Re: Radius 2.0 and static entries in users file ???

William Weston (weston@buddha.mind.net)
Mon, 20 Jan 1997 13:54:40 -0800

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Netlink Tech: "Linux, Radius and Shadow passwords"
Previous message: Cimarron Boozer: "Open beta for Radius for NT (NetWare also available)"
In reply to: Rick Wagner: "Radius 2.0 and static entries in users file ???"

Hello Rick,

For your static IP entries, you only need to list the username without the
prefix already added. By specifying the prefix in the entry, the concatenation
of the prefix to the username is applied automatically by radius. In this
case, your entry should start out with:

mrt Auth-Type = System, Prefix = "P"

With the entry that you are using, radius is expecting a login with username
PPmrt and a UNIX passwd file entry with the username Pmrt.

Here's how the authentication process works when using prefixes: 1) A static
IP dialin user dials in using the username Pmrt. 2) This is sent from the
Portmaster to the radius server. 3) Inside radius, this is matched against the
entry for user mrt using prefix P. 4) The password sent from the portmaster is
then checked against the UNIX password for user mrt, and the session begins.

Also, check you new dictionary file for radius 2.0. Some of the field names
have been changed slightly, so you'll want to either fix your dictionary file
to make the old field names work, or update your users file with the field
names in the new dictionary file. BTW, this may seem obvious, but it took me a
while to notice ALL of the changes (especially the change from Van-Jacobsen to
Van-Jacobson).

-Bill Weston
<weston@mind.net>

> I have been using radius 1.16 MODIFIED with the SCP patch for over a year.
> I have tried to upgrade to 2.0 and all of my DEFAULT entries work just fine
> but my few static IPs wont authenticate.
> In my logfile I get entries that say Authenticate Pmrt Invalid User.......
>
> In my BSDI UNIX password file I have a user name mrt so a the Pmrt should
> work.
> Is the PM passing to UNIX the P in Pmrt ? Should it ?
> Why do the DEFAULT entries work but not the following static entry ?
>
> Pmrt Auth-Type = System, Prefix = "P"
> Service-Type = Framed-User,
> Framed-Protocol = PPP,
> Framed-IP-Address = 206.170.176.190,
> Framed-IP-Netmask = 255.255.255.0,
> Framed-Routing = None,
> Framed-Compression = Van-Jacobsen-TCP-IP,
> Framed-MTU = 1500

/*******************************************************************
* -Bill Weston weston@mind.net *
* Systems/Network Administration *
* InfoStructure, Ashland OR http://www.mind.net *
*******************************************************************/

Next message: Netlink Tech: "Linux, Radius and Shadow passwords"
Previous message: Cimarron Boozer: "Open beta for Radius for NT (NetWare also available)"
In reply to: Rick Wagner: "Radius 2.0 and static entries in users file ???"