Re: [RadiusNT] SNMP concurrency-checking inconsistencies
Dale E. Reed Jr. ( (no email) )
Wed, 29 Sep 1999 12:27:45 -0700
Josh Hillman wrote:
>
> On this past sunday, two of our Max 4048s reset themselves (don't know why
> yet) and as a result, the users who were online could no longer log in
> because Emerald (2.5.278) / RadiusNT (2.5.175) thought they were still
> online (there were 247 "over login limit" errors before I realized that
> they reset). I set up the SNMP concurrency checking several weeks ago and
> thought that things were running smoothly, but apparently it's not
> functioning correctly and/or consistently.
>
> Below are two login attempts for a test account (dialup via modem) with a
> login limit of 1. The first one (and several previous attempts) failed
> because of "over login limit". The second one displayed below apparently
> authenticated successfully, although nothing had changed in the
> configuration for the account, RadiusNT, or the Max. In the RadLogs, the
> Description, "SNMP Check Failed" showed up though. The RadiusNT loading
> options are at the end.
>
> radrecv: Request from host c72cc20e code=1, id=103, length=105
> Error in packet.
> Reason: There is no such variable name in this MIB.
> This name doesn't exist: enterprises.ascend.sessionStatusGroup.sessionActiveTable.sessionActiveEntry.ssnActive
> UserName.303452992
This means the OID isn't valid anymore (the session isn't on), and
therefore,
fails. Not a big deal, as the returned name is blank, and RadiusNT lets
the user on (like it should).
> Server:199.44.194.14 SNMPUser:.1.3.6.1.4.1.529.12.3.1.4.303452992 User:
> Sending Ack of id 103 to c72cc20e (Max 5)
> Resp Time: 250 Auth: 2/13 -> 15 Acct: 6/0/0 -> 6
I would need to see one of the refusals to see what happened on a
reject.
--
Dale E. Reed Jr. Emerald and RadiusNT__________________________________________IEA Software, Inc. www.iea-software.com
For more information about this list (including removal) go to:http://www.iea-software.com/support/maillists/liststart