h IGNORE will cause the NAS to go to
the next radius server possibly accepting the entry, therefore the
packet in the acct failed logfile, is a double. Even if there's only 1
radiator server in play, there will be an accounting packet entry in the
failed log for each ti
sess_id`,`sess_time`,`submitted_un`,`term_cause`,`timestamp`,`type`,`uid`,`upload`,`zone`)
values
('0','dsltest','116','192.168.100.100','192.168.100.1','testing','0620','4','dsltest','User-Reques
M, Hugh Irvine wrote:
> Hello Michael -
>
> The behaviour you observe is in fact what the code does - the manual does not
> correctly describe this behaviour.
>
> The manual has been amended for the next release.
>
> Thanks for letting us know.
>
> regards
>
>
Handler, they will not be used at
all.
Referenced AuthBy's need to be configured above the Handler for which
references it.
So, I don't see your AuthBy's being referenced at all in the 2 Handlers
you have, therefore not used.
Michael
P.S. correct me if i'm wrong.
On
t. That's my disclaimer. :)
Michael
On 10-12-07 06:33 AM, Ricardo Freitas wrote:
Hello to all.
I currently have a really old version of Radiator installed (2.19) and
I'm going to upgrade it now to the latest release.
Does this handlers work pretty much the same way?
User-
use this to ignore
DefaultResult ACCEPT <- use this to accpet
But, if you want to use the realm option, and have authentication to:
...
...
# this will reply ACCEPT to the NAS,
# but do nothing with it.
AccountingHandled
M
hi,
I'm trying to figure out the best way to send multiple radius packets to
a server. It seems that executing radpwtst once for each individual
packet is pretty slow. I assume it is slow since it has to compile,
parse the dictionary, and do whatever else radpwtst has to do each time
it is r
cct-Status-Type','checkpoint');
}
...
And then later, in an AuthBy:
...
# for Acct-Status-Type = checkpoint
HandleAcctStatusTypes checkpoint
AcctSQLStatement INSERT INTO some_table ( sess_id, timestamp,
upload, download, . ) \
VALUES ( '%
9 string-session-id(339) 8 0005
...
COA: No matching entry found
COA: Added Reply Message: No Matching Session
...
why nothing matches, i don't know. the session-id is correct. but since
i don't know anything about the COA, i'm not even sure if i'm bark
On Fri, 28 Jan 2011, Steve Lalonde wrote:
> On 28 Jan 2011, at 02:30, Michael wrote:
>
>>
>> I give up. I've searched for hours for a hint at what this CoA /
>> Change-of-Authorization / Change-Filter-Request is. I think it is what
>> i'm looking for.
On Fri, 28 Jan 2011, Michael wrote:
>
>
> On Fri, 28 Jan 2011, Steve Lalonde wrote:
>
>> On 28 Jan 2011, at 02:30, Michael wrote:
>>
>>>
>>> I give up. I've searched for hours for a hint at what this CoA /
>>> Change-of-Authorization
On Fri, 28 Jan 2011, Michael wrote:
>
>
> On Fri, 28 Jan 2011, Michael wrote:
>
>>
>>
>> On Fri, 28 Jan 2011, Steve Lalonde wrote:
>>
>>> On 28 Jan 2011, at 02:30, Michael wrote:
>>>
>>>>
>>>> I give up. I&#x
...
# AuthByPolicy (blank): process all AuthBy's
AuthByPolicy
# acct details logging
AuthBy acct.sql
AuthBy another-if-you-want-to
# start/stops need to go to DYNADDRESS to allocate/deallocate
AuthBy nas_specific
tmask to the reply radius packet needed for the nas.
And of course, you need an AllocateQuery to mark that IP as used, and
DeallocateQuery to mark available again after the stop packet.
Michael
On 11-02-03 09:47 AM, Gerard Alcorlo Bofill wrote:
> Hello,
>
> thanks Michael for you
oh and keep in mind, when you restart radiator, or even maybe reload radiator,
the AddressPool may re-mark all ips as available, therefore it may hand out an
IP that is already in use. Maybe someone else can confirm that is correct?
