Re: (RADIATOR) NoReplyHook not working -- and AuthBy RADIUSignoring Retry parameter

[Hugh Irvine]

Hello Mark -

If you are using AuthBy DYNADDRESS and AddressAllocator SQL, together 
with AuthBy RADIUS, there is a bug that can cause this behaviour.

Download and install the following:

http://www.open.com.au/radiator/downloads/patches-2.16.1/Select.pm

hth

Hugh


At 3:47 PM +1200 15/8/00, Orcon Network Coordinator, Mark Mackay wrote:
>Hugh et al -
>
>Here's one particular segment of our Radius config:
>
>---
>
> 
> # Primary master-server
> Host
>  Secret
>  
> Retries 1
> RetryTimeout2
>
> #Retries3
> #RetryTimeout5
>
> AddToReply Service-Type="Framed-User", Framed-Protocol="PPP",
>Framed-Routing="None"
> StripFromReplyPoolHint, Framed-IP-Netmask
> 
> # Strip the ip addresses supplied by  radius servers (and add
>PoolHint)
> ReplyHook file:"%D/hook--reply.pl"
>
> # Accept regardless if we don't get a reply from  server
> NoReplyHook file:"%D/hook-xxx-noreply-ACCEPT.pl"
>
> 
>
>---
>
>- For some reason when I set Retries to 0,1,... it doesn't seem to work at
>the given setting.  Looking a at a trace with Retries 1 -- it seems to only
>do it once, and never retry (something I'd not noticed before).  I'm running
>Radiator 2.16.1.
>
>- Also -- NoReplyHook doesn't kick in when I unplug the proxy radius server.
>However, when I make NoReplyHook a ReplyHook temporarily (and tweak internal
>variables to match the new sub parameters), the hook works a treat.
>
>What's up? I can't think of anything I'm doing wrong at my end...
>
>Mark Mackay
>Orcon Internet.
>
>
>===
>Archive at http://www.starport.net/~radiator/
>Announcements on [EMAIL PROTECTED]
>To unsubscribe, email '[EMAIL PROTECTED]' with
>'unsubscribe radiator' in the body of the message.

-- 
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.

===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) Cisco NAS weirdity

[Hugh Irvine]

Hello Chris -

The first problem is due to your SNMP program - try running the query 
by hand to verify its operation and make sure you have set 
SnmpgetProg to the correct location.

The second problem is likely a Cisco configuration issue. Run 
Radiator with a trace 4 debug to see what attributes are actually 
present in the radius packets. You may need to add something to the 
Cisco configuration to get this additional information reported in 
the Radius accounting packets.

hth

Hugh


At 7:49 PM -0600 14/8/00, Chris M wrote:
>I'm having trouble with AS5248's that have the NasType set to Cisco.
>
>I get errors on the console, not in the log:
>
>Error in packet
>Reason: (noSuchName) There is no such variable name in this MIB.
>This name doesn't exist: enterprises.9.2.9.2.1.18.20019
>
>I also don't get a Framed-IP-Address and Connect-Info showing up in the
>SessionDatabase for the Cisco boxen, but PM3 boxen seem to work OK as viewed
>with Radwho.
>
>Any ideas where to start looking for these issues?
>
>Thanks,
>Chris
>
>
>===
>Archive at http://www.starport.net/~radiator/
>Announcements on [EMAIL PROTECTED]
>To unsubscribe, email '[EMAIL PROTECTED]' with
>'unsubscribe radiator' in the body of the message.

-- 
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.

===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) feature enhancement with Realms

[Hugh Irvine]

Hello Chris -

At 9:02 PM -0600 13/8/00, Chris M wrote:
>I had a problem where a user tried "[EMAIL PROTECTED] " instead of 
>"[EMAIL PROTECTED]" (a trailing space).  What happens in this case 
>is that Radiator looks for a "someplace.com " realm and in fact 
>won't even enter the default Realm clause because it wants to find 
>that realm with a trailing space on it. So they don't get in.
>
>What are other people doing to get around this problem? Is it 
>necessary to first intercept everything before the Realm processing 
>begins and trim spaces on the realm name?
>

You can either use a RewriteUsername, or you can trap any usernames 
that contain illegal characters and reject them.

hth

Hugh
-- 
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.

