No Subject
--- Forwarded mail from [EMAIL PROTECTED] From: [EMAIL PROTECTED] Date: Thu, 21 Jun 2001 23:53:01 -0500 To: [EMAIL PROTECTED] Subject: BOUNCE [EMAIL PROTECTED]:Non-member submission from ["asi" <[EMAIL PROTECTED]>] >From [EMAIL PROTECTED] Thu Jun 21 23:53:01 2001 Received: from votw.com (IDENT:[EMAIL PROTECTED] [192.117.124.253]) by server1.open.com.au (8.11.0/8.11.0) with ESMTP id f5M4r0D24530 for <[EMAIL PROTECTED]>; Thu, 21 Jun 2001 23:53:00 -0500 Received: from domain ([192.117.124.3]) by votw.com (8.9.3/8.9.2) with SMTP id JAA20133 for <[EMAIL PROTECTED]>; Fri, 22 Jun 2001 09:38:27 +0300 Message-ID: <000c01c0faf0$2ee74f60$037c75c0@domain> From: "asi" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Subject: Date: Fri, 22 Jun 2001 09:51:44 +0200 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="=_NextPart_000_0009_01C0FB00.F206AF30" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2314.1300 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 This is a multi-part message in MIME format. --=_NextPart_000_0009_01C0FB00.F206AF30 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable hello I buy the radiator in 20.06.2001 I need to know if I can put the = radiator as a service in the server and how I can do so I need to put the radiator as a service thanks=20 asaf cohen tropic telecom=20 --=_NextPart_000_0009_01C0FB00.F206AF30 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable hello I buy the radiator in 20.06.2001 = I need to=20 know if I can put the radiator as a service in the server and how I can do so I need to put = the radiator=20 as a service thanks asaf cohen tropic telecom=20 --=_NextPart_000_0009_01C0FB00.F206AF30-- ---End of forwarded mail from [EMAIL PROTECTED] -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR)
unsubscribe end Cesar Garcia. Dept. Sistemas de IdecNet SA Edificio IdecNet. C/Juan XXIII 44, Centro de Gestion de Red, E-35004, Las Palmas de Gran Canaria, Islas Canarias - Spain. Tfn: +34 828 111 000 === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Digest::MD4 on RedHat???
I am having a problem with Radiator 2.18.2 dying after receiving MS-CHAP autentication requests. Perl complains about not being able to find Digest/MD4.pm, which I can't find anywhere. I'm running RedHat 6.2, so the previous posts concerning Activestate Perl do not apply. Does anyone know of SRPMS that will provide this module? Carl Litt Network Administrator Execulink Internet === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Dual accounting
I am running Radiator on BSDI4.1. I have the accounting logging to a file via AcctLogFileName in the cfg. We use a billmax billing system that needs this information sent to it, to be added to its db. Can I fork the accounting so that it will send the info to Billmax AND keep logging to my files? Thanks, Chris
(RADIATOR) Attribute Length
Ive had a request to reduce attribute 242 (Ascend Data Filter) from 28 to 26 characters. Anyone have any idea how to do this? Also, any idea how to strip off the 2nd proxy-state attribute when a request is proxied mutiple levels? BrandonDialup USA, Inc.
(RADIATOR) PostAuthHook question.
