On 08/24/2012 11:35 AM, Murat Kocum wrote: > We have mass disconnections on our radius server radiator and then they > can not connect. It was a smooth running server until our provider made > some changes on their side. What I see is that we are receiving username > null when problems occur. We have no username null it should be 8 digit > figure. Besides I see several attribute not found errors. Both of them > appear together. For some periods of time they connect and work > properly. What may be the problem?
One possibility is your dictionary file is missing or very broken. When you start radiusd with Trace 4 enabled you should see something like this: Fri Aug 24 12:14:56 2012: DEBUG: Reading dictionary file '/home/hvn/radiator/Radiator-4.10/dictionary' The actual location of dictionary file depends on your configuration. The default is %D/dictionary where %D is DbDir which is by default /usr/local/etc/raddb. Many sites define DbDir to /etc/radiator Please take a look at Radiator startup messages for hints about dictionary file and see that the dictionary file is correct. The packet dump looks reasonable and seems to contain User-Name, User-Password etc. Thanks, Heikki > Packet length = 96 > 01 b9 00 60 fe 9f dc 6b 6f a0 55 c6 4f 6c 0c 7d > 8c 66 b3 33 01 0a 31 30 35 31 31 34 30 31 02 12 > 56 76 5a 41 6b 86 97 f6 68 af 2c 3f 99 32 1a c3 > 04 06 0a 11 03 fe 20 11 4d 31 32 30 5f 32 5f 41 > 7a 65 72 63 65 6c 6c 1e 07 69 6e 74 65 6c 07 06 > 00 00 00 07 06 06 00 00 00 02 3d 06 00 00 00 05 > Code: Access-Request > Identifier: 185 > Authentic: <254><159><220>ko<160>U<198>Ol<12>}<140>f<179>3 > Attributes: > > Mon Aug 20 17:07:48 2012: ERR: Attribute number 5 is not defined in your > dictionary > Mon Aug 20 17:07:48 2012: ERR: Attribute number 40 is not defined in > your dictionary > Mon Aug 20 17:07:48 2012: DEBUG: Handling request with Handler > 'Realm=DEFAULT' > Mon Aug 20 17:07:48 2012: ERR: Attribute number 4 is not defined in your > dictionary > Mon Aug 20 17:07:48 2012: ERR: Attribute number 32 is not defined in > your dictionary > Mon Aug 20 17:07:48 2012: ERR: Attribute number 44 is not defined in > your dictionary > Mon Aug 20 17:07:48 2012: ERR: Attribute number 8 is not defined in your > dictionary > Mon Aug 20 17:07:48 2012: DEBUG: Deleting session for , 10.17.3.254, > Mon Aug 20 17:07:48 2012: DEBUG: do query is: 'delete from RADONLINE > where NASIDENTIFIER='10.17.3.254' and NASPORT=0': > Mon Aug 20 17:07:48 2012: DEBUG: Handling with Radius::AuthRADMIN: > Mon Aug 20 17:07:48 2012: DEBUG: Handling with Radius::AuthRADMIN: > Mon Aug 20 17:07:48 2012: ERR: Attribute number 79 is not defined in > your dictionary > Mon Aug 20 17:07:48 2012: DEBUG: Query is: 'select PASS_WORD, > STATICADDRESS, TIMELEFT, MAXLOGINS, SERVICENAME, BADLOGINS, VALIDFROM, > VALIDTO from RADUSERS where USERNAME=NULL': > Mon Aug 20 17:07:48 2012: DEBUG: Radius::AuthRADMIN looks for match with [] > Mon Aug 20 17:07:48 2012: DEBUG: Radius::AuthRADMIN REJECT: No such user: [] > Mon Aug 20 17:07:48 2012: DEBUG: AuthBy RADMIN result: REJECT, No such user > Mon Aug 20 17:07:48 2012: INFO: Access rejected for : No such user > Mon Aug 20 17:07:48 2012: ERR: Attribute number 2 is not defined in your > dictionary > Mon Aug 20 17:07:48 2012: DEBUG: do query is: 'insert into RADAUTHLOG > (TIME_STAMP, USERNAME, TYPE, REASON) values (1345464468, '', 0, 'No such > user')': > Mon Aug 20 17:07:48 2012: ERR: Attribute number 18 is not defined in > your dictionary > Mon Aug 20 17:07:48 2012: ERR: Attribute number 18 is not defined in > your dictionary > Mon Aug 20 17:07:48 2012: ERR: Attribute number 211 is not defined in > your dictionary > Mon Aug 20 17:07:48 2012: WARNING: No such attribute Unknown > Mon Aug 20 17:07:48 2012: DEBUG: Packet dump: > *** Sending to 10.17.3.254 port 63160 .... > > Packet length = 20 > 03 b9 00 14 18 88 f4 7d 1f 34 4b f5 d8 f9 ea 96 > 05 ea b3 ef > Code: Access-Reject > Identifier: 185 > Authentic: <24><136><244>}<31>4K<245><216><249><234><150><5><234><179><239> > Attributes: > Unknown = Request Denied > > <http://www.iddaa.com/> > > *Disclaimer:* > > ------------------------------------------------------------------------ > > Bu e-posta mesaji ve ekleri sadece gonderildigi kisi veya kuruma > ozeldir. Eger dogru kisiye ulasmadigini dusunuyorsaniz, bu mesajin > yonlendirilmesi, kopyalanmasi veya herhangi bir sekilde kullanilmasi > yasaktir.Mesaj iceriginde bulunan fikir ve yorumlar, INTELTEK'e degil > sadece gondericiye aittir. Bu mesaj bilinen tum viruslere karsi test > edilmistir. > <http://www.iddaa.com/> > This e-mail and any files transmitted with it are confidential and > intended solely for the use of the individual or entity to whom they are > addressed. If you are not the intended recipient you are hereby notified > that any dissemination, copying or use of the information is prohibited. > The opinions expressed in this message belong to sender alone. There is > no implied endorsement by INTELTEK.This e-mail has been scanned for all > known computer viruses. > > ------------------------------------------------------------------------ > > > _______________________________________________ > radiator mailing list > radiator@open.com.au > http://www.open.com.au/mailman/listinfo/radiator > -- Heikki Vatiainen <h...@open.com.au> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