===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) Cisco NAS weirdity

[Chris M]

>Hello Chris -
>
>The first problem is due to your SNMP program - try running the 
>query by hand to verify its operation and make sure you have set 
>SnmpgetProg to the correct location.


It works fine for PM3's though, those errors appear to be coming from 
the Cisco boxen queries, and I think the source of trouble is that 
20019 which seems to be a Port number (at least that is what radwho 
thinks):

username   20019   0754Tue 
Aug 15 08:14:33 20000 00:04:30  ISDNFramed-User

5248's don't have 2 ports in them, just 48 :) So something weird is afoot.

I'll look at this second issue later today.

Chris

>
>The second problem is likely a Cisco configuration issue. Run 
>Radiator with a trace 4 debug to see what attributes are actually 
>present in the radius packets. You may need to add something to the 
>Cisco configuration to get this additional information reported in 
>the Radius accounting packets.
>
>hth
>
>Hugh
>
>
>At 7:49 PM -0600 14/8/00, Chris M wrote:
>>I'm having trouble with AS5248's that have the NasType set to Cisco.
>>
>>I get errors on the console, not in the log:
>>
>>Error in packet
>>Reason: (noSuchName) There is no such variable name in this MIB.
>>This name doesn't exist: enterprises.9.2.9.2.1.18.20019
>>
>>I also don't get a Framed-IP-Address and Connect-Info showing up in the
>>SessionDatabase for the Cisco boxen, but PM3 boxen seem to work OK as viewed
>>with Radwho.
>>
>>Any ideas where to start looking for these issues?
>>
>>Thanks,
Chris


===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

(RADIATOR) no reply problem!

[Felipe Salum]

Hi!

I'm having the follow problem. My radiator is running okay, with some
ports to authenticate and accounting. But sometimes one of theses ports
lock I dont know why and It doesnt say anything in the logs (trace 4).
When I test with radpwtst I just receive a No Reply in the Access
Request but I see the open port with netstat.

Why radiator dont authenticate now if it was authenticating without
problems before ???

ps: I need to edit the cfg file and change the ports to another, start
radiator and then change in my NAS to the new port to radiator start
authenticating again!!!

Please, If anyone can help me why this problem occurs sometime I will be
happy!


Thanks in advance.
Felipe Salum



===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

(RADIATOR) problems with proxy radius

[David Purnell]

Hi I'm having a problem authenticating back to a proxied cistron radius
server.

I'm dialing into a 3rd party's Livingston equipment which is authenticated
via a cistron radiusd.  The cistron radius then sends the authentication
request to my radiator (2.16.1) installation.

The cistron server forwards any access-requests to my radiator server that
have my dmv.com realm attached.  The cistron server strips the realm and
then sends the request to me.  

Radiator is crashing everytime I try to authenticate this way.  Is my
setup incorrect or is something going on with the cistron radius server?

Thanks in advance for any help you can give me on this.

Dave.




Level 4 trace:

Tue Aug 15 15:53:47 2000: DEBUG: Packet dump:
*** Received from 162.33.163.21 port 1645 
Code:   Access-Request
Identifier: 190
Authentic:  <160>{<189>&<144><206>:X<200>V$/9<134><181>k
Attributes:
User-Name = "coret"
User-Password =
"<235><207><0><164><132>t<169><232>J<29><240>,)<211><235>'"
NAS-IP-Address = 162.33.163.7
Service-Type = Framed-User
Framed-Protocol = PPP
Framed-Compression = None
NAS-Port-Type = Async
NAS-Port = 811011
Port-Limit = 0
Calling-Station-Id = "NONE"
Acct-Session-Id = "0112540733"
Proxy-State = 05be

