[RadiusNT] Ascend-Data filters

Edwin Whitesell ( EdwinW@wholesaleisp.net )
Wed, 16 Aug 2000 08:35:40 -0400

Hi, we're trying to setup filters to block port 25 traffic, except to IPs
that we allow. We're using the Ascend filters, and applying them to one
account, for now, but we keep getting the following errors:

radrecv: Request from host d01e9f17 code=1, id=98, length=57
User-Name = "username@xxxx.xxx"
Password = "\015\306C\272\351\035\306\302e\026.\356\321\316+\226"
ip filter error: do not recognize = in ip in forward dstip =

Sending Ack of id 98 to d01e9f17 (WISP3)
User-Service = Framed-User
Ascend-Maximum-Time = 18000
Resp Time: 90 Auth: 1/1 -> 2 Acct: 1/0/0 -> 1

The account still authenticates, of course, and can then use any server on
port 25.

Here is the format that we have the filter in the Radconfigs table in SQL
7.0, for the specific acccount we're testing it on:

ip in forward tcp est
ip in forward dstip = xxx.xxx.xxx.x/23
ip in drop dstport = 25
ip in forward

I know this was brought up to the list before, and Dale made some
suggestions of where to look for documentation. We went all through that
site, and couldn't find anything really useful.

Does anyone have any ideas?

For more information about this list (including removal) go to: