Re: Need help with IPASS and ServerAccess

Dale E. Reed Jr. ( (no email) )
Mon, 03 Aug 1998 16:12:44 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Previous message: Dale E. Reed Jr.: "Re: Dr. Watson!!!"
Next message: Dale E. Reed Jr.: "Re: Need help with IPASS and ServerAccess"
Maybe in reply to: David Niblett: "Need help with IPASS and ServerAccess"
Next in thread: Dale E. Reed Jr.: "Re: Need help with IPASS and ServerAccess"

Steve Spesard wrote:
>
> We are still running Radius V2.2 before RadiusNT dealt with IPASS. Anyway we
> run IPASS with NT authentication separate from RadiusNT. It works great. The
> setup was a breeze. It might be another option for those having Radius
> problems.

RadiusNT 2.5 still doesn't include support for IPASS. The API
is there, but nothing to talk to it on the IPASS side. :(
Actually, anybody can write a DLL to talk to the API. I have been
working on some new documentation to allow third parties to do this.
I can only assume its going to be a very popular feature for third
party integration type stuff.

> Steve Spesard
>
> Mourad Dahoumane wrote:
>
> > I also use Ipass and I have the same problem
> > It seems Emerald/radius doesn't recognise this kind of virtual port.
> > also you can't assign an ip pool to this vnas and you never know which ip
> > address
> > will your roaming users have.
> >
> > Mourad Dahoumane
> > Connexion Interway
> >
> > -----Original Message-----
> > From: David Niblett <niblettda@gru.com>
> > To: 'radiusnt@iea-software.com' <radiusnt@iea-software.com>
> > Date: 03 August 1998 20:34
> > Subject: Need help with IPASS and ServerAccess
> >
> > >I am trying to set up so that I can use the ServerAccess feature of
> > RadiusNT
> > >v2.5
> > >I've got the authentication working just fine from my TNT's and MAX's. The
> > >problem
> > >I am facing is with IPASS.
> > >
> > >When I user 'check-vnas' with a known working username and password this
> > is
> > >the
> > >response I get back.
> > >
> > >-----
> > >radrecv: Request from host cf168e05 code=1, id=15, length=73
> > > User-Name = "ipasstest"
> > > Password = "\242F\022\333\025a?\341\337\027\221W\267|\217\202"
> > >Received unknown attribute 32
> > > NAS-Port = 1
> > >rad_authenticate_ODBC()
> > > Password = "\242F\022\333\025a?\341\337\027\221W\267|\217\202"
> > >
> > > SQL Statement: Select DateDiff(Minute, GetDate(), DateAdd(Day,
> > >(ma.Extension+ma
> > >.OverDue+1), maExpireDate)), DateDiff(Minute, GetDate(), DateAdd(Day,
> > >sa.Extensi
> > >on+1, saExpireDate)), sa.AccountID, sa.AccountType, sa.Password, sa.Login,
> > >sa.Sh
> > >ell, sa.LoginLimit From MasterAccounts ma, SubAccounts sa Where
> > >(sa.Login='ipas
> > >stest' or sa.Shell='ipasstest') AND ma.CustomerID=sa.CustomerID and
> > >sa.Active<>0
> > > and ma.Active<>0
> > >
> > > Decrypted Password: <secret>
> > > Database Password: <secret>
> > >Checking for duplicate logins.
> > >
> > > SQL Statement: RadCheckOnline 'ipasstest'
> > >
> > > ipasstest found on-line 0 time(s).
> > >Checking for port access.
> > >Incomplete authentication record. ServerAccess not possible.
> > >Sending Reject of id 15 to cf168e05 (grucom2.gru.net)
> > >User: ipasstest Time Access denied
> > >User: ipasstest Time Access denied
> > > SQL Statement: INSERT INTO RadLogs(RadLogMsgID, LogDate, Username, Data)
> > > VALUE
> > >S (16, GetDate(), 'ipasstest', 'Server:Unknown Port:1 (No Access)')
> > >
> > >
> > >Resp Time: 261 Auth: 0/1 -> 1 Acct: 0/0/0 -> 0
> > >-----
> > >
> > >My main concern is the 'Received unknown attribute 32'. I added in the
> > >Servers table the entry for the machine that IPASS is running on. Then
> > >added the entry into ServerPorts and lastly ServerAccess.
> > >
> > >However, the best I can tell is that attribute 32 is 'NAS-IP-Address'. I
> > >checked
> > >what a normal record looks like and it uses attribute 4, 'NAS-Identifier.'
> > >RadCheckAccess is never called in this case since it would appear that the
> > >record is not right.
> > >
> > >So what I did was define attribute 32 in the tables and then I got this:
> > >-----
> > >radrecv: Request from host cf168e05 code=1, id=120, length=73
> > > User-Name = "ipasstest"
> > > Password = "pB\325L\264\244\005\025\212\373T'6\200\351\263"
> > > NAS-IP-Address = "i-Pass VNAS"
> > > NAS-Port = 1
> > >rad_authenticate_ODBC()
> > >Calc_digest: from 207.22.142.5, ID 120 : Request from Unknown Client
> > >
> > >rad_auth() calc_digest ret'd error
> > >Authenticate: from 207.22.142.5 - Security Breach: ipasstest
> > >-----
> > >
> > >Needless to say, I'm very confused. Any thoughts or help on this would
> > >be greatly appreciated.
> > >
> > >The statistics are as follows:
> > >IPASS version 3.1 (latest)
> > >RadiusNT version 2.5.110
> > >NT v4.0
> > >
> > >Thanks!
> > >
> > >--
> > >David A. Niblett | Email: niblettda@gru.com
> > >Systems Programmer | Phone: (352) 334-3400
> > >Gainesville Regional Utilities | Web: http://www.gru.com/
> > >
> > >

-- Dale E. Reed Jr.  (daler@iea-software.com)_________________________________________________________________       IEA Software, Inc.      |  RadiusNT, Emerald, and NT FAQs Internet Solutions for Today  |   http://www.iea-software.com

Previous message: Dale E. Reed Jr.: "Re: Dr. Watson!!!"
Next message: Dale E. Reed Jr.: "Re: Need help with IPASS and ServerAccess"
Maybe in reply to: David Niblett: "Need help with IPASS and ServerAccess"
Next in thread: Dale E. Reed Jr.: "Re: Need help with IPASS and ServerAccess"