Tue Aug 15 15:53:47 2000: ERR: Error while rewriting username coret:
syntax error at (eval 26) line 2, at EOF

Tue Aug 15 15:53:47 2000: DEBUG: Rewrote user name to coret
Tue Aug 15 15:53:59 2000: INFO: Server started: Radiator 2.16.1 on
authbar2.dmv.com
Tue Aug 15 15:54:00 2000: ERR: Error while rewriting username coret:
syntax error at (eval 22) line 2, at EOF

Tue Aug 15 15:54:11 2000: INFO: Server started: Radiator 2.16.1 on
authbar2.dmv.com





Cron output from radkeepalive:


   /usr/bin/radiusd -config_file /etc/raddb/radiusd.cfg

exited unexpectedly with exit status 0, 
signal number 0 and dump indication 0. 

The STDERR output was Issuing rollback() for database handle being
DESTROY'd
without explicit disconnect() at
/usr/local/lib/perl5/site_perl/5.005/Radius/Realm.pm line 41,  chunk
31.
Can't use string ("") as a HASH ref while "strict refs" in use at
/usr/local/lib/perl5/site_perl/5.005/Radius/Client.pm line 351.
.

The program will be restarted again by /usr/bin/radkeepalive in 10
seconds.




My radiator .cfg:


Foreground
LogDir  /var/log
LogFile /var/log/radiusd.log
DbDir   /etc/raddb
PidFile /etc/raddb/radiusd.pid
Trace   3


DBSourcedbi:mysql:radius:radbar.dmv.com
DBUsername  
DBAuth  




DBSourcedbi:mysql:cistron:acctbar.dmv.com
DBUsername  
DBAuth  
AuthSelect  SELECT passwd FROM iprs WHERE
username='%n'
AuthColumnDef   0, Encrypted-Password, check
AddToReply Service-Type=Framed-User,\
Framed-Protocol = PPP,\
Framed-Routing = None,\
Idle-Timeout = 1200,\
Session-Timeout = 28800,\
Framed-MTU = 1500,\
Port-Limit = 1

PasswordLogFileName /var/log/radius.log





===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) no reply problem!

[Sergio Gonzalez]

*This message was transferred with a trial version of CommuniGate(tm) Pro*
> Hi!
>
> I'm having the follow problem. My radiator is running okay, with some
> ports to authenticate and accounting. But sometimes one of theses ports
> lock I dont know why and It doesnt say anything in the logs (trace 4).
> When I test with radpwtst I just receive a No Reply in the Access
> Request but I see the open port with netstat.
>
> Why radiator dont authenticate now if it was authenticating without
> problems before ???
>
> ps: I need to edit the cfg file and change the ports to another, start
> radiator and then change in my NAS to the new port to radiator start
> authenticating again!!!
>
> Please, If anyone can help me why this problem occurs sometime I will be
> happy!
>
> Thanks in advance.
> Felipe Salum
>

Hi  Felipe.

Is your Radiator running on a Multi-homed system?. I had the same problem
before, but just setting the BindAddress to an specific IP address I just
fixed the prob.


/Sergio


===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

(RADIATOR) Blokking user information

[Mike McCauley]

--- Forwarded mail from [EMAIL PROTECTED]

Date: Wed, 16 Aug 2000 00:40:23 +1000 (EST)
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: BOUNCE [EMAIL PROTECTED]:Non-member submission from [Robin
Gruyters <[EMAIL PROTECTED]>]

