Hello Felipe -
On Tue, 30 May 2000, Felipe Salum wrote:
> Hi Hugh
>
> My conf file:
>
> <AddressAllocator SQL>
> Identifier redeip
> DBSource dbi:Oracle:radius
> DBUsername xxxx
> DBAuth xxxx
>
> <AddressPool pool1>
> Subnetmask 255.255.255.0
> Range 200.187.208.1 200.187.208.254
> Range 200.187.209.1 200.187.209.254
> Range 200.187.210.1 200.187.210.254
> Range 200.187.211.1 200.187.211.254
> </AddressPool>
> </AddressAllocator>
>
> <Realm zipnet.com.br>
> <AuthBy SQL>
> DBSource dbi:Oracle:radius
> DBUsername xxx
> DBAuth xxx
> AuthSelect select PASSWORD from SUBSCRIBERS where ( USERNAME='%n' \ or
> username = '%n'||'@zip.net') and ( status != '1' or \ status is null )
> AuthColumnDef 0, Encrypted-Password, check
> .......
> <</AuthBy>
> <AuthBy DYNADDRESS>
> Allocator redeip
> </AuthBy>
> </Realm>
>
>
> And the error:
>
> Mon May 29 21:37:39 2000: DEBUG: Radius::AuthSQL looks for match with
> fsalum
> Mon May 29 21:37:39 2000: DEBUG: Radius::AuthSQL ACCEPT:
> Mon May 29 21:37:39 2000: DEBUG: Handling with Radius::AuthDYNADDRESS
> Mon May 29 21:37:39 2000: DEBUG: Query is: select YIADDR, SUBNETMASK,
> DNSSERVER from RADPOOL where POOL='' and STATE=0 order by
> TIME_STAMP
> Mon May 29 21:37:39 2000: ERR: Execute failed for 'select YIADDR,
> SUBNETMASK, DNSSERVER from RADPOOL where POOL='' and STATE=0 order by
> TIME_STAMP': ORA-03113: end-of-file on communication channel (DBD ERROR:
> OCIStmtExecute)
> Mon May 29 21:37:39 2000: INFO: Access rejected for fsalum: No available
> addresses
> Mon May 29 21:37:39 2000: DEBUG: Packet dump:
>
>
> Do I need to add all ipaddress to my radpool table or should the
> Radiator get it from my <addresspool> line ??
>
There are a couple of things here - first of all, there is nothing wrong with
the <AddressPool pool1> declaration, although I'm not sure about your subnet
mask - you should do some experiments.
The problem you have is that you are not specifying a PoolHint and so the
SQL query is failing because it is looking for nothing (POOL=''...). By default
the AddressAllocator SQL expects to use an attribute called PoolHint in the
reply packet, that should have been put there by a previous AuthBy. Have a look
at section 6.37.2 in the Radiator 2.16 reference manual. Also note that you
should strip the PoolHint reply attribute from the reply packet before sending
the packet to the NAS. See the example configuration file
"goodies/addressallocatorsql.cfg" for details.
hth
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
