on the
CVXes?
Thanks,
Lisa Goulet
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
Hi all,
I'm hoping someone out there has seen similar problems.
In our set up of proxies and customer radius servers(all Radiators) we
periodically experience near blackouts. The users get a busy signal. The
problems occur only with Cisco 5800s. The Nortel CVX arena is usually
uneventful. The
Thanks, the NoDefault clause took care of it.
Rergards,
Lisa
-Original Message-
From: Hugh Irvine [SMTP:[EMAIL PROTECTED]]
Sent: Wednesday, August 01, 2001 12:35 AM
To: Lisa Goulet; [EMAIL PROTECTED]
Cc: 'Rico Wisman'
Subject: Re: (RADIATOR) No such user
Hello Lisa
Hi,
I'm testing a customer's radmin/mysql setup with fully licensed software.
I've verified the user and password with mysql queries. I'm using the
goodies/radmin.cfg file and testing with radpwtst. There is a query in the
logfile with USERNAME='DEFAULT' resulting in No such user.
I appreciate
Hi,
I'm running Radiator 2.18.1.
The radiator is proxying to a customer radius server(also radiator). I've
seen several error messages in the log file after receiving an
Accounting-Response from the customer radius server. The number of
occurences of these errors seems proportional to the
Hi all,
We're running Radiator 2.16.3 with postgreSQL. Every so often I see a
message like the following, the DB accesses work fine otherwise. The
attribute in the following message 'subnetmask' does exist. Can anyone shed
some light on it?
Thu May 17 09:13:32 2001: ERR: Execute failed for
Hi,
I've created the RADPOOL table with a unique index of YIADDR. When the table
is first loaded with AddressAllocator SQL, the index values are uniq. But
over a period of time the table seems to collect a few duplicated indices
with the same state. As a result of this, I get the following
Hi all,
I have proxy radius servers with 2 hosts in the AuthBY RADIUS clause. The
document says that the hosts are contacted in a round-robin fashion when a
timeout occurs. Is it possible to proxy to both the radius servers as a
default? Customers want to have redundant radius servers and we
Hi all,
I am seeing on an average about 20 per day, Unknown reply received
messages from the server I'm proxying to. Does this number fall in the alarm
category?
Thanks,
Lisa
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL
Hi,
During tunneling with the Nortel CVX 1800, I'm getting Acct-Status-Type
attribute values other than 1 and 2(Start and Stop), see below. No Username
is sent by the cvx during these Accouting-Requests. Because the username
column in my radusage table is defined as "non null", this data cannot
Hi all,
I'm testing db(postgres) failover with the radiator. The radiator is able to
connect to each of the databases individually. But when it tries to switch
over to the 2nd db when the first db is down, I get the following situation:
Cannot connect to old db - OK because db is down:
Mon
Hi again,
I just wanted to add that I added root to pg_shadow(access list) and
it works. What I don't understand is that this was not necessary for a
normal connect but only in case of a switch over - what's the difference?
Thanks again,
Lisa
---
Hi all,
I have several handlers that have overlapping funtionality. If possible, I'd
like to combine them to look something like this:
Handler preauth="true"
do preauth_handling
Handler tunnel="true"
do setup_tunnel
/Handler
/Handler
The attributes like
Hi,
I'm having difficulty with setting up a tunnel with Nortel CVX:
Here's the tunnel part of my config file:
AddToReply Tunnel-Type = 3,\
Tunnel-Medium-Type = 1, \
Tunnel-ID = lns,\
Tunnel-Password = lns,\
Hi,
Is there any way to detect multilink sessions? I saw an old posting that
said there wasn't, is it still the case?
Regards,
Lisa Goulet
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator
Hi all,
Is there any special handling/setup for multilink ppp?
Regards,
Lisa
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
Hi all,
I'm setting up tunneling with a CISCO 5800 NAS. The LNS proxies the requests
back to our radiator.
Following the tunnel set up, I receive an Accounting Start from a NAS as
well as the LNS. As a result I need to have "Simultaneous use" set to 2 for
the login to be successful. I used a
port_limit_check.cfg proxyserver.cfg
users.vpn
-Original Message-
From: Hugh Irvine [SMTP:[EMAIL PROTECTED]]
Sent: Wednesday, January 24, 2001 2:17 PM
To: Lisa Goulet; [EMAIL PROTECTED]
Subject: Re: (RADIATOR) Tunneling - 2 accounting STARTS
Hello Lisa -
At 13:26 +0100 01/1/24
Hi All,
I'm trying to set up preauthentication followed by tunneling. The NAS is
Cisco 5800.
In the attributes received, the one that distinguishes preauthentication
from tunneling is:
Cisco-NAS-Port = "Serial1/2/7:30*"
I'm trying trap this in a hook:
PreHandlerHook sub { \
I need to return certain cvx attributes(example vpop_id). I have them in a
postgres table with the DNIS as the key. After the AuthSelect gets this
information, how can I pass this information to a postAuthHook which can
then do a set_attr?
Here is the AuthBy SQL and the handler part of the
Hi all,
When I look in the RADONLINE table or use radwho.cgi I see only =2 users.
When I look in the trace 4 log file I see "start accounting" of many
simultaneous users. I watched it over an hour or so and it's the same case.
radwho.cgi(radonline) stop showing records even though many users
Irvine [SMTP:[EMAIL PROTECTED]]
Sent: Thursday, December 14, 2000 5:34 AM
To: Lisa Goulet; Lisa Goulet; [EMAIL PROTECTED]
Subject: RE: (RADIATOR) Synchronous flag and ReplyHook
Hello Lisa -
On Thu, 14 Dec 2000, Lisa Goulet wrote:
Hi Hugh,
Thanks for your response. Here are mo
Hi all,
I'm getting the following errors when I start up the radiator with the
Nortel CVX dictionary. Has anyone else had this same problem?
Fri Dec 15 12:50:57 2000: ERR: Bad format in dictionary './dictionary' at
line 1700: MACRO Aptis-VSA(t,s) 26 [vid=2637 type1=%t% len1=+2 data=%s%]
Fri Dec
I override the password check?
Thanks and regards,
Lisa
-Original Message-
From: Hugh Irvine [SMTP:[EMAIL PROTECTED]]
Sent: Thursday, December 14, 2000 5:34 AM
To: Lisa Goulet; Lisa Goulet; [EMAIL PROTECTED]
Subject:RE: (RADIATOR) Synchronous flag and Re
cept
AuthBy LocalCheck
AuthBy zonnetproxy
/Handler
# General handling
Handler
AuthByPolicy ContinueWhileAccept
AuthBy LocalCheck
/Handler
-Original Message-
From: Hugh Irvine [SMTP:[EMAIL PROTECTED]]
Sent: Wednesday, December 13, 2000 9:23 AM
To:
Hi all,
I'm reposting this question.
I'm using the Synchronous flag because of two "AuthBy RADIUS" checks. It is
impacting performance. Has anyone implemented the ReplyHook? If so, can you
give me some pointers?
Thanks,
Lisa
===
Archive at http://www.starport.net/~radiator/
Announcements on
-Original Message-
From: Lisa Goulet
Sent: Monday, December 11, 2000 12:00 PM
To: '[EMAIL PROTECTED]'
Subject: RE: (RADIATOR) Proxy and port limits
Hi Hugh,
Hope you had a nice trip in Europe.
It turns out the Synchronous flag is causing a porblem under real load
Hi all,
I am now able to set up tunneling(thanks to tips on this newsgroup).
I now have a password problem, the "PasswordLogFileName" flag is turned on
in the radmin config file. The password coming from the LNS(Cisco 2600)
looks to be encrypted. Without tunneling, I see the correct password
Hi again,
Just a note: On the LNS, CHAP is turned off, we're only doing PAP.
Regards,
Lisa
-Original Message-
From: Lisa Goulet
Sent: Friday, December 01, 2000 1:28 PM
To: [EMAIL PROTECTED]
Subject: l2tp tunneling
Hi all,
I am now able to set up tunneling(thanks
Hello Hugh,
Thank for the solution, I used Service-Type = Outbound-User handler to
pre-authenticate.
Regards,
Lisa
Hello Lisa -
On Fri, 24 Nov 2000, Lisa Goulet wrote:
Hi Hugh,
Here's a trace for the preauthentication.
If you'd like, here's a URL for Cisco's preauthentication
Hi everyone,
I'm trying to implement session and idle timers using radmin. My
understanding of "Login time left" field in the editUser.pl script is the
total login time. I need to implement a "per session" timer. I looked at
some of the examples on the archive and came up with something like
Hello,
Can someone give me some tips on setting up L2TP tunneling? I have seen the
examples in the users file but am having difficulty getting started. I use
radmin.
Regards,
Lisa
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email
Hi all,
We are implementing preauthentication. The Cisco NAS is sending the DNIS as
the User-Name. The cisco documentation mentions the attribute
cisco-avpair = "preauth:username=string"
Can someone tell me how to access this attribute. I would appreciate it if
someone has an example on how
---Original Message-
From: Lisa Goulet
Sent: Thursday, November 23, 2000 1:19 PM
To: [EMAIL PROTECTED]
Subject: Cisco NAS preauthentication
Hi all,
We are implementing preauthentication. The Cisco NAS is sending the DNIS
as the User-Name. The cisco documentation mention
Hi Paul,
It's possible that we're using CHAP(can't check it today, Jack's in
the U.K), you're most probably using encrypted password?