>From mikem  Wed Aug 16 00:40:15 2000
Received: by oscar.open.com.au (8.9.0/8.9.0) id AAA06516
for [EMAIL PROTECTED]; Wed, 16 Aug 2000 00:40:14 +1000 (EST)
>Received: from bofh.wish.net (bofh.wish.net [212.123.130.10]) by
perki.connect.com.au with ESMTP id AAA07094
  (8.8.8/IDA-1.7 for <[EMAIL PROTECTED]>); Wed, 16 Aug 2000 00:12:47 +1000
(EST)
Received: from bofh.wish.net (bofh.wish.net [212.123.130.10]) by
perki.connect.com.au with ESMTP id AAA07094
  (8.8.8/IDA-1.7 for <[EMAIL PROTECTED]>); Wed, 16 Aug 2000 00:12:47 +1000
(EST)
Received: (from robin@localhost)
by bofh.wish.net (8.11.0/8.10.1) id e7FEFP666016
for [EMAIL PROTECTED]; Tue, 15 Aug 2000 16:15:25 +0200 (CEST)
Date: Tue, 15 Aug 2000 16:15:25 +0200
From: Robin Gruyters <[EMAIL PROTECTED]>
To: Radiator mailing <[EMAIL PROTECTED]>
Subject: Blokking user information
Message-ID: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
X-Operating-System: FreeBSD, i386
X-PGP-Fingerprint: FD 2B 93 E9 04 20 5D F7  85 C2 F8 9E 05 4E 51 DD
X-Url: http://www.phear.nl
X-NCC-RegID: nl.wish
X-BOFH-Excuse: telnet: Unable to connect to remote host: Connection refused
Content-Type: text/plain; charset=us-ascii

Hi,

Just wondering, isit possible to make a list of users that won't be listed in
de
Accounting?!?! (e.g. root, administrator)

Same thing when u use PasswordLogFileName with ExcludeFromPasswordLog.

--
Regards,

 Robin Gruyters - [EMAIL PROTECTED] - WISH BV - nic-hdl: RG3771-RIPE
 http://www.wish.nl - tel: +31(0)413242500 - fax. +31(0)208762628
 PGP key ID DEB8C991 - Head Engineering / Web Designer / B.O.F.H.
 BOFH excuse: kernel panic: write-only-memory (/dev/wom0) capacity exceeded.



---End of forwarded mail from [EMAIL PROTECTED]

-- 
Mike McCauley   [EMAIL PROTECTED]
Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985   Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc 
on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) no reply problem!

[Felipe Salum]

Hi Sergio,

Strange. It isn't a multi-homed system. Only one interface with one ip
address. And I do not use the option BindAddress in my cfg files. I'm going
to set it now in all configuration files.

Thanks!
Felipe Salum


Sergio Gonzalez wrote:

> *This message was transferred with a trial version of CommuniGate(tm) Pro*
> > Hi!
> >
> > I'm having the follow problem. My radiator is running okay, with some
> > ports to authenticate and accounting. But sometimes one of theses ports
> > lock I dont know why and It doesnt say anything in the logs (trace 4).
> > When I test with radpwtst I just receive a No Reply in the Access
> > Request but I see the open port with netstat.
> >
> > Why radiator dont authenticate now if it was authenticating without
> > problems before ???
> >
> > ps: I need to edit the cfg file and change the ports to another, start
> > radiator and then change in my NAS to the new port to radiator start
> > authenticating again!!!
> >
> > Please, If anyone can help me why this problem occurs sometime I will be
> > happy!
> >
> > Thanks in advance.
> > Felipe Salum
> >
>
> Hi  Felipe.
>
> Is your Radiator running on a Multi-homed system?. I had the same problem
> before, but just setting the BindAddress to an specific IP address I just
> fixed the prob.
>
> /Sergio
>
> ===
> Archive at http://www.starport.net/~radiator/
> Announcements on [EMAIL PROTECTED]
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.


===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

(RADIATOR) Re: no reply problem!

[Hugh Irvine]

This sounds like an operating system problem - what platform are you 
running on (hardware and software)? And what else is running on the 
box?

Also, what does the log show prior to Radiator stopping?

thanks

Hugh



At 5:00 PM -0300 15/8/00, Felipe Salum wrote:
>Hi!
>
>I'm having the follow problem. My radiator is running okay, with some
>ports to authenticate and accounting. But sometimes one of theses ports
>lock I dont know why and It doesnt say anything in the logs (trace 4).
>When I test with radpwtst I just receive a No Reply in the Access
>Request but I see the open port with netstat.
>
>Why radiator dont authenticate now if it was authenticating without
>problems before ???
>
>ps: I need to edit the cfg file and change the ports to another, start
>radiator and then change in my NAS to the new port to radiator start
>authenticating again!!!
>
>Please, If anyone can help me why this problem occurs sometime I will be
>happy!
>
>
>Thanks in advance.
>Felipe Salum

-- 
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.

