Mikrotik Attribute problem

Tue Apr 8 20:31:19 CEST 2014

Testing with radclient i see this.

echo "User-Name=test,User-Password=password,NAS-Identifier=XXXX" |
radclient X.X.X.X auth secret

Received response ID 168, code 2, length = 26
    Old-Password = "\014\177\362v"

however on the server i see

+- entering group PERL {...}
rlm_perl: Added pair User-Name = test
rlm_perl: Added pair User-Password = password
rlm_perl: Added pair NAS-IP-Address = 196.213.176.115
rlm_perl: Added pair Mikrotik-Total-Limit = 209711734
rlm_perl: Added pair Cleartext-Password = password
rlm_perl: Added pair databank = 209711734
rlm_perl: Added pair Auth-Type = PERL
++[perl] returns ok
Login OK: [test/password] (from client X.X.X.X port 0)
# Executing section post-auth from file /etc/raddb/sites-enabled/default
+- entering group post-auth {...}
++[exec] returns noop
Sending Access-Accept of id 168 to X.X.X.X port 55616
    Mikrotik-Total-Limit = 209711734

This is when I add Mikrotik-Total-Limit to the /etc/raddb/dictionary file.

Why is the incorrect attribute being returned?

On 8 April 2014 18:34, Ryan De Kock <ryandekock1988 at gmail.com> wrote:

> Thanks... I guess
>
> My question is more around "Is there any thing I can do to fix this"?
>
> When the Attribute is commented out of /etc/raddb/dictionary
>
> I get
> ...
> rlm_perl: ERROR: Failed to create pair Mikrotik-Total-Limit = 192871485
> ...
>
> When its in there I get
>
> ...
> Tue Apr  8 18:23:47 2014 : Debug: rlm_perl: Added pair
> Mikrotik-Total-Limit = 209715200
> Tue Apr  8 18:23:47 2014 : Debug: rlm_perl: Added pair Cleartext-Password
> = password
> Tue Apr  8 18:23:47 2014 : Debug: rlm_perl: Added pair databank = 209715200
> Tue Apr  8 18:23:47 2014 : Debug: rlm_perl: Added pair Auth-Type = PERL
> Tue Apr  8 18:23:47 2014 : Info: ++[perl] returns ok
> Tue Apr  8 18:23:47 2014 : Auth: Login OK: [XX:XX:XX:XX:XX:XX/password]
> (from client X.X.X.X port 2154826130 cli XX:XX:XX:XX:XX:XX)
> Tue Apr  8 18:23:47 2014 : Info: # Executing section post-auth from file
> /etc/raddb/sites-enabled/default
> Tue Apr  8 18:23:47 2014 : Info: +- entering group post-auth {...}
> Tue Apr  8 18:23:47 2014 : Info: ++[exec] returns noop
> Sending Access-Accept of id 30 to X.X.X.X port 50238
>     Mikrotik-Total-Limit = 209715200
> ...
>
> So is freeradius not reading the dictionary file for Mikrotik that is
> there & correct?
>
>
> On 8 April 2014 14:48, Alan DeKok <aland at deployingradius.com> wrote:
>
>> Ryan De Kock wrote:
>> > I was running freeradius v2.1.12 on Fedora and have changed over to
>> > CentOS now (also v2.1.12).
>>
>>   OK...
>>
>> > It looks as if the dictionary file location has been changed BUT here is
>> > the working dictionary
>>
>>   So one distribution has a working dictionary file, and the other one
>> doesn't?  That's not nice.
>>
>> > Working server:
>> ...
>> > Not working server:
>>
>>   There's no need to post the dictionaries.  We've seen them already.
>> Just post a summary of what changed.
>>
>> > What i have noticed is that if I add "ATTRIBUTE
>> > Mikrotik-Total-Limit          17  integer" to the
>> > /usr/local/etc/raddb/dictionary file then freeradius says that it sends
>> > the attribute however the Mikrotik complains that its incorrect.
>>
>>   That attribute is already in both dictionaries.  What's the problem?
>>
>> > Have I missed something? I have checked that
>> > "/usr/local/share/freeradius/dictionary.mikrotik" is included in
>> > /usr/local/share/freeradius/dictionary.
>> >
>> > any advice would be great
>>
>>   Use a version that works.  If the version supplied by your vendor
>> doesn't work, then (a) upgrade, or (b) tell your vendor to fix it.
>>
>>   Alan DeKok.
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/mailman/private/freeradius-users/attachments/20140408/854884ce/attachment.html>