FYI that is ancient. We are running 3.3.3 now. 3.0.3 is roughly 10 releases
old now. (Not counting 2 or 3 patch releases in there.)
> I did a "set secret" on the pm and put that in the clients file
>on the radiusd host. I did a "set authentic" on the pm pointing to the
>radius host. I also didn't even change the users file. I just tried to
>test one of local entries. This is a sample of the -x output.
If the user is in the local file it won't use RADIUS...
3.0.3 is so old I'm not even sure what tools you have to use... I believe
you have 'ptrace' - I would set up a ptrace filter that lists an traffic
coming from UDP port 1645 and 1646
Like
permit UDP src eq 1645
permit UDP src eq 1646
Then watch the packets coming in from the RADIUS host:
1. Make sure you are getting the replies.
2. Make sure they are coming from the right IP. If the host is multihomed
sometimes it is messed up and the packets are from a different IP then the
request went to. We will ignore packets with the wrong IP and try again.
>radrecv: Request from host cf218446 code=1, id=2, length=64
> User-Name = "rhw"
> Password = "$\257OT\223\335J\014\336\022\325\237\324\346@\321"
> Client-Id = 207.33.132.70
> Client-Port-Id = 99
> User-Service-Type = Outbound-User
>Sending Ack of id 2 to cf218446 (pm-1.nsnet.net)
> User-Service-Type = Login-User
> Login-Host = 207.33.132.130
> Login-Service = PortMaster
Wait a minute - Outbound user? This must be the TC because we only added
that in the last release.
-MZ
-- Livingston Enterprises - Chair, Department of Interstitial Affairs Phone: 800-458-9966 510-426-0770 FAX: 510-426-8951 megazone@livingston.com For support requests: support@livingston.com <http://www.livingston.com/> Snail mail: 6920 Koll Center Parkway #220, Pleasanton, CA 94566 See me in person: Internet Expo, Boston, MA, October 16-17, Booth 422 ;-)