|
using version 2.0.7
[Gatekeeper::Auth]
RadAuth=required;RRQ,ARQ PrefixAuth=required;RRQ,ARQ [PrefixAuth]
ALL=deny ipv4:62.139.0.0/62.139.255.255 ALL=deny ipv4:163.121.156.0/163.121.161.255 ALL=deny ipv4:0.0.0.0 default=allow Its not working always prefixauth check ok even
when ip between of them try to login..he can easily login.
here is log
2004/04/02
04:37:32.233 2
RasSrv.cxx(2287) GK Read from 62.139.87.235:1140
2004/04/02 04:37:32.233 3 RasSrv.cxx(2300) GK admissionRequest { requestSeqNum = 29122 callType = pointToPoint <<null>> endpointIdentifier = 16 characters { 0036 0030 0038 0031 005f 0042 0065 0079 6081_Bty 006f 006e 0064 0050 0068 006f 006e 0065 ondPhone } destinationInfo = 1 entries { [0]=dialedDigits "6662917578" } srcInfo = 1 entries { [0]=h323_ID 6 characters { 0073 0061 006d 0065 0072 0061 samera } } bandWidth = 100000 callReferenceValue = 18770 conferenceID = 16 octets { c8 a4 9f d1 be ef 18 10 9a 52 00 48 54 64 50 89 .........R.HTdP. } activeMC = FALSE answerCall = FALSE canMapAlias = TRUE callIdentifier = { guid = 16 octets { c8 a4 9f d1 be ef 18 10 9a 51 00 48 54 64 50 89 .........Q.HTdP. } } gatekeeperIdentifier = 19 characters { 0067 006b 0031 002e 0042 0065 0079 006f gk1.Beyo 006e 0064 0050 0068 006f 006e 0065 002e ndPhone. 0063 006f 006d com } tokens = 1 entries { [0]={ tokenOID = 1.2.840.113548.10.1.2.1 timeStamp = 1080909207 challenge = 16 octets { 27 cf 5a 5c 57 6d a2 d3 17 a3 6b a9 30 92 ae 6c '.Z\Wm....k.0..l } random = 18 generalID = 7 characters { 0073 0061 006d 0065 0072 0061 0000 samera } } } willSupplyUUIEs = TRUE } 2004/04/02 04:37:32.233 1 RasSrv.cxx(1380) GK ARQ Received 2004/04/02 04:37:32.233 3 radproto.cxx(1799) RADIUS Sending PDU to RADIUS server 138.252.115.176 (138.252.115.176 :1812) from port:24479[0,113-114], PDU: { code = 1 (Access-Request) id = 113 length = 267 octets authenticator = 16 octets { c4 91 6a 11 e6 f4 7f 26 4e 20 e6 51 e2 c7 6a 48 ..j....&N .Q..jH } attributes = 13 elements { [0]= { type = 1 (User-Name) length = 8 octets value = 6 octets { 73 61 6d 65 72 61 samera } } [1]= { type = 3 (CHAP-Password) