Re: radius errors

Dale E. Reed Jr. ( (no email) )
Sun, 21 Jun 1998 00:16:41 -0700

rabaut wrote:
> pref_secure1_host which I set to the ip address of the radiusNT server
> enable_protocol set to radius
> radius_secret set to the same secret on the radiusNT clients files
> made sure that the auth_port and the acct_port were set correctly.
> Are there any others that I need to concern myself with??

That should typically do it.

> When I reboot the Bay RAC, I see a response from radiusNT server (dos
> window). When I try to login using a username/password valid or not, it
> still allows me access ... It seems to be ignoring the user database.

What does the RadiusNT -x15 debug look like for a bad authentication
which is being allowed in?

> I assume that the server file contains the ip address of the radiusNT
> server with the secret same as set in the clients file and on the RAC.

The server file is only relevant to radlogin. Its not used by RadiusNT.

> I guess I would like to see generic (basic) settings so I can get it
> working and auth names.

Radlogin is working, so that means you have RadiusNT working. Does
radlogin return a bad result when you test it with a bad user? Could
there be a setting on the RAC (similiar to what Ascend has) where it
could be letting someone in no matter what the RADIUS server says?

-- Dale E. Reed Jr.  (       IEA Software, Inc.      |  RadiusNT, Emerald, and NT FAQs Internet Solutions for Today  |