(RADIATOR) RADIUS, L2TP, and IPSEC protocols

2002-09-28 Thread Bon sy
Hi everyone, I just started reading L2TP and IPSEC. I try to understand, but could not quite figure it out yet how to put in the proper context of RADIUS protocol. For example, can we have L2TP over IPSEC on top of RADIUS protocol? Is it necessary? What are the (dis)advantage(s) it

(RADIATOR) RewriteUsername and logging

2002-09-28 Thread Jeremy Hinton
Greetings all, I'm having a bit of a puzzle i cant seem to figure out. I am using an AuthBy LDAP2 clause to auth with an LDAP server. The LDAP schema is built as uid=username,cn=realm. Since most of my users log in w/out specifying a realm, i have a DefaultRealm specified in my Client

RE: (RADIATOR) Win2k, ADSI, and group membership

2002-09-28 Thread Motley, Mark
Errr, after looking at the code more carefully (and after a full nights sleep), I realized that I was *way* off the mark on this! The setup below will bind and open the actual domain object, not the user object. Although I guess using the UPN to authenticate the OpenDSObject call against the

Re: (RADIATOR) RADIUS, L2TP, and IPSEC protocols

2002-09-28 Thread Hugh Irvine
Hello Bon - I am not quite sure what you are asking, but keep in mind that the Radius protocol is only used for the initial authentication and subsequent accounting for a particular connection request. In other words, the rest of the connection, be it L2TP or IPSEC, does not depend on

Re: (RADIATOR) RewriteUsername and logging

2002-09-28 Thread Hugh Irvine
Hello Jeremy - Depending on the rest of your configuration file, you could use Handlers like this: # define Handlers Handler Request-Type = Accounting-Request # do accounting RewriteUsername . AuthBy INTERNAL AcctResult ACCEPT /AuthBy

Re: (RADIATOR) Users Blacklists

2002-09-28 Thread Hugh Irvine
Hello Rolando - You should do something like this: # define AuthBy clauses AuthBy SQL Identifier DoSQLAccounting DBSource.. DBUsername.. DBAuth .. AuthSelect AccountingTable ACCOUNTING

Re: (RADIATOR) AuthBy SQL help

2002-09-28 Thread Hugh Irvine
Hello Greg - I will need to see a complete copy of your configuration file, together with a trace 4 debug from Radiator showing what is happening. regards Hugh On Saturday, September 28, 2002, at 10:58 AM, Greg 'Rafiq' Clarkson wrote: Hi everybody, I need some clarification for

Re: (RADIATOR) Win2k, ADSI, and group membership

2002-09-28 Thread Hugh Irvine
Hello Mark - Thanks for the tip - we will add it to the FAQ. For your other question, you will need to use cascaded AuthBy clauses, like this: # define AuthBy clauses AuthBy ADSI Identifier CheckADSI /AuthBy AuthBy FILE CheckUsersAndGroups Filename