EMAIL PROTECTED], 213.161.67.204, 5
Tue Jun 19 09:57:43 2001: DEBUG: Handling with Radius::AuthLDAP
Tue Jun 19 09:57:43 2001: DEBUG: Accounting accepted
Tue Jun 19 09:57:43 2001: DEBUG: Packet dump:
*** Sending to 213.161.67.204 port 7100
Code: Accounting-Response
Identifier: 249
Authentic: <231>P{F<157>3I[<132><209>G<160><255>YV<254>
Attributes:
Tue Jun 19 09:57:43 2001: DEBUG: Packet dump:
*** Received from 213.161.67.204 port 7000
Code: Access-Request
Identifier: 208
Authentic: =<21><214><226><7>1^\<157><239><1><138>cB.c
Attributes:
User-Name = "[EMAIL PROTECTED]"
User-Password =
""!<143><250><176><196><181><171><208>{<236>g@<151><209>N"
NAS-Port = 6
NAS-Port-Type = ISDN-Synchronous
Acc-Request-Type = User-Authentication
Service-Type = Framed
Framed-Protocol = PPP
Called-Station-Id = "179700"
Calling-Station-Id = "1243776030"
NAS-Identifier = "08:00:03:04:06:BC"
Tue Jun 19 09:57:43 2001: DEBUG: Check if Handler
Realm=education.navaho.net,Time="Wk0800-1800",Called-Station-Id=0820842
should be used to handle this request
Tue Jun 19 09:57:43 2001: DEBUG: Check if Handler
Realm=education.navaho.net,Called-St
(RADIATOR) Problem about Time check item
Hi Hugh,
Our concept is customer
who login with username Sxxx@qnetadsl will be allowed to log on only on
Saturday-Sunday , and only on Monday - Friday from 22:00 - 00:00 for username
Pxxx@qnetadsl
So I try to use Time and
Prefix check item but it show error like these
ERR
: Unknow keyword 'DEFAULT'
ERR
: Unknow keyword 'Time'
How can I fix it ?
Thanks in advance,
Chairath
P.S. Now I'm implement RADIATOR
version 2.18.2 and RADMIN version 1.4 based on Windows NT
Foreground
LogStdout
LogDir d:/Radiator-Demo-2.18/log
DbDir d:/Radiator-Demo-2.18
LogFile %L/logfile-%d-%m-%Y
# Dont turn this up too high,
since all log messages are logged
# to the RADMESSAGES table
in the database. 3 will give you everything
# except debugging messages
Trace 4
# You will probably want
to change this to suit your site.
# You should list all the
clients you have, and their secrets
# If you are using the Radmin
Clients table, you wil probably
# want to disable this.
#
# Secret mysecret
# DupInterval 0
#
# You can put additonal (or
all) client details in your Radmin
# database table
# and get their details
from there with something like this:
# You can then use the Radmin
'Add Radius Client' to add new clients.
DBSource dbi:ODBC:Radmin
DBUsername xxx
DBAuth xxx
#
# Identifier ProxyTofunk
# Host xxx
# Secret xxx
#
#
# strip Realm
# RewriteUsername s/^([^@]+).*/$1/
# AuthBy ProxyTofunk
#
Identifier RADMINAUTH
# Change DBSource,
DBUsername, DBAuth for your database
# See the reference
manual. You will also have to
# change the one in
below
# so its the same
DBSource dbi:ODBC:Radmin
DBUsername xxx
DBAuth xxx
DateFormat %e %m
%Y %T
# You can add to or
change these if you want, but you
# will probably want
to change the database schema first
AccountingTable RADUSAGE
AcctColumnDef USERNAME,User-Name
AcctColumnDef TIME_STAMP,Timestamp,integer
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type,integer
AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer
AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause,integer
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AcctColumnDef NASIDENTIFIER,NAS-Identifier
AcctColumnDef NASIDENTIFIER,NAS-IP-Address
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef DNIS,Called-Station-Id
AcctColumnDef DATE,Timestamp,integer-date
# This updates the
time and octets left
# for this user
AcctSQLStatement update
RADUSERS set TIMELEFT=TIMELEFT-0%{Acct-Session-Time}, OCTETSINLEFT=OCTETSINLEFT-0%{Acct-Input-Octets},
OCTETSOUTLEFT=OCTETSOUTLEFT-0%{Acct-Output-Octets} where USERNAME='%n'
# These are the classic
things to add to each users
# reply to allow a
PPP dialup session. It may be
# different for your
NAS. This will add some
# reply items to everyone's
reply
AddToReply Framed-Protocol
= PPP,\
Service-Type = Framed-User,\
Framed-IP-Netmask = 255.255.255.255,\
Framed-Routing = None,\
Framed-MTU = 1500,\
Framed-Compression
= Van-Jacobson-TCP-IP,\
Idle-Timeout = 600
DEFAULT Prefix = S
Time = "SaSu-2359"
AuthBy RADMINAUTH
DEFAULT Prefix = P
Time = "Wk2200-"
AuthBy RADMINAUTH
# Handle everyone with RADMIN
AuthBy RADMINAUTH
# This database spec
usually should be exactly the same
# as in above
DBSource dbi:ODBC:Radmin
DBUsername xxx
DBAuth xxx
ClearNasQuery
Re: (RADIATOR) Bad encrypted password
Hello Ganbold - This isn't really a Radiator problem and I don't have any useful suggestions I'm afraid. Although it does seem to be more of a systems architecture/design issue rather than anything directly involved with Radiator. Perhaps someone else on the list? regards Hugh At 12:44 PM -0400 6/21/01, ganbold wrote: >Hello, > >We have some problem with our Radiator-2.18.1 in FreeBSD 4.3 >We have DES encrypted password for almost all users in Mysql >database. Some users have MD5 passwords in database. Users can >change password from web and it uses UNIX crypt() function to >encrypt it and saves to database. > >Problem is: >Sometimes users can't login to Radiator. It says bad encrypted password. >Sometimes users can login but after disconnecting connection and >trying reestablishing connection it says again bad encrypted >password. >In system when I issue command >ls -l /usr/lib/libcrypt* > >it points to DES libraries. But when I change password from shell it >creates MD5 passwords for users. Also seems like sometimes some >users password changed from DES to MD5 without user intervention. Is >it problem of OS or problem of FreeBSD? Of course it is off topic >question but are there anyone who can help me to solve this kind of >problem? > >Can somebody give me advice, direction to solve this problem? >Also I want to have only one encryption standard for all users. How >to accomplish that? > > >thanks in advance, > > >Ganbold > >=== >Archive at http://www.open.com.au/archives/radiator/ >Announcements on [EMAIL PROTECTED] >To unsubscribe, email '[EMAIL PROTECTED]' with >'unsubscribe radiator' in the body of the message. -- NB: I am travelling this week, so there may be delays in our correspondence. Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) RADONLINE Table ?
Hi, I'm facing problem about RADONLINE Table. First ,I make a connection with username test2@qnetadsl. After 11 seconds , I diconnect it but the Current Sessions Widnows at RADMIN still show this session. So I try to look at logfile to see what happen ,and I find something wrong. In log file you can see that after user test2@qnetadsl login , Radiator then do query insert RADONLINE Table with NASPORT = 01644167268 . But after test2@qnetadsl logout , Radiator do query delete RADONLINE Table where NASPORT = 0 . Can somone help me to fix this problem. Thanks in advance! Chairath P.S. Now I'm implement RADIATOR version 2.18.2 and RADMIN version 1.4 based on Windows NT attach.zip
