Compatibility issue with Nortel?

Juan Pablo Espino jp.espino at gmail.com
Sat Oct 7 21:54:13 CEST 2006 

Hello,

I have beeen experimenting some problems connecting a nortel router
1430 with freeradius (v1.0.1, using mysql). When I try telnet I
couldn't get the command line, although the authentication process is
ok.

Then I added the specific vendor attributes as a new dictionary file.
It looks as follows:

###############################################################
VENDOR	Nortel	1584

ATTRIBUTE	Bay-User-Level		100	integer

VALUE	Bay-User-Level	Manager		2
VALUE	Bay-User-Level	User		4
VALUE	Bay-User-Level	Operator	8	
################################################################

Also I added the following line into /etc/raddb/dictionary:

$INCLUDE          /usr/local/freeradius/share/dictionary.nortel

However I still have the same problem, the router doesn't give me
command line access. The logs in the router doesn't provide me any
helpful information. I attached the freeradius -X logs at the end.

Probably I have something wrong with the configuration because it
seems the values of the new attributes are not correct when they are
sent. Perhaps one of you have had a similar situation. I really
appreciate any help, thanks.

Regards,
Juan Pablo


Logs: radiusd -X
------------------------
rad_recv: Access-Request packet from host 10.0.2.26:21741, id=19, length=57
        Service-Type = Framed-User
        NAS-IP-Address = 10.0.2.26
        User-Name = "test1"
        User-Password = "test1"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
  modcall[authorize]: module "preprocess" returns ok for request 0
  modcall[authorize]: module "chap" returns noop for request 0
  modcall[authorize]: module "mschap" returns noop for request 0
    rlm_realm: No '@' in User-Name = "test1", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 0
radius_xlat:  'test1'
rlm_sql (sql): sql_set_user escaped user --> 'test1'
radius_xlat:  'SELECT id,UserName,Attribute,Value,op FROM radcheck
WHERE Username = 'test1' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 4
rlm_sql_mysql: query:  SELECT id,UserName,Attribute,Value,op FROM
radcheck WHERE Username = 'test1' ORDER BY id
radius_xlat:  'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
 FROM radgroupcheck,usergroup WHERE usergroup.Username = 'test1' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY
radgroupcheck.id'
rlm_sql_mysql: query:  SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
 FROM radgroupcheck,usergroup WHERE usergroup.Username = 'test1' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY
radgroupcheck.id
radius_xlat:  'SELECT id,UserName,Attribute,Value,op FROM radreply
WHERE Username = 'test1' ORDER BY id'
rlm_sql_mysql: query:  SELECT id,UserName,Attribute,Value,op FROM
radreply WHERE Username = 'test1' ORDER BY id
radius_xlat:  'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
 FROM radgroupreply,usergroup WHERE usergroup.Username = 'test1' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY
radgroupreply.id'
rlm_sql_mysql: query:  SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
 FROM radgroupreply,usergroup WHERE usergroup.Username = 'test1' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY
radgroupreply.id
rlm_sql (sql): Released sql socket id: 4
  modcall[authorize]: module "sql" returns ok for request 0
modcall: group authorize returns ok for request 0
auth: type Local
auth: user supplied User-Password matches local User-Password
radius_xlat:  'prueba!!!'
  Processing the post-auth section of radiusd.conf
modcall: entering group post-auth for request 0
rlm_sql (sql): Processing sql_postauth
radius_xlat:  'test1'
rlm_sql (sql): sql_set_user escaped user --> 'test1'
radius_xlat:  'INSERT into radpostauth (id, user, pass, reply, date)
values ('', 'test1', 'test1', 'Access-Accept', NOW())'
radius_xlat:  '/var/log/radius/sqltrace.sql'
rlm_sql (sql) in sql_postauth: query is INSERT into radpostauth (id,
user, pass, reply, date) values ('', 'test1', 'test1',
'Access-Accept', NOW())
rlm_sql (sql): Reserving sql socket id: 3
rlm_sql_mysql: query:  INSERT into radpostauth (id, user, pass, reply,
date) values ('', 'test1', 'test1', 'Access-Accept', NOW())
rlm_sql (sql): Released sql socket id: 3
  modcall[post-auth]: module "sql" returns ok for request 0
modcall: group post-auth returns ok for request 0
Sending Access-Accept of id 19 to 10.0.2.26:21741
        Bay-User-Level = Manager
        Reply-Message = "prueba!!!"
        Service-Type = NAS-Prompt-User
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 19 with timestamp 4528045f

More information about the Freeradius-Users mailing list