===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) Cisco NAS weirdity

[Hugh Irvine]

Hello Chris -

This is a well-known problem with Cisco's - they use weird port 
numbers because they encode additional information in the field 
(specifically Async or ISDN).

hth

Hugh


At 8:23 AM -0600 15/8/00, Chris M wrote:
>>Hello Chris -
>>
>>The first problem is due to your SNMP program - try running the 
>>query by hand to verify its operation and make sure you have set 
>>SnmpgetProg to the correct location.
>
>
>It works fine for PM3's though, those errors appear to be coming 
>from the Cisco boxen queries, and I think the source of trouble is 
>that 20019 which seems to be a Port number (at least that is what 
>radwho thinks):
>
>username  20019   0754Tue 
>Aug 15 08:14:33 2000   0 00:04:30  ISDNFramed-User
>
>5248's don't have 2 ports in them, just 48 :) So something weird is afoot.
>
>I'll look at this second issue later today.
>
>Chris
>
>>
>>The second problem is likely a Cisco configuration issue. Run 
>>Radiator with a trace 4 debug to see what attributes are actually 
>>present in the radius packets. You may need to add something to the 
>>Cisco configuration to get this additional information reported in 
>>the Radius accounting packets.
>>
>>hth
>>
>>Hugh
>>
>>
>>At 7:49 PM -0600 14/8/00, Chris M wrote:
>>>I'm having trouble with AS5248's that have the NasType set to Cisco.
>>>
>>>I get errors on the console, not in the log:
>>>
>>>Error in packet
>>>Reason: (noSuchName) There is no such variable name in this MIB.
>>>This name doesn't exist: enterprises.9.2.9.2.1.18.20019
>>>
>>>I also don't get a Framed-IP-Address and Connect-Info showing up in the
>>>SessionDatabase for the Cisco boxen, but PM3 boxen seem to work OK as viewed
>>>with Radwho.
>>>
>>>Any ideas where to start looking for these issues?
>>>
>>>Thanks,
>Chris
>
>
>===
>Archive at http://www.starport.net/~radiator/
>Announcements on [EMAIL PROTECTED]
>To unsubscribe, email '[EMAIL PROTECTED]' with
>'unsubscribe radiator' in the body of the message.

-- 
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.

===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) problems with proxy radius

[Hugh Irvine]

Hello David -

I think this is a problem with your Client definitions in 
ClientListSQL. We have seen a similar problem recently with empty 
strings instead of NULL's in the definitions. Mike has fixed the 
problem and I have copied him on this mail to ask him to send you a 
copy of the patch.