On 11-02-03 11:53 AM, Michael wrote:
> I think
'GroupList="Group1 Group2 Group3"' from SUBSCRIBERS where USERNAME=%0
> AuthColumnDef 0, Class, request
> AuthColumnDef 1, GENERIC, check
> AuthColumnDef 2, GENERIC, check
>
# now call the AuthHOTP
AuthBy A
hHOTP
On 11-02-03 02:43 PM, Michael wrote:
>
> your "AuthBy GROUP AuthSQL" will not flow down into the "AuthBy GROUP
> AuthHOTP". I don't think the AuthHOTP will be used at all in this config.
>
> Look like you need an "AuthBy AuthHOTP&
k' is done in order. it sounds like you want to do the
group list check first before checking the AuthHOTP. I don't see any config in
the AuthHOTP section though.
Sorry, I'm reaching/guessing a little.
Michael
On 11-02-03 03:11 PM, Linuxchuck wrote:
> Hi Michael, Thanks for th
instead of:
roupMembershipQuerySELECT groupname FROM v_usergroups WHERE username=%0 AND
groupname=%1
try:
roupMembershipQuerySELECT groupname FROM v_usergroups WHERE username=? AND
groupname=?
On Thu, 3 Feb 2011, Linuxchuck wrote:
> Michael,
>
> Ok, I gave it a shot, and
x27;, so i think
sql would replace the question marks (?) with these bind variables.
What version do you have?
let me know how using 2 '?' instead of %0 and %1 goes.
Michael
formats the query in AuthSQL.pm, and passes the user/group as @extras:
---
it waited the
full
13 seconds, and finally the radius server responds after failing over, it will
continue to function fine.
But of course, i'm not sure what kind of setup you're working with, mine for
example, is so important, it can't fail.
On Thu, 3 Feb 2011, Linuxchuck wr
his:
WHERE groupname=? AND username=?
..cause it will not work and will break your setup.
Maybe the radiator coders can check out the source. i'm sure they'll see these
emails. To me, the source looks fine.
Michael
On Thu, 3 Feb 2011, Linuxchuck wrote:
> Michael,
>
> I h
out a config sample though, ...can only speculate.
Michael
On 11-02-15 07:35 PM, Jeffrey Lee wrote:
> How do I log all accounting records locally (to a SQL DB) before
> proxy-forwarding to the respective RADIUS server?
> I know that I can log the accounting records locally but what
thLog here to.
AuthLog ...
...
...
# AuthByPolicy (blank) means process all AuthBy's
AuthByPolicy
AuthBy SQL-acct-logging
AuthBy you-could-have-another-log-aswell
...
Michael
On 11-02-16 02:53 AM, Ryter Remo wrote:
> Hi Jeff,
>
> What you can do is to combine bo
list more debug.
Michael
On 11-02-17 08:25 PM, Jeffrey Lee wrote:
> see below for the config
>
> i have 2 RADIUS server setup here RADIUS A is this radiator,
> RADIUS B is another RADIUS for testing proxy-realms.
> On RADIUS A, here's the output on screen:
>
> Fri Feb 18 12
it does in your debug.
Michael
On Sat, 19 Feb 2011, Jeffrey Lee wrote:
here's the debug log... i execute radpwtst -user jeff@abc -password
Sat Feb 19 11:09:47 2011: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 56818
Code: Access-Request
Identifier: 2
Authent
atus-Types."
so, if wrongly determining the type, it will ACCEPT but do nothing. default is
handle all accounting, so just take out the config option for now.
Michael
On Sat, 19 Feb 2011, Jeffrey Lee wrote:
> here's the debug log... i execute radpwtst -user jeff@abc -passwo
guess.