Hello, I'm in need of adding specific attributes to the reply packets for one of the routers I have to authenticate (out of hundreds). Since I only have need for one handler and we don't use realms, I figure the best thing to do would be to have a little PostAuthHook that tested my request for the right IP address and if it passes, add the apprpriate attributes to the reply packet. I used to have a problem with NAS-IP-Address fields not matching the actual IP address of the router sending the packet, so now I have an 'identifier' in every client block with the IP address that I want to be associated with each router (it's actual IP address.) That 'identifier' is used in my AUthBy module that I wrote to test various things about each router (allowing certain customers access only on certain routers, etc.) When I put in the following PostAuthHook, it won't compile, and quite honestly I'm not sure if I've done this right. Any help would be appreciated. I tried to steal this straight out of the manual, so I'm a little surprised at the error I get. RewriteUsername s/^([^@]+).*/$1/ AuthByPolicy ContinueUntilAccept # authorize by the module AuthQuikRadAcct.pm # Fork # authorize by the module AuthQuikRad.pm # Handle the Router 65.89.75.8 PostAuthHook sub { if ${$_[2]} eq $main::ACCEPT && \ ${$_[0]}->{Client}->{Identifier} eq "65.89.75.8" { \ ${$_[1]}->add_attr('Ascend-Data-Filter','ip in forward tcp est'); \ ${$_[1]}->add_attr('Ascend-Data-Filter','ip in forward dstip 216.176.28.1/32'); \ ${$_[1]}->add_attr('Ascend-Data-Filter','ip in drop tcp dstport=25'); \ ${$_[1]}->add_attr('Ascend-Data-Filter','ip in forward'); \ ${$_[1]}->change_attr('Service-Type','Framed'); \ } \ } # Log accounting to the detail file in LogDir/ AcctLogFileName %L/%c/detail # MaxSessions 1 The error in the log file is: Thu Jun 21 10:10:35 2001: ERR: Compilation error in PostAuthHook: syntax error at (eval 77) line 1, near "if $" syntax error at (eval 77) line 2, at EOF Missing right bracket at (eval 77) line 2, at end of line Thu Jun 21 10:10:35 2001: ERR: Unknown keyword '${$_[1]}->add_attr('Ascend-Data-Filter','ip' in /etc/radius.cfg line 109 It appears to be failing right away at my conditional. Are conditionals unacceptable? Griff Hamlin, III === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
RE: (RADIATOR) I need to change the symbol that is used to sepera te username and realm.
This worked very nicely!!:) I completely replaced the Realm statement with the Handler, and used a radius attribute that was unique to each server requesting the authentication. Thanks alot! Steve -Original Message- From: Hugh Irvine [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 21, 2001 3:05 AM To: Kitabjian, Dave; 'Felicetti, Stephen A.'; '[EMAIL PROTECTED]' Subject: RE: (RADIATOR) I need to change the symbol that is used to sepera te username and realm. Hello Steve, Hello Dave - Dave is correct, you should use Handlers instead of Realms. # define Handlers . .. regards Hugh At 4:36 PM -0400 6/20/01, Kitabjian, Dave wrote: >I don't know how easy it is to change the definition of "realm", so I'll >defer that answer to someone else. > >However, you can set aside the feature and use the feature >along with a Perl regexp to look for whatever character you want as the >delimiter. > >Dave >:) > >> -Original Message- >> From: Felicetti, Stephen A. [mailto:[EMAIL PROTECTED]] >> Sent: Wednesday, June 20, 2001 3:24 PM >> To: '[EMAIL PROTECTED]' >> Subject: (RADIATOR) I need to change the symbol that is used >> to seperate username and realm. >> >> >> I'm using 2.16.1 on Solaris. >> I have 2 realms in my config file. >> One is the default of no realm, and the other is used to >> handle my firewall >> authentications: >> It works nicely when I use: username@firewall for most >> authentications. However, the problem I'm running into, is in >> order for my firewall to authenticate FTP sessions, it uses a >> goofy syntax in the form of: >> >> ftp-account-name@[EMAIL PROTECTED] >> >> See all those @ symbols? The firewall uses them as field >> delimiters, so I can't use the old username format of >> username@firewall. If I can get Radiator to use a different >> symbol other then @ to determine the realm, it would make >> life a whole lot easier. Modifying the firewall isn't an option. >> >> Is this possible? >> >> Thanks a lot!! >> Steve >> >> >> >> >> >> >> >> >> >> Stephen A. FelicettiFox Chase Cancer Center >> Sr. Network Engineer215-728-2956 (v) >> Research Information Technology Facility215-728-2513 (f) >> [EMAIL PROTECTED] >> >> >> >> >=== >Archive at http://www.open.com.au/archives/radiator/ >Announcements on [EMAIL PROTECTED] >To unsubscribe, email '[EMAIL PROTECTED]' with >'unsubscribe radiator' in the body of the message. -- NB: I am travelling this week, so there may be delays in our correspondence. Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) help regarding radiator configuration
Hello Faisal - I suggest you start by having a look at the example configuration file called "radius.cfg" in the distribution, and also have a look at the example configuration files in the "goodies" directory. And of course you should have a quick read through the manual in the file called "doc/ref.html" also included in the distribution. The easiest way to connect from Radiator on Linux to MS SQL is to use the Sybase client libraries included in the free version of Sybase for Linux. regards Hugh At 4:06 PM +0500 6/21/01, Syed Faisal Qadri wrote: >Hello Everybody, > >I have just downloaded Radiator for LINUX to evaluate. I have following >things running on my network. > >- Livingston PM2e >- MAX 3000 >- MS SQL 6.5 as Accounting server > >could somebody kindly help me in building a configuration for Radiator >that will support Flat linux passwd file for authentication and log >accouting logs to MS SQL server through ODBC, additionally how could I >activate CLI feature for MAX 3000 (that would check users telephone no >and authenticate accordingly) > >Looking forward for help, > >Faisal Qadri. > >=== >Archive at http://www.open.com.au/archives/radiator/ >Announcements on [EMAIL PROTECTED] >To unsubscribe, email '[EMAIL PROTECTED]' with >'unsubscribe radiator' in the body of the message. -- NB: I am travelling this week, so there may be delays in our correspondence. Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Re: Problem about Time check item
Title: Re: Problem about Time check item Hello Chairarth - You cannot configure Radiator as you have shown below - you will need to use cascaded AuthBy clauses, something like this: # define AuthBy FILE Identifier CheckUsers Filename %D/adsl.users # define Realms AuthBy CheckUsers Then in the file "adsl.users", something like this: # define DEFAULT users DEFAULT Prefix = S, Time = "SaSu-2359", Auth-Type RADMINAUTH DEFAULT Prefix = P, Time = "Wk2200-", Auth-Type RADMINAUTH hth Hugh At 5:16 PM +0700 6/21/01, chairarth wrote: Hi Hugh, Our concept is customer who login with username Sxxx@qnetadsl will be allowed to log on only on Saturday-Sunday , and only on Monday - Friday from 22:00 - 00:00 for username Pxxx@qnetadsl So I try to use Time and Prefix check item but it show error like these ERR : Unknow keyword 'DEFAULT' ERR : Unknow keyword 'Time' How can I fix it ? Thanks in advance, Chairath P.S. Now I'm implement RADIATOR version 2.18.2 and RADMIN version 1.4 based on Windows NT Foreground LogStdout LogDir d:/Radiator-Demo-2.18/log DbDir d:/Radiator-Demo-2.18 LogFile %L/logfile-%d-%m-%Y # Dont turn this up too high, since all log messages are logged # to the RADMESSAGES table in the database. 