Message 2: Re: couldn't open server to find servers
from "Jerry Mahler" <Jerry_Mahler@mw.3com.com>
Message 3: Radius NT v2.5 forms and v2.2 upgrade questions
from postman@cp-tel.net (Postman Account)
Message 4: RE: Radius 2.5 upgrade
from eric@valleynetworking.com (Eric Cowperthwaite)
Message 5:
from asmaayni@cybernet.net.ma
Message 6: Reject id 91 , chap error?
from "John Hamilton" <john@iol10.com>
Message 7: Re: couldn't open server to find servers
from "Kevin Ingram" <kingram@cameron.net>
Message 8: Re: couldn't open server to find servers
from "Dale E. Reed Jr." <daler@iea-software.com>
Message 9: Re: Call History script
from "Dale E. Reed Jr." <daler@iea-software.com>
Message 10:
from Michael Witt <mike@nt-solutions.net>
Message 11: Re: couldn't open server to find servers
from "Jerry Mahler" <Jerry_Mahler@mw.3com.com>
Message 12: callsonline / concurrency
from Jim Whaley <radiusnt@ids.net>
Message 13: no authentication
from "CNX Accounting" <jason@cnx.net>
Message 14: Re: Multilink ISDN Logon Problem
from "Kenneth Jordan" <jordan@eaglei.net>
Message 15: RE: no authentication
from "CNX Accounting" <jason@cnx.net>
Message 16: Re: no authentication
from "Josh Hillman" <admin-maillist@talstar.com>
Message 17: feature request
from Brian Lube <brian@mpinet.net>
Message 18: RE: Multilink ISDN Logon Problem
from eric@valleynetworking.com (Eric Cowperthwaite)
Message 19: Accounting
from eric@valleynetworking.com (Eric Cowperthwaite)
Message 20: Re: Accounting
from "Dale E. Reed Jr." <daler@iea-software.com>
Message 21: Re: feature request
from "Dale E. Reed Jr." <daler@iea-software.com>
Message 22: Re: static IP and AS5200 problem
from Christian Simard <simardc@netc.net>
Message 23: Re: Multilink ISDN Logon Problem
from "Josh Hillman" <admin-maillist@talstar.com>
Message 24: NAS restriction
from Christian Simard <simardc@netc.net>
Message 25: Re: feature request
from Brian Lube <brian@mpinet.net>
Message 26: RE: Multilink ISDN Logon Problem
from eric@valleynetworking.com (Eric Cowperthwaite)
Message 27: Re: couldn't open server to find servers
from "Jerry Mahler" <Jerry_Mahler@mw.3com.com>
Message 28: Acct Terminate Cause?
from Robb Bryn <rbryn@cape-fear.net>
Message 29: Re: Acct Terminate Cause?
from "Dale E. Reed Jr." <daler@iea-software.com>
Message 30: Re: feature request
from "Dale E. Reed Jr." <daler@iea-software.com>
Message 31: Re: Multilink ISDN Logon Problem
from "Dale E. Reed Jr." <daler@iea-software.com>
Message 32: Re: NAS restriction
from "Dale E. Reed Jr." <daler@iea-software.com>
Message 33: Re: static IP and AS5200 problem
from "Dale E. Reed Jr." <daler@iea-software.com>
Message 34:
from "Eric Powers" <eric@river-valley.net>
Message 35: ServerAccess
from "Bruno Tremblay" <bruno@mustangtechno.com>
Message 36: Re: couldn't open server to find servers
from "Kevin Ingram" <kingram@cameron.net>
Message 37: Re: Call History script
from "jmercer" <radiusnt@ultravision.net>
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.
| Message 1 |
'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'
Subject: Re: Call History script
From: "jmercer" <radiusnt@ultravision.net>
Date: Fri, 05 Jun 1998 08:33:12 -0500
Now the error is No destination field name in INSERT INTO statement
(CallDate='5-1-98').
What fields should be in the CallHistory Table I'm using the enhanced db
file from the ftp site but I'm not sure it has all the required fields.
*********** REPLY SEPARATOR ***********
On 6/4/98, at 11:39 PM, Dale E. Reed Jr. wrote:
>jmercer wrote:
>>
>> Running a test in MSQuery it gives me the error Didn't expect
'CallHistory'
>> after the SELECT column list.
>
>Actually, I had the syntax backwards. Assuming you have a CallHistory
>table with the correct columns, this should do it:
>
>Insert Into CallHistory
>Select Username, CallDate='5/1/98', Mins=Sum(AcctSessionTime/60+1)
>From Calls
>Where CalLDate >= '5/1/98'
> and CallDate < '6/1/98'
> and AcctStatusType = 2
>Group By UserName
>Order By Username
>
>--
>Dale E. Reed Jr. (daler@iea-software.com)
>_________________________________________________________________
> IEA Software, Inc. | RadiusNT, Emerald, and NT FAQs
> Internet Solutions for Today | http://www.iea-software.com
Jerry Mercer
Ultra-Vision
Internet - jmercer@ultravision.net
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.
| Message 2 |
'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'
Subject: Re: couldn't open server to find servers
From: "Jerry Mahler" <Jerry_Mahler@mw.3com.com>
Date: Fri, 5 Jun 1998 10:45:04 -0500
I have a Windows 95 machine dialing into a Windows NT 4.0 machine, which is
running RRAS. The Windows NT machine is using RadiusNT 25 for
authentication. RadiusNT is running on a separate Windows NT 4.0 machine.
Everytime I try to dial in with the Windows 95 machine, I get rejected.
Below is a copy of the radius debug output.
=================
radrecv: Request from host 9570a48a code=1, id=3, length=63
User-Name = "test"
CHAP-Challenge =
"\325\030\342\017b\3130\014\320\216\244\213\225\220\275\001"
Challenge-Response =
"\001)\306\244\366\235\260l-'\351\317\241\342\206\024\346"
Checking user record PW_PASSWORD type
authChapPwd
Sending Reject of id 3 to 9570a48a (149.112.164.138)
=================
I have verified that the secret on Windows NT RRAS matches that of the
clients file on the RadiusNT machine.
Any ideas? Perhaps I have a setting incorrect in RRAS???
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.
| Message 3 |
'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'
Subject: Radius NT v2.5 forms and v2.2 upgrade questions
From: postman@cp-tel.net (Postman Account)
Date: Fri, 05 Jun 1998 11:08:25 -0500
Dale,
What happened to the forms and reports in Radius NT v2.5?
They no longer exist..?
We purchased RadiusNT v2.2 about a week before v2.5
came out.
Is it possible to import the forms and reports from
Radius NT v2.2 to v2.5? without modifications?
Are the data field names, etc. the same in
Radius NT v2.2 as RadiusNT v2.5?
Can you give some information as to the best way to
import our data from RadiusNT v2.2 (Access 95) to
RadiusNT v2.5 (Access 97)? anything to really watch
out for? I'd like for this to be a smooth transition.
Thanks in advance.
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.
| Message 4 |
'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'
Subject: RE: Radius 2.5 upgrade
From: eric@valleynetworking.com (Eric Cowperthwaite)
Date: Fri, 5 Jun 1998 09:20:59 -0700
Thanks to Lamar and Dale. Yes, I added the secrets, and life
got happy. Now, RadiusNT 2.2 will run just fine without
secrets but RadiusNT 2.5 will not.
Eric
-----Original Message-----
From: radiusnt-request@iea-software.com
[mailto:radiusnt-request@iea-software.com]On Behalf Of Lamar Townsend
Sent: Thursday, June 04, 1998 7:46 PM
To: radiusnt@iea-software.com
Subject: Radius 2.5 upgrade
Eric,
Add the secrets.. Mine would not work without the secrets.. I have no
clue as to why but when I finally added them life got good.
