<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Exchange Server">
<!-- converted from rtf -->
<style><!-- .EmailQuote { margin-left: 1pt; padding-left: 4pt; border-left: #800000 2px solid; } --></style>
</head>
<body>
<font face="Calibri, sans-serif" size="2">
<div><font color="#0070C0">Hello,</font></div>
<div><font color="#0070C0"> </font></div>
<div><font color="#0070C0">The FreeRadius server is a VM machine and the ESX host failed, everything came back and is now working apart from the following</font></div>
<div><font color="#0070C0"> </font></div>
<div><font color="#0070C0">The Radius Service, when the service starts this is the error we receive </font></div>
<div><font color="#0070C0"> </font></div>
<div><font face="Courier New, monospace">/usr/local/etc/raddb/sites-enabled/default[219]: ERROR: Unknown value Administrative-User, for attribute Service-Type</font></div>
<div><font face="Courier New, monospace">/usr/local/etc/raddb/sites-enabled/default[214]: Failed to parse "update" subsection.</font></div>
<div><font face="Courier New, monospace">/usr/local/etc/raddb/sites-enabled/default[210]: Failed to parse "if" subsection.</font></div>
<div><font face="Courier New, monospace">/usr/local/etc/raddb/sites-enabled/default[62]: Errors parsing authorize section.</font></div>
<div><font face="Courier New, monospace"> </font></div>
<div><font color="#0070C0">This error prevents the Network team from logging into their devices, their username is authenticated but they receive the following on the SSH session to the switch/router.</font></div>
<div><font color="#0070C0"> </font></div>
<div><font color="#0070C0">ACCEPT: Authorizing enable access and then nothing.</font></div>
<div><font color="#0070C0"> </font></div>
<div><font color="#0070C0">I have checked the following Dictionary.rfc2865 and this states that the administrative-user has a value of 6, which according to Cisco is correct.</font></div>
<div><font color="#0070C0"> </font></div>
<div><font color="#0070C0">We use the Radius Server for all our Wireless Authentication and this is working without any known issues, please find the section of the Radius configuration file from ‘/usr/local/etc/raddb/sites-available/default’. By commenting
out the ‘Service-Type’ line Raduis will start, otherwise we get a syntax error.</font></div>
<div> </div>
<div><font face="Courier New, monospace"> if(!control:Auth-Type && (request:NAS-Port-Type == Virtual || request:NAS-Port-Type == Async) && (NAS-Identifier == hudds_switches || NAS-Identifier == bar_switches || NAS-Identifier == old_switches || "%{client:clientgroup}"
== "networks")){</font></div>
<div><font face="Courier New, monospace"> update control {</font></div>
<div><font face="Courier New, monospace"> Proxy-To-Realm := LOCAL</font></div>
<div><font face="Courier New, monospace"> }</font></div>
<div><font face="Courier New, monospace"> if(ldap_staff-Ldap-Group == CMSX_NETW){</font></div>
<div><font face="Courier New, monospace"> update control {</font></div>
<div><font face="Courier New, monospace"> Auth-Type = "ntlm_auth"</font></div>
<div><font face="Courier New, monospace"> }</font></div>
<div><font face="Courier New, monospace"> update reply {</font></div>
<div><font face="Courier New, monospace"> Reply-Message = "ACCEPT: Authorizing enable access",</font></div>
<div><font face="Courier New, monospace"> Cisco-AVPair = "shell:roles*\"network-admin\"",</font></div>
<div><font face="Courier New, monospace"> Cisco-AVPair += "shell:priv-lvl+15",</font></div>
<div><font face="Courier New, monospace">#******* Service-Type = Administrative-User, *****#</font></div>
<div><font face="Courier New, monospace"> Fall-Through = No</font></div>
<div><font face="Courier New, monospace"> }</font></div>
<div><font face="Courier New, monospace"> }</font></div>
<div><font face="Courier New, monospace"> }</font></div>
<div> </div>
<div><font color="#0070C0"> </font></div>
<div><font color="#0070C0">Help is greatly appreciated.</font></div>
<div><font color="#0070C0"> </font></div>
<div><font face="Calibri, sans-serif" size="2" color="#0070C0"> </font></div>
<div><font face="Calibri, sans-serif" size="2" color="#0070C0"> </font></div>
<div><font face="Times New Roman, serif" size="3" color="#0070C0">Rgds</font></div>
<div><font face="Times New Roman, serif" size="3" color="#0070C0">Darren Shaw</font></div>
<div><font face="Times New Roman, serif" size="3" color="#0070C0">The Network Team</font></div>
<div><font face="Times New Roman, serif" size="3" color="#0070C0">Computing Services</font></div>
<div><font face="Times New Roman, serif" size="3" color="#0070C0">University of Huddersfield</font></div>
<div><font face="Times New Roman, serif" size="3" color="#0070C0">Queensgate</font></div>
<div><font face="Times New Roman, serif" size="3" color="#0070C0">Huddersfield</font></div>
<div><font face="Times New Roman, serif" size="3" color="#0070C0">HD1 3DH</font></div>
<div><font face="Times New Roman, serif" size="3" color="#0070C0"> </font></div>
<div><font face="Times New Roman, serif" size="3" color="#0070C0">TEL: 01484 471317</font></div>
<div><font face="Times New Roman, serif" size="3" color="#0070C0">MOBILE: 07792 773807</font></div>
<div><font face="Calibri, sans-serif" size="2" color="#0070C0"> </font></div>
<div><font face="Calibri, sans-serif" size="2"> </font></div>
<div><font face="Times New Roman, serif" size="3"><br>
</font></div>
<div><font face="Times New Roman, serif" size="3"><u> ________________________________ </u></font></div>
<div><font face="Times New Roman, serif" size="3" color="#808080"><br>
<font face="Arial, sans-serif" size="1">---<br>
</font><font face="Arial, sans-serif" size="1">This transmission is confidential and may be legally privileged. If you receive it in error, please notify us immediately by e-mail and remove it from your system. If the content of this e-mail does not relate
to the business of the University of Huddersfield, then we do not endorse it and will accept no liability.<br>
</font></font></div>
</font>
</body>
</html>