(RADIATOR) Problems with logging after upgrading
I recently upgraded to the new version of Radiator. Now I trying to get
AUTHlog to work. I currently running Trace 4 on my regular log files. What I
would like to run is a seperate file that would just list the login
failures. I can't seem to get the AuthLog to work. Can it work with regular
logging. I copied the default template from the docs, touch my log file and
restarted radiator. But still my authlog file is empty.
Enclosed is my radius.cfg
Trace 4
AuthPort1645
AcctPort1646
LogDir /usr/local/radius/log
# The line below was remmed out 11/7/00 in efforts to turn logging ON!
#LogFile
DbDir /usr/local/radius/raddb
DictionaryFile /usr/local/radius/dictionary.ascend
PidFile /var/run/radiusd.pid
#SNMPAgent
# Community XXX
#/SNMPAgent
RewriteUsernametr/[A-Z]/[a-z]/
#the following will strip out the realms
RewriteUsernames/^([^@]+).*/$1/
#added by eddy for testing
Client 63.115.88.53
Secret test
/Client
Client 63.112.159.252
Secret XX
NasType TotalControlSNMP
SNMPCommunity XXX
/Client
Client 63.112.159.254
Secret XX
NasType TotalControlSNMP
SNMPCommunity XXX
/Client
# added second HiPer ARC 2-20-01
Client 63.112.157.254
Secret XX
NasType TotalControlSNMP
SNMPCommunity XX
/Client
# added to run radpwtst 2-27-01
Client 63.237.136.8
Secret XX
NasType TotalControlSNMP
SNMPCommunity
/Client
Client 206.165.153.21
Secret XXX
NasType TotalControlSNMP
SNMPCommunity XXX
/Client
Client 63.237.136.2
Secret XXX
NasType TotalControlSNMP
SNMPCommunity
/Client
Client 209.206.60.133
Secret XX
/Client
#test for ntplex
Client 204.213.176.6
Secret XX
/Client
Client 204.213.176.7
Secret XXX
/Client
Client 204.213.179.30
Secret XX
/Client
# MegaPop Radius Servers
Client 204.178.185.222
Secret XX
/Client
Client 204.178.185.3
Secret X
/Client
Client 204.178.185.221
Secret XX
/Client
Client 204.178.185.220
Secret
/Client
Client 204.178.185.218
Secret X
/Client
Client 204.178.185.219
Secret XX
/Client
# End of MegaPop Servers
Client 63.237.136.100
Secret testing123
/Client
Client 127.0.0.1
Secret testing123
DupInterval 0
/Client
Realm DEFAULT
AuthByPolicy ContinueUntilAccept
AcctLogFileName %L/%Y/%m/%d-details
AuthBy FILE
Filename /etc/acctmgr/users
/AuthBy
/Realm
AuthLog FILE
Identifier myauthlogger
Filename /var/log/radius.authlog
LogSuccess 1
LogFailure 1
/AuthLog
Realm cshore.com
AuthByPolicy ContinueUntilAccept
AcctLogFileName %L/%Y/%m/%d-details
AuthBy FILE
Filename /etc/acctmgr/users
/AuthBy
AuthLog myauthlogger
/Realm
SessionDatabase SQL
DBSource dbi:mysql:Radius
DBUsername Radius
DBAuth KnubbyDo
AddQuery \
insert into Sessions (UserName, NASIdent, NASPort, \
SessionID, TimeStamp, FramedIPAddress, NASPortType, \
ServiceType) values ('%n', '%N', %{NAS-Port}, \
'%{Acct-Session-Id}', %{Timestamp}, '%{Framed-Address}', \
'%{NAS-Port-Type}', '%{Service-Type}')
DeleteQuery \
delete from Sessions where Username='%n' and \
NASIdent='%N' and NASPort=%{NAS-Port}
ClearNasQuery \
delete from Sessions where NASIdent='%N'
CountQuery \
select NASIdent, NASPort, SessionID from Sessions \
where Username='%n'
/SessionDatabase
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
(RADIATOR) Using Radiator with Rodopi
Can anyone point me to some more info on using Radiator with Rodopi. I read the section in the FAQ covering ODBC connectivity with sybase modules but have little experience in this area. Any more documentation/info would be appreciated. Thanks, Andrew P. Kaplan CyberShore, Inc. -- Premium Internet Services -- http://www.cshore.com === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) problems after adding second HiPerARC card
