From: "Howard Leadmon" <howardl at abs.net> To: <ascend-users at bungi.com> Subject: (ASCEND) Max TNT and Livingston Radius Auth Trouble.. Date sent: Sat, 16 Mar 2002 21:43:27 -0500 Organization: ABSnet Internet Services .... > Anyway if I have the TNT take and try and authenticate a user from an > entry that is in the users file, all works just great. Where the > problem is, if I try and have it authenticate a user that is in the unix > password file. If I try that, the radius server barks back the > following: > > radius[85750]: unix_pass: password for "joeblow" failed > > OK, sounds like a general password problem, well I would agree, other > than the fact if I have the user call one of the PM-3's the > authentication is successful. So only attempts from the Max-TNT fail, > which I thought was really strange. I've got NO problem with TNTs/PM3s connecting to an (oldie but goldie) Livingston Radius. Check your TNT setting. Should look like: read external-auth set auth-type = radius set rad-id-space = distinct set rad-auth-client auth-server-1 = <ip-adresse> set rad-auth-client auth-port = 1645 set rad-auth-client auth-key = <nas-secret> set acct-type = radius set rad-acct-client acct-server-1 = <ip-adresse> set rad-acct-client acct-port = 1646 set rad-acct-client acct-key = <nas-secret> write read answer set ppp receive-auth-mode = any-ppp-auth set ip-answer assign-address = yes write > > Also if I look at my syslog output from the MAX, I see stuff like this: > > Mar 16 20:03:15 max1 1/6: [1/6/15/0] LAN security error: <joeblow> [MBID > 521; ->4239193] [Answer] > Please do a: read ip-global set shared-prof = yes write to allow multiple logins with the same username (like guest, getting diffrend IPaddresses from the Pool) A "LAN security error" is always seen if one user has the same IPaddress as an already loggedin User. > > Anyway I would love to get this MAX up and running, if I need to use a > different radiusd to be compatible with both Ascend and Livingston, I > guess that is what I will have to do, but would be nice if I could just > get it working with my current radiusd that has been running it seems > like forever. No need. It should work. > > If anyone has experience with making Livingston radius 2.1 work with an > Ascend Max TNT, and could give me some pointers it would be very much > appreciated. Not sure if it matters, but the TNT is running TAOS 7.2, > as I think that is the latest version we can run with a couple of the > cards that are in the unit. This is indeed an very old TAOS. I've started with 8.x and above and didn't have this Problem. I still don't think it's Firmware related. The former Ascend-Radius was still based on Carl Rigneys work with some ascend-extensions. I've only translated back some parts of the Lucent/Ascend Radius-dictonary to the Livingston Radius-dictonary to make use of some TNT related special reply-items. regards H.Schroeder Hartmut Schroeder MMS Communication AG mailto:hacko at mms.de Eiffestrasse 598 http://www.mms.de/~hacko 20537 Hamburg, Germany Phone: +49 40 211105-40 Fax: +49 40 210 32 210 --- ISAKMP (0:16): deleting SA reason "He's expired! He's lost his perch! He's an ex-parrot!" OR how not to build VPN's using Ciscos :-) ++ Ascend Users Mailing List ++ To unsubscribe: send unsubscribe to ascend-users-request at bungi.com Archives: http://www.nexial.com/mailinglists/