Hello again Vangelis -
BTW - here is an excellent overview of the Session MIB:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/
121newft/121t/121t3/dt_asmib.htm
Note that the "aaa session-mib disconnect" is only needed if you are
going to enable disconnection of sessions via S
Hello Claudio -
This is really an operating system issue, as the UDP buffer space is
managed by the OS.
You should have a look at "netstat" and friends.
Solaris may also have addtional tools that allow you to look at what
the system is doing.
regards
Hugh
On 12/11/2003, at 1:28 PM, Claudio
Hello Brandon -
Could you please send me a trace 4 debug showing what is happening, and
a bit more detail on what exactly you are wanting to have happen? I am
not clear on what the TimeOfDay reply item is meant to do.
regards
Hugh
On 13/11/2003, at 7:10 AM, Brandon Lehmann wrote:
Hi List,
I
Hello Claudio, Hello Guðbjörn -
Comments below.
On 13/11/2003, at 1:18 PM, Claudio Lapidus wrote:
Hello Guðbjörn
this may be unrelated, but I am interested to any and all tuning
listmembers have done in the OS for Radiator performance. We
are running two radiator servers with one proxy radiator
13/11/2003, at 9:45 AM, Brandon Lehmann wrote:
Hugh,
Note: I don't care that I left my ip address in there or the
"encrypted"
password. This is a test server with test data.
Brandon
- Original Message -
From: "Brandon Lehmann" <[EMAIL PROTECTED]>
Hello Jaskaran -
Can you please send me a trace 4 debug showing what is happening?
thanks
Hugh
On 13/11/2003, at 3:04 AM, jsingh wrote:
Hello Hugh
I understand that Radiator is supposed to drop the connection after
it connects and talks to the LDAP Server. But I can see a connection
for
Hello Sergei -
See my other mail, but what is shown below is a NAS configured for
CHAP, hence the "CHAP-Password" in the request.
You should use something like this:
qqq Password = kkk
or
qqq User-Password = kkk
which will work for both forms (note that the spelling is important).
See sec
hileAccept. Trace
-4
reveals that "Authentication is Disabled"
I'm confused...
Brandon
- Original Message -
From: "Hugh Irvine" <[EMAIL PROTECTED]>
To: "Brandon Lehmann" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]&g
Hello Jaskaran -
There are several example configuration files in the "goodies"
directory ("eap_*.cfg").
There has also been some discussion on the mailing list, so check the
archive:
www.open.com.au/archives/radiator
regards
Hugh
On 14/11/2003, at 6:12 AM, jsingh wrote:
Hi
We want to s
Hello Matthew -
You are quite correct. Radiator does an "open-write-close" for every
log event.
In spite of this however I would not recommend having more than one
Radiator instance writing to a log file as it becomes almost impossible
to then understand what is going on. It is _much_ better t
Hello Bogdan -
This should be fixed in the latest version Radiator 3.7.1.
From the history file:
â Improvements to storage of VALUE in dictionary allows decoding
based on the attribute name rather than the number, which allows
correct unpacking of attributes with synonyms, such as
Ascend-Di
Hello Vangelis -
See my other mail on this topic, but I suggest you use different log
files for different Radiator instances.
regards
Hugh
On 13/11/2003, at 7:59 PM, Vangelis Kyriakakis wrote:
Can all these Radiator instances use the same logfiles? Or they'll
have problems racing for file lo
Hello Deden -
You should do simultaneous use checking on requests from your NAS
equipment, but not from the mail server.
This topic has been discussed on the mailing list:
www.open.com.au/archives/radiator
regards
Hugh
On 14/11/2003, at 3:22 PM, deden purnamahadi wrote:
Dear all,
We have
Hello John -
From the error message it looks like there is a typo in your
configuration file.
The correct keyword is "EAPType", not "eapType" (note the upper case
letters).