Lamar Townsend
Microgear & Microgear.Net
lamar@microgear.net
No, no secrets are in use. The servers table in the database
does not contain a secret, the NAS does not have a secret, the
clients and servers files do not contain secrets and Radadmn
is not use secrets.
Eric
-----Original Message-----
From: Graeme Slogrove [mailto:graeme@fdd.net]
Sent: Thursday, June 04, 1998 3:42 PM
To: Eric Cowperthwaite
Subject: Re: RadiusNT 2.5 upgrade
On 4 Jun 98 at 15:36, Eric Cowperthwaite wrote:
> The NAS is a Livingston PM3 which is working just fine with 2.2. The
> only change I made to the NAS is to point it to the machine hosting
> 2.5. I am not using secrets, and I unchecked secrets in Radadmn.
You must be using secrets somewhere along the line, and they're not
matching - garbled decrypted passwords are a sure sign of mis-matched
secrets.
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.
| Message 5 |
'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'
Subject:
From: asmaayni@cybernet.net.ma
unsubscribe RadiusNT
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.
| Message 6 |
'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'
Subject: Reject id 91 , chap error?
From: "John Hamilton" <john@iol10.com>
Date: Fri, 5 Jun 1998 12:44:18 -0400
Trying to authenticate a user from another NAS / Radius ( Ascend TNT / Unix
Ascend Radius), using RadiusNT 2.5 Enterprise with proxy on, but in text mode.
I receive the auth. request, all looks good, but I get the message :
"authChapPwd"
"Sending Reject of id 91 to ..... "
indicating to me that this Radius does not support Chap auth. I've tested
locally and everything comes through as a Pap auth request, and of course it
works.
Does RadiusNT 2.5 support Chap auth? Or do I have a Proxy problem. I'm not
proxing off the request somewhere else, I'm receiving the request from another
location only.
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.
| Message 7 |
'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'
Subject: Re: couldn't open server to find servers
From: "Kevin Ingram" <kingram@cameron.net>
Date: Fri, 5 Jun 1998 12:23:13 -0500
I don't know about the most recent RRAS, but most versions you must delete
the CHAP & SPAP keys in (I think) HKLM\SYSTEM\SERVICES\RASMAN\PPP (pulled
from memory, if not correct email me). Restart NT machine and try it again.
Kevin Ingram
-----Original Message-----
From: Jerry Mahler <Jerry_Mahler@mw.3com.com>
To: radiusnt@iea-software.com <radiusnt@iea-software.com>
Date: Friday, June 05, 1998 10:42 AM
Subject: Re: couldn't open server to find servers
>
>I have a Windows 95 machine dialing into a Windows NT 4.0 machine, which is
>running RRAS. The Windows NT machine is using RadiusNT 25 for
>authentication. RadiusNT is running on a separate Windows NT 4.0 machine.
>
>Everytime I try to dial in with the Windows 95 machine, I get rejected.
>Below is a copy of the radius debug output.
>
>=================
> radrecv: Request from host 9570a48a code=1, id=3, length=63
> User-Name = "test"
> CHAP-Challenge =
>"\325\030\342\017b\3130\014\320\216\244\213\225\220\275\001"
> Challenge-Response =
>"\001)\306\244\366\235\260l-'\351\317\241\342\206\024\346"
> Checking user record PW_PASSWORD type
> authChapPwd
> Sending Reject of id 3 to 9570a48a (149.112.164.138)
>=================
>
>I have verified that the secret on Windows NT RRAS matches that of the
>clients file on the RadiusNT machine.
>
>Any ideas? Perhaps I have a setting incorrect in RRAS???
>
>
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.
| Message 8 |
'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'
Subject: Re: couldn't open server to find servers
From: "Dale E. Reed Jr." <daler@iea-software.com>
Date: Fri, 5 Jun 1998 11:03:21 -0700 ()
On Fri, 5 Jun 1998, Kevin Ingram wrote:
> I don't know about the most recent RRAS, but most versions you must delete
> the CHAP & SPAP keys in (I think) HKLM\SYSTEM\SERVICES\RASMAN\PPP (pulled
> from memory, if not correct email me). Restart NT machine and try it again.
ALthough you may not want to always do CHAP, RadiusNT 2.5 does support
the CHAP attributes as sent by RRAS.
> Kevin Ingram
>
> -----Original Message-----
> From: Jerry Mahler <Jerry_Mahler@mw.3com.com>
> To: radiusnt@iea-software.com <radiusnt@iea-software.com>
> Date: Friday, June 05, 1998 10:42 AM
> Subject: Re: couldn't open server to find servers
>
>
> >
> >I have a Windows 95 machine dialing into a Windows NT 4.0 machine, which is
> >running RRAS. The Windows NT machine is using RadiusNT 25 for
> >authentication. RadiusNT is running on a separate Windows NT 4.0 machine.
> >
> >Everytime I try to dial in with the Windows 95 machine, I get rejected.
> >Below is a copy of the radius debug output.
> >
> >=================
> > radrecv: Request from host 9570a48a code=1, id=3, length=63
> > User-Name = "test"
> > CHAP-Challenge =
> >"\325\030\342\017b\3130\014\320\216\244\213\225\220\275\001"
> > Challenge-Response =
> >"\001)\306\244\366\235\260l-'\351\317\241\342\206\024\346"
> > Checking user record PW_PASSWORD type
> > authChapPwd
> > Sending Reject of id 3 to 9570a48a (149.112.164.138)
> >=================
> >
> >I have verified that the secret on Windows NT RRAS matches that of the
> >clients file on the RadiusNT machine.
> >
> >Any ideas? Perhaps I have a setting incorrect in RRAS???
> >
> >
>
>
Dale E. Reed Jr. (daler@iea-software.com)
_________________________________________________________________
IEA Software, Inc. | RadiusNT, Emerald, and NT FAQs
Internet Solutions for Today | http://www.iea-software.com
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.
| Message 9 |
'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'
Subject: Re: Call History script
From: "Dale E. Reed Jr." <daler@iea-software.com>
Date: Fri, 5 Jun 1998 11:37:44 -0700 ()
On Fri, 5 Jun 1998, jmercer wrote:
> Now the error is No destination field name in INSERT INTO statement
> (CallDate='5-1-98').
>
> What fields should be in the CallHistory Table I'm using the enhanced db
> file from the ftp site but I'm not sure it has all the required fields.
Your CallHistory table should have three fields:
Username (text)
CallDate (date/time)
Mins (number, long)
You could put others in if you wanted more information.
> >Insert Into CallHistory
> >Select Username, CallDate='5/1/98', Mins=Sum(AcctSessionTime/60+1)
> >From Calls
> >Where CalLDate >= '5/1/98'
> > and CallDate < '6/1/98'
> > and AcctStatusType = 2
> >Group By UserName
> >Order By Username
Dale E. Reed Jr. (daler@iea-software.com)
_________________________________________________________________
IEA Software, Inc. | RadiusNT, Emerald, and NT FAQs
Internet Solutions for Today | http://www.iea-software.com
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.
| Message 10 |
'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'
Subject:
From: Michael Witt <mike@nt-solutions.net>
Date: Fri, 5 Jun 1998 13:50:35 -0500
unsubscribe radiusnt
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.
| Message 11 |
'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'
Subject: Re: couldn't open server to find servers
From: "Jerry Mahler" <Jerry_Mahler@mw.3com.com>
Date: Fri, 5 Jun 1998 14:02:57 -0500
Deleting the keys didn't seem to work. Now the NT machine I am dialing in
on complains that there are no authentication protocols available, and the
call is dropped even before a RADIUS request is made.
Any other ideas of what the problem could be?