In my Total Control Chassis one HiPerARC was controlling all my DSP modem cards. I added a second HiperARC and gave ownership of the last card to the second HiPer ARC. There was a new pool of IP's assigned to the card. It only took a few calls and stopped. Log file had "bad encrypted password" In addition my log file was filled with the following. I moved the last card back to the first HiPer ARC and it promptly filled up and the error messages dissapeared. Wed Feb 21 06:28:15 2001: ERR: Attribute number 38998 (vendor 429) is not defined in your dictionary Wed Feb 21 06:28:15 2001: ERR: Attribute number 39000 (vendor 429) is not defined in your dictionary Wed Feb 21 06:28:15 2001: ERR: Attribute number 39001 (vendor 429) is not defined in your dictionary Wed Feb 21 06:28:15 2001: ERR: Attribute number 39051 (vendor 429) is not defined in your dictionary Andrew P. Kaplan, CNE, MCSE+Internet, MCT, CCNA, CCDA CyberShore, Inc. -- Premium Internet Services -- http://www.cshore.com --- To understand recursion, one must first understand recursion. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Limit connections with proxy authentication
We are using a company to offer DSL service to our customers using MY Radiator server for authentiation. Radiator strips out the realm name. I would the user to be able to use the same account for Dialup access through my servers but not at the same time that he using DSL. Is the fix for the other company to send me the "accounting" data. Will this limit either connection to "one" Andrew P. Kaplan, CNE, MCSE+Internet, MCT, CCNA, CCDA CyberShore, Inc. -- Premium Internet Services -- http://www.cshore.com --- To understand recursion, one must first understand recursion. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Access-Request only. Customer can't login
A couple of our customers are unable to login. The logs only show an "Access-Request" but no "Accounting-Request". It seems if they keep trying sometime they login. Any ideas as to the cause of the problem. Code: Access-Request Identifier: 222 Authentic: 1224224254231M148E_/248224|231214191 Attributes: User-Name = "scully" User-Password = "237186112214301273N2032191517?241 " Client-Id = 63.112.159.254 NAS-Port = 267 Acct-Session-Id = "17436660" USR-Interface-Index = 1523 Service-Type = Framed-User Framed-Protocol = PPP Chassis-Call-Slot = 2 Chassis-Call-Span = 1 Chassis-Call-Channel = 11 Calling-Station-Id = "2032455084" Called-Station-Id = "8609411055" NAS-Port-Type = Async Mon Jan 15 17:40:59 2001: DEBUG: Rewrote user name to scully Mon Jan 15 17:40:59 2001: DEBUG: Rewrote user name to scully Mon Jan 15 17:40:59 2001: DEBUG: Handling request with Handler 'Realm=DEFAULT' Mon Jan 15 17:40:59 2001: DEBUG: Deleting session for scully, 63.112.159.254, 267 Mon Jan 15 17:40:59 2001: DEBUG: do query is: delete from Sessions where Username='scully' and NASIdent='63.112.159.254' and NASPort=267 Mon Jan 15 17:40:59 2001: DEBUG: Handling with Radius::AuthFILE Mon Jan 15 17:40:59 2001: DEBUG: Radius::AuthFILE looks for match with scully Mon Jan 15 17:40:59 2001: DEBUG: Query is: select NASIdent, NASPort, SessionID from Sessions where Username='scully' Mon Jan 15 17:40:59 2001: DEBUG: Radius::AuthFILE ACCEPT: Mon Jan 15 17:40:59 2001: DEBUG: Access accepted for scully Mon Jan 15 17:40:59 2001: DEBUG: Packet dump: *** Sending to 63.112.159.254 port 1645 Andrew P. Kaplan, CNE, MCSE+Internet, MCT, CCNA, CCDA CyberShore, Inc. -- Premium Internet Services -- http://www.cshore.com "The ultimate measure of a man is not where he stands in moments of comfort, but where he stands at times of challenge and controversy." -Martin Luther King, Jr. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) add user specific info
How would I add the following to a specific users: cisco-avpair = "ip:addr-pool=cshore" Andrew P. Kaplan, CNE, MCSE+Internet, MCT, CCNA, CCDA CyberShore, Inc. -- Premium Internet Services -- http://www.cshore.com "The ultimate measure of a man is not where he stands in moments of comfort, but where he stands at times of challenge and controversy." -Martin Luther King, Jr. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) radwho only shows logins from external realms
I was having problems with radwho after I changed the IP address of my
Radiator server . Following a suggestion I deleted my RADONINE database.
radwho is working HOWEVER, it only list connections from external realms. We
are using Megapop to outsource dialups. These are the only connections that
appear in radwho. Below is my radius.cfg
Trace 4
AuthPort1645
AcctPort1646
LogDir /usr/local/radius/log
LogFile
DbDir /usr/local/radius/raddb
DictionaryFile /usr/local/radius/dictionary.usr
PidFile /var/run/radiusd.pid
#SNMPAgent
# Community TeekieUptiC
#/SNMPAgent
RewriteUsernametr/[A-Z]/[a-z]/
#the following will strip out the realms
RewriteUsernames/^([^@]+).*/$1/
Client 63.112.159.252
Secret xxx
NasType TotalControlSNMP
SNMPCommunity xxx
/Client
Client 63.112.159.254
Secret xxx
NasType TotalControlSNMP
SNMPCommunity xxx
/Client
Client 206.165.153.21
Secret xxx
NasType TotalControlSNMP
SNMPCommunity xxx
/Client
Client 63.237.136.2
Secret xxx
NasType TotalControlSNMP
SNMPCommunity xxx
/Client
Client 209.206.60.133
Secret xxx
/Client
#test for ntplex
Client 204.213.176.6
Secret xxx
/Client
Client 204.213.176.7
Secret xxx
/Client
# MegaPop Radius Servers
Client 204.178.185.222
Secret xxx
/Client
Client 204.178.185.3
Secret xxx
/Client
Client 204.178.185.221
Secret xxx
/Client
Client 204.178.185.220
Secret xxx
/Client
# End of MegaPop Servers
Client 63.237.136.100
Secret xxx
/Client
Client 127.0.0.1
Secret xxx
DupInterval 0
/Client
Realm DEFAULT
AuthByPolicy ContinueUntilAccept
AcctLogFileName %L/%Y/%m/%d-details
AuthBy FILE
Filename /etc/acctmgr/users
/AuthBy
/Realm
Realm cshore.com
AuthByPolicy ContinueUntilAccept
AcctLogFileName %L/%Y/%m/%d-details
AuthBy FILE
Filename /etc/acctmgr/users
/AuthBy
/Realm
SessionDatabase SQL
DBSource dbi:mysql:Radius
DBUsername Radius
DBAuth KnubbyDo
AddQuery \
insert into Sessions (UserName, NASIdent, NASPort, \
SessionID, TimeStamp, FramedIPAddress, NASPortType, \
ServiceType) values ('%n', '%N', %{NAS-Port}, \
'%{Acct-Session-Id}', %{Timestamp}, '%{Framed-IP-Address}', \
'%{NAS-Port-Type}', '%{Service-Type}')
DeleteQuery \
delete from Sessions where Username='%n' and \
NASIdent='%N' and NASPort=%{NAS-Port}
ClearNasQuery \
delete from Sessions where NASIdent='%N'
CountQuery \
select NASIdent, NASPort, SessionID from Sessions \
where Username='%n'
/SessionDatabase
Andrew P. Kaplan, CNE, MCSE+Internet, MCT, CCNA, CCDA
CyberShore, Inc. -- Premium Internet Services -- http://www.cshore.com
"The ultimate measure of a man is not where he stands in moments of comfort,
but where he stands at times of challenge and controversy."
-Martin Luther King, Jr.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
(RADIATOR) radwho stopped working after changing IP addresses
I have a pressing issue. I turned off the Global Crossing "T" this past Saturday. The IP block was 206.165.153.x. The main IP address on my Radiator server was 206.165.153.185, however there were other working IP's. With my NAS server pointed at the new IP address. Ever since then radwho stopped working. I can still make a connection to the website http://mozart.cshore.com/cgi-bin/radwho.cgi. But it doesn't display any current data. I couldn't find anything in mysql that was referring to a particular IP address. I did see an error message on the screen: "You have an error in your SQL syntax . . at usr/local/lib/site_perl/Radius/SqlDb.pm line 228" I saw nothing strange on that line. I tried stopping mysql, touching the mysql.log file and restarting. Radwho will then work, but for only one entry. It will only list a single new entry and then stop displaying new logins. Do you have any ideas as to how I could fix it. Andrew P. Kaplan, CNE, MCSE+Internet, MCT, CCNA, CCDA CyberShore, Inc. -- Premium Internet Services -- http://www.cshore.com "The ultimate measure of a man is not where he stands in moments of comfort, but where he stands at times of challenge and controversy." -Martin Luther King, Jr. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Simple Realm Question
My radius.cfg file currently has: # Translate all upper case to lowercase RewriteUsername tr/A-Z/a-z/ Now I need to start stripping out the real name. Is it as simple as just adding a line ( and HUPPing radiusD) to strip out the realm so my radius.cfm will look like the following. # Translate all upper case to lowercase RewriteUsername tr/A-Z/a-z/ # Srip Realm RewriteUsername s/^([^@]+).*/$1/ Andrew P. Kaplan, CNE, MCSE+Internet, MCT, CCNA, CCDA CyberShore, Inc. -- Premium Internet Services -- http://www.cshore.com "If you watch a game, it's fun. If you play it, it's recreation. If you work at it, it's golf." Bob Hope === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) delete users from radwho
My radwho lists old users that are over 4 months old. I press "delete" sessions but they don't go away. How can I remove them from the radwho.cgi. Andrew P. Kaplan, CNE, MCSE+Internet, MCT, CCNA, CCDA CyberShore, Inc. -- Premium Internet Services -- http://www.cshore.com "BREAKFAST.SYS halted ! Cereal port not responding." === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) `/usr/bin/snmpget
My logfile is filled with the entry listed below. 206.165.153.21 is my NAS box. XXX is my secret replaced with XXX's What's going on ? Jun 12 09:39:41 2000: DEBUG: Running command `/usr/bin/snmpget 206.165.153.21 XXX .iso.org.dod.internet.private.enterprises.429.4.10.1.1.18.3826 Andrew P. Kaplan, CNE, MCSE+Internet, MCT, CCNA, CCDA CyberShore, Inc. -- Premium Internet Services -- http://www.cshore.com Windows NT crashed. I am the Blue Screen of Death. No one hears your screams. -- Peter Rothman === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Using filters to direct users to DEADBEAT page
We are using 3COM Total Control Chassis. In the past we have been changing the passwords for past due clients to prevent them from logging on. I hear about using filters. How would I redirect these customers to a special website that simply said "you cannot connect because you haven't your bill " Thank you, Andrew P. Kaplan, CNE, MCSE+Internet, MCT, CCNA, CCDA CyberShore, Inc. -- Premium Internet Services -- http://www.cshore.com microsoft: "where do you want to go today?" linux: "where do you want to go tomorrow?" BSD: "are you guys coming, or what?" === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
