Hi Stephen,
On Mar 11, 12:20pm, Stephen Ollis wrote:
> Subject: (RADIATOR) DEFAULT entries...
> I'm trying to setup a DEFAULT entries to setup things like
> Port-Limit, Session-Timeout, Idle-Timeout and Simultaneous-Use.
> I put the following entry into my users file.
>
> DEFAULT Simultaneous-Use = 1
> Idle-Timeout = 1800,
> Session-Timeout = 86400,
> Port-Limit = 1
>
> This is not working. In fact, it's allowing invalid usernames to
> get access. I'd really like that to STOP! :-) radpwtst doesn't show
> the attributes being set for valid users, but they are for mikem.
> (ie mikem is not a valid user, sorry Mike!)
Because that DEFAULT user does not specify any check items other than
Simultaneous-Use, thats the only check that Radiator applies. That means it
does not do a password check at all, and therefore any user can get in.
I think you will need a more complicated config if you want to apply a global
Sim-Use limit (unless you can use MaxSessions instead, and ou can only do that
if the per-user Sim-Use is more restrictive than the MaxSessions limit)
Hope that helps.
Cheers.
>
> My users files is common to multiple realms, is the barest required
> to allow authentication and Realm AddToReply items are set per realm to
> enable VPN's, tunnelling and the like.
>
> An example user is..
>
> testuser Password = "N0tL1k3ly"
>
> My std .cfg is..
>
>
>
> # Defaults to %D/users It only needs usernames
> # and password in it
> Filename %D/dialup.users
>
> AddToReply Service-Type = Framed-User,\
> Framed-Protocol = PPP,\
> Framed-IP-Netmask = 255.255.255.255,\
> Framed-Routing = None,\
> Framed-Compression = Van-Jacobson-TCP-IP,\
> Framed-MTU = 1500,\
> Annex-Primary-DNS-Server = 202.10.0.36,\
> Annex-Secondary-DNS-Server = 202.10.0.66
>
> # Where do we write the accounting file
> AcctLogFileName %L/detail.DEFAULT-%Y%m%d
>
>
> There is a to enable IPASS global roaming.
>
> Any pointers/clues appreciated...
>
> --
> Stephen Ollis <[EMAIL PROTECTED]> Ph: +61 2 9911 1606(BH)
> Team Leader, Server Systems - Network Engineering +61 2 9911 1555(FAX)
> AT&T EasyLink Services, Lvl 8, 15 Orion Rd, Lane Cove, NSW 2066
> Australia
> 'There is no traffic jam on the extra mile.' - Zig Ziegler
>
>
> ===
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
>-- End of excerpt from Stephen Ollis
--
Mike McCauley [EMAIL PROTECTED]
Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia Consulting and development
Phone, Fax: +61 3 9598-0985 http://www.open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, external, etc etc on Unix, Win95/8, NT, Rhapsody
===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.