I think my setup is about as simple and plain as can be -- nothing at all
strange. Did anyone else have to do anything special to get RadiusNT to
work with Windows NT RRAS?
-Jerry
"Dale E. Reed Jr." <daler@iea-software.com> on 06/05/98 01:03:21 PM
Please respond to radiusnt@iea-software.com
To: radiusnt@iea-software.com
cc:
Subject: Re: couldn't open server to find servers
On Fri, 5 Jun 1998, Kevin Ingram wrote:
> I don't know about the most recent RRAS, but most versions you must
delete
> the CHAP & SPAP keys in (I think) HKLM\SYSTEM\SERVICES\RASMAN\PPP (pulled
> from memory, if not correct email me). Restart NT machine and try it
again.
ALthough you may not want to always do CHAP, RadiusNT 2.5 does support
the CHAP attributes as sent by RRAS.
> Kevin Ingram
>
> -----Original Message-----
> From: Jerry Mahler <Jerry_Mahler@mw.3com.com>
> To: radiusnt@iea-software.com <radiusnt@iea-software.com>
> Date: Friday, June 05, 1998 10:42 AM
> Subject: Re: couldn't open server to find servers
>
>
> >
> >I have a Windows 95 machine dialing into a Windows NT 4.0 machine, which
is
> >running RRAS. The Windows NT machine is using RadiusNT 25 for
> >authentication. RadiusNT is running on a separate Windows NT 4.0
machine.
> >
> >Everytime I try to dial in with the Windows 95 machine, I get rejected.
> >Below is a copy of the radius debug output.
> >
> >=================
> > radrecv: Request from host 9570a48a code=1, id=3, length=63
> > User-Name = "test"
> > CHAP-Challenge =
> >"\325\030\342\017b\3130\014\320\216\244\213\225\220\275\001"
> > Challenge-Response =
> >"\001)\306\244\366\235\260l-'\351\317\241\342\206\024\346"
> > Checking user record PW_PASSWORD type
> > authChapPwd
> > Sending Reject of id 3 to 9570a48a (149.112.164.138)
> >=================
> >
> >I have verified that the secret on Windows NT RRAS matches that of the
> >clients file on the RadiusNT machine.
> >
> >Any ideas? Perhaps I have a setting incorrect in RRAS???
> >
> >
>
>
Dale E. Reed Jr. (daler@iea-software.com)
_________________________________________________________________
IEA Software, Inc. | RadiusNT, Emerald, and NT FAQs
Internet Solutions for Today | http://www.iea-software.com
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.
| Message 12 |
'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'
Subject: callsonline / concurrency
From: Jim Whaley <radiusnt@ids.net>
Date: Fri, 05 Jun 1998 15:02:05 -0400
Hello. I'm currently evaluating the radiusnt 2.5-116 which was recently
posted here.
It works great and I love the new features (I'm running a very OLD version
on another
machine now)...
I'm using MS SQL server 6.5 for the ODBC database.
When I *don't* have the "manual calls update" option checked, no
callsonline updating
seems to happen at all. Do I need some triggers? If so, where can I can
them?
When I *do* have the "manual calls update" option checked, it tries to do
callsonline
updating, but gets an error saying:
SQL Statement: UPDATE CallsOnline Set Username='test',AcctStatusType=2,
CallDate=GetDate(),
FramedAddress=NULL WHERE NASIdentifier='155.212.1.106' and NASPort=3
AND (DateAdd(Second, 0-delay, GetDate()) >= CallDate OR CallDate IS NULL)
ODBC Error:S0022:207:
[Microsoft][ODBC SQL Server Driver][SQL Server]Invalid column name 'delay'.
I don't see any fields called 'delay' anywhere. I'm sure that's the
problem :-)
For testing purposes, I made a NEW database on SQL Server, and ran the
radiusnt.sql
script that came in the .zip file.
Thanks,
Jim Whaley
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.
| Message 13 |
'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'
Subject: no authentication
From: "CNX Accounting" <jason@cnx.net>
Date: Fri, 5 Jun 1998 12:03:30 -0700
Hello, hope someone can help with this.
We have been testing an installation of RadiusNT, all went well for approx.
18 hours then one of our ascend boxes started dropping connections.
The radlogs table shows:
ID: 1664 Radlogmsgid: 10 logdate: date
Username: pools-cnxusvanc0107m01 data: ascend
Users seem to be able to connect for about 1 min then are automatically
disconnected.
Any Ideas?
The puzzling part is that it did authenticate properly yesterday evening -
this morning.
Hope you can help.
Jason
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.
| Message 14 |
'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'
Subject: Re: Multilink ISDN Logon Problem
From: "Kenneth Jordan" <jordan@eaglei.net>
Date: Fri, 5 Jun 1998 14:21:01 -0500
You've been so good in helping so far. Doesn't anyone have the answer to my
question? Thanks.
On the second logon account, do I configure it exactly the way I have the
other keeping in mind that he needs a static ip, or can I give it a random
ip since the first logon has the static ip?
Here is the way I have the current account:
name Password = "password"
User-Service = Framed-User,
Framed-Protocol = PPP,
Framed-Address = 206.24.74.183,
Framed-Netmask = 255.255.255.0,
Framed-Routing = Broadcast-Listen,
Framed-MTU = 1500,
Framed-Compression = Van-Jacobson-TCP-IP
Can the second account be set up like this:
name2 Password = "password2"
User-Service = Framed-User
Thanks for your help,
Ken
-----Original Message-----
From: Eric Cowperthwaite <eric@valleynetworking.com>
To: radiusnt@iea-software.com <radiusnt@iea-software.com>
Date: Thursday, June 04, 1998 11:21 AM
Subject: RE: Multilink ISDN Logon Problem
>In RadiusNT you must give him access to two logons. Otherwise
>he will only get 64K. He only needs one ISDN terminal adapter
>(modem) to do this, not two. He cannot bind two modems together.
>
>
>Eric Cowperthwaite
>System Engineer
>Valley Networking, Inc.
>
>-----Original Message-----
>From: radiusnt-request@iea-software.com
>[mailto:radiusnt-request@iea-software.com]On Behalf Of Richard Sensale
>Sent: Wednesday, June 03, 1998 8:24 PM
>To: radiusnt@iea-software.com
>Subject: Re: Multilink ISDN Logon Problem
>
>
>I do not think you can multilink 2 ISDN modems. They alreay do this via
>MPPP. I have never heard of anything trying to multilink 2 of them for
>256K.
>-----Original Message-----
>From: Kenneth Jordan <jordan@eaglei.net>
>To: RadiusNT <radiusnt@iea-software.com>
>Date: Wednesday, June 03, 1998 11:21 AM
>Subject: Multilink ISDN Logon Problem
>
>
>>I got a customer you has 2 ISDN modems and wanting to multilink link. He
>has
>>a static IP address. He can get the first modem to dial up but when he
>tries
>>to connect with 2nd modem get the msg disconnected from remote host. I'm
>>using text mode and here is his configuration:
>>
>>name Password = "password"
>> User-Service = Framed-User,
>> Framed-Protocol = PPP,
>> Framed-Address = 206.24.74.183,
>> Framed-Netmask = 255.255.255.0,
>> Framed-Routing = Broadcast-Listen,
>> Framed-MTU = 1500,
>> Framed-Compression = Van-Jacobson-TCP-IP
>>
>>What am I missing here?