See section 6.17.22 in the Radiator 3.7.1 reference manual
("doc/ref.html").
regards
Hugh
On 15/11/2003, at 7:54 AM,
Hello Eric -
Very easy:
AcctColumnDef REALM, %W, formatted
see section 6.28.14 in the Radiator 3.7.1 reference manual
("doc/ref.html").
regards
Hugh
On 15/11/2003, at 5:41 AM, Eric Lackey wrote:
Hello,
This might be easy, but I haven’t been able to find how to do it. I
want to includ
us/etc/dictionary -daemon -pid_file
/usr/local/radius/var/radiusd.pid
Of course, the dictionary file is the one shipped with
Radiator-3.7.1.
Anyone knows what the problem might be?
bogdan
PS. One other question, when I start Radiator (2.9 or 3.7.1), I get
"Radiator version 3.6" in t
Hello David -
I am not familiar with the "LE-Advice-of-Charge" attribute - can you
explain it to me?
The general mechanism for including additional information in radius
accounting requests is to use the Class attribute.
regards
Hugh
On 17/11/2003, at 8:59 PM, David Rhodes wrote:
Hi,
Can a
Hello Jan -
Many thanks - I will fix this for the next release.
regards
Hugh
On 17/11/2003, at 10:40 PM, Munkhammar Jan wrote:
Hi,
FYI
The dictionary in Radiator 3.7.1 contains an error regarding a
Unisphere
(Juniper) ERX attribute.
This VSA is a string, not an integer.
VENDORATTR 4874 Uni
Hello Derek -
Whatever attributes you send in the access accept must be defined in
the Radiator dictionary.
The standard Radiator dictionary defines this:
VENDORATTR 9 cisco-avpair1 string
Note the spelling in all lower case.
It is used like this:
cisco-
Hello Bogdan -
It looks to me like the Max has timed out and is retrying the request
10 seconds later.
I would suspect that there are filters or access lists blocking the
return path so the access accept that is sent from Radiator never gets
back to the Max.
regards
Hugh
On 20/11/2003, a
Hello Bill -
Yes you can assign static IP addresses by including them as reply itmes.
In a users file it would look something like this:
# user definition in users file
bill Password = xxx
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 1.2.3.
Hello Daniel -
I will need to see a copy of your configuration file (no secrets)
together with a trace 4 debug showing what is happening.
A process listing showing the defunct processes would also help.
regards
Hugh
On 21/11/2003, at 10:15 AM, Daniel Bendersky wrote:
Hi, I had some defunct p
Hello William -
Here is the MySQL table creation script from the Radiator 3.7.1
distribution.
This schema is what is used by all of the examples and sample
configuration files.
Feel free to modify this in whatever way suits.
regards
Hugh
mysqlCreate.sql
Description: Binary data
On 25/1
CCEPT:
Mon Nov 24 11:43:05 2003: DEBUG: Handling with PAM service radiusd
Mon Nov 24 11:43:05 2003: DEBUG: PAM is asking for 1: 'Password'
Mon Nov 24 11:43:05 2003: DEBUG: Access accepted for username
On Sat, 13 Sep 2003, Hugh Irvine wrote:
Hello Mike -
Yes this is quite si
Hello Bill -
Yes you should be able to do what you show below.
How have you generated the password string in the database, and how is
the password column defined?
Please send me the plaintext password, the command you used to rcrypt
it, the encrypted string and the SQL table definition.
I hav
'Password'
Tue Nov 25 11:36:11 2003: DEBUG: Access accepted for username
Tue Nov 25 11:36:11 2003: DEBUG: Packet dump:
Code: Access-Accept
On Tue, 25 Nov 2003, Hugh Irvine wrote:
Hello Mike -
Thanks for your mail - how curious!
I wonder if you could try to change the configura
Hello Vangelis -
Radiator no longer supports "%{Eval:...} due to security concerns.
See the comments in the history file ("doc/history.html").
Revision 3.3 (27/8/02 Important Security Update and some minor new
features)
â Important Security Update: Removed support for the %Eval special
chara
Hello -
Yes this is a known problem due to limitations in the Cisco with the
value of the Session-Timeout attribute.
You will need to make sure you return a smaller value for the
Session-Timeout attribute even if the time remaining is greater.
