Hugh Irvine wrote:
> Hello Felipe -
>
> On Tue, 30 May 2000, Felipe Salum wrote:
> > Hi Hugh
> >
> > My conf file:
> >
> > <AddressAllocator SQL>
> > Identifier redeip
> > DBSource dbi:Oracle:radius
> > DBUsername xxxx
> > DBAuth xxxx
> >
> > <AddressPool pool1>
> > Subnetmask 255.255.255.0
> > Range 200.187.208.1 200.187.208.254
> > Range 200.187.209.1 200.187.209.254
> > Range 200.187.210.1 200.187.210.254
> > Range 200.187.211.1 200.187.211.254
> > </AddressPool>
> > </AddressAllocator>
> >
> > <Realm zipnet.com.br>
> > <AuthBy SQL>
> > DBSource dbi:Oracle:radius
> > DBUsername xxx
> > DBAuth xxx
> > AuthSelect select PASSWORD from SUBSCRIBERS where ( USERNAME='%n' \ or
> > username = '%n'||'@zip.net') and ( status != '1' or \ status is null )
> > AuthColumnDef 0, Encrypted-Password, check
> > .......
> > <</AuthBy>
> > <AuthBy DYNADDRESS>
> > Allocator redeip
> > </AuthBy>
> > </Realm>
> >
> >
> > And the error:
> >
> > Mon May 29 21:37:39 2000: DEBUG: Radius::AuthSQL looks for match with
> > fsalum
> > Mon May 29 21:37:39 2000: DEBUG: Radius::AuthSQL ACCEPT:
> > Mon May 29 21:37:39 2000: DEBUG: Handling with Radius::AuthDYNADDRESS
> > Mon May 29 21:37:39 2000: DEBUG: Query is: select YIADDR, SUBNETMASK,
> > DNSSERVER from RADPOOL where POOL='' and STATE=0 order by
> > TIME_STAMP
> > Mon May 29 21:37:39 2000: ERR: Execute failed for 'select YIADDR,
> > SUBNETMASK, DNSSERVER from RADPOOL where POOL='' and STATE=0 order by
> > TIME_STAMP': ORA-03113: end-of-file on communication channel (DBD ERROR:
> > OCIStmtExecute)
> > Mon May 29 21:37:39 2000: INFO: Access rejected for fsalum: No available
> > addresses
> > Mon May 29 21:37:39 2000: DEBUG: Packet dump:
> >
> >
> > Do I need to add all ipaddress to my radpool table or should the
> > Radiator get it from my <addresspool> line ??
> >
>
> There are a couple of things here - first of all, there is nothing wrong with
> the <AddressPool pool1> declaration, although I'm not sure about your subnet
> mask - you should do some experiments.
>
> The problem you have is that you are not specifying a PoolHint and so the
> SQL query is failing because it is looking for nothing (POOL=''...). By default
> the AddressAllocator SQL expects to use an attribute called PoolHint in the
> reply packet, that should have been put there by a previous AuthBy. Have a look
> at section 6.37.2 in the Radiator 2.16 reference manual. Also note that you
> should strip the PoolHint reply attribute from the reply packet before sending
> the packet to the NAS. See the example configuration file
> "goodies/addressallocatorsql.cfg" for details.
>
> hth
>
> Hugh
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
> Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
Hugh,
Attached is a trace 4 for my connection using AuthBy DYNADDRESS.
Look that my connection is ACCEPTED by the radiator but in the other side my
connection dial-up hang up, dont authentica maybe, I dont know why!!
Thanks for the help!
--
Felipe Bariani Salum
System Administrator
Zip.net
Tue May 30 21:31:48 2000: DEBUG: Packet dump:
*** Received from 200.187.218.84 port 1645 ....
Code: Access-Request
Identifier: 1
Authentic: <11><4><147>O<222><22><164>?+~)a<31><164><231><221>
Attributes:
Client-Id = 200.187.218.84
NAS-Port = 1
NAS-Port-Type = Virtual
User-Name = "[EMAIL PROTECTED]"
Called-Station-Id = "73980105"
Calling-Station-Id = "1131710753"
User-Password = ""
Service-Type = Framed-User
Framed-Protocol = PPP
Tue May 30 21:31:48 2000: DEBUG: Rewrote user name to [EMAIL PROTECTED]
Tue May 30 21:31:48 2000: DEBUG: Rewrote user name to [EMAIL PROTECTED]
Tue May 30 21:31:48 2000: DEBUG: Rewrote user name to [EMAIL PROTECTED]
Tue May 30 21:31:48 2000: DEBUG: Handling request with Handler 'Realm=zipnet.com.br'
Tue May 30 21:31:48 2000: DEBUG: Rewrote user name to fsalum
Tue May 30 21:31:48 2000: DEBUG: Deleting session for [EMAIL PROTECTED],
200.187.218.84, 1
Tue May 30 21:31:48 2000: DEBUG: do query is: delete from radonline where username =
'fsalum' and nasidentifier = '200.187.218.84' and nasport ='1'
Tue May 30 21:31:48 2000: DEBUG: Handling with Radius::AuthSQL
Tue May 30 21:31:48 2000: DEBUG: Handling with Radius::AuthSQL
Tue May 30 21:31:48 2000: DEBUG: Query is: select PASSWORD from SUBSCRIBERS where (
USERNAME='fsalum' or username = 'fsalum'||'@zip.net') and ( status != '1' or status is
null )
Tue May 30 21:31:49 2000: DEBUG: Radius::AuthSQL looks for match with fsalum
Tue May 30 21:31:49 2000: DEBUG: Radius::AuthSQL ACCEPT:
Tue May 30 21:31:49 2000: DEBUG: Handling with Radius::AuthDYNADDRESS
Tue May 30 21:31:49 2000: DEBUG: Query is: select YIADDR, SUBNETMASK, DNSSERVER from
RADPOOL where POOL='pool1' and STATE=0 order by TIME_STAMP
Tue May 30 21:31:49 2000: ERR: Execute failed for 'select YIADDR, SUBNETMASK,
DNSSERVER from RADPOOL where POOL='pool1' and STATE=0 order by TIME_STAMP': ORA-03113:
end-of-file on communication channel (DBD ERROR: OCIStmtExecute)
Tue May 30 21:31:49 2000: DEBUG: do query is: update RADPOOL set STATE=1,
TIME_STAMP=959733109,
EXPIRY=959819509, USERNAME='fsalum' where YIADDR='200.187.208.9'
Tue May 30 21:31:49 2000: DEBUG: Access accepted for fsalum
Tue May 30 21:31:49 2000: WARNING: No such attribute Framed-IP-Netmask
Tue May 30 21:31:49 2000: DEBUG: Packet dump:
*** Sending to 200.187.218.84 port 1645 ....
Code: Access-Accept
Identifier: 1
Authentic: <11><4><147>O<222><22><164>?+~)a<31><164><231><221>
Attributes:
Framed-IP-Netmask = 255.255.255.0
Framed-IP-Address = 200.187.208.9