>>
>>
>
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.
| Message 15 |
'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'
Subject: RE: no authentication
From: "CNX Accounting" <jason@cnx.net>
Date: Fri, 5 Jun 1998 12:28:10 -0700
Here is some additional info from the radlogs:
1029 10 6/5/98 8:59:54 AM route-1 ascend
1028 10 6/5/98 8:59:54 AM initial-banner ascend
1027 10 6/5/98 8:59:54 AM route-1 ascend
1026 10 6/5/98 8:59:54 AM route-cnxusvanc0107m01-1 ascend
1025 10 6/5/98 8:59:54 AM initial-banner-cnxusvanc0107m01 ascend
1024 10 6/5/98 8:59:54 AM frdlink-cnxusvanc0107m01-1 ascend
1023 10 6/5/98 8:59:54 AM permconn-cnxusvanc0107m01-1 ascend
1022 10 6/5/98 8:59:54 AM pools-cnxusvanc0107m01 ascend
1021 10 6/5/98 8:59:54 AM route-cnxusvanc0107m01-1 ascend
1020 10 6/5/98 8:59:53 AM bridge-cnxusvanc0107m01-1 ascend
This event appears to have happened moments before the problems mentioned.
Thanks in advance.
Jason Chimney
jason@cnx.net
-----Original Message-----
From: radiusnt-request@iea-software.com
[mailto:radiusnt-request@iea-software.com] On Behalf Of CNX Accounting
Sent: Friday, June 05, 1998 12:04 PM
To: radiusnt@iea-software.com
Subject: no authentication
Hello, hope someone can help with this.
We have been testing an installation of RadiusNT, all went well for approx.
18 hours then one of our ascend boxes started dropping connections.
The radlogs table shows:
ID: 1664 Radlogmsgid: 10 logdate: date
Username: pools-cnxusvanc0107m01 data: ascend
Users seem to be able to connect for about 1 min then are automatically
disconnected.
Any Ideas?
The puzzling part is that it did authenticate properly yesterday evening -
this morning.
Hope you can help.
Jason
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.
| Message 16 |
'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'
Subject: Re: no authentication
From: "Josh Hillman" <admin-maillist@talstar.com>
Date: Fri, 5 Jun 1998 15:32:45 -0400
> From: CNX Accounting <jason@cnx.net>
> The radlogs table shows:
> ID: 1664 Radlogmsgid: 10 logdate: date
> Username: pools-cnxusvanc0107m01 data: ascend
Check the following:
Ethernet --> Mod Config --> WAN options
Make sure that you have as many IPs in your pool(s) as you have
modems.
Go into your Max and change the following setting:
Ethernet --> Mod Config --> Auth
Auth Pool =
Change it to "No"
You will have to reset the Max after this or you'll never free up the IPs.
After setting and saving the above option:
Hit ^d then d (diagnostics)
Type in:
fsave
fclear
nvr (this resets the max)
Josh Hillman
hillman@talstar.com
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.
| Message 17 |
'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'
Subject: feature request
From: Brian Lube <brian@mpinet.net>
Date: Fri, 05 Jun 1998 15:47:52 -0400
I have a feature request for the next release of RadiusNT. I would
*really* like to see it record custom fields (such as NASPortDNIS and
Callerid). This would help me out *so* much.
Just a request.
Brian Lube
senior technician
MPInet
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.
| Message 18 |
'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'
Subject: RE: Multilink ISDN Logon Problem
From: eric@valleynetworking.com (Eric Cowperthwaite)
Date: Fri, 5 Jun 1998 12:51:01 -0700
No, he should only have one user account. Set the
Framed-Protocol to MPPP, which is Multilink PPP, then
your user will be able to bind two channels under one
login ID.
Eric Cowperthwaite
Sys Engineer
Valley Networking
eric@valleynetworking.com
-----Original Message-----
From: radiusnt-request@iea-software.com
[mailto:radiusnt-request@iea-software.com]On Behalf Of Kenneth Jordan
Sent: Friday, June 05, 1998 12:21 PM
To: radiusnt@iea-software.com
Subject: Re: Multilink ISDN Logon Problem
You've been so good in helping so far. Doesn't anyone have the answer to my
question? Thanks.
On the second logon account, do I configure it exactly the way I have the
other keeping in mind that he needs a static ip, or can I give it a random
ip since the first logon has the static ip?
Here is the way I have the current account:
name Password = "password"
User-Service = Framed-User,
Framed-Protocol = PPP,
Framed-Address = 206.24.74.183,
Framed-Netmask = 255.255.255.0,
Framed-Routing = Broadcast-Listen,
Framed-MTU = 1500,
Framed-Compression = Van-Jacobson-TCP-IP
Can the second account be set up like this:
name2 Password = "password2"
User-Service = Framed-User
Thanks for your help,
Ken
-----Original Message-----
From: Eric Cowperthwaite <eric@valleynetworking.com>
To: radiusnt@iea-software.com <radiusnt@iea-software.com>
Date: Thursday, June 04, 1998 11:21 AM
Subject: RE: Multilink ISDN Logon Problem
>In RadiusNT you must give him access to two logons. Otherwise
>he will only get 64K. He only needs one ISDN terminal adapter
>(modem) to do this, not two. He cannot bind two modems together.
>
>
>Eric Cowperthwaite
>System Engineer
>Valley Networking, Inc.
>
>-----Original Message-----
>From: radiusnt-request@iea-software.com
>[mailto:radiusnt-request@iea-software.com]On Behalf Of Richard Sensale
>Sent: Wednesday, June 03, 1998 8:24 PM
>To: radiusnt@iea-software.com
>Subject: Re: Multilink ISDN Logon Problem
>
>
>I do not think you can multilink 2 ISDN modems. They alreay do this via
>MPPP. I have never heard of anything trying to multilink 2 of them for
>256K.
>-----Original Message-----
>From: Kenneth Jordan <jordan@eaglei.net>
>To: RadiusNT <radiusnt@iea-software.com>
>Date: Wednesday, June 03, 1998 11:21 AM
>Subject: Multilink ISDN Logon Problem
>
>
>>I got a customer you has 2 ISDN modems and wanting to multilink link. He
>has
>>a static IP address. He can get the first modem to dial up but when he
>tries
>>to connect with 2nd modem get the msg disconnected from remote host. I'm
>>using text mode and here is his configuration:
>>
>>name Password = "password"
>> User-Service = Framed-User,
>> Framed-Protocol = PPP,
>> Framed-Address = 206.24.74.183,
>> Framed-Netmask = 255.255.255.0,
>> Framed-Routing = Broadcast-Listen,
>> Framed-MTU = 1500,
>> Framed-Compression = Van-Jacobson-TCP-IP
>>
>>What am I missing here?
>>
>>
>
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.
| Message 19 |
'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'
Subject: Accounting
From: eric@valleynetworking.com (Eric Cowperthwaite)
Date: Fri, 5 Jun 1998 12:52:53 -0700
This is a multi-part message in MIME format.
------=_NextPart_000_0006_01BD9080.DB778A20
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Dale,
I was under the impression that Radius NT 2.5 would allow us to only do
accounting on subAccounts we specified, not on all subAccounts. However
I do not see in the table layouts where this would happen at. Any hints? Or
was my impression wrong?