On Sun, 20 Feb 2011, Jeffrey Lee wrote:
Michael, you're right... the accounting insert query executed after i included
AccountingTable accounting #accounting table name
AcctColumnDef invalid,invalid
... but i did not comment out "HandleAcctStatusT
. Of course, that's a personal opinion.
Michael
On Wed, 13 Apr 2011, Eddie Stassen wrote:
> Hi,
>
> Could someone please explain the rationale behind calling DeleteQuery
> on the session database when an authentication packet is received? It
> makes no sense to me since
t; Added SQLRetries parameter to all SQL type clauses. When
> executing a query, Radiator will try up to SQLRetries attempts to
> execute the query, retrying if certain types of SQL error are
> seen. Defaults to 2. Requested by Michael.
>
> Fixed some problems with Radius paths i
d.
For the status option, i guess something is better than nothing?
CHECKPROC="ps -fp `cat ${RADIUSD_PIDFILE}`"
Michael
___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator
c the config to 4
redundant radiator systems and they all reload upon new config. So, all 4
services shut down. Boy was I sweating.
Does radiator not use the current running configuration if a reload fails to
process the config files?
Mi
On Fri, 3 Jun 2011, Heikki Vatiainen wrote:
> On 06/02/2011 11:56 PM, Michael wrote:
>
>> I just had an issue with radiator shutting down. I added another
>> Handler to my config. I keep them in separate files, and use an
>> include to include that given file. I
I setup an identical radiator instance. i'll do what you suggest. thanks.
On 11-06-03 03:04 PM, Martin Burton wrote:
> Just my 2p worth :-)
>
>>
>> The error i created was only a typo in an include statement filename. so,
>> the only error is really a 'file not found' type error. i wouldn't th
e location may
have spaces in it. or, the pidfile location is wrong.
reply with the output.
Michael
On Fri, 10 Jun 2011, Aeneas Jaißle wrote:
Hi,
I just tried the patched script, no change at all.
# /etc/init.d/radiator stop
Shutting down Radiator: killproc: Usage:
killproc [-v] [
you can choose from where to get the attribute value via:
%{Reply:Class}
%{Request:Class}
if you know the value will be in the Reply packet, use %{Reply:Class}. I
think the default (if using %Class) is the request packet and may appear
blank.
On Wed, 29 Jun 2011, Heikki Vatiainen wrote:
>
Has anyone found any solutions/patches for the sql timeout failover issue with
radiator? When radiator executes an sql statement on an sql server that times
out not on connecting, but the statement itself, radiator disconnects and
reconnects to the same sql server to try again. It never seem
DBOffset will be 1, and the $i start point to re-connect, will be the
same sql server that timed out, and it will have to time out again in order to
move to the next sql server.
It's not perfect, but this is better for me at this point.
On 11-08-02 10:00 AM, Michael wrote:
>
>
>
I think it was I/O problems. Not always, but a lot of times at 6:25am
(Debian Lenny), when the daily cron runs. The timeout issue is not a Radiator
problem. It's an os/system/sql problem. Only thing i was asking about, is if
radiator should have a different response to an SQL timeout er
7;d rather have radiator prefer the 1st source as I have it
configured always as 'localhost'.
On 11-08-19 03:46 AM, Heikki Vatiainen wrote:
> On 08/18/2011 03:50 AM, Michael wrote:
>
>> > I'm still testing/monitoring it to. So far, it will just alternate
>> > b
I noticed an increase of memory usage over time as well on radiusd. Quite a
long time though, but an increase non-the-less. 10% right now for example. When
I stop/start the service, it drops and remains at about 0.5% again. I have 4
identically synced config servers, where 2 are constantly use
handles this to make sure the tables are created a few
months ahead of time. Also makes it easy to rotate out and archive old data
(ie. old sql tables).
Michael
On 11-10-17 05:43 AM, Leigh Porter wrote:
> I agree that any SQL solution for storing accounting and logs is somewhat
> craz
disk if sql activity fails, and that can be imported if the
time comes. so, you still don't loose data.
