>
>
>I'm trying to autheticate a user to Radiator.
>I get the following error from the radius client (Cisco)
>What is wrong ?
>
>This is the output on the nas:
>%LINK-3-UPDOWN: Interface BRI0:2, changed state to up
>%ISDN-6-LAYER2UP: Layer 2 for Interface BR0, TEI 81 changed to up
>AAA/AUTHEN: create_user (0x20FB714) user='dirk' ruser='' port='BRI0:2'
>rem_addr=
>'111111/111111' authen_type=PAP service=PPP priv=1
>AAA/AUTHEN/START (1137672270): port='BRI0:2' list='use_radius'
>action=LOGIN serv
>ice=PPP
>AAA/AUTHEN/START (1137672270): using "default" list
>AAA/AUTHEN/START (1137672270): Method=RADIUS
>RADIUS: Computed extended port value 0:30002:
>RADIUS: Initial Transmit id 22 172.31.100.116:1645, Access-Request, len
>96
> Attribute 4 6 AC1F6496
> Attribute 5 6 00007532
> Attribute 61 6 00000002
> Attribute 1 6 6469726B
> Attribute 30 11 32303430
> Attribute 31 11 32303634
> Attribute 2 18 14DF52EA
> Attribute 6 6 00000002
> Attribute 7 6 00000001
>RADIUS: Received from id 22 172.31.100.116:1645, Access-Accept, len 62
> Attribute 7 6 00000001
> Attribute 9 6 FFFFFFFF
> Attribute 10 6 00000000
> Attribute 12 6 000005DC
> Attribute 13 6 00000001
> Attribute 9 6 FFFFFFFF
> Attribute 88 6 02030408
>RADIUS: saved authorization data for user 20FB714 at 21CFBE8
>AAA/AUTHEN (1137672270): status = PASS
>AAA/AUTHOR/LCP BR0:2: Authorize LCP
>AAA/AUTHOR/LCP BR0:2 (3851085051): Port='BRI0:2' list='' service=NET
>AAA/AUTHOR/LCP: BR0:2 (3851085051) user='dirk'
>AAA/AUTHOR/LCP: BR0:2 (3851085051) send AV service=ppp
>AAA/AUTHOR/LCP: BR0:2 (3851085051) send AV protocol=lcp
>AAA/AUTHOR/LCP (3851085051) found list "default"
>AAA/AUTHOR/LCP: BR0:2 (3851085051) Method=RADIUS
>RADIUS: no appropriate authorization type for user.
>AAA/AUTHOR (3851085051): Post authorization status = FAIL
>AAA/AUTHOR/LCP BR0:2: Denied
>AAA/AUTHEN: free_user (0x20FB714) user='dirk' ruser='' port='BRI0:2'
>rem_addr='2
>06442754/204040733' authen_type=PAP service=PPP priv=1
>%ISDN-6-DISCONNECT: Interface BRI0:2 disconnected from 1111111 , call
>lasted
>4 seconds
>%LINK-3-UPDOWN: Interface BRI0:2, changed state to down
>%ISDN-6-LAYER2DOWN: Layer 2 for Interface BR0, TEI 81 changed to down
>%ISDN-6-LAYER2DOWN: Layer 2 for Interface BRI0, TEI 81 changed to down
>
There is no Service-Type = Framed-User (Attribute 6, value 2) in your
Access-Accept.
Cisco's are very picky about this, as you have discovered.
hth
Hugh
--
NB: I am travelling this week, so there may be delays in our correspondence.
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