Eric Cowperthwaite
Sys Engineer
Valley Networking
eric@valleynetworking.net
------=_NextPart_000_0006_01BD9080.DB778A20
Content-Type: application/ms-tnef;
name="winmail.dat"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename="winmail.dat"
eJ8+IjYTAQaQCAAEAAAAAAABAAEAAQeQBgAIAAAA5AQAAAAAAADoAAEIgAcAGAAAAElQTS5NaWNy
b3NvZnQgTWFpbC5Ob3RlADEIAQ2ABAACAAAAAgACAAEGgAMADgAAAM4HBgAFAAwANAAAAAUAJQEB
A5AGAMAFAAAnAAAACwACAAEAAAALACMAAAAAAAMAJgAAAAAACwApAAAAAAADADYAAAAAAB4AcAAB
AAAACwAAAEFjY291bnRpbmcAAAIBcQABAAAAFgAAAAG9kLuHHWfYP6X8VRHRiC8AoMmwGDsAAAIB
HQwBAAAAHwAAAFNNVFA6RVJJQ0BWQUxMRVlORVRXT1JLSU5HLkNPTQAACwABDgAAAABAAAYOAPAk
Z7uQvQECAQoOAQAAABgAAAAAAAAAGHnigAT30BGAiERFU1QAAMKAAAADABQOAQAAAAsAHw4BAAAA
AwAGELOh690DAAcQDgEAAB4ACBABAAAAZQAAAERBTEUsSVdBU1VOREVSVEhFSU1QUkVTU0lPTlRI
QVRSQURJVVNOVDI1V09VTERBTExPV1VTVE9PTkxZRE9BQ0NPVU5USU5HT05TVUJBQ0NPVU5UU1dF
U1BFQ0lGSUVELE5PVE8AAAAAAgEJEAEAAACDAQAAfwEAAPEBAABMWkZ1gFVlJAMACgByY3BnMTI1
FjIA+Atgbg4QMDMznQH3IAKkA+MCAGNoCsBgc2V0MCAHEwKAfRkKgXVjAFALA3VsbiUCIGULpiBE
B0BlLIcKogqECoBJIHdhBCAEdW4EgSB0aGUgbQdwcAlwBBBpAiAVcWFBBUBSYWRpdQehVDAgMi41
FNAIYGxkHiAHQAkAB+AXAXRvIOECIGx5IGQYoBQEANArBaAVIHQLgGcYsSBzWHViQRm0BCB3FaBz
jnAFkAaQCJBkLCAS4I8FQBZBGAEaei4gSBgw/GV2BJAUZhkRHCIRMBWhrxZSFaABkRPQIAtgeQhg
fxsSFZAJcBVxBAAXlREAcMsbgBxxdB2AQW4Y8CEAsRsBPyBPHgUU4m0Y8K0VyXcDYA8gPxQKRQUQ
tGMgCFB3G4AAIGgU4LxpdBMQFBMGsAQgRQ8g1wuACeAeBVYYAWUY8AfAcnQXoHJrGhEUBAZxY9xA
dihzEwAo9i4qgRQEBRHxACwAAAMAEBAAAAAAAwAREAAAAAALAAGACCAGAAAAAADAAAAAAAAARgAA
AAADhQAAAAAAAAMABYAIIAYAAAAAAMAAAAAAAABGAAAAAFKFAADwEwAAHgAGgAggBgAAAAAAwAAA
AAAAAEYAAAAAVIUAAAEAAAAEAAAAOC41AAMAB4AIIAYAAAAAAMAAAAAAAABGAAAAAAGFAAAAAAAA
CwAQgAggBgAAAAAAwAAAAAAAAEYAAAAADoUAAAAAAAADABGACCAGAAAAAADAAAAAAAAARgAAAAAQ
hQAAAAAAAAMAEoAIIAYAAAAAAMAAAAAAAABGAAAAABGFAAAAAAAAAwAVgAggBgAAAAAAwAAAAAAA
AEYAAAAAGIUAAAAAAAAeACWACCAGAAAAAADAAAAAAAAARgAAAAA2hQAAAQAAAAEAAAAAAAAAHgAm
gAggBgAAAAAAwAAAAAAAAEYAAAAAN4UAAAEAAAABAAAAAAAAAB4AJ4AIIAYAAAAAAMAAAAAAAABG
AAAAADiFAAABAAAAAQAAAAAAAAALACyACyAGAAAAAADAAAAAAAAARgAAAAAAiAAAAAAAAAsALoAL
IAYAAAAAAMAAAAAAAABGAAAAAAWIAAAAAAAACwDWgAggBgAAAAAAwAAAAAAAAEYAAAAABoUAAAAA
AAACAfgPAQAAABAAAAAYeeKABPfQEYCIREVTVAAAAgH6DwEAAAAQAAAAGHnigAT30BGAiERFU1QA
AAIB+w8BAAAASQAAAAAAAAA4obsQBeUQGqG7CAArKlbCAABtc3BzdC5kbGwAAAAAAE5JVEH5v7gB
AKoAN9luAAAAQzpcV0lORE9XU1xtYWlsLnBzdAAAAAADAP4PBQAAAAMADTT9NwAAAgF/AAEAAAAx
AAAAMDAwMDAwMDAxODc5RTI4MDA0RjdEMDExODA4ODQ0NDU1MzU0MDAwMEM0NzgzNjAwAAAAANYJ
------=_NextPart_000_0006_01BD9080.DB778A20--
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.
| Message 20 |
'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'
Subject: Re: Accounting
From: "Dale E. Reed Jr." <daler@iea-software.com>
Date: Fri, 05 Jun 1998 13:03:27 -0700
Eric Cowperthwaite wrote:
>
> I was under the impression that Radius NT 2.5 would allow us to only do
> accounting on subAccounts we specified, not on all subAccounts. However
> I do not see in the table layouts where this would happen at. Any hints? Or
> was my impression wrong?
You would have to filter at the database level. For Example, you could
add a field to the subaccounts table for this, and then run a query or
procedures to delete the unwanted records based on that. It would be
fairly easy to do.
-- Dale E. Reed Jr. (daler@iea-software.com)_________________________________________________________________ IEA Software, Inc. | RadiusNT, Emerald, and NT FAQs Internet Solutions for Today | http://www.iea-software.com
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 21 |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: Re: feature requestFrom: "Dale E. Reed Jr." <daler@iea-software.com>Date: Fri, 05 Jun 1998 13:05:23 -0700
Brian Lube wrote:> > I have a feature request for the next release of RadiusNT. I would> *really* like to see it record custom fields (such as NASPortDNIS and> Callerid). This would help me out *so* much.> > Just a request.
If you are referring to the Calls table, it can already do this.If you put fields in the Calls table matching the attribute names(without the dashes) RadiusNT will populate the fields. It readsthe column list upon startup, so you have to restart it for thechanges to take affect.
-- Dale E. Reed Jr. (daler@iea-software.com)_________________________________________________________________ IEA Software, Inc. | RadiusNT, Emerald, and NT FAQs Internet Solutions for Today | http://www.iea-software.com
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 22 |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: Re: static IP and AS5200 problemFrom: Christian Simard <simardc@netc.net>Date: Fri, 05 Jun 1998 16:02:04 -0400
Hi!
thank you it works! Now I have another problem...
When I connect to my CISCO AS5200, I can specify anyIP address in the win 95 dialup networking and It will be accepted!!this should never happen with dynamic assigned IP address!!! I have not this problem with my old plain text Livingston radius
I use radiusnt 1.16 with ODBC (SQL Server)
thank you!
>RadiusNT uses the data column for string/IP address types and>the value column for integer types. Your value column for>User-Service is one, which is Login-User and what is actually>sent below. You need to change that to 2 for a framed user,>as listed in the dictionary:>>VALUE User-Service Login-User 1>VALUE User-Service Framed-User 2
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 23 |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: Re: Multilink ISDN Logon ProblemFrom: "Josh Hillman" <admin-maillist@talstar.com>Date: Fri, 5 Jun 1998 16:14:12 -0400
> From: Eric Cowperthwaite <eric@valleynetworking.com>> No, he should only have one user account. Set the > Framed-Protocol to MPPP, which is Multilink PPP, then> your user will be able to bind two channels under one > login ID.
MP = Multilink ProtocolMPP = MP Plus (MP+) -- this is proprietary to Ascend (both ends of the connection), but is backward compatible to MP
Josh Hillmanhillman@talstar.com
> -----Original Message-----> From: radiusnt-request@iea-software.com> [mailto:radiusnt-request@iea-software.com]On Behalf Of Kenneth Jordan> Sent: Friday, June 05, 1998 12:21 PM> To: radiusnt@iea-software.com> Subject: Re: Multilink ISDN Logon Problem> > > You've been so good in helping so far. Doesn't anyone have the answer tomy> question? Thanks.> > On the second logon account, do I configure it exactly the way I have the> other keeping in mind that he needs a static ip, or can I give it arandom> ip since the first logon has the static ip?> > Here is the way I have the current account:> > name Password = "password"> User-Service = Framed-User,> Framed-Protocol = PPP,> Framed-Address = 206.24.74.183,> Framed-Netmask = 255.255.255.0,> Framed-Routing = Broadcast-Listen,> Framed-MTU = 1500,> Framed-Compression = Van-Jacobson-TCP-IP> > Can the second account be set up like this:> > name2 Password = "password2"> User-Service = Framed-User> > Thanks for your help,> Ken> > -----Original Message-----> From: Eric Cowperthwaite <eric@valleynetworking.com>> To: radiusnt@iea-software.com <radiusnt@iea-software.com>> Date: Thursday, June 04, 1998 11:21 AM> Subject: RE: Multilink ISDN Logon Problem> > > >In RadiusNT you must give him access to two logons. Otherwise> >he will only get 64K. He only needs one ISDN terminal adapter> >(modem) to do this, not two. He cannot bind two modems together.> >> >> >Eric Cowperthwaite> >System Engineer> >Valley Networking, Inc.> >> >-----Original Message-----> >From: radiusnt-request@iea-software.com> >[mailto:radiusnt-request@iea-software.com]On Behalf Of Richard Sensale> >Sent: Wednesday, June 03, 1998 8:24 PM> >To: radiusnt@iea-software.com> >Subject: Re: Multilink ISDN Logon Problem> >> >> >I do not think you can multilink 2 ISDN modems. They alreay do this via> >MPPP. I have never heard of anything trying to multilink 2 of them for> >256K.> >-----Original Message-----> >From: Kenneth Jordan <jordan@eaglei.net>> >To: RadiusNT <radiusnt@iea-software.com>> >Date: Wednesday, June 03, 1998 11:21 AM> >Subject: Multilink ISDN Logon Problem> >> >> >>I got a customer you has 2 ISDN modems and wanting to multilink link.He> >has> >>a static IP address. He can get the first modem to dial up but when he> >tries> >>to connect with 2nd modem get the msg disconnected from remote host.I'm> >>using text mode and here is his configuration:> >>> >>name Password = "password"> >> User-Service = Framed-User,> >> Framed-Protocol = PPP,> >> Framed-Address = 206.24.74.183,> >> Framed-Netmask = 255.255.255.0,> >> Framed-Routing = Broadcast-Listen,> >> Framed-MTU = 1500,> >> Framed-Compression = Van-Jacobson-TCP-IP> >>> >>What am I missing here?> >>> >>> >
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 24 |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: NAS restrictionFrom: Christian Simard <simardc@netc.net>Date: Fri, 05 Jun 1998 16:05:37 -0400
Hi!
Is there a way to restrict a user to a specific NAS.For example, I want user Joe only be able to connectto the x.x.x.1 NAS but not to the x.x.x.2 one.
I use RadiusNT 1.16 with SQL Server (ODBC mode).
thank you!
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 25 |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: Re: feature requestFrom: Brian Lube <brian@mpinet.net>Date: Fri, 05 Jun 1998 16:24:43 -0400
I'm sorry, I didn't finish that sentence (I got interrupted by one of theother sysadmins here). I'm looking for this in the Radlogs table, so thatwhen someone fails I can find out what number they are dialing into andfrom. This is nice for finding people who are hacking into my system.
Brian LubeMPInet
At 01:05 PM 6/5/98 -0700, you wrote:>Brian Lube wrote:>> >> I have a feature request for the next release of RadiusNT. I would>> *really* like to see it record custom fields (such as NASPortDNIS and>> Callerid). This would help me out *so* much.>> >> Just a request.>>If you are referring to the Calls table, it can already do this.>If you put fields in the Calls table matching the attribute names>(without the dashes) RadiusNT will populate the fields. It reads>the column list upon startup, so you have to restart it for the>changes to take affect.>>-- >Dale E. Reed Jr. (daler@iea-software.com)>_________________________________________________________________> IEA Software, Inc. | RadiusNT, Emerald, and NT FAQs> Internet Solutions for Today | http://www.iea-software.com>
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 26 |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: RE: Multilink ISDN Logon ProblemFrom: eric@valleynetworking.com (Eric Cowperthwaite)Date: Fri, 5 Jun 1998 13:49:07 -0700
Josh,
You are correct.
Eric
-----Original Message-----From: radiusnt-request@iea-software.com[mailto:radiusnt-request@iea-software.com]On Behalf Of Josh HillmanSent: Friday, June 05, 1998 1:14 PMTo: radiusnt@iea-software.comSubject: Re: Multilink ISDN Logon Problem
> From: Eric Cowperthwaite <eric@valleynetworking.com>> No, he should only have one user account. Set the > Framed-Protocol to MPPP, which is Multilink PPP, then> your user will be able to bind two channels under one > login ID.
MP = Multilink ProtocolMPP = MP Plus (MP+) -- this is proprietary to Ascend (both ends of the connection), but is backward compatible to MP
Josh Hillmanhillman@talstar.com
> -----Original Message-----> From: radiusnt-request@iea-software.com> [mailto:radiusnt-request@iea-software.com]On Behalf Of Kenneth Jordan> Sent: Friday, June 05, 1998 12:21 PM> To: radiusnt@iea-software.com> Subject: Re: Multilink ISDN Logon Problem> > > You've been so good in helping so far. Doesn't anyone have the answer tomy> question? Thanks.> > On the second logon account, do I configure it exactly the way I have the> other keeping in mind that he needs a static ip, or can I give it arandom> ip since the first logon has the static ip?> > Here is the way I have the current account:> > name Password = "password"> User-Service = Framed-User,> Framed-Protocol = PPP,> Framed-Address = 206.24.74.183,> Framed-Netmask = 255.255.255.0,> Framed-Routing = Broadcast-Listen,> Framed-MTU = 1500,> Framed-Compression = Van-Jacobson-TCP-IP> > Can the second account be set up like this:> > name2 Password = "password2"> User-Service = Framed-User> > Thanks for your help,> Ken> > -----Original Message-----> From: Eric Cowperthwaite <eric@valleynetworking.com>> To: radiusnt@iea-software.com <radiusnt@iea-software.com>> Date: Thursday, June 04, 1998 11:21 AM> Subject: RE: Multilink ISDN Logon Problem> > > >In RadiusNT you must give him access to two logons. Otherwise> >he will only get 64K. He only needs one ISDN terminal adapter> >(modem) to do this, not two. He cannot bind two modems together.> >> >> >Eric Cowperthwaite> >System Engineer> >Valley Networking, Inc.> >> >-----Original Message-----> >From: radiusnt-request@iea-software.com> >[mailto:radiusnt-request@iea-software.com]On Behalf Of Richard Sensale> >Sent: Wednesday, June 03, 1998 8:24 PM> >To: radiusnt@iea-software.com> >Subject: Re: Multilink ISDN Logon Problem> >> >> >I do not think you can multilink 2 ISDN modems. They alreay do this via> >MPPP. I have never heard of anything trying to multilink 2 of them for> >256K.> >-----Original Message-----> >From: Kenneth Jordan <jordan@eaglei.net>> >To: RadiusNT <radiusnt@iea-software.com>> >Date: Wednesday, June 03, 1998 11:21 AM> >Subject: Multilink ISDN Logon Problem> >> >> >>I got a customer you has 2 ISDN modems and wanting to multilink link.He> >has> >>a static IP address. He can get the first modem to dial up but when he> >tries> >>to connect with 2nd modem get the msg disconnected from remote host.I'm> >>using text mode and here is his configuration:> >>> >>name Password = "password"> >> User-Service = Framed-User,> >> Framed-Protocol = PPP,> >> Framed-Address = 206.24.74.183,> >> Framed-Netmask = 255.255.255.0,> >> Framed-Routing = Broadcast-Listen,> >> Framed-MTU = 1500,> >> Framed-Compression = Van-Jacobson-TCP-IP> >>> >>What am I missing here?> >>> >>> >
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 27 |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: Re: couldn't open server to find serversFrom: "Jerry Mahler" <Jerry_Mahler@mw.3com.com>Date: Fri, 5 Jun 1998 16:31:38 -0500
Here's another piece of info regarding the below problem:
The CHAP-response is always empty the first time I try to dial in afterrebooting the Windows NT machine I am dialing into.