Essentially 2 levels of redundancy. You could use just one, or both.
Michael
On 11-10-18 11:25 AM, Jim Tyrrell wrote:
> I use MySQL for monthly accounting with approx 100 million
so I prefer Radius focus on authentication and accounting for optimal
> performance. The DB logging can be done as and when. An LNS with 100,000
> users crashing seems to put quite a bit of load on the Radius servers. :)
>
> Jim.
>
> On 18/10/2011 18:37, Michael wrote:
>>
&
I don't see the
answer to that question in the docs section bellow.
Michael
5.29.9
AuthColumnDef
This optional parameter allows you to change the way Radiator interprets the
result of
the AuthSelect statement. If you don’t specify any AuthColumnDef parameters,
Radia-
tor will assume t
|| $reason =~ /error in your SQL syntax/i
|| $reason =~ /violation/i
|| $reason =~ /duplicate key/im
|| $reason =~ /Duplicate entry/im
|| $reason =~ /^ORA-1/;
Michael
o crucial of an issue, i just
thought i'd mention it.
On 11-11-10 05:31 PM, Heikki Vatiainen wrote:
> On 11/10/2011 08:15 PM, Michael wrote:
>> In SqlDb.pm sub do{} should a mysql syntax error also be reason NOT to
>> disconnect/reconnect from/to the mysql server?
>
>
The incoming request is coming from a 10. network, and your mysql server is on
an 192 network. is your network configuration setup properly for this to work?
ie. your system/router knows how to get to the 192 network? Do you use a
firewall/iptables?
try ronald.higgins suggestion first. can yo
t I thought i would mention it for consideration
of adding the Timestamp sooner, and possibly for auth and acct packets.
Michael
___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator
Radiator docs seem to suggest a PreClientHook is a global parameter that will
apply to all connections to radiator but when I add this as a global option i
get:
Thu Dec 1 15:31:49 2011: ERR: Unknown keyword 'PreClientHook' in
/etc/radius.cfg line 10
I this suppose to be added as a global opt
first tried to put a
PreClientHook in a clause and forgot it was there. So, radiator was
complaining about that one.
My mistake, sorry.
On 11-12-01 05:29 PM, Heikki Vatiainen wrote:
> On 12/01/2011 09:27 PM, Michael wrote:
>
>> Radiator docs seem to suggest a PreClientHook
27;%{NAS-IP-Address}', \
'%{total-input-octets}', '%{Acct-Input-Octets}',
'%{Acct-Input-Gigawords}', '%{total-output-octets}', '%{Acct-Output-Octets}', \
Michael
On 11-12-07 06:47 AM, Heinrich Mislik wrot
to use AddToRequestIfNotExist.
Did the original email for this thread not show using AuthSelect for inserting
accounting records? as far as i was aware, that is wrong.
Michael
On 11-12-07 08:42 AM, Heinrich Mislik wrote:
> Hi,
>
> Maybe I was not clear enough. The line
>
>
I use a reject column in my user database, and SELECT it like this:
SELECT username, crypt, CONCAT('Reject:',reject),
and:
AuthColumnDef 2, Auth-Type, check
so, if the reject column is NULL, CONCAT returns NULL and it passed, but if the
reject column has text in it, CONCAT returns 'Reject
I hate to answer a question with another question, but what, why and/or when
are you writing data to the sql? I write data to sql but I do it through any
combination of , and sometimes an AuthBy SessionDB.
Works much better for me. I try to avoid custom hooks if at all possible. The
abilit
es as it was
required for my purpose. The normal AuthUNIX doesn't do anything with UIDs.
On 12-02-16 09:55 AM, Alby wrote:
> Hi Michael,
> thank you for your answer!
> I agree with you, if you can do what you need with Radiator's configuration,
> of course it is a better wa
ot;call another handler"
On 12-02-16 02:38 PM, Michael wrote:
> sounds like you may be trying to do something that is pretty complex. maybe
> you should be thinking about creating your own custom Auth Clause. section
> 17.0 in the Radiator manual. For
The PreClientHook is a hook that is run before the packet is unpacked.