3 will give you everything # except debugging messages Trace 4 # You will probably want to change this to suit your site. # You should list all the clients you have, and their secrets # If you are using the Radmin Clients table, you wil probably # want to disable this. # # Secret mysecret # DupInterval 0 # # You can put additonal (or all) client details in your Radmin # database table # and get their details from there with something like this: # You can then use the Radmin 'Add Radius Client' to add new clients. DBSource dbi:ODBC:Radmin DBUsername xxx DBAuth xxx # # Identifier ProxyTofunk # Host xxx # Secret xxx # # # strip Realm # RewriteUsername s/^([^@]+).*/$1/ # AuthBy ProxyTofunk # Identifier RADMINAUTH # Change DBSource, DBUsername, DBAuth for your database # See the reference manual. You will also have to # change the one in below # so its the same DBSource dbi:ODBC:Radmin DBUsername xxx DBAuth xxx DateFormat %e %m %Y %T # You can add to or change these if you want, but you # will probably want to change the database schema first AccountingTable RADUSAGE AcctColumnDef USERNAME,User-Name AcctColumnDef TIME_STAMP,Timestamp,integer AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type,integer AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer AcctColumnDef ACCTSESSIONID,Acct-Session-Id AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause,integer AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address AcctColumnDef NASIDENTIFIER,NAS-Identifier AcctColumnDef NASIDENTIFIER,NAS-IP-Address AcctColumnDef NASPORT,NAS-Port,integer AcctColumnDef DNIS,Called-Station-Id AcctColumnDef DATE,Timestamp,integer-date # This updates the time and octets left # for this user AcctSQLStatement update RADUSERS set TIMELEFT=TIMELEFT-0%{Acct-Session-Time}, OCTETSINLEFT=OCTETSINLEFT-0%{Acct-Input-Octets}, OCTETSOUTLEFT=OCTETSOUTLEFT-0%{Acct-Output-Octets} where USERNAME='%n' # These are the classic things to add to each users # reply to allow a PPP dialup session. It may be # different for your NAS. This will add some # reply items to everyone's reply AddToReply Framed-Protocol = PPP,\ Service-Type = Framed-User,\ Framed-IP-Netmask = 255.255.255.255,\ Framed-Routing = None,\ Framed-MTU = 1500,\ Framed-Compression = Van-Jacobson-TCP-IP,\ Idle-Timeout = 600 DEFAULT Prefix = S Time = "SaSu-2359" AuthBy RADMINAUTH DEFAULT Prefix = P Time = "Wk2200-" AuthBy RADMINAUTH # Handle everyone with RADMIN AuthBy RADMINAUTH # This database spec usually should be exactly the same # as in above DBSource dbi:ODBC:Radmin DBUsername xxx DBAuth xxx ClearNasQuery -- NB: I am travelling this week, so there may be delays in our correspondence. Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
Re: (RADIATOR) 128k isdn dialup
Hello Chris - Thanks for sending the trace output. The trace shows two Access Requests, each one of which results in an Access-Accept and as far as I can see there are two accounting Starts as well. In other words, Radiator is doing the right thing. What is happening on the NAS while this is going on? And what do you see on the PC? What indication do you have that this is not working as you expect? thanks Hugh At 11:26 AM + 6/21/01, Chris Rockett wrote: >Hi, > >I hope that this is the inf that you were after : > >Tue Jun 19 09:57:43 2001: DEBUG: Packet dump: >*** Received from 213.161.67.204 port 7000 >Code: Access-Request >Identifier: 207 >Authentic: y<177>iV<156><207><176><26><250>Tl<13><159><2> <28> >Attributes: > User-Name = "[EMAIL PROTECTED]" > User-Password = "<131><0><8><200>5'<199>o<249>aq<136>~mf<205>" > NAS-Port = 5 > NAS-Port-Type = ISDN-Synchronous > Acc-Request-Type = User-Authentication > Service-Type = Framed > Framed-Protocol = PPP > Called-Station-Id = "179700" > Calling-Station-Id = "1243776030" > NAS-Identifier = "08:00:03:04:06:BC" > >Tue Jun 19 09:57:43 2001: DEBUG: Check if Handler >Realm=education.navaho.net,Time="Wk0800-1800",Called-Station-Id=0820842 >should be used to handle this request >Tue Jun 19 09:57:43 2001: DEBUG: Check if Handler >Realm=education.navaho.net,Called-Station-Id=179700 should be used to >handle this request >Tue Jun 19 09:57:43 2001: DEBUG: Handling request with Handler >'Realm=education.navaho.net,Called-Station-Id=179700' >Tue Jun 19 09:57:43 2001: DEBUG: Rewrote user name to testuser >Tue Jun 19 09:57:43 2001: DEBUG: Deleting session for >[EMAIL PROTECTED], 213.161.67.204, 5 >Tue Jun 19 09:57:43 2001: DEBUG: Handling with Radius::AuthLDAP >Tue Jun 19 09:57:43 2001: DEBUG: Connecting to localhost, port 389 >Tue Jun 19 09:57:43 2001: DEBUG: LDAP got result for uid=testuser, >dc=education,dc=navaho,dc=net >Tue Jun 19 09:57:43 2001: DEBUG: LDAP got iphostnumber: 213.161.67.223 >Tue Jun 19 09:57:43 2001: DEBUG: LDAP got userpassword: {clear}unencry >Tue Jun 19 09:57:43 2001: DEBUG: Radius::AuthLDAP looks for match with >testuser >Tue Jun 19 09:57:43 2001: DEBUG: Radius::AuthLDAP ACCEPT: >Tue Jun 19 09:57:43 2001: DEBUG: Access accepted for testuser >Tue Jun 19 09:57:43 2001: DEBUG: Packet dump: >*** Sending to 213.161.67.204 port 7000 >Code: Access-Accept >Identifier: 207 >Authentic: y<177>iV<156><207><176><26><250>Tl<13><159><2> <28> >Attributes: > Framed-IP-Address = 213.161.67.223 > Service-Type = Framed > Framed-Protocol = PPP > Framed-MTU = 1500 > Idle-Timeout = 300 > >Tue Jun 19 09:57:43 2001: DEBUG: Packet dump: >*** Received from 213.161.67.204 port 7100 >Code: Accounting-Request >Identifier: 249 >Authentic: <231>P{F<157>3I[<132><209>G<160><255>YV<254> >Attributes: > User-Name = "[EMAIL PROTECTED]" > NAS-Port = 5 > NAS-Port-Type = ISDN-Synchronous > Acc-Request-Type = User-Accounting > Service-Type = Framed > Framed-Protocol = PPP > Called-Station-Id = "179700" > Calling-Station-Id = "1243776030" > NAS-Identifier = "08:00:03:04:06:BC" > Acct-Status-Type = Start > Acct-Delay-Time = 0 > Acct-Session-Id = "010619.100829.010761" > Acc-Dial-Port-Index = 203 > Connect-Info = "64000 " > Acc-Connect-Tx-Speed = 64000 > Acc-Connect-Rx-Speed = 64000 > Acct-Multi-Session-Id = "010619.100829.010761" > Acct-Link-Count = 1 > Acct-Authentic = RADIUS > Acc-Service-Profile = "tigris" > Framed-IP-Address = 213.161.67.223 > Idle-Timeout = 300 > Framed-MTU = 1500 > >Tue Jun 19 09:57:43 2001: DEBUG: Check if Handler >Realm=education.navaho.net,Time="Wk0800-1800",Called-Station-Id=0820842 >should be used to handle this request >Tue Jun 19 09:57:43 2001: DEBUG: Check if Handler >Realm=education.navaho.net,Called-Station-Id=179700 should be used to >handle this request >Tue Jun 19 09:57:43 2001: DEBUG: Handling request with Handler >'Realm=education.navaho.net,Called-Station-Id=179700' >Tue Jun 19 09:57:43 2001: DEBUG: Rewrote user name to testuser >Tue Jun 19 09:57:43 2001: DEBUG: Adding session for >[EMAIL PROTECTED], 213.161.67.204, 5 >Tue Jun 19 09:57:43 2001: DEBUG: Handling with Radius::AuthLDAP >Tue Jun 19 09:57:43 2001: DEBUG: Accounting accepted >Tue Jun 19 09:57:43 2001: DEBUG: Packet dump: >*** Sending to 213.161.67.204 port 7100 >Code: Accounting-Response >Identifier: 249 >Authentic: <231>P{F<157>3I[<132><209>G<160><255>YV<254> >Attributes: > >Tue Jun 19 09:57:43 2001: DEBUG: Packet dump: >*** Received from 213.161.67.204 port 7000 >Code: Access-Request >Identifier: 208 >Authentic: =<21><214><226><7>1^\<157><239><1><138>cB.c >Attributes: > User-Name = "[EMAIL PROTECTED]" >