This topic has been discussed previously on the ma
h with
username
Wed Nov 26 10:05:57 2003: DEBUG: Radius::AuthFILE REJECT_IMMEDIATE:
Rejected explicitly by Auth-Type=Reject
Wed Nov 26 10:05:57 2003: DEBUG: Access accepted for username
On Wed, 26 Nov 2003, Hugh Irvine wrote:
Hello Mike -
I have done some testing here (as has Mike) and neither
Hello Rabbie -
What version of Radiator are you using? There was a recent patch for
this.
Current version is Radiator 3.7.1 (plus patches).
This has also been discussed on the mailing list.
www.open.com.au/archives/radiator
regards
Hugh
On 27/11/2003, at 3:14 PM, Rabbie Zalaf wrote:
Hi Al
Hello Craig -
What operating system and SQL database are you using?
If your database supports stored procedures it would probably be
simplest to do it that way. Otherwise you could write a hook to
implement the same processing inside Radiator. It may also be possible
to use a clever SQL statem
Hello Craig -
You should reverse the order of your AuthBy clauses and use an
AuthByPolicy ContinueAlways.
# define Realm
# result of second AuthBy will be the overall result
#Will log Authentication failures to SQL table.
AuthLog AuthSQLLogger
RewriteUsername s/^(.*)\\(
Hello Toomas -
As usual, a copy of your configuration file (no secrets) and in this
case a trace 5 debug showing what is happening are needed to be able to
see what the problem might be. You can also try debugging on the Cisco
ACS to see what is happening on that side. We will also need to see
Hello Richard -
You will need to write a hook to parse the attributes.
This has been discussed previously on the mailing list.
www.open.com.au/archives/radiator
regards
Hugh
On 28/11/2003, at 9:03 PM, Rickard Ekeroth wrote:
Hello!
Does anybody know how to retrieve the values for an attribu
sword was wrong? I don't understand why even
though the
first AuthBy issued an Accept that the second prevents it from being
logged
on correctly. Is this the designed behaviour?
Craig.
-Original Message-
From: Hugh Irvine [mailto:[EMAIL PROTECTED]
Sent: Thursday, November 27, 2003 6:5
Hello Craig -
On 29/11/2003, at 11:50 AM, Craig Gittens wrote:
Ok I understand how AuthBy works now.
So am I correct in my understanding that if AcctColumnDef and
AcctSQLStatement are used in the same AuthBY that the default
AcctInsertQuery is also run?
Any AcctSQLQuery's are run in addition to
Hello Chris -
I think you will find some examples in the mailing list archive.
www.open.com.au/archives/radiator
regards
Hugh
On 30/11/2003, at 2:58 PM, Chris Garzon wrote:
Hello,
does anyone have a working config with MAX TNT-2DC and radiator?
this is what I have in my config
De
Hello Maciej -
The simplest way to do this is with two AuthBy clauses.
AuthByPolicy ContinueAlways
.
DefaultResult ACCEPT
AcctResult ACCEPT
regards
Hugh
On 03/12/2003, at 3:46 AM, Maciej Miechowicz wrote:
Hello Craig -
I have added these attributes to the dictionary and I will send you the
modified version in a seperate mail.
It will also be available in the patches area later today.
regards
Hugh
On 04/12/2003, at 7:06 AM, Craig Gittens wrote:
Hey guys,
I want to add some attributes to the d
Hello Daniel -
I can't tell from your configuration file what might be happening.
The only thing I can guess is perhpas your startup script is starting
more than one instance.
What hardware/software platform are you running on and what processes
are you seeing?
Also, what versions of Radiator
Hello Rodolfo -
If you specify "Simultaneous-Use" as a check item that Radiator is
configured to use, it will give the sort of error you see if the number
of sessions is exceeded according to the Radiator session database.
You haven't included your configuration file so I can't say for sure,
b
Hello Fred -
I'm afraid I don't quite understand what you mean by this:
I wanted to have the AuthBy SQLAccounting within this AuthBy group
since that would disable the LDAP file logging.
Can you explain what you mean?
The usual way to do what you describe is something like this:
AuthBy
Hello John -
In the Radiator configuration file you should add something like this
to the AuthBy clause that is doing the authentication:
.
