(RADIATOR) Problems with logging after upgrading
I recently upgraded to the new version of Radiator. Now I trying to get AUTHlog to work. I currently running Trace 4 on my regular log files. What I would like to run is a seperate file that would just list the login failures. I can't seem to get the AuthLog to work. Can it work with regular logging. I copied the default template from the docs, touch my log file and restarted radiator. But still my authlog file is empty. Enclosed is my radius.cfg Trace 4 AuthPort1645 AcctPort1646 LogDir /usr/local/radius/log # The line below was remmed out 11/7/00 in efforts to turn logging ON! #LogFile DbDir /usr/local/radius/raddb DictionaryFile /usr/local/radius/dictionary.ascend PidFile /var/run/radiusd.pid #SNMPAgent # Community XXX #/SNMPAgent RewriteUsernametr/[A-Z]/[a-z]/ #the following will strip out the realms RewriteUsernames/^([^@]+).*/$1/ #added by eddy for testing Client 63.115.88.53 Secret test /Client Client 63.112.159.252 Secret XX NasType TotalControlSNMP SNMPCommunity XXX /Client Client 63.112.159.254 Secret XX NasType TotalControlSNMP SNMPCommunity XXX /Client # added second HiPer ARC 2-20-01 Client 63.112.157.254 Secret XX NasType TotalControlSNMP SNMPCommunity XX /Client # added to run radpwtst 2-27-01 Client 63.237.136.8 Secret XX NasType TotalControlSNMP SNMPCommunity /Client Client 206.165.153.21 Secret XXX NasType TotalControlSNMP SNMPCommunity XXX /Client Client 63.237.136.2 Secret XXX NasType TotalControlSNMP SNMPCommunity /Client Client 209.206.60.133 Secret XX /Client #test for ntplex Client 204.213.176.6 Secret XX /Client Client 204.213.176.7 Secret XXX /Client Client 204.213.179.30 Secret XX /Client # MegaPop Radius Servers Client 204.178.185.222 Secret XX /Client Client 204.178.185.3 Secret X /Client Client 204.178.185.221 Secret XX /Client Client 204.178.185.220 Secret /Client Client 204.178.185.218 Secret X /Client Client 204.178.185.219 Secret XX /Client # End of MegaPop Servers Client 63.237.136.100 Secret testing123 /Client Client 127.0.0.1 Secret testing123 DupInterval 0 /Client Realm DEFAULT AuthByPolicy ContinueUntilAccept AcctLogFileName %L/%Y/%m/%d-details AuthBy FILE Filename /etc/acctmgr/users /AuthBy /Realm AuthLog FILE Identifier myauthlogger Filename /var/log/radius.authlog LogSuccess 1 LogFailure 1 /AuthLog Realm cshore.com AuthByPolicy ContinueUntilAccept AcctLogFileName %L/%Y/%m/%d-details AuthBy FILE Filename /etc/acctmgr/users /AuthBy AuthLog myauthlogger /Realm SessionDatabase SQL DBSource dbi:mysql:Radius DBUsername Radius DBAuth KnubbyDo AddQuery \ insert into Sessions (UserName, NASIdent, NASPort, \ SessionID, TimeStamp, FramedIPAddress, NASPortType, \ ServiceType) values ('%n', '%N', %{NAS-Port}, \ '%{Acct-Session-Id}', %{Timestamp}, '%{Framed-Address}', \ '%{NAS-Port-Type}', '%{Service-Type}') DeleteQuery \ delete from Sessions where Username='%n' and \ NASIdent='%N' and NASPort=%{NAS-Port} ClearNasQuery \ delete from Sessions where NASIdent='%N' CountQuery \ select NASIdent, NASPort, SessionID from Sessions \ where Username='%n' /SessionDatabase === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Using Radiator with Rodopi
Can anyone point me to some more info on using Radiator with Rodopi. I read the section in the FAQ covering ODBC connectivity with sybase modules but have little experience in this area. Any more documentation/info would be appreciated. Thanks, Andrew P. Kaplan CyberShore, Inc. -- Premium Internet Services -- http://www.cshore.com === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) problems after adding second HiPerARC card
In my Total Control Chassis one HiPerARC was controlling all my DSP modem cards. I added a second HiperARC and gave ownership of the last card to the second HiPer ARC. There was a new pool of IP's assigned to the card. It only took a few calls and stopped. Log file had "bad encrypted password" In addition my log file was filled with the following. I moved the last card back to the first HiPer ARC and it promptly filled up and the error messages dissapeared. Wed Feb 21 06:28:15 2001: ERR: Attribute number 38998 (vendor 429) is not defined in your dictionary Wed Feb 21 06:28:15 2001: ERR: Attribute number 39000 (vendor 429) is not defined in your dictionary Wed Feb 21 06:28:15 2001: ERR: Attribute number 39001 (vendor 429) is not defined in your dictionary Wed Feb 21 06:28:15 2001: ERR: Attribute number 39051 (vendor 429) is not defined in your dictionary Andrew P. Kaplan, CNE, MCSE+Internet, MCT, CCNA, CCDA CyberShore, Inc. -- Premium Internet Services -- http://www.cshore.com --- To understand recursion, one must first understand recursion. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Limit connections with proxy authentication
We are using a company to offer DSL service to our customers using MY Radiator server for authentiation. Radiator strips out the realm name. I would the user to be able to use the same account for Dialup access through my servers but not at the same time that he using DSL. Is the fix for the other company to send me the "accounting" data. Will this limit either connection to "one" Andrew P. Kaplan, CNE, MCSE+Internet, MCT, CCNA, CCDA CyberShore, Inc. -- Premium Internet Services -- http://www.cshore.com --- To understand recursion, one must first understand recursion. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Access-Request only. Customer can't login
A couple of our customers are unable to login. The logs only show an "Access-Request" but no "Accounting-Request". It seems if they keep trying sometime they login. Any ideas as to the cause of the problem. Code: Access-Request Identifier: 222 Authentic: 1224224254231M148E_/248224|231214191 Attributes: User-Name = "scully" User-Password = "237186112214301273N2032191517?241 " Client-Id = 63.112.159.254 NAS-Port = 267 Acct-Session-Id = "17436660" USR-Interface-Index = 1523 Service-Type = Framed-User Framed-Protocol = PPP Chassis-Call-Slot = 2 Chassis-Call-Span = 1 Chassis-Call-Channel = 11 Calling-Station-Id = "2032455084" Called-Station-Id = "8609411055" NAS-Port-Type = Async Mon Jan 15 17:40:59 2001: DEBUG: Rewrote user name to scully Mon Jan 15 17:40:59 2001: DEBUG: Rewrote user name to scully Mon Jan 15 17:40:59 2001: DEBUG: Handling request with Handler 'Realm=DEFAULT' Mon Jan 15 17:40:59 2001: DEBUG: Deleting session for scully, 63.112.159.254, 267 Mon Jan 15 17:40:59 2001: DEBUG: do query is: delete from Sessions where Username='scully' and NASIdent='63.112.159.254' and NASPort=267 Mon Jan 15 17:40:59 2001: DEBUG: Handling with Radius::AuthFILE Mon Jan 15 17:40:59 2001: DEBUG: Radius::AuthFILE looks for match with scully Mon Jan 15 17:40:59 2001: DEBUG: Query is: select NASIdent, NASPort, SessionID from Sessions where Username='scully' Mon Jan 15 17:40:59 2001: DEBUG: Radius::AuthFILE ACCEPT: Mon Jan 15 17:40:59 2001: DEBUG: Access accepted for scully Mon Jan 15 17:40:59 2001: DEBUG: Packet dump: *** Sending to 63.112.159.254 port 1645 Andrew P. Kaplan, CNE, MCSE+Internet, MCT, CCNA, CCDA CyberShore, Inc. -- Premium Internet Services -- http://www.cshore.com "The ultimate measure of a man is not where he stands in moments of comfort, but where he stands at times of challenge and controversy." -Martin Luther King, Jr. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) add user specific info
How would I add the following to a specific users: cisco-avpair = "ip:addr-pool=cshore" Andrew P. Kaplan, CNE, MCSE+Internet, MCT, CCNA, CCDA CyberShore, Inc. -- Premium Internet Services -- http://www.cshore.com "The ultimate measure of a man is not where he stands in moments of comfort, but where he stands at times of challenge and controversy." -Martin Luther King, Jr. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) radwho only shows logins from external realms
I was having problems with radwho after I changed the IP address of my Radiator server . Following a suggestion I deleted my RADONINE database. radwho is working HOWEVER, it only list connections from external realms. We are using Megapop to outsource dialups. These are the only connections that appear in radwho. Below is my radius.cfg Trace 4 AuthPort1645 AcctPort1646 LogDir /usr/local/radius/log LogFile DbDir /usr/local/radius/raddb DictionaryFile /usr/local/radius/dictionary.usr PidFile /var/run/radiusd.pid #SNMPAgent # Community TeekieUptiC #/SNMPAgent RewriteUsernametr/[A-Z]/[a-z]/ #the following will strip out the realms RewriteUsernames/^([^@]+).*/$1/ Client 63.112.159.252 Secret xxx NasType TotalControlSNMP SNMPCommunity xxx /Client Client 63.112.159.254 Secret xxx NasType TotalControlSNMP SNMPCommunity xxx /Client Client 206.165.153.21 Secret xxx NasType TotalControlSNMP SNMPCommunity xxx /Client Client 63.237.136.2 Secret xxx NasType TotalControlSNMP SNMPCommunity xxx /Client Client 209.206.60.133 Secret xxx /Client #test for ntplex Client 204.213.176.6 Secret xxx /Client Client 204.213.176.7 Secret xxx /Client # MegaPop Radius Servers Client 204.178.185.222 Secret xxx /Client Client 204.178.185.3 Secret xxx /Client Client 204.178.185.221 Secret xxx /Client Client 204.178.185.220 Secret xxx /Client # End of MegaPop Servers Client 63.237.136.100 Secret xxx /Client Client 127.0.0.1 Secret xxx DupInterval 0 /Client Realm DEFAULT AuthByPolicy ContinueUntilAccept AcctLogFileName %L/%Y/%m/%d-details AuthBy FILE Filename /etc/acctmgr/users /AuthBy /Realm Realm cshore.com AuthByPolicy