(RADIATOR) help regarding radiator configuration
Hello Everybody, I have just downloaded Radiator for LINUX to evaluate. I have following things running on my network. - Livingston PM2e - MAX 3000 - MS SQL 6.5 as Accounting server could somebody kindly help me in building a configuration for Radiator that will support Flat linux passwd file for authentication and log accouting logs to MS SQL server through ODBC, additionally how could I activate CLI feature for MAX 3000 (that would check users telephone no and authenticate accordingly) Looking forward for help, Faisal Qadri. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) 128k isdn dialup
Hi, I hope that this is the inf that you were after : Tue Jun 19 09:57:43 2001: DEBUG: Packet dump: *** Received from 213.161.67.204 port 7000 Code: Access-Request Identifier: 207 Authentic: y<177>iV<156><207><176><26><250>Tl<13><159><2> <28> Attributes: User-Name = "[EMAIL PROTECTED]" User-Password = "<131><0><8><200>5'<199>o<249>aq<136>~mf<205>" NAS-Port = 5 NAS-Port-Type = ISDN-Synchronous Acc-Request-Type = User-Authentication Service-Type = Framed Framed-Protocol = PPP Called-Station-Id = "179700" Calling-Station-Id = "1243776030" NAS-Identifier = "08:00:03:04:06:BC" Tue Jun 19 09:57:43 2001: DEBUG: Check if Handler Realm=education.navaho.net,Time="Wk0800-1800",Called-Station-Id=0820842 should be used to handle this request Tue Jun 19 09:57:43 2001: DEBUG: Check if Handler Realm=education.navaho.net,Called-Station-Id=179700 should be used to handle this request Tue Jun 19 09:57:43 2001: DEBUG: Handling request with Handler 'Realm=education.navaho.net,Called-Station-Id=179700' Tue Jun 19 09:57:43 2001: DEBUG: Rewrote user name to testuser Tue Jun 19 09:57:43 2001: DEBUG: Deleting session for [EMAIL PROTECTED], 213.161.67.204, 5 Tue Jun 19 09:57:43 2001: DEBUG: Handling with Radius::AuthLDAP Tue Jun 19 09:57:43 2001: DEBUG: Connecting to localhost, port 389 Tue Jun 19 09:57:43 2001: DEBUG: LDAP got result for uid=testuser, dc=education,dc=navaho,dc=net Tue Jun 19 09:57:43 2001: DEBUG: LDAP got iphostnumber: 213.161.67.223 Tue Jun 19 09:57:43 2001: DEBUG: LDAP got userpassword: {clear}unencry Tue Jun 19 09:57:43 2001: DEBUG: Radius::AuthLDAP looks for match with testuser Tue Jun 19 09:57:43 2001: DEBUG: Radius::AuthLDAP ACCEPT: Tue Jun 19 09:57:43 2001: DEBUG: Access accepted for testuser Tue Jun 19 09:57:43 2001: DEBUG: Packet dump: *** Sending to 213.161.67.204 port 7000 Code: Access-Accept Identifier: 207 Authentic: y<177>iV<156><207><176><26><250>Tl<13><159><2> <28> Attributes: Framed-IP-Address = 213.161.67.223 Service-Type = Framed Framed-Protocol = PPP Framed-MTU = 1500 Idle-Timeout = 300 Tue Jun 19 09:57:43 2001: DEBUG: Packet dump: *** Received from 213.161.67.204 port 7100 Code: Accounting-Request Identifier: 249 Authentic: <231>P{F<157>3I[<132><209>G<160><255>YV<254> Attributes: User-Name = "[EMAIL PROTECTED]" NAS-Port = 5 NAS-Port-Type = ISDN-Synchronous Acc-Request-Type = User-Accounting Service-Type = Framed Framed-Protocol = PPP Called-Station-Id = "179700" Calling-Station-Id = "1243776030" NAS-Identifier = "08:00:03:04:06:BC" Acct-Status-Type = Start Acct-Delay-Time = 0 Acct-Session-Id = "010619.100829.010761" Acc-Dial-Port-Index = 203 Connect-Info = "64000 " Acc-Connect-Tx-Speed = 64000 Acc-Connect-Rx-Speed = 64000 Acct-Multi-Session-Id = "010619.100829.010761" Acct-Link-Count = 1 Acct-Authentic = RADIUS Acc-Service-Profile = "tigris" Framed-IP-Address = 213.161.67.223 Idle-Timeout = 300 Framed-MTU = 1500 Tue Jun 19 09:57:43 2001: DEBUG: Check if Handler Realm=education.navaho.net,Time="Wk0800-1800",Called-Station-Id=0820842 should be used to handle this request Tue Jun 19 09:57:43 2001: DEBUG: Check if Handler Realm=education.navaho.net,Called-Station-Id=179700 should be used to handle this request Tue Jun 19 09:57:43 2001: DEBUG: Handling request with Handler 'Realm=education.navaho.net,Called-Station-Id=179700' Tue Jun 19 09:57:43 2001: DEBUG: Rewrote user name to testuser Tue Jun 19 09:57:43 2001: DEBUG: Adding session for [EMAIL PROTECTED], 213.161.67.204, 5 Tue Jun 19 09:57:43 2001: DEBUG: Handling with Radius::AuthLDAP Tue Jun 19 09:57:43 2001: DEBUG: Accounting accepted Tue Jun 19 09:57:43 2001: DEBUG: Packet dump: *** Sending to 213.161.67.204 port 7100 Code: Accounting-Response Identifier: 249 Authentic: <231>P{F<157>3I[<132><209>G<160><255>YV<254> Attributes: Tue Jun 19 09:57:43 2001: DEBUG: Packet dump: *** Received from 213.161.67.204 port 7000 Code: Access-Request Identifier: 208 Authentic: =<21><214><226><7>1^\<157><239><1><138>cB.c Attributes: User-Name = "[EMAIL PROTECTED]" User-Password = ""!<143><250><176><196><181><171><208>{<236>g@<151><209>N" NAS-Port = 6 NAS-Port-Type = ISDN-Synchronous Acc-Request-Type = User-Authentication Service-Type = Framed Framed-Protocol = PPP Called-Station-Id = "179700" Calling-Station-Id = "1243776030" NAS-Identifier = "08:00:03:04:06:BC" Tue Jun 19 09:57:43 2001: DEBUG: Check if Handler Realm=education.navaho.net,Time="Wk0800-1800",Called-Station-Id=0820842 should be used to handle this request Tue Jun 19 09:57:43 2001: DEBUG: Check if Handler Realm=education.navaho.net,Called-St
(RADIATOR) Problem about Time check item
Hi Hugh, Our concept is customer who login with username Sxxx@qnetadsl will be allowed to log on only on Saturday-Sunday , and only on Monday - Friday from 22:00 - 00:00 for username Pxxx@qnetadsl So I try to use Time and Prefix check item but it show error like these ERR : Unknow keyword 'DEFAULT' ERR : Unknow keyword 'Time' How can I fix it ? Thanks in advance, Chairath P.S. Now I'm implement RADIATOR version 2.18.2 and RADMIN version 1.4 based on Windows NT Foreground LogStdout LogDir d:/Radiator-Demo-2.18/log DbDir d:/Radiator-Demo-2.18 LogFile %L/logfile-%d-%m-%Y # Dont turn this up too high, since all log messages are logged # to the RADMESSAGES table in the database. 3 will give you everything # except debugging messages Trace 4 # You will probably want to change this to suit your site. # You should list all the clients you have, and their secrets # If you are using the Radmin Clients table, you wil probably # want to disable this. # # Secret mysecret # DupInterval 0 # # You can put additonal (or all) client details in your Radmin # database table # and get their details from there with something like this: # You can then use the Radmin 'Add Radius Client' to add new clients. DBSource dbi:ODBC:Radmin DBUsername xxx DBAuth xxx # # Identifier ProxyTofunk # Host xxx # Secret xxx # # # strip Realm # RewriteUsername s/^([^@]+).*/$1/ # AuthBy ProxyTofunk # Identifier RADMINAUTH # Change DBSource, DBUsername, DBAuth for your database # See the reference manual. You will also have to # change the one in below # so its the same DBSource dbi:ODBC:Radmin DBUsername xxx DBAuth xxx DateFormat %e %m %Y %T # You can add to or change these if you want, but you # will probably want to change the database schema first AccountingTable RADUSAGE AcctColumnDef USERNAME,User-Name AcctColumnDef TIME_STAMP,Timestamp,integer AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type,integer AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer AcctColumnDef ACCTSESSIONID,Acct-Session-Id AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause,integer AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address AcctColumnDef NASIDENTIFIER,NAS-Identifier AcctColumnDef NASIDENTIFIER,NAS-IP-Address AcctColumnDef NASPORT,NAS-Port,integer AcctColumnDef DNIS,Called-Station-Id AcctColumnDef DATE,Timestamp,integer-date # This updates the time and octets left # for this user AcctSQLStatement update RADUSERS set TIMELEFT=TIMELEFT-0%{Acct-Session-Time}, OCTETSINLEFT=OCTETSINLEFT-0%{Acct-Input-Octets}, OCTETSOUTLEFT=OCTETSOUTLEFT-0%{Acct-Output-Octets} where USERNAME='%n' # These are the classic things to add to each users # reply to allow a PPP dialup session. It may be # different for your NAS. This will add some # reply items to everyone's reply AddToReply Framed-Protocol = PPP,\ Service-Type = Framed-User,\ Framed-IP-Netmask = 255.255.255.255,\ Framed-Routing = None,\ Framed-MTU = 1500,\ Framed-Compression = Van-Jacobson-TCP-IP,\ Idle-Timeout = 600 DEFAULT Prefix = S Time = "SaSu-2359" AuthBy RADMINAUTH DEFAULT Prefix = P Time = "Wk2200-" AuthBy RADMINAUTH # Handle everyone with RADMIN AuthBy RADMINAUTH # This database spec usually should be exactly the same # as in above DBSource dbi:ODBC:Radmin DBUsername xxx DBAuth xxx ClearNasQuery
Re: (RADIATOR) Bad encrypted password
Hello Ganbold - This isn't really a Radiator problem and I don't have any useful suggestions I'm afraid. Although it does seem to be more of a systems architecture/design issue rather than anything directly involved with Radiator. Perhaps someone else on the list? regards Hugh At 12:44 PM -0400 6/21/01, ganbold wrote: >Hello, > >We have some problem with our Radiator-2.18.1 in FreeBSD 4.3 >We have DES encrypted password for almost all users in Mysql >database. Some users have MD5 passwords in database. Users can >change password from web and it uses UNIX crypt() function to >encrypt it and saves to database. > >Problem is: >Sometimes users can't login to Radiator. It says bad encrypted password. >Sometimes users can login but after disconnecting connection and >trying reestablishing connection it says again bad encrypted >password. >In system when I issue command >ls -l /usr/lib/libcrypt* > >it points to DES libraries. But when I change password from shell it >creates MD5 passwords for users. Also seems like sometimes some >users password changed from DES to MD5 without user intervention. Is >it problem of OS or problem of FreeBSD? Of course it is off topic >question but are there anyone who can help me to solve this kind of >problem? > >Can somebody give me advice, direction to solve this problem? >Also I want to have only one encryption standard for all users. How >to accomplish that? > > >thanks in advance, > > >Ganbold > >=== >Archive at http://www.open.com.au/archives/radiator/ >Announcements on [EMAIL PROTECTED] >To unsubscribe, email '[EMAIL PROTECTED]' with >'unsubscribe radiator' in the body of the message. -- NB: I am travelling this week, so there may be delays in our correspondence. Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc. Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) RADONLINE Table ?
Hi, I'm facing problem about RADONLINE Table. First ,I make a connection with username test2@qnetadsl. After 11 seconds , I diconnect it but the Current Sessions Widnows at RADMIN still show this session. So I try to look at logfile to see what happen ,and I find something wrong. In log file you can see that after user test2@qnetadsl login , Radiator then do query insert RADONLINE Table with NASPORT = 01644167268 . But after test2@qnetadsl logout , Radiator do query delete RADONLINE Table where NASPORT = 0 . Can somone help me to fix this problem. Thanks in advance! Chairath P.S. Now I'm implement RADIATOR version 2.18.2 and RADMIN version 1.4 based on Windows NT attach.zip