AddToReply Session-Timeout = 36000
You will need to restart Radiator so that the configuration file is
Hello Ganbold -
You should check with Quintum technical support and report this as a
bug.
I don't know what radius attributes are supported by Quintum equipment.
regards
Hugh
On 05/12/2003, at 5:49 PM, Ganbold wrote:
Hi,
I tried to use Class attribute in Quintum D3000 but it seems Quintum
Hello Rosario -
I will need to see a copy of your complete configuration file (no
secrets), together with a trace 4 debug from Radiator showing what is
happening. I suspect you are not referencing the AuthLog clause in your
Realm(s) or Handler(s).
# define Realm or Handler with AuthLog
Hello Rodrigo -
You can use the UsernameCharset parameter to restrict the characters in
the username.
See section 6.4.30 in the Radiator 3.7.1 reference manual.
As far as the password is concerned, this field is only read from the
database and the comparison is done inside Radiator.
regards
Hello Chuck -
According to the debug trace, the initial connection attempt to the
LDAP server (AD) is failing.
Fri Dec 5 14:14:55 2003: INFO: Connecting to
myad.myrealm.somewhere.com, port
636
Fri Dec 5 14:14:55 2003: ERR: Could not open LDAP connection to
myad.myrealm.somewhere.com, port 63
Hello Lars -
You should check the startup messages from Radiator when you run
"radiusd", as I suspect there are some prerequisites missing. Also
check the example configuration files in "goodies/eap_*.cfg" - you will
find the lists of prerequisites in the comment blocks at the beginning
of eac
Hello José -
Have you tried using "Fork" in the AuthBy clause? Why do you say it
doesn't work?
I myself am not sure whether "Fork" will work or not, but you can do
some testing to find out.
Alternatively you can use multiple instances of Radiator (possibly on
multiple hosts) with a load balan
Hello Everyone -
The topic of controlling the number of radius requests directed to
Radiator has been discussed several times on the list. It now appears
that Cisco at least has been listening, and they have released this new
throttling feature to control the rate of transmission of radius
Hello MunFai -
If you want to do this on a per-user basis, you will need to add a
check item like this:
someuser Password = xxx, Nas-Port = nnn
The details depend on how your configuration is set up and the AuthBy
clause you are using.
regards
Hugh
On 10/12/2003, at 2:57 PM, MunFai wro
solution than this?
Regards,
Mun Fai
Hugh Irvine wrote:
Hello MunFai -
If you want to do this on a per-user basis, you will need to add a
check item like this:
someuserPassword = xxx, Nas-Port = nnn
The details depend on how your configuration is set up and the AuthBy
clause you
Hello Daniel -
The only other thing I can think of is that you are using "Fork"
somewhere in your configuration.
BTW - the latest version is Radiator 3.7.1 (plus patches).
regards
Hugh
On 10/12/2003, at 11:59 PM, Danny Bendersky wrote:
Hi,
On Dec 4, 2003, at 3:44 AM, Hugh Ir
t the password?... since in order to support various valid
sessions for the same username the password must be part of the search
query, right? Without the password the query might return multiple
lines, and Radiator will only look in the first, or is there something
I'm not seeing here?
Hugh Ir
Hello Vangelis -
These attributes are included in the latest Radiator 3.7.1 (plus
patches):
VENDORATTR 9 cisco-Policy-Up 37 string
VENDORATTR 9 cisco-Policy-Down 38 string
Note the spelling, which is different to what you show below.
Ciao Rosario -
Come va?
The answer to your question depends on what else you are doing in your
configuration file.
Yes you will need to use an AuthBy RADIUS clause, but it will need to
be in a Realm or Handler clause.
Something like this:
.