ContinueUntilAccept AcctLogFileName %L/%Y/%m/%d-details AuthBy FILE Filename /etc/acctmgr/users /AuthBy /Realm SessionDatabase SQL DBSource dbi:mysql:Radius DBUsername Radius DBAuth KnubbyDo AddQuery \ insert into Sessions (UserName, NASIdent, NASPort, \ SessionID, TimeStamp, FramedIPAddress, NASPortType, \ ServiceType) values ('%n', '%N', %{NAS-Port}, \ '%{Acct-Session-Id}', %{Timestamp}, '%{Framed-IP-Address}', \ '%{NAS-Port-Type}', '%{Service-Type}') DeleteQuery \ delete from Sessions where Username='%n' and \ NASIdent='%N' and NASPort=%{NAS-Port} ClearNasQuery \ delete from Sessions where NASIdent='%N' CountQuery \ select NASIdent, NASPort, SessionID from Sessions \ where Username='%n' /SessionDatabase Andrew P. Kaplan, CNE, MCSE+Internet, MCT, CCNA, CCDA CyberShore, Inc. -- Premium Internet Services -- http://www.cshore.com "The ultimate measure of a man is not where he stands in moments of comfort, but where he stands at times of challenge and controversy." -Martin Luther King, Jr. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) radwho stopped working after changing IP addresses
I have a pressing issue. I turned off the Global Crossing "T" this past Saturday. The IP block was 206.165.153.x. The main IP address on my Radiator server was 206.165.153.185, however there were other working IP's. With my NAS server pointed at the new IP address. Ever since then radwho stopped working. I can still make a connection to the website http://mozart.cshore.com/cgi-bin/radwho.cgi. But it doesn't display any current data. I couldn't find anything in mysql that was referring to a particular IP address. I did see an error message on the screen: "You have an error in your SQL syntax . . at usr/local/lib/site_perl/Radius/SqlDb.pm line 228" I saw nothing strange on that line. I tried stopping mysql, touching the mysql.log file and restarting. Radwho will then work, but for only one entry. It will only list a single new entry and then stop displaying new logins. Do you have any ideas as to how I could fix it. Andrew P. Kaplan, CNE, MCSE+Internet, MCT, CCNA, CCDA CyberShore, Inc. -- Premium Internet Services -- http://www.cshore.com "The ultimate measure of a man is not where he stands in moments of comfort, but where he stands at times of challenge and controversy." -Martin Luther King, Jr. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Simple Realm Question
My radius.cfg file currently has: # Translate all upper case to lowercase RewriteUsername tr/A-Z/a-z/ Now I need to start stripping out the real name. Is it as simple as just adding a line ( and HUPPing radiusD) to strip out the realm so my radius.cfm will look like the following. # Translate all upper case to lowercase RewriteUsername tr/A-Z/a-z/ # Srip Realm RewriteUsername s/^([^@]+).*/$1/ Andrew P. Kaplan, CNE, MCSE+Internet, MCT, CCNA, CCDA CyberShore, Inc. -- Premium Internet Services -- http://www.cshore.com "If you watch a game, it's fun. If you play it, it's recreation. If you work at it, it's golf." Bob Hope === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) delete users from radwho
My radwho lists old users that are over 4 months old. I press "delete" sessions but they don't go away. How can I remove them from the radwho.cgi. Andrew P. Kaplan, CNE, MCSE+Internet, MCT, CCNA, CCDA CyberShore, Inc. -- Premium Internet Services -- http://www.cshore.com "BREAKFAST.SYS halted ! Cereal port not responding." === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) `/usr/bin/snmpget
My logfile is filled with the entry listed below. 206.165.153.21 is my NAS box. XXX is my secret replaced with XXX's What's going on ? Jun 12 09:39:41 2000: DEBUG: Running command `/usr/bin/snmpget 206.165.153.21 XXX .iso.org.dod.internet.private.enterprises.429.4.10.1.1.18.3826 Andrew P. Kaplan, CNE, MCSE+Internet, MCT, CCNA, CCDA CyberShore, Inc. -- Premium Internet Services -- http://www.cshore.com Windows NT crashed. I am the Blue Screen of Death. No one hears your screams. -- Peter Rothman === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) Using filters to direct users to DEADBEAT page
We are using 3COM Total Control Chassis. In the past we have been changing the passwords for past due clients to prevent them from logging on. I hear about using filters. How would I redirect these customers to a special website that simply said "you cannot connect because you haven't your bill " Thank you, Andrew P. Kaplan, CNE, MCSE+Internet, MCT, CCNA, CCDA CyberShore, Inc. -- Premium Internet Services -- http://www.cshore.com microsoft: "where do you want to go today?" linux: "where do you want to go tomorrow?" BSD: "are you guys coming, or what?" === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.