* This is the VOP Radius mailing list * Todd- >From my experience, when a USER sends a blank password, it will only log the error in the vprerror.log file. It does not log the error in the windows event log.
Could it be possible that the error you are seeing is VOPRadius reporting that it did not receive a RADIUS password (secret) from the ICG server? It would make sense that VOPRadius would log this type of error in the Event log since if the secret doesn't match, you will not authenticate anyone. I have had tons of customers try to login with blank passwords, and have never once seen it logged in event logs. Your statement that the ICG servers then hammer you with a stream of requests may also point to my idea -- if VOPRadius sends an auth reject to the ICG servers, ICG should not send you another auth request. I would think that if VOPRadius did receive an auth packet without the password attribute, it would still send a NAK. BUT, if VOPRadius receives no radius secret at the beginning of the auth packet, it will not answer the remote radius server at all since the remote radius server has not authenticated to VOP. It seems this scenario would cause the ICG servers to keep trying to get SOME kind of answer from you, but continuously sending the auth packet until it, or the client, times out. To be sure, go into the Radius control panel applet, and enable all of the logging options including Debug level 1 and 2. Then look in your vprerror.log and see what is really happening.... are you receiving radius attribute 2 (Password) for these requests? Do you see the password/secret error? If nothing else, it might give you some more insight into the real problem if it turns out to have nothing to do with the radius secret. -- Scot ----- Original Message ----- From: "Your Own ISP .com" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, September 24, 2003 1:59 PM Subject: [VOPRadius] FW: Bug? - VPR Radius Server Error: No Password (nas=170.147.40.20) Anyone? Thanks, Todd Routhier Lightwave Technologies, LLC. -- Start Your Own ISP! http://www.YourOwnISP.com <http://www.yourownisp.com/> -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Me Sent: Sunday, September 21, 2003 11:08 PM To: [EMAIL PROTECTED] Subject: [VOPRadius] Bug? - VPR Radius Server Error: No Password (nas=170.147.40.20) We use several different wholesale dialup network providers. One of the them is ICG.. We have seen literally thousands of errors in our NT logs event viewer, not in the Vop Radius error log. I have pasted the error below copy and pasted. The only time this error occurs is when a user coming from the ICG network tries to dialup and login with a blank password. This does not occur on ANY other network, UUnet, Qwest, Aleron and several others. As far as I can tell so far, ICG is not sending the password attribute when the user sends a blank password. This seems to be what's causing the errors in the NT Event Viewer Application log. This is also causing the end user to get a timeout in dialup networking instead of a bad password error. So, the user keeps trying and trying just assuming that we stink because they keep timing out instead of receiving a bad password error. Finally this causes the array of 30 plus ICG radius servers to keep hammering my radius server since it received NO RESPONSE from VOP Radius. It appears that VOP Radius just logs the fatal error in the NT Application log, does not respond to the Radius server at all, does not log it in the VOP Radius Error log and just DIES.. I may not be 100% accurate with all this but I think I am most of the way there. Has anyone else experienced this? Vircom, is there a patch or something for this? It seems that VOP Radius is the only Radius server around that handles the Password attribute missing quite this way. -------------------------------------------------------- Event Type: Error Event Source: VOP Proxy and Roaming Radius Server Event Category: None Event ID: 1003 Date: 9/12/2003 Time: 11:26:19 AM User: N/A Computer: NS1 Description: VPR Radius Server Error: No Password (nas=170.147.40.20) --------------------------------------------------------- Thanks, Todd Routhier Lightwave Technologies, LLC. -- Start Your Own ISP! <http://www.YourOwnISP.com> http://www.YourOwnISP.com ** To leave this list, send an email to [EMAIL PROTECTED] and put the word "LEAVE" in the BODY of the email.
