[RadiusNT] VSAs

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Previous message: GFBuerk: "[RadiusNT] RE: RadiusNT Digest"
• Next message: Dale E. Reed Jr.: "Re: [RadiusNT] VSAs"
• Next in thread: Dale E. Reed Jr.: "Re: [RadiusNT] VSAs"
• Maybe reply: Dale E. Reed Jr.: "Re: [RadiusNT] VSAs"
• Maybe reply: Dale E. Reed Jr.: "Re: [RadiusNT] VSAs"
• Maybe reply: Dale E. Reed Jr.: "Re: [RadiusNT] VSAs"
• Maybe reply: Peter D. Mayer: "Re: [RadiusNT] VSAs"
• Maybe reply: Dale E. Reed Jr.: "Re: [RadiusNT] VSAs"
• Maybe reply: Dale E. Reed Jr.: "Re: [RadiusNT] VSAs"
• Maybe reply: Terry Bomersbach: "Re: [RadiusNT] VSAs"
• Maybe reply: Dale E. Reed Jr.: "Re: [RadiusNT] VSAs"

We are trying to use the IP Tunnelling feature in our Lucent Portmaster 3s
to provide content filtering through X-Stop (maybe someone here is familiar
with the product?) and we want certain connection attributes assigned via
RadiusNT.

Now, figuring that in the future we might use other features such as NAT and
the like, I updated all of RadiusNT's attributes and values to that of
Lucent's Dictionary (maybe a mistake). For VSA's, I now have the following
(as seen in a -x15 debug):

307 14 1 LE-NAT-TCP-Session-Timeou
307 3 0 LE-Advice-of-Charge
307 4 0 LE-Connect-Detail
307 6 0 LE-IP-Pool
307 7 2 LE-IP-Gateway
307 8 0 LE-Modem-Info
307 9 1 LE-IPSec-Log-Options
307 10 1 LE-IPSec-Deny-Action
307 11 0 LE-IPSec-Active-Profile
307 2 0 LE-Terminate-Detail
307 13 0 LE-IPSec-Passive-Profile
307 21 0 LE-NAT-Outsource-Outmap
307 15 1 LE-NAT-Other-Session-Time
307 16 1 LE-NAT-Log-Options
307 17 1 LE-NAT-Sess-Dir-Fail-Acti
307 18 0 LE-NAT-Inmap
307 19 0 LE-NAT-Outmap
307 20 0 LE-NAT-Outsource-Inmap
307 22 0 LE-Admin-Group
307 23 1 LE-Multicast-Client
307 12 0 LE-IPSec-Outsource-Profil

When the user dials in, I see the authentication request come in. It looks
fine. The reply has problems:

Framed-Protocol = PPP
Session-Timeout = 28800
Idle-Timeout = 1020
LE-Terminate-Detail = "xstop"
LE-Advice-of-Charge = "xstop"
LE-Connect-Detail = "xstop"
LE-IP-Pool = "xstop"
LE-IP-Gateway = 206.162.82.8
LE-Modem-Info = "xstop"
LE-IPSec-Log-Options = 0
LE-IPSec-Deny-Action = 0
LE-IPSec-Active-Profile = "xstop"
LE-IPSec-Outsource-Profil = "xstop"
LE-IPSec-Passive-Profile = "xstop"
LE-NAT-TCP-Session-Timeou = 0
LE-NAT-Other-Session-Time = 0
LE-NAT-Log-Options = 0
LE-NAT-Sess-Dir-Fail-Acti = 0
LE-NAT-Inmap = "xstop"
LE-NAT-Outmap = "xstop"
LE-NAT-Outsource-Inmap = "xstop"
LE-NAT-Outsource-Outmap = "xstop"
Vendor-Specific = "xstop"
LE-Admin-Group = "xstop"
LE-Multicast-Client = 0

All I want is LE-IPSec-Outsource-Profil = "xstop" The others aren't
needed. I suppose I could delete them from the dictionary, but I think at
the root I have a configuration problem. And who knows, I may use other
VSAs in the future. So I'd really like to find the problem. Any ideas?
Suggestions?

Dave

===================================================
I N T E R N E T F O R B U S I N E S S
Mercury Network http://www.tm.net/
129 Ashman St / P O Box 117 Voice: 517-837-3790
Midland, MI 48640-0117 Fax: 517-837-3780
===================================================

For more information about this list (including removal) go to:
http://www.iea-software.com/support/maillists/liststart

• Previous message: GFBuerk: "[RadiusNT] RE: RadiusNT Digest"
• Next message: Dale E. Reed Jr.: "Re: [RadiusNT] VSAs"
• Next in thread: Dale E. Reed Jr.: "Re: [RadiusNT] VSAs"