Perhaps that will shed some light on the problem.
-Jerry
"Jerry Mahler" <Jerry_Mahler@mw.3com.com> on 06/05/98 02:02:57 PM
Please respond to radiusnt@iea-software.com
To: radiusnt@iea-software.comcc:Subject: Re: couldn't open server to find servers
Deleting the keys didn't seem to work. Now the NT machine I am dialing inon complains that there are no authentication protocols available, and thecall is dropped even before a RADIUS request is made.
Any other ideas of what the problem could be?
I think my setup is about as simple and plain as can be -- nothing at allstrange. Did anyone else have to do anything special to get RadiusNT towork with Windows NT RRAS?
-Jerry
"Dale E. Reed Jr." <daler@iea-software.com> on 06/05/98 01:03:21 PM
Please respond to radiusnt@iea-software.com
To: radiusnt@iea-software.comcc:Subject: Re: couldn't open server to find servers
On Fri, 5 Jun 1998, Kevin Ingram wrote:
> I don't know about the most recent RRAS, but most versions you mustdelete> the CHAP & SPAP keys in (I think) HKLM\SYSTEM\SERVICES\RASMAN\PPP (pulled> from memory, if not correct email me). Restart NT machine and try itagain.
ALthough you may not want to always do CHAP, RadiusNT 2.5 does supportthe CHAP attributes as sent by RRAS.
> Kevin Ingram>> -----Original Message-----> From: Jerry Mahler <Jerry_Mahler@mw.3com.com>> To: radiusnt@iea-software.com <radiusnt@iea-software.com>> Date: Friday, June 05, 1998 10:42 AM> Subject: Re: couldn't open server to find servers>>> >> >I have a Windows 95 machine dialing into a Windows NT 4.0 machine, whichis> >running RRAS. The Windows NT machine is using RadiusNT 25 for> >authentication. RadiusNT is running on a separate Windows NT 4.0machine.> >> >Everytime I try to dial in with the Windows 95 machine, I get rejected.> >Below is a copy of the radius debug output.> >> >=================> > radrecv: Request from host 9570a48a code=1, id=3, length=63> > User-Name = "test"> > CHAP-Challenge => >"\325\030\342\017b\3130\014\320\216\244\213\225\220\275\001"> > Challenge-Response => >"\001)\306\244\366\235\260l-'\351\317\241\342\206\024\346"> > Checking user record PW_PASSWORD type> > authChapPwd> > Sending Reject of id 3 to 9570a48a (149.112.164.138)> >=================> >> >I have verified that the secret on Windows NT RRAS matches that of the> >clients file on the RadiusNT machine.> >> >Any ideas? Perhaps I have a setting incorrect in RRAS???> >> >>>
Dale E. Reed Jr. (daler@iea-software.com)_________________________________________________________________ IEA Software, Inc. | RadiusNT, Emerald, and NT FAQs Internet Solutions for Today | http://www.iea-software.com
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 28 |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: Acct Terminate Cause?From: Robb Bryn <rbryn@cape-fear.net>Date: Fri, 5 Jun 1998 17:49:49 -0400
What are the Account Terminate cause codes? I can't seem to find them anywhere in the docs.
ThanksRobb___________________________________________________________Robert L. Bryn Cape Fear LiveWebmaster PO Box 4741rbryn@cflive.com Wilmington, NC. 28406http:\\www.cflive.com (910)392-9887
The Ultimate Online Magazine for Wilmington ___________________________________________________________
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 29 |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: Re: Acct Terminate Cause?From: "Dale E. Reed Jr." <daler@iea-software.com>Date: Fri, 05 Jun 1998 15:02:57 -0700
Robb Bryn wrote:> > What are the Account Terminate cause codes? I can't seem to find them anywhere in the docs.
Some of them (like Ascend) has vendor specific ones. Here is the listfrom the RFC:
1 User Request 2 Lost Carrier 3 Lost Service 4 Idle Timeout 5 Session Timeout 6 Admin Reset 7 Admin Reboot 8 Port Error 9 NAS Error 10 NAS Request 11 NAS Reboot 12 Port Unneeded 13 Port Preempted 14 Port Suspended 15 Service Unavailable 16 Callback 17 User Error 18 Host Request
-- Dale E. Reed Jr. (daler@iea-software.com)_________________________________________________________________ IEA Software, Inc. | RadiusNT, Emerald, and NT FAQs Internet Solutions for Today | http://www.iea-software.com
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 30 |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: Re: feature requestFrom: "Dale E. Reed Jr." <daler@iea-software.com>Date: Fri, 05 Jun 1998 15:10:10 -0700
Brian Lube wrote:> > I'm sorry, I didn't finish that sentence (I got interrupted by one of the> other sysadmins here). I'm looking for this in the Radlogs table, so that> when someone fails I can find out what number they are dialing into and> from. This is nice for finding people who are hacking into my system.
We are working on that option.
-- Dale E. Reed Jr. (daler@iea-software.com)_________________________________________________________________ IEA Software, Inc. | RadiusNT, Emerald, and NT FAQs Internet Solutions for Today | http://www.iea-software.com
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 31 |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: Re: Multilink ISDN Logon ProblemFrom: "Dale E. Reed Jr." <daler@iea-software.com>Date: Fri, 05 Jun 1998 15:12:57 -0700
Josh Hillman wrote:> > > From: Eric Cowperthwaite <eric@valleynetworking.com>> > No, he should only have one user account. Set the> > Framed-Protocol to MPPP, which is Multilink PPP, then> > your user will be able to bind two channels under one> > login ID.> > MP = Multilink Protocol> MPP = MP Plus (MP+) -- this is proprietary to Ascend (both ends of the> connection), but is backward compatible to MP
I've never used anything but PPP in RadiusNT. I believeall of the others are basically being outdated. Both livingston andAscend can do Multilink is the protocol is PPP. I'm not sureabout Multi-Link plus, but I have done it with my P25 into a maxwith the RadiusNT protocol unchanged (just selected on the P25 side).
-- Dale E. Reed Jr. (daler@iea-software.com)_________________________________________________________________ IEA Software, Inc. | RadiusNT, Emerald, and NT FAQs Internet Solutions for Today | http://www.iea-software.com
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 32 |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: Re: NAS restrictionFrom: "Dale E. Reed Jr." <daler@iea-software.com>Date: Fri, 05 Jun 1998 15:27:00 -0700
Christian Simard wrote:> > Hi!> > Is there a way to restrict a user to a specific NAS.> For example, I want user Joe only be able to connect> to the x.x.x.1 NAS but not to the x.x.x.2 one.> > I use RadiusNT 1.16 with SQL Server (ODBC mode).