Hello Maciej -
You can already specify the CountQuery in the configuration file with
the standard code - there is no need to make the changes you show
below. See section 6.41.1 in the Radiator 3.7.1 reference manual
("doc/ref.html").
regards
Hugh
On 13/12/2003, at 8:35 AM, Maciej Miechowicz
Hello Matt -
We will need to see a copy of your configuration file (no secrets),
together with a trace 4 debug from Radiator showing the packet dumps
and what is happening.
regards
Hugh
On 13/12/2003, at 6:36 AM, Matt Simmons wrote:
Hello all,
I'm having what may be a quite easily fixed prob
Hello Brad -
Yes you can do this with no problems. And you can still seperate the
authentication and accounting as well.
regards
Hugh
On 15/12/2003, at 2:31 PM, Brad Lilly wrote:
Hello All,
I have looked through the archives and noticed that some people have
separated
accounting and auth ra
Hello Tom -
You can use the "PacketTrace" parameter to change the log level in
different places in the configuration file.
Using Radar (or your own connection to a Monitor clause) you can do
this dynamically.
See section 6.5.17 in the Radiator 3.7.1 reference manual
("doc/ref.html").
For det
Hello Rabbie -
I suspect the shared secrets are not correct between "radpwtst" and the
corresponding Client clause in the Radiator configuration.
There was also a recent fix for this in Radiator 3.7.1 (from the
history file):
â AuthBy RADIUS now correctly handles replies of type
Disconnect-
Hello Angel -
You will need to install the prerequisites as listed in the file
"goodies/eap_peap.cfg".
The debug shown below shows that you have not installed one or more of
the following:
# Requires Net_SSLeay.pm-1.21 or later from CPAN.
# Requires openssl 0.9.7beta3 or later from www.opens
Hello Wesley -
The simplest way to make use of dual processors is to run two instances
of "radiusd", one for authentication and the other for accounting.
You can use different databases for sessionDB and accounting by setting
the DBSource lines in each clause appropriately.
regards
Hugh
On 1
Hello Vangelis -
This is from the Radiator 3.7.1 reference manual ("doc/ref.html"):
6.56.5 FindQuery
This optional parameter allows you to define a custom SQL query to find
an available address. Defaults to
select TIME_STAMP, YIADDR, SUBNETMASK, DNSSERVER from RADPOOL
where POOL='%0' and STATE
Hello Alex -
There are a number of example configuration files for EAP in the
"goodies" directory ("eap_*.cfg").
I suspect you will need to set up a test bed and try things out to see
what happens.
regards
Hugh
On 18/12/2003, at 12:07 AM, Lopez, A. wrote:
Hello all,
I am now about to test M
Hello Craig -
I see that we discussed this attribute a couple of months ago and I
asked you to check with the vendor for the correct definition of this
attribute. It seems to me unlikey that there would be two different
attributes with the same definition.
Please let me know what you find out.
should I always
limit the reply of the query to only one row?
I thought that the allocator gets a number of rows from the FindQuery
and uses the first available address it can find.
Regards
Vangelis
Hugh Irvine wrote:
Hello Vangelis -
This is from the Radiator 3.7.1
Hello Deden -
I am not familiar with PostgreSQL, but it looks like the "to_date"
fuction is not correctly interpreting the parameters that are being
passed to it.
You should check the "to_date" documentation.
My guess is that you should remove the colons ":" from between %H:%M:%S
as shown
Hello Herman -
What you show below looks fine.
BTW - in all of the Radiator code, $p refers to the incoming request
packet and $rp refers to the reply packet.
Just to avoid confusion I would probably change $p to $rp.
See the example hooks in "goodies/hooks.txt".
There are also lots of utilit
s servers using version 3.6, and 4 different NAS servers.
Accounting records from users dialing into any of the equipment have
this problem. I think this would indicate something configured wrong
in my radius config.
Thanks,
Eric
-Original Message-----
From: Hugh Irvine [mailto:[EMAIL
Hello Berndt -
You cannot put a Realm clause inside a Handler.
It should look like this:
RewriteUsername s/^(.*)\\(.*)/$2/
server
Host10.2.4.21
AuthDN cn=admin, dc=tgm, dc=ac, dc=at
AuthPasswordpassword
Hello Mario -
Could you please send us a copy of your configuration file (no secrets)
together with a trace 4 debug from Radiator showing what is happening.
And what hardware/software platform and what versions of Radiator and
Perl are you running?
regards
Hugh
On 21/12/2003, at 12:27 AM, Ma
Hello Mario -
The usual way to do this is with cascaded AuthBy clauses and DEFAULT's.