regards

Hugh



At 4:21 PM -0400 15/8/00, David Purnell wrote:
>Hi I'm having a problem authenticating back to a proxied cistron radius
>server.
>
>I'm dialing into a 3rd party's Livingston equipment which is authenticated
>via a cistron radiusd.  The cistron radius then sends the authentication
>request to my radiator (2.16.1) installation.
>
>The cistron server forwards any access-requests to my radiator server that
>have my dmv.com realm attached.  The cistron server strips the realm and
>then sends the request to me. 
>
>Radiator is crashing everytime I try to authenticate this way.  Is my
>setup incorrect or is something going on with the cistron radius server?
>
>Thanks in advance for any help you can give me on this.
>
>Dave.
>
>
>
>
>Level 4 trace:
>
>Tue Aug 15 15:53:47 2000: DEBUG: Packet dump:
>*** Received from 162.33.163.21 port 1645 
>Code:   Access-Request
>Identifier: 190
>Authentic:  <160>{<189>&<144><206>:X<200>V$/9<134><181>k
>Attributes:
> User-Name = "coret"
> User-Password =
>"<235><207><0><164><132>t<169><232>J<29><240>,)<211><235>'"
> NAS-IP-Address = 162.33.163.7
> Service-Type = Framed-User
> Framed-Protocol = PPP
> Framed-Compression = None
> NAS-Port-Type = Async
> NAS-Port = 811011
> Port-Limit = 0
> Calling-Station-Id = "NONE"
> Acct-Session-Id = "0112540733"
> Proxy-State = 05be
>
>Tue Aug 15 15:53:47 2000: ERR: Error while rewriting username coret:
>syntax error at (eval 26) line 2, at EOF
>
>Tue Aug 15 15:53:47 2000: DEBUG: Rewrote user name to coret
>Tue Aug 15 15:53:59 2000: INFO: Server started: Radiator 2.16.1 on
>authbar2.dmv.com
>Tue Aug 15 15:54:00 2000: ERR: Error while rewriting username coret:
>syntax error at (eval 22) line 2, at EOF
>
>Tue Aug 15 15:54:11 2000: INFO: Server started: Radiator 2.16.1 on
>authbar2.dmv.com
>
>
>
>
>
>Cron output from radkeepalive:
>
>
>/usr/bin/radiusd -config_file /etc/raddb/radiusd.cfg
>
>exited unexpectedly with exit status 0,
>signal number 0 and dump indication 0.
>
>The STDERR output was Issuing rollback() for database handle being
>DESTROY'd
>without explicit disconnect() at
>/usr/local/lib/perl5/site_perl/5.005/Radius/Realm.pm line 41,  chunk
>31.
>Can't use string ("") as a HASH ref while "strict refs" in use at
>/usr/local/lib/perl5/site_perl/5.005/Radius/Client.pm line 351.
>.
>
>The program will be restarted again by /usr/bin/radkeepalive in 10
>seconds.
>
>
>
>
>My radiator .cfg:
>
>
>Foreground
>LogDir  /var/log
>LogFile /var/log/radiusd.log
>DbDir   /etc/raddb
>PidFile /etc/raddb/radiusd.pid
>Trace   3
>
>
> DBSourcedbi:mysql:radius:radbar.dmv.com
> DBUsername  
> DBAuth  
>
>
>
> 
> DBSourcedbi:mysql:cistron:acctbar.dmv.com
> DBUsername  
> DBAuth  
> AuthSelect  SELECT passwd FROM iprs WHERE
>username='%n'
> AuthColumnDef   0, Encrypted-Password, check
> AddToReply Service-Type=Framed-User,\
> Framed-Protocol = PPP,\
> Framed-Routing = None,\
> Idle-Timeout = 1200,\
> Session-Timeout = 28800,\
> Framed-MTU = 1500,\
> Port-Limit = 1
> 
> PasswordLogFileName /var/log/radius.log
>
>
>
>
>
>===
>Archive at http://www.starport.net/~radiator/
>Announcements on [EMAIL PROTECTED]
>To unsubscribe, email '[EMAIL PROTECTED]' with
>'unsubscribe radiator' in the body of the message.

-- 
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.

===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) Blokking user information

[Hugh Irvine]

Hello Robin -

This is usually dealt with by a special Handler that is only used by 
those administrative users

hth

Hugh


>
>
>Hi,
>
>Just wondering, isit possible to make a list of users that won't be listed in
>de
>Accounting?!?! (e.g. root, administrator)
>
>Same thing when u use PasswordLogFileName with ExcludeFromPasswordLog.
>
>--
>Regards,
>
>  Robin Gruyters - [EMAIL PROTECTED] - WISH BV - nic-hdl: RG3771-RIPE
>  http://www.wish.nl - tel: +31(0)413242500 - fax. +31(0)208762628
>  PGP key ID DEB8C991 - Head Engineering / Web Designer / B.O.F.H.
>  BOFH excuse: kernel panic: write-only-memory (/dev/wom0) capacity exceeded.
>
>
>
>---End of forwarded mail from [EMAIL PROTECTED]
>
>--
>Mike McCauley   [EMAIL PROTECTED]
>Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW
>24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
>Phone +61 3 9598-0985   Fax   +61 3 9598-0955
>
>Radiator: the most portable, flexible and configurable RADIUS server
>anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc
>on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X
>===
>Archive at http://www.starport.net/~radiator/
>Announcements on [EMAIL PROTECTED]
>To unsubscribe, email '[EMAIL PROTECTED]' with
>'unsubscribe radiator' in the body of the message.

-- 
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.

===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) Cisco NAS weirdity

[rob]

>It works fine for PM3's though, those errors appear to be coming from the 
>Cisco boxen queries, and I think the source of trouble is that 20019 which 
>seems to be a Port number (at least that is what radwho thinks):
>
>username   20019   0754Tue Aug 15 
>08:14:33 20000 00:04:30  ISDNFramed-User
>
>5248's don't have 2 ports in them, just 48 :) So something weird is afoot.
>
>I'll look at this second issue later today.

Chris,
 The 20019 value is the numerical port.  You can change this behaviour 
in your config (on 11.3 and greater IOS). You're probably expecting the 
Textual one similar to 'Async24' or 'vty24' etc.

Im not sure what the above numerical line number translates to, ill ask 
around here (one of the CCIE's should know) and reply back later with that.

try the following config statement:

aaa nas port extended

Regards,
Robert Moss.



===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

(RADIATOR) Handlers and reply packets

[Andrew Pollock]

Hi guys,

Can Radiator handlers fire on reply packets received from another RADIUS
server that it's proxied to? I have a requirement where I need to strip out
an attribute from a reply packet, but only when it's for an ISDN call (for
example).

i.e. NAS -- Radiator  Another RADIUS server

The second RADIUS server replies with a Session-Timeout in the Access-Accept
packet (and this can't be readily changed), which I'd like to strip out for
ISDN calls, so I basically want a handler that will only match Access-Accept
packets with an attribute of Port-Type = ISDN, and then use a
StripFromReply.

Andrew


===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

(RADIATOR) ansiCreate.sql

[KUBOTA,Takaya]

Hello,

I begun to use Radiator 2.16.1 recenty.
At once, I have trouble exceuting goodies/ansCreate.sql on Oracle 8.1.6.

I cant create table RADPOOL by UNIQUE construction. 
It seems that create table RADPOOL SQL syntax is wrong.

I deleted 'UNIQUE RADPOOL_I (YIADDR)' line and previous empty line.
It run well.

Is that way right?

Regards
--
KUBOTA,Takaya @ NTT Software Corporation.
<[EMAIL PROTECTED]>  voice/facsimile: +81-45-212-7369/9800

===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Re: (RADIATOR) Cisco NAS weirdity

[Chris M]

>>It works fine for PM3's though, those errors appear to be coming 
>>from the Cisco boxen queries, and I think the source of trouble is 
>>that 20019 which seems to be a Port number (at least that is what 
>>radwho thinks):
>>
>>username   20019   0754Tue 
>>Aug 15 08:14:33 20000 00:04:30  ISDNFramed-User
>>
>>5248's don't have 2 ports in them, just 48 :) So something 
>>weird is afoot.
>>
>>I'll look at this second issue later today.
>
>Chris,
>The 20019 value is the numerical port.  You can change this 
>behaviour in your config (on 11.3 and greater IOS). You're probably 
>expecting the Textual one similar to 'Async24' or 'vty24' etc.
>
>Im not sure what the above numerical line number translates to, ill 
>ask around here (one of the CCIE's should know) and reply back later 
>with that.
>
>try the following config statement:
>
>aaa nas port extended
>
>Regards,
>Robert Moss.

Hi Robert,

Oh cool, with your help I found this page, looks like I can get lost 
in here for awhile and emerge with the answer.

Thanks!



Chris


===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.