With RadiusNT 2.5 you can use the Server Port Access features. 1.16 is not capable of it.
-- Dale E. Reed Jr. (daler@iea-software.com)_________________________________________________________________ IEA Software, Inc. | RadiusNT, Emerald, and NT FAQs Internet Solutions for Today | http://www.iea-software.com
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 33 |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: Re: static IP and AS5200 problemFrom: "Dale E. Reed Jr." <daler@iea-software.com>Date: Fri, 05 Jun 1998 15:28:28 -0700
Christian Simard wrote:> > thank you it works! Now I have another problem...> > When I connect to my CISCO AS5200, I can specify any> IP address in the win 95 dialup networking and It will be accepted!!> this should never happen with dynamic assigned IP address!!!> I have not this problem with my old plain text Livingston radius
Make sure the Framed-Address protocol is 255.255.255.254. Ifits set to 255.255.255.255, then its negotiated and they can picktheir own (really bad). > I use radiusnt 1.16 with ODBC (SQL Server)
I would highly recommend upgraded to RadiusNT 2.5.
-- Dale E. Reed Jr. (daler@iea-software.com)_________________________________________________________________ IEA Software, Inc. | RadiusNT, Emerald, and NT FAQs Internet Solutions for Today | http://www.iea-software.com
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 34 |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: From: "Eric Powers" <eric@river-valley.net>Date: Fri, 5 Jun 1998 17:34:43 -0500
unsubscribe radiusnt
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 35 |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: ServerAccessFrom: "Bruno Tremblay" <bruno@mustangtechno.com>Date: Fri, 5 Jun 1998 20:03:58 -0400
I still getting that error message wen I'm using ServerAccess on version2.5.116
SQL Statement: Select Count(Username) From ServerPorts WhereUsername='thibppp' and AcctStatusType=1
thibppp found on-line 1 time(s).Checking for port access.
SQL Statement: Select MaxSessionLength, StartTime, StopTime, (DatePart('h',Now) * 60) + DatePart('n', Now) From Servers s, ServerAccess sa Wheres.ServerID =sa.ServerID AND s.IPAddress = 'XXX.XXX.XXX.XXX' AND (sa.Port=2 orsa.Port=NULL) AND sa.AccountType = 'XXX'
ODBC Error:22005:-3030: [Microsoft][ODBC Microsoft Access 97 Driver] Data type mismatch in criteriaexpression.
Sending Reject of id 198 to c7a6db0b (XXX.XXX.XXX.XXX)User: XXXX port Access deniedUser: XXXX port Access denied SQL Statement: INSERT INTO RadLogs(RadLogMsgID, LogDate, Username, Data)VALUES (16, Now, 'thibppp', 'Server:(XXX.XXX.XXX.XXX) Port:2 (Time)')
Resp Time: 781 Auth: 0/7 -> 7 Acct: 1/0/0 -> 1
Thank's
Bruno Tremblay
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 36 |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: Re: couldn't open server to find serversFrom: "Kevin Ingram" <kingram@cameron.net>Date: Fri, 5 Jun 1998 20:12:49 -0500
I have several RRAS machines authenticating from RadiusNT, and other thandeleting the keys in the registry there was nothing special about it-- BUT,I am still running the older, less featured 1.xx versions of RadiusNT. Thekey to your problem may be unique to the newer versions.
Kevin Ingram-----Original Message-----From: Jerry Mahler <Jerry_Mahler@mw.3com.com>To: radiusnt@iea-software.com <radiusnt@iea-software.com>Date: Friday, June 05, 1998 2:00 PMSubject: Re: couldn't open server to find servers
>Deleting the keys didn't seem to work. Now the NT machine I am dialing in>on complains that there are no authentication protocols available, and the>call is dropped even before a RADIUS request is made.>>Any other ideas of what the problem could be?>>I think my setup is about as simple and plain as can be -- nothing at all>strange. Did anyone else have to do anything special to get RadiusNT to>work with Windows NT RRAS?>>-Jerry>>>>>>"Dale E. Reed Jr." <daler@iea-software.com> on 06/05/98 01:03:21 PM>>Please respond to radiusnt@iea-software.com>>To: radiusnt@iea-software.com>cc:>Subject: Re: couldn't open server to find servers>>>>>On Fri, 5 Jun 1998, Kevin Ingram wrote:>>> I don't know about the most recent RRAS, but most versions you must>delete>> the CHAP & SPAP keys in (I think) HKLM\SYSTEM\SERVICES\RASMAN\PPP (pulled>> from memory, if not correct email me). Restart NT machine and try it>again.>>ALthough you may not want to always do CHAP, RadiusNT 2.5 does support>the CHAP attributes as sent by RRAS.>>> Kevin Ingram>>>> -----Original Message----->> From: Jerry Mahler <Jerry_Mahler@mw.3com.com>>> To: radiusnt@iea-software.com <radiusnt@iea-software.com>>> Date: Friday, June 05, 1998 10:42 AM>> Subject: Re: couldn't open server to find servers>>>>>> >>> >I have a Windows 95 machine dialing into a Windows NT 4.0 machine, which>is>> >running RRAS. The Windows NT machine is using RadiusNT 25 for>> >authentication. RadiusNT is running on a separate Windows NT 4.0>machine.>> >>> >Everytime I try to dial in with the Windows 95 machine, I get rejected.>> >Below is a copy of the radius debug output.>> >>> >=================>> > radrecv: Request from host 9570a48a code=1, id=3, length=63>> > User-Name = "test">> > CHAP-Challenge =>> >"\325\030\342\017b\3130\014\320\216\244\213\225\220\275\001">> > Challenge-Response =>> >"\001)\306\244\366\235\260l-'\351\317\241\342\206\024\346">> > Checking user record PW_PASSWORD type>> > authChapPwd>> > Sending Reject of id 3 to 9570a48a (149.112.164.138)>> >=================>> >>> >I have verified that the secret on Windows NT RRAS matches that of the>> >clients file on the RadiusNT machine.>> >>> >Any ideas? Perhaps I have a setting incorrect in RRAS???>> >>> >>>>>>>Dale E. Reed Jr. (daler@iea-software.com)>_________________________________________________________________> IEA Software, Inc. | RadiusNT, Emerald, and NT FAQs> Internet Solutions for Today | http://www.iea-software.com>>>>>>>>
..------ ------ ------ ------ ------ ------ ------ ------ ------ ------.| Message 37 |'------ ------ ------ ------ ------ ------ ------ ------ ------ ------'Subject: Re: Call History scriptFrom: "jmercer" <radiusnt@ultravision.net>Date: Fri, 05 Jun 1998 21:11:50 -0500
Ok that's what I have but it still is giving me the error is No destinationfield name in INSERT INTO statement (CallDate='5-1-98').
*********** REPLY SEPARATOR ***********
On 6/5/98, at 11:37 AM, Dale E. Reed Jr. wrote:
>Your CallHistory table should have three fields:>>Username (text)>CallDate (date/time)>Mins (number, long)>>You could put others in if you wanted more information.>>> >Insert Into CallHistory>> >Select Username, CallDate='5/1/98', Mins=Sum(AcctSessionTime/60+1)>> >From Calls>> >Where CalLDate >= '5/1/98'>> > and CallDate < '6/1/98'>> > and AcctStatusType = 2>> >Group By UserName>> >Order By Username>>Dale E. Reed Jr. (daler@iea-software.com)>_________________________________________________________________> IEA Software, Inc. | RadiusNT, Emerald, and NT FAQs> Internet Solutions for Today | http://www.iea-software.com
Jerry MercerUltra-VisionInternet - jmercer@ultravision.net