Something like this:
# define AuthBy clauses
Identifier CheckADSI
.
Identifier CheckUsers
Filename %D/users
# AddToReply for common reply attributes
AddTo
Hello Mario -
The control of simultaneous sessions depends on having accurate
information in the radius requests to uniquely identify each session.
Radiator's session database uses the NAS-IP-Address and NAS-Port
attributes to uniquely identifiy sessions, therefore it follows that if
these att
Hello Berndt -
You can use the supplied "rcrypt" command (in the "goodies" directory)
together with the RcryptKey parameter in your AuthBy clause.
See section 6.17.21 in the Radiator 3.7.1 reference manual
("doc/ref.html").
regards
Hugh
On 22/12/2003, at 10:50 PM, Sevcik Berndt wrote:
MS-Ch
Hello Berndt -
What version of Radiator are you running?
There was a fix for RewriteUsername in the latest patches.
And could you please send me a more complete trace 4 debug showing the
whole packet sequence?
regards
Hugh
On 22/12/2003, at 6:59 PM, Sevcik Berndt wrote:
My Problem is the fo
Hello Berndt -
A quick google search turns up this:
http://www.enterasys.com/fw-images/RoamAbout/RoamAbout-AP-10-01-00-
rel.pdf.
which seems to mention additional manuals that are available.
Otherwise I think you will need to do some experiments to see what
works.
regards
Hugh
On 24/12/20
Hello Mario -
My apologies - I did not realise that my suggestion would not work.
You might also be able to use the AuthBy LDAP2 clause instead of AuthBy
ADSI, and define a SearchFilter that will also check the group.
You will need to define a different AuthBy LDAP2 clause for each case
and us
Hello Everyone -
Once again it is time to thank all of our loyal Radiator users for your
support during the year.
Mike will be travelling over the next week or so, but Joanne and I will
be here as always.
Best wishes from Open System Consultants for 2004.
regards
Hugh
--
Radiator: the most
Hello Erich -
You could use an SQL session database in conjunction with an AuthBy
PORTLIMITCHECK clause to implement this.
See sections 6.7 and 6.41 in the Radiator 3.8 reference manual
("doc/ref.html").
regards
Hugh
On 03/01/2004, at 9:49 AM, Erich Zigler wrote:
I'd like to restrict users
Salut Jerome -
Bonne Annee!
The "main::shutdown" routine does not itself stop the server.
Have a look at the code in "radiusd" in the Radiator 3.8 top level
distribution directory.
regards
Hugh
On 06/01/2004, at 4:16 AM, Jerome Fleury wrote:
Hello there,
under certain conditions, I would l
Hello Berndt -
Thanks for sending the configuration and debug.
As far as I can see Radiator is operating correctly, with as you say an
Access-Accept being sent back to the Client. It even seems that the
session starts as there is an Accounting-Start received immediately
following.
It may b
Hello Joe -
Pretty much your only choice with encrypted passwords in your database
is TTLS-PAP.
I believe the clients that support this include the MDC Aegis, Odyssey
and Alfa+Ariss.
See the links at:
http://www.open.com.au/radiator/technical.html#wireless
You will find an example configura
Hello Nathan -
I will need to see a copy of the configuration file (no secrets)
together with a trace 4 debug showing what is happening.
I suspect the configuration is not set up to check the time properly.
regards
Hugh
On 07/01/2004, at 8:45 AM, Nathan 'Franko' Franklin wrote:
Hello List,
Hello Erich -
My usual suggestion is to keep the source distributions in seperate
directories and run "radiusd" from there.
Something like this:
mkdir /usr/local/src/Radiator
cd /usr/local/src/Radiator
mv /tmp/Radiator-3.8.tgz .
gzip -c -d Radiator-3.8.tgz | tar
Hello Berndt -
There are a couple of ways of doing this, with the simplest being not
changing anything. If you don't change anything, things will still work
correctly - there will just be an additional SQL database lookup.
Alternatively you can add a line to the hook so that it only changes
th
Hello Chris -
I believe the problem is to do with MS-CHAP V2 which uses the full
username to check the password.
