RE: (RADIATOR) problems configuring Radiator with 3com Hiper DSPs
I'm close, very very close. Just getting a bit of behavior I didnt expect. all of my PPP dial ins have a capital P in front of them, some of them do not have a corresponding email account to go along with them... here is some debug output Tue Mar 9 08:57:22 1999: DEBUG: Handling request with Handler 'Realm=DEFAULT' Tue Mar 9 08:57:22 1999: DEBUG: Handling with Radius::AuthFILE Tue Mar 9 08:57:22 1999: DEBUG: Radius::AuthFILE looks for match with Ptennis Tue Mar 9 08:57:22 1999: DEBUG: Radius::AuthFILE looks for match with DEFAULT Tue Mar 9 08:57:22 1999: DEBUG: Handling with Radius::AuthUNIX Tue Mar 9 08:57:22 1999: DEBUG: Radius::AuthUNIX looks for match with tennis Tue Mar 9 08:57:22 1999: DEBUG: Radius::AuthUNIX ACCEPT: Tue Mar 9 08:57:22 1999: DEBUG: Radius::AuthFILE ACCEPT: Tue Mar 9 08:57:22 1999: DEBUG: Access accepted for Ptennis Ok, here things are fine because my dial in user Ptennis does happen to have an email box, tennis, and the passwords for both accounts are the same, so access is granted However, the issue arises like this: Tue Mar 9 09:04:26 1999: DEBUG: Handling request with Handler 'Realm=DEFAULT' Tue Mar 9 09:04:26 1999: DEBUG: Handling with Radius::AuthFILE Tue Mar 9 09:04:26 1999: DEBUG: Radius::AuthFILE looks for match with Prlw Tue Mar 9 09:04:26 1999: DEBUG: Radius::AuthFILE looks for match with DEFAULT Tue Mar 9 09:04:26 1999: DEBUG: Handling with Radius::AuthUNIX Tue Mar 9 09:04:26 1999: DEBUG: Radius::AuthUNIX looks for match with rlw Tue Mar 9 09:04:26 1999: DEBUG: Radius::AuthFILE REJECT: No such user Tue Mar 9 09:04:26 1999: INFO: Access rejected for Prlw: No such user In this case, Prlw is a valid dial in user, but has no mailbox assigned, but they are rejected. Hmm... I only want users with Pusername to be able to log in... I've worked around it with ESVA, but am not quite sure how to work around it with Radiator just yet... any ideas? -Original Message- From: Stuart Henderson [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 09, 1999 8:53 AM To: [EMAIL PROTECTED] Subject: Re: (RADIATOR) problems configuring Radiator with 3com Hiper DSPs > And am I to understand the second realm should be > something more like: > > > > Identifier System > Filename /etc/master.passwd > > > > Does that seem correct? I don't think you need the filename line, this will just use BSDi's system calls. Give it a go and see :) I don't have a copy of BSDI to test it on for you but it got things working for someone else a few days ago. Or just use a flatfile/dbm or better yet SQL :-) Cheers! Stuart === To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
(RADIATOR) problems configuring Radiator with 3com Hiper DSPs
hi fellow Radiator users. I'm attempting to get myself configured and am running into a few problems. Our dial up hardware consists of 3com Total Control HiperDSP's, currently running esva radius on BSDI. All of my dial up users have a "P" prefix in front of the username. my radius.cfg file looks like this: LogDir /var/log/radius # Set this to the database directory. It should contain these files: # users The user database # dictionary The dictionary for your NAS DbDir /usr/local/etc/raddb AuthPort 1645 AcctPort 1646 BindAddress 206.31.149.200 #NasType TotalControl Foreground LogStdout Trace 4 # This clause defines a single client to listen to Secret blahblah Secret blahblah Secret blahblah Secret blahblah # This clause handles all users from all realms by looking them up # in the users file at /usr/local/etc/raddb/users # The filename defaults to %D/users # Log accounting to the detail file in LogDir AcctLogFileName %L/detail Identifier System Filename /etc/master.passwd -- END radius.cfg The dummy realm is because I need the power of being able to authby file for multiple users but I need the unix password authentication. and my users file is quite simple at this point, as I just want something functioning for my dial up users: DEFAULT Prefix=P, Auth-Type = System Reply-Message = You are a prefix PPP user Now, to test things, I've been trying to use the _auth command provided by the Hiper DSP card... on esva radius, when I run HiPer>> _auth Pmgrommet password CLI - User: Pmgrommet is Authenticated HiPer>> Ok, so I then run radiator,and run from the command line: HiPer>> _auth Pmgrommet !wizman! CLI - User: Pmgrommet failed Authentication (status: 536870912) msg=Request Denied I've placed Radiator in debug mode 4, and heres the info it gives me on the authentication request: Attributes: User-Name = "Pmgrommet" User-Password = "<141><140>Q<146><246><206>9<155><177><205>x<134><13>Z`<17>" Client-Id = 206.31.149.4 NAS-Port = 14081 Acct-Session-Id = "Pmgrommet1" USR-Interface-Index = 0 Service-Type = Login-User Chassis-Call-Slot = 56 Chassis-Call-Span = 1 Chassis-Call-Channel = 1 Calling-Station-Id = "" Called-Station-Id = "" NAS-Port-Type = Virtual Mon Mar 8 13:53:19 1999: DEBUG: Handling request with Handler 'Realm=DEFAULT' Mon Mar 8 13:53:19 1999: DEBUG: Handling with Radius::AuthFILE Mon Mar 8 13:53:19 1999: DEBUG: Radius::AuthFILE looks for match with Pmgrommet Mon Mar 8 13:53:19 1999: DEBUG: Radius::AuthFILE looks for match with DEFAULT Mon Mar 8 13:53:19 1999: DEBUG: Handling with Radius::AuthUNIX Mon Mar 8 13:53:19 1999: DEBUG: Radius::AuthUNIX looks for match with mgrommet Mon Mar 8 13:53:19 1999: DEBUG: Radius::AuthUNIX REJECT: Bad Encrypted-Password Mon Mar 8 13:53:19 1999: DEBUG: Radius::AuthFILE REJECT: Bad Encrypted-Password Mon Mar 8 13:53:19 1999: INFO: Access rejected for Pmgrommet: Bad Encrypted-Password Mon Mar 8 13:53:19 1999: DEBUG: Packet dump:* Any ideas on what/where to check? If I hard code a user and password into the users file it works fine. === To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