Caution: At the time this hook is run, integer attributes have not yet been
unpacked and
decoded, and encrypted attributes have not yet been decrypted. If you need
unpacked,
decrypted versions of these attributes, consider u
maybe need Idle-Timeout = 0 in your authentication accept reply packet?
eg. AddToReplyIfNotExist Idle-Timeout = 0
On 12-04-18 09:24 PM, Jennings Tuala wrote:
> Hi Mike,
>
> I have tried again this time with laptop on continuously, not going to sleep
> and it still cuts out the connection. I hav
I seem to remember reading somewhere in the Radiator manual that it will only
process the first sql row received therefore I don't think it will process
multiple row results. I can't seem to find in the manual where i read that
though. On the other hand, you could have all reply values on the
=tunnelpass2,Tunnel-Server-Endpoint=tunnelpass3
|
+---+--+
1 row in set (0.00 sec)
Michael
On
I also have really complex config files and Handlers and putting things on
multiple lines does help to keep things neat. Hopefully this can be fixed,
although i guess it's not a pressing issue to upgrade so no need to rush.
On 12-07-02 05:22 PM, Heikki Vatiainen wrote:
> On 07/02/2012 09:47 PM
i found some time to try the 4.10 upgrade with patches, but i have this
Multi-Line config issue. Seems to be related to the fact that I have a blank
line and comments in the middle of the multi line Handler.
Fri Aug 10 10:51:18 2012: ERR: Unknown keyword '
Identifier handler_null
\/([^>]*)>/);
On 12-08-10 11:07 AM, Michael wrote:
> i found some time to try the 4.10 upgrade with patches, but i have this
> Multi-Line config issue. Seems to be related to the fact that I have a blank
> line and comments in the middle of the multi line Handler.
>
>
&g
works fine now and i can use 4.10 without changing
my current config. My request can be ignored.
Michael
On 12-08-11 09:05 AM, alan buxey wrote:
> Hi,
>
>> i found some time to try the 4.10 upgrade with patches, but i have this
>> Multi-Line config issue. Seems to be relat
why i want to is besides the point. Because, I don't actually want to really.
it's a matter of it already being done. It must be within the standard specs
of the parser i guess, since it's always worked before and the docs probably
said you could do it. But don't worry about it. i patched
yep, correct. The multi-line config support was broken in 4.10 then partially
fixed with then patch-set.
A couple points of interest for the fix though, that i have changed for myself.
This is my own personal opinion and may not be agreed with anyone else:
Ignoring commented lines in config
hat logs this request which is not required but i wanted to log it.
There's much more to it, but I don't want to get too deep here. it all
pretty much revolves around building the Change-Filter-Request packet
with "./radpwtst -code Change-Filter-Request" and ether send
and '/usr/bin/snmpget -c ""
0.0.0.0
iso.org.dod.internet.private.enterprises.9.9.150.1.1.3.1.2.26740905
2>&1' failed with an error:
iso.org.dod.internet.private.enterprises.9.9.150.1.1.3.1.2.26740905:
Unknown Object Identifier
(org.dod.internet.private.enterprises.9.9.150.1
and authorization in the same handler is tricky.
Michael
On 01/11/12 05:07 PM, rohan.he...@cwjamaica.com wrote:
Hugh,
Config and logs attached.
And the application crashed when testing Simultaneous-Use for both
configurations below.
In my AuthBy config:
"DefaultSimultaneou
someone may still want to add the error detection though.
On 01/11/12 02:07 PM, Michael wrote:
> I'm having some issues with verifying online session with the
> DefaultSimultaneousUse option. I keep seeing that sessions are "gone
> away". Messages in the log such as:
> Thu
and if the secret is wrong, i'm pretty sure it will show the connection
in the debug logs.
On 06/11/12 02:38 PM, alan buxey wrote:
> Hi,
>> I entered the correct password.
> did you? All I have seen you say so far is that you used
>
>
> perl radpwtst -user mikem -password fred -auth_port 181
5.10.4
DeleteQuery
This SQL statement is executed whenever a user session finishes (i.e.
when an Account-
ing-Request Stop message is received). It is expected to remove the
details of the ses-
sion from the SQL database. Special formatting characters may be used.
%0 is replaced
by the quoted u
al section 5.10.4
On 13/11/12 02:34 PM, Michael wrote:
5.10.4
DeleteQuery
This SQL statement is executed whenever a user session finishes (i.e.
when an Account-
ing-Request Stop message is received). It is expected to remove the
details of the ses-
sion from the SQL database. Special
looks like your first AuthBy SQL is answering accept. is this maybe
because you don't have any 'check' options at all? Then if accept,
never process the AuthBy FILE because of ContunueWhileIgnore.
For example, maybe you need at least one check option:
AuthColumnDef 1, Encrypted-Password, ch
I think you would have to query a 2nd time within 60 seconds in order to
see the BackOff in the log.
On 19/11/12 02:44 PM, Ricardo Martinez wrote:
Hello Michael.
I have modified the AuthByPolicy fro mContinueWhileIgnore for
And now it jumps to the second AuthBy, but is not marking the DB
I see this query timeout issue quite often. I have a 4 system sql
replication ring though, so it just moves onto the next one and keeps
humming. not sure what's causing the timeout though.
On 20/11/12 04:33 PM, Heikki Vatiainen wrote:
> On 11/20/2012 02:27 PM, Ricardo Martinez wrote:
>> Is the
This memcache sounds pretty nice. I do experience many pppoe logins
where a router will constantly attempt to login which is fine at a slow
rate. Some router (usually Dlink) must be defective as they sometimes
attempt to login WAY TOO often. My personal record i've seen is about
12 times a
Suggestion...
I just noticed that when using GENERIC attribute name for AuthColumnDef
in which allows for a comma separated attribute list, the
result from the select query is not passed through format_special
therefore I can't use global variables.
--- old/Radius/AuthSQL.pm 2013-01-07
to a new
area
we simply need more files named for $dialled.
Would this work? What does the script need to return to prevent or allow
logon?
Michael
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
d then you have the
ability to log that action. The nas needs to be setup with the POD
server to accept these requests.
Michael
On 27/03/13 05:16 AM, Thomas Kurian wrote:
Hello Friends,
I want to do a COA ,to switch the bandwidth profile of the users after
they exceed maximum their alloca
you would have to configure only 1 Handler, and multiple
AuthBy's to do more than one thing with a packet.
Michael
On 27/03/13 12:41 PM, Michael Newton wrote:
On 27 March 2013 09:29, <mailto:radiator-requ...@open.com.au>> wrote:
My requirement is to process and handl
o the device. I work on devices that have many ips and the
POD service seems to only sit on some, possible just one of the nas's ips.
On 27/03/13 03:13 PM, Thomas Kurian wrote:
Hello Michael,
Many thanks for your email. I am just handling the radiator side of
our company project . IS
o it is more specific than "Re: Contents of radiator digest..."
Today's Topics: 1. Re: Handler type Stop/Alive distinguished
processing (Michael Newton)
-- Message:
1 Date: Wed, 27 Mar 2013 09:41:40 -0700 From: Michael N
d field for future development
Identifier tamesql
DBSourcedbi:ODBC:IRONMAN
DBUsername XXX
DBAuth X
# Accept processing of other accounting requests of the genre Alive
interim updates
Identifier thomas
I have this problem too. Radiator slowly consumes more and more
memory as the weeks go by. Restarting it brings it back down. I
have asked this question to, but also got the same answers you did.
Not a radiator problem.