Cheers,
Lisa
This is either because the shared secret is incorrect, or because
the customer
is using
Hi all,
Proxying requests to one of our customers' servers ends up being rejected
with a "bad password". This user/password combination works in our
individual environments but goes awry when proxied. The customer sees a "bad
password" in his master radiator server's logfile. I would appreciate
Hi all,
I've implemented a PreHandlerHook for filtering out Calling-Station-Id. I
used the code in one of the postings. It doesn't seem to be doing the
filtering, there is no indication of the code being executed in the logfile.
There are know errors when the radiator starts up.
Here's the
Thanks for the many responses. It was the absence of the SessionDatabase
paragraph.
Thanks again,
Lisa
-Original Message-
From: Lisa Goulet [SMTP:[EMAIL PROTECTED]]
Sent: Tuesday, November 14, 2000 4:35 PM
To: [EMAIL PROTECTED]
Subject: (RADIATOR) radwho.cgi shows no logins
Hi colleagues,
radwho was working fine. I hadn't used it in a couple of weeks and now it
isn't working. There are no errors, it shows just the header but not the
logins. The postgres database has the logins in the radusage table.
Thanks for your help,
Lisa
===
Archive at
Hello again,
I noticed that while users are logged in there are entries in radusage table
but not in radonline. Therefore the radwho script shows no logins. Again
there are no errors, why are there no entries in radonline?
Thanks again,
Lisa
-Original Message-
From: Lisa Goulet
Hi,
I've implemented DNIS based IP address allocation with AuthBy DYNADDRESS as
shown below. How can I extend the criteria so that IP pool is based on DNIS
and NASID?
AddressAllocator SQL
Identifier SQLAllocator
DBSourcedbi:Pg:dbname=radmin;host=xxx.xxx.xxx.xxx
DEFAULT | Auth-Type = Accept
Thanks,
Lisa
-Original Message-
From: Hugh Irvine [SMTP:[EMAIL PROTECTED]]
Sent: Thursday, November 09, 2000 9:53 PM
To: Lisa Goulet
Cc: [EMAIL PROTECTED
Hi All,
The following AuthSelect statement for CLI authorization executes forever,
can anyone see what I'm doing wrong? I've included part of the config, the
table being queried and the log messages.
--
# check blacklist numbers
AuthBy SQL
DBSource
Hi all,
In the radacct.cgi script I changed "ACCTSTATUSTYPE='Stop'" to
"ACCTSTATUSTYPE=2"
and that took care of the problem. The database has '2' for a stop but the
script looks for the
string 'stop'.
Regards,
Lisa
-- original posting -
Hi all,
radacct.cgi shows the
Hi Hugh,
Thanks, it worked.
Regards,
Lisa
-Original Message-
From: Hugh Irvine [SMTP:[EMAIL PROTECTED]]
Sent: Saturday, October 28, 2000 3:10 AM
To: Lisa Goulet; [EMAIL PROTECTED]
Subject: Re: (RADIATOR) FramedGroupBaseAddress based on DNIS
Hello Lisa -
On Fri, 27
Hi all,
My decisions are based mostly on DNIS. How can I assign address pools based
on DNIS(Called-Station-Id)?
Thanks,
Lisa
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of
Hi all,
radacct.cgi shows the summary of usage properly but when I click on a user I
get "fatal error", the httpd-error.log shows the following error:
DBD::Pg::st execute failed: ERROR: pg_atoi: error in "Stop": can't parse
"Stop"
Database handle destroyed without explicit disconnect.
Thanks
=localhost
DBUsername radmin
DBAuth radmin
/SessionDatabase
[Lisa Goulet]
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' i
Hello again,
Here's a follow up question.
Now I'm seeing on the console that the proxy server is sending on port 1645.
Both servers are listening on 1812. Where is the sending port configured?
Thanks again,
Lisa
-Original Message-
From: Lisa Goulet
Sent: Monday, October 16, 2000
Hello again,
I fixed the problem by defaulting all the ports (to 1645).
Thanks,
Lisa
-Original Message-
From: Lisa Goulet
Sent: Monday, October 16, 2000 4:58 PM
To: 'Radiator@Open. Com. Au'
Subject: RE: Proxy getting no reply
Hello again,
Here's a follow up
Hi colleagues,
Here's my scenario:
Postgresql server: radmin database is set up with tables with
installPostgresql.sh script(I can see and query them in psql).
Radmin host: Radmin scripts are installed with install.pl
Both servers have the following perl db modules.
p5-DBD-Pg-0.95
Hi Colleagues,
In my test setup I had the Postgresql/Radmin/Radiator servers all in one
machine and it worked fine.
Now I'm trying to install Radmin on one server with Postgresql DB on
another. The installPostgresql.sh has the error below. I tried variations on
dbname such as:
Hi Colleagues,
We have a customer who have their own Radiator set up. In addition to our
authentication they want to "check" certain attributes. This means that the
authentication responsibility is split between the two radiator servers.
Does this make sense? If so, how can this be
53 matches
Mail list logo