Need help with IPASS and ServerAccess

David Niblett ( )
Mon, 3 Aug 1998 14:33:50 -0400

I am trying to set up so that I can use the ServerAccess feature of RadiusNT
I've got the authentication working just fine from my TNT's and MAX's. The
I am facing is with IPASS.

When I user 'check-vnas' with a known working username and password this is
response I get back.

radrecv: Request from host cf168e05 code=1, id=15, length=73
User-Name = "ipasstest"
Password = "\242F\022\333\025a?\341\337\027\221W\267|\217\202"
Received unknown attribute 32
NAS-Port = 1
Password = "\242F\022\333\025a?\341\337\027\221W\267|\217\202"

SQL Statement: Select DateDiff(Minute, GetDate(), DateAdd(Day,
..OverDue+1), maExpireDate)), DateDiff(Minute, GetDate(), DateAdd(Day,
on+1, saExpireDate)), sa.AccountID, sa.AccountType, sa.Password, sa.Login,
ell, sa.LoginLimit From MasterAccounts ma, SubAccounts sa Where
stest' or sa.Shell='ipasstest') AND ma.CustomerID=sa.CustomerID and
and ma.Active<>0

Decrypted Password: <secret>
Database Password: <secret>
Checking for duplicate logins.

SQL Statement: RadCheckOnline 'ipasstest'

ipasstest found on-line 0 time(s).
Checking for port access.
Incomplete authentication record. ServerAccess not possible.
Sending Reject of id 15 to cf168e05 (
User: ipasstest Time Access denied
User: ipasstest Time Access denied
SQL Statement: INSERT INTO RadLogs(RadLogMsgID, LogDate, Username, Data)
S (16, GetDate(), 'ipasstest', 'Server:Unknown Port:1 (No Access)')

Resp Time: 261 Auth: 0/1 -> 1 Acct: 0/0/0 -> 0

My main concern is the 'Received unknown attribute 32'. I added in the
Servers table the entry for the machine that IPASS is running on. Then
added the entry into ServerPorts and lastly ServerAccess.

However, the best I can tell is that attribute 32 is 'NAS-IP-Address'. I
what a normal record looks like and it uses attribute 4, 'NAS-Identifier.'
RadCheckAccess is never called in this case since it would appear that the
record is not right.

So what I did was define attribute 32 in the tables and then I got this:
radrecv: Request from host cf168e05 code=1, id=120, length=73
User-Name = "ipasstest"
Password = "pB\325L\264\244\005\025\212\373T'6\200\351\263"
NAS-IP-Address = "i-Pass VNAS"
NAS-Port = 1
Calc_digest: from, ID 120 : Request from Unknown Client

rad_auth() calc_digest ret'd error
Authenticate: from - Security Breach: ipasstest

Needless to say, I'm very confused. Any thoughts or help on this would
be greatly appreciated.

The statistics are as follows:
IPASS version 3.1 (latest)
RadiusNT version 2.5.110
NT v4.0


--David A. Niblett		 | Email: niblettda@gru.comSystems Programmer		 | Phone: (352) 334-3400Gainesville Regional Utilities | Web: