Compatibility issue with Nortel?
Hello, I have beeen experimenting some problems connecting a nortel router 1430 with freeradius (v1.0.1, using mysql). When I try telnet I couldn't get the command line, although the authentication process is ok. Then I added the specific vendor attributes as a new dictionary file. It looks as follows: ############################################################### VENDOR Nortel 1584 ATTRIBUTE Bay-User-Level 100 integer VALUE Bay-User-Level Manager 2 VALUE Bay-User-Level User 4 VALUE Bay-User-Level Operator 8 ################################################################ Also I added the following line into /etc/raddb/dictionary: $INCLUDE /usr/local/freeradius/share/dictionary.nortel However I still have the same problem, the router doesn't give me command line access. The logs in the router doesn't provide me any helpful information. I attached the freeradius -X logs at the end. Probably I have something wrong with the configuration because it seems the values of the new attributes are not correct when they are sent. Perhaps one of you have had a similar situation. I really appreciate any help, thanks. Regards, Juan Pablo Logs: radiusd -X ------------------------ rad_recv: Access-Request packet from host 10.0.2.26:21741, id=19, length=57 Service-Type = Framed-User NAS-IP-Address = 10.0.2.26 User-Name = "test1" User-Password = "test1" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: No '@' in User-Name = "test1", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 0 radius_xlat: 'test1' rlm_sql (sql): sql_set_user escaped user --> 'test1' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'test1' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 4 rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'test1' ORDER BY id radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'test1' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' rlm_sql_mysql: query: SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'test1' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'test1' ORDER BY id' rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'test1' ORDER BY id radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'test1' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql_mysql: query: SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'test1' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id rlm_sql (sql): Released sql socket id: 4 modcall[authorize]: module "sql" returns ok for request 0 modcall: group authorize returns ok for request 0 auth: type Local auth: user supplied User-Password matches local User-Password radius_xlat: 'prueba!!!' Processing the post-auth section of radiusd.conf modcall: entering group post-auth for request 0 rlm_sql (sql): Processing sql_postauth radius_xlat: 'test1' rlm_sql (sql): sql_set_user escaped user --> 'test1' radius_xlat: 'INSERT into radpostauth (id, user, pass, reply, date) values ('', 'test1', 'test1', 'Access-Accept', NOW())' radius_xlat: '/var/log/radius/sqltrace.sql' rlm_sql (sql) in sql_postauth: query is INSERT into radpostauth (id, user, pass, reply, date) values ('', 'test1', 'test1', 'Access-Accept', NOW()) rlm_sql (sql): Reserving sql socket id: 3 rlm_sql_mysql: query: INSERT into radpostauth (id, user, pass, reply, date) values ('', 'test1', 'test1', 'Access-Accept', NOW()) rlm_sql (sql): Released sql socket id: 3 modcall[post-auth]: module "sql" returns ok for request 0 modcall: group post-auth returns ok for request 0 Sending Access-Accept of id 19 to 10.0.2.26:21741 Bay-User-Level = Manager Reply-Message = "prueba!!!" Service-Type = NAS-Prompt-User Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 19 with timestamp 4528045f
"Juan Pablo Espino" <jp.espino@gmail.com> wrote:
Then I added the specific vendor attributes as a new dictionary file.
Why? See dictionary.bay, that attribute is already there.
Probably I have something wrong with the configuration because it seems the values of the new attributes are not correct when they are sent.
What do you mean by that? Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog
Hi, thanks for the response.
Then I added the specific vendor attributes as a new dictionary file.
Why? See dictionary.bay, that attribute is already there.
I didn't know that :-)
Probably I have something wrong with the configuration because it seems the values of the new attributes are not correct when they are sent.
What do you mean by that?
I mean I see (using ethereal) something like "00/00/00/04" as the value of the Bay-User-Level attribute in the radius packet. So I guess that value is wrong. Thanks for helping. Regards, Juan Pablo
Hi, it's working now. I used dictionary.bay, but I'm still confused why my dictionary file didn't work. Thanks for the help. Juan Pablo
participants (2)
-
Alan DeKok -
Juan Pablo Espino