On 19/06/13 05:04 AM, Kurt Bauer wrote
11:30 0:00
/usr/bin/perl radiusd
===
On 19/06/13 11:10 AM, Michael wrote:
I have this problem too. Radiator slowly consumes more and more
memory as the weeks go by. Restarting it brings it
realize how hard it
would be for someone to help via email on such a matter. thanks anyways
though.
Michael
On 19/06/13 02:19 PM, Christian Kratzer wrote:
> Hi,
>
> On Wed, 19 Jun 2013, Michael wrote:
>
>>
>> 4 radius servers. identical config. the last in the list is
I use monthly tables. that really helped. Then use the year-month
attributes in your insert statements. And of course anything that reads
this data will have to be altered to support year-month tables. Also an
external process that runs monthly to make sure that the tables get
created ahead o
i use mysql. no i don't have anything that reads the data with a
browser. sorry.
On 30/06/13 11:33 PM, sergio wrote:
> I use mysql database, elterei from MyISAM to InnoDB but I wonder if another
> database would not help.
>
> Very good idea to use your tables YEAR-MES. What database do you use?
are you saying postgresql is really that much better with regards to
performance, and worth switching to?
On 01/07/13 03:29 AM, a.l.m.bu...@lboro.ac.uk wrote:
> Hi,
>
>> I use mysql database and my AccountingTable has more than 40 million records
>> per month. Does anyone here have any policy p
Does anyone know of any issues with receiving reply packets from a
packet-of-disconnect request which is proxied through radiator? For my
POD requests, i inject them into radiator using radpwtst and have them
configured to proxy to the proper device. The POD does work. When a
session is mat
7;
|| $p->code eq 'Disconnect-Request-ACKed'
|| $p->code eq 'Disconnect-Request-NAKed'
|| $p->code eq 'Change-Filter-Request-ACKed')
{
$op->{RadiusResult} = $main::ACCEPT;
On 05/07/13 10:02 AM,
also, Change-Filter-Request-NAKed would also need to be in that list.
On 09/07/13 07:00 AM, Heikki Vatiainen wrote:
> On 07/05/2013 09:17 PM, Michael wrote:
>
>> In AuthRADIUS.pm, routine sub handleReply, should
>> "Disconnect-Request-NAKed" also be listed in the code
r now though, adding the NAKed requests to the list in the code i described
does make sure the reply packets coming back from the nas's are proxied to the
radpwtst client.
There's probably a better way of accomplishing this for sure. I'll look into
this further
Thanks.
Michae
On 16/07/13 04:24 PM, Heikki Vatiainen wrote:
> On 07/13/2013 08:20 PM, Michael wrote:
>
>> So, my complicated config determines what device the request needs to
>> go to and sends, and then it converts the POD and COA packets to
>> accounting packets using scripting, the
Has anyone ever seen a situation where, for every authentication attempt
to a radiator system from a cisco device, there is an authentication
attempt right before it that appears to be:
- a domain (the username with the 'username@' part stripped off).
- plain text password is always 'cisco'.
-
i'm looking to stop it. not set it up. i'm not sure what had
enabled/configured it to start happening. I guess this is probably the
wrong place to ask.
On 06/11/13 04:56 PM, Hugh Irvine wrote:
> Hello Michael -
>
> This sounds like Cisco VPDN tunnelling.
>
> This exa
to save other values, you have to place it in the Class attribute in the
Reply packet going back to your device. The Class should get saved in
the device, and will be there when the Stop packet comes in. I
personally save a few values in the Class as coma separated values.
When it comes back
es:
[zone=$zone,uid=$uid,auth-un=$authed_un,old_zone=$old_zone,un_only=$un_only]");
}
}
# end sub
}
On 26/11/13 02:59 PM, rohan.henry @cwjamaica.com wrote:
Thanks Michael.
Would you be able to share a sample?
On Tue, Nov 26, 2013 at 2:39 PM, Michael <mailto:ri...@vianet.ca&g
1 - 100 of 317 matches
Mail list logo
