Powered by Jitbit .Net Forum free trial version. dismiss

HomeInstallation

Installation Issues

Version 4.3 upgrade 5.3 Authentication issue Messages in this topic - RSS

francois.benade
francois.benade
Posts: 6


2.10.2017
francois.benade
francois.benade
Posts: 6
On version 4.3 the option is to use a specific attribute as "key". This "key" variable is then used in the SQL statement. In version 5.3 this is not available. Please advise if this is implemented in a different way or not at all.
0 link
Admin
Admin
Administrator
Posts: 4992


2.10.2017
Admin
Admin
Administrator
Posts: 4992
Hi,

Latest version of TekRADIUS enables you to use any attribute in access request in authentication and authorization queries.

You can set your custom authentication query for Calling-Station-Id;

Select Attribute, Val from Users where UserName='%ietf|31%' and AttrType=0

and authorization query;

Select Attribute, Val from Users where UserName='%ietf|31%' and AttrType=1

Best regards,

Yasin KAPLAN
edited by Admin on 2.10.2017
0 link
francois.benade
francois.benade
Posts: 6


2.10.2017
francois.benade
francois.benade
Posts: 6
I did add a check attribute for the specific user calling-station-id. The client and group is setup as on version 4.3. The only difference is the settings database tab. The user is in the database.
log details
02.10.2017 10:50:41.496 - RadAuth req. from : 10.117.176.245:24608 [UDP]
Size : 351 / 351
Identifier : 135
Attributes :
Framed-Protocol = 7
NAS-Port-Type = 18
Called-Station-Id = enviro
Service-Type = 2
Calling-Station-Id = 2796020059XXXXX
NAS-IP-Address = 10.117.176.245
NAS-Port = 164707
NAS-Identifier = GGPS02
User-Name = Default
02.10.2017 10:50:41.527 - Authentication failed for user 'Default' (2796020059XXXXX). User is unknown.
0 link
Admin
Admin
Administrator
Posts: 4992


2.10.2017
Admin
Admin
Administrator
Posts: 4992
Have you set your Authentication and Authorization queries?
0 link
francois.benade
francois.benade
Posts: 6


2.10.2017
francois.benade
francois.benade
Posts: 6
The authenticate statement would select the check attribute for the user. What is the variable '%ietf|1%' in the statement suppose to compare? It needs to be the calling-station-id.
Authenticate
Select Attribute, Val from Users where UserName='%ietf|1%' and AttrType=0


Authorization
Select Attribute, Val from Users where UserName='%ietf|1%' and AttrType=1
0 link
Admin
Admin
Administrator
Posts: 4992


2.10.2017
Admin
Admin
Administrator
Posts: 4992
You should set as following (Calling-Station-Id = ietf|31 in TekRADIUS notation);

Authentication;
Select Attribute, Val from Users where UserName='%ietf|31%' and AttrType=0

Authorization;
Select Attribute, Val from Users where UserName='%ietf|31%' and AttrType=1
0 link
francois.benade
francois.benade
Posts: 6


2.10.2017
francois.benade
francois.benade
Posts: 6
I first tried as per version 4.3 and after applying the changed authentication query. Then I tried by adding the user name detail with calling station id. First the error is calling-station-id does not match default
02.10.2017 15:40:26.056 - RadAuth req. from : 10.117.176.245:28048 [UDP]
Size : 351 / 351
Identifier : 103
Attributes :
Framed-Protocol = 7
NAS-Port-Type = 18
Called-Station-Id = enviroware
Service-Type = 2
Calling-Station-Id = 279602005924478
NAS-IP-Address = 10.117.176.245
NAS-Port = 1040501
NAS-Identifier = GGPS02
User-Name = Default
02.10.2017 15:40:26.056 - PAP Authentication commencing for user 'Default'
02.10.2017 15:40:26.056 - Check items control for user 'Default' - Start (Group: Default).
02.10.2017 15:40:26.056 - Check attribute 'Calling-Station-Id' value does not match for user 'Default'.
02.10.2017 15:40:26.056 - Check items control for user 'Default' - Stop (Group: Default).
02.10.2017 15:43:42.597 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='1'), ignoring...
02.10.2017 15:43:42.597 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='8'), ignoring...
02.10.2017 15:43:42.597 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='10'), ignoring...
02.10.2017 15:43:42.597 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='2'), ignoring...
02.10.2017 15:43:42.597 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='13'), ignoring...
02.10.2017 15:43:42.597 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='6'), ignoring...
02.10.2017 15:43:42.597 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='7'), ignoring...
02.10.2017 15:43:42.597 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='21'), ignoring...
02.10.2017 15:43:42.597 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='20'), ignoring...
02.10.2017 15:43:42.597 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='22'), ignoring...
02.10.2017 15:43:42.597 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='18'), ignoring...
02.10.2017 15:43:42.597 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='9'), ignoring...
02.10.2017 15:43:42.597 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='12'), ignoring...
02.10.2017 15:43:42.597 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='23'), ignoring...
02.10.2017 15:43:42.597 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='5'), ignoring...
02.10.2017 15:43:42.597 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='3'), ignoring...
02.10.2017 15:43:42.597 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='26'), ignoring...
02.10.2017 15:43:42.597 - RadAuth req. from : 10.117.176.245:25712 [UDP]
Size : 366 / 366
Identifier : 125
Attributes :
Framed-Protocol = 7
NAS-Port-Type = 18
Called-Station-Id = enviroware
Service-Type = 2
Calling-Station-Id = 279602005924478
NAS-IP-Address = 10.117.176.245
NAS-Port = 450218
NAS-Identifier = GGPS02
User-Name = 279602005924478
02.10.2017 15:43:42.597 - PAP Authentication commencing for user '279602005924478'
02.10.2017 15:43:42.597 - Check items control for user '279602005924478' - Start (Group: Default).
02.10.2017 15:43:42.597 - Check attribute 'Calling-Station-Id' value does not match for user '279602005924478'.
02.10.2017 15:43:42.597 - Check items control for user '279602005924478' - Stop (Group: Default).
02.10.2017 15:43:45.910 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='1'), ignoring...
02.10.2017 15:43:45.910 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='8'), ignoring...
02.10.2017 15:43:45.910 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='10'), ignoring...
02.10.2017 15:43:45.910 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='2'), ignoring...
02.10.2017 15:43:45.910 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='13'), ignoring...
02.10.2017 15:43:45.910 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='6'), ignoring...
02.10.2017 15:43:45.910 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='7'), ignoring...
02.10.2017 15:43:45.910 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='21'), ignoring...
02.10.2017 15:43:45.910 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='20'), ignoring...
02.10.2017 15:43:45.910 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='22'), ignoring...
02.10.2017 15:43:45.910 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='18'), ignoring...
02.10.2017 15:43:45.910 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='9'), ignoring...
02.10.2017 15:43:45.910 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='12'), ignoring...
02.10.2017 15:43:45.910 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='23'), ignoring...
02.10.2017 15:43:45.910 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='5'), ignoring...
02.10.2017 15:43:45.910 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='3'), ignoring...
02.10.2017 15:43:45.910 - Unknown or disabled attribute found (Vendor ='unknown' (10415), Attribute ='26'), ignoring...
02.10.2017 15:43:45.910 - RadAuth req. from : 10.117.176.245:24016 [UDP]
0 link
francois.benade
francois.benade
Posts: 6


2.10.2017
francois.benade
francois.benade
Posts: 6
There are two records. The one value is default and the other is the calling-station-id. By adding Attribute='ietf|1' the 'default' is excluded.
Select Attribute, Val from Users where UserName='%ietf|31%' and AttrType=0 and Attribute='ietf|1'


The only remaining part is radius accounting which is not recording and the active sessions remain empty although the connection is working
0 link
Admin
Admin
Administrator
Posts: 4992


2.10.2017
Admin
Admin
Administrator
Posts: 4992
Your authentication query must be;

Select Attribute, Val from Users where UserName='%ietf|31%' and AttrType=0


and authorization query;


Select Attribute, Val from Users where UserName='%ietf|31%' and AttrType=1


Please remove check attribute Calling-Station-Id from user profile 279602005924478
0 link
francois.benade
francois.benade
Posts: 6


2.10.2017
francois.benade
francois.benade
Posts: 6
thank you for your assistance. All working
0 link
Admin
Admin
Administrator
Posts: 4992


2.10.2017
Admin
Admin
Administrator
Posts: 4992
You welcome
0 link






Powered by Jitbit Forum 8.3.8.0 © 2006-2013 Jitbit Software