Have a look at the comment header and the code in "Radius/MSCHAP.pm" in
the Radiator 3.8 distribution.
regards
Hugh
On 08/01/2004, at 5:18 AM, Chris Simmons wrote:
Dear all,
Fi
Hello Lee -
You should test this with Radiator 3.8, which should work correctly.
Please let me know if it doesn't.
regards
Hugh
On 08/01/2004, at 4:56 PM, Lee Webb wrote:
Hi,
I have noticed that the Proxy-State attribute is not being preserved in
the Access-Reject after a Max Sessions Exceed
Hello -
The only way we have of helping you is to look at your configuration
file (no secrets) together with a trace 4 debug from Radiator showing
what is happening. From what you are describing it sounds like the NAS
is not configured correctly.
regards
Hugh
On 09/01/2004, at 6:40 PM, unixw
Hello Craig -
Yes you can define your own SuccessQuery and/or FailureQuery using
special characters.
See section 6.54 in the Radiator 3.8 reference manual.
regards
Hugh
On 10/01/2004, at 8:09 AM, Craig Gittens wrote:
Hey guys,
Can we user Radiator variables for table names in the Authlog
Hello Jerome -
I will forward your mail to Mike for further analysis.
regards
Hugh
On 10/01/2004, at 2:42 AM, Jerome Fleury wrote:
Hi there,
it seems like Radiator handles really badly the Ascend event
'Coldstart'.
let me explain this:
The Ascend NAS is supposed to send this Event-Request
ing the
Session-Timeout attribute, so if the NAS is not dealing with it
properly it is a NAS configuration issue (assuming that the NAS knows
what to do with it). You will need to check with your NAS vendor to
find out how to correctly configure it.
regards
Hugh
On 09/01/2004, at 9:33 PM, Muha
Hello Jerome -
It would be simplest if you could send us a copy of your patch and we
will roll it into the base code.
thanks and regards
Hugh
On 10/01/2004, at 2:42 AM, Jerome Fleury wrote:
Hi there,
it seems like Radiator handles really badly the Ascend event
'Coldstart'.
let me explain t
Hello Russell -
Thanks for sending the configuration file and debug.
Part of the problem is due to your configuration file containing two
Realm DEFAULT clauses. In this case, the second Realm DEFAULT will
overwrite the first one, so that is why your AuthBy FILE does not work
correctly (the
Hello Todd -
This is probably due to Radiator trying to look for DEFAULT, DEFAULT1,
DEFAULT2, etc. (this is normal behaviour).
If you want to change this you should add the NoDefault parameter to
the AuthBy clause.
regards
Hugh
On 12 Jan 2004, at 20:58, Your Own ISP .com wrote:
Actually I j
Hello Steve -
You can use the Class attribute for this purpose.
If you return a Class attribute in an access accept, it will be included in the
subsequent accounting requests for that session.
You will of course need to test this thoroughly to verify correct operation in
your environment.
Se
Hello Greg -
As it happens I am doing exactly this at the moment.
The Cisco phones I have been working with do indeed use MD5 authentication.
The debug below shows Radiator sending an EAP-MD5 challenge, but then getting
nothing further.
I think you will need to check the debug on the Cisco sw
Hello Adrian -
You will find the Radiator reference manual in "doc/ref.pdf" in the Radiator
distribution.
The manual is also available on our website:
http://www.open.com.au/radiator/documentation.html
See sections 5.13 and 5.80.
regards
Hugh
On 18 Jun 2010, at 12:53, Adrian Muste
Hello Everyone -
I have recently completed an interesting project for an international bank that
may be of interest to some of you.
The bank has a requirement to provide increased internal network security
across its entire wired network.
This involves replacing all LAN port switches with EAP
Hello Adam -
I always suggest using the fully qualified pathnames so you know what is going
on.
Ie:
/usr/bin/perl -I ….. …../radiusd -config_file /etc/radiator/radius.cfg
where "….." is the path to your Radiator source directory.
On my machine here I would do something like this:
401 - 500 of 5222 matches
Mail list logo
