Actually, they were the same thing, but one was the CHECK attribute
lines, and the second what that there was not a Framed-Address in
the reply list. The first was causing the second, but I wanted
to point out the reply list so you would look at it and note
the attributes going back from RadiusNT to the client.
> Thanks, Dale!
>
> On Friday, May 01, 1998 2:16 PM, Dale E. Reed Jr. [SMTP:daler@iea-software.com]
> wrote:
> > Note two things. First, the Framed-Address and Idle-Timeout should
> > *NOT* be check attributes, but you have them confgiured as such. If
> > you look at the last four lines above, you'll note there is NOT
> > a Framed-Address attribute being returned to the RADIUS client (hence
> > the assigned address by default).
> >
> > Go into your RadConfigs table and double check the RadCheck column.
> > In almost ALL cases, unless the attribute is a check attribute (see
> > below) the column needs to NOT be a 1. If the column is a 1 for
> > that record, its a check attribute, not a reply attribute. For
> > a check attribute, RadiusNT will look for a matching attribute
> > in the authentication request and compare the two. If they don't
> > match, RadiusNT will reject the request (and put a check attribute
> > failur in the RadLogs for the user). Check attributes are *NOT*
> > sent in the list of reply attributes back to the NAS.
-- Dale E. Reed Jr. (daler@iea-software.com)_________________________________________________________________ IEA Software, Inc. | RadiusNT, Emerald, and NT FAQs Internet Solutions for Today | http://www.iea-software.com