still having trouble with merit radius...

Mark Frost (mfrost@horizsys.com)
Fri, 17 Nov 1995 09:52:54 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jeremiah Johnson: "Re: Windows-NT and Portmaster2e30?"
Previous message: Frank Heinzius: "Re: changing the /etc/syslog.conf"

I'm quite stuck with the merit radius stuff and I'm hoping that someone
could show me the errors in my ways...

I don't get it. I've modified the login on one of my portmaster ports to
prompt for "host:" first. I've pared my users file down to (after trying this
with a more complex users file):

DEFAULT Authentication-Type = Unix-PW

# Filter-Id = "unlim"

dumbuser Authentication-Type = None
Service-Type = Login,
Login-IP-Host = 255.255.255.255,
Login-Service = Portmaster

I received the following in my logfile after sending a hangup to radiusd:

Fri Nov 17 09:38:06 1995: reconfig: HUP signal received
Fri Nov 17 09:38:06 1995: config_files: /server3/appl/etc/raddb/clients (5 entries) read to memory
Fri Nov 17 09:38:06 1995: read_users: /server3/appl/etc/raddb/users (2 entries) read to memory
Fri Nov 17 09:38:06 1995: read_auth: /server3/appl/etc/raddb/authfile (4 entries) read to memory

Next I logged in to the port. I typed in a valid hostname in response to
the "host:" prompt. I logged in with my username and password and I got a
PPP session. I don't specify a PPP user anywhere! The logfile shows I
logged in as a dumb user.

Fri Nov 17 09:38:41 1995: rad_authenticate: 71/21 "mfrost" at hsi-pm01 dumb
Fri Nov 17 09:38:41 1995: Authentication: 71/21 'mfrost' via hsi-pm01 from hsi-pm01 port 1 dumb - OK

The radius.debug file shows:

init_fsm: FSM defined with 7 states from /server3/appl/etc/raddb/radius.fsm
get_radrequest: Request from c6cdc0fa (hsi-pm01) code = 1, id = 71, len = 58
User-Name = "mfrost"
User-Password = <CHANGED TO PROTECT THE INNOCENT...>
NAS-IP-Address = "198.205.192.250"
NAS-Port = 1
unix_pass: ID = 'mfrost'
send_reply: Authentication Ack for id 71 of type 1 to c6cdc0fa (hsi-pm01)

This only seems to happen when I try to rely on the dumbuser profile. That
is, if I specifically make an entry for mfrost in the users file saying
that mfrost is to use the portmaster service to host X, things work fine
for a normal login session.

Why can't I get this stuff to give me a normal login prompt? Where is
it getting the notion that it should start up a PPP session?

(I'm running the 2.4.14 version of merit radius).

Thanks

-mark frost
horizon systems inc

--

Next message: Jeremiah Johnson: "Re: Windows-NT and Portmaster2e30?"
Previous message: Frank Heinzius: "Re: changing the /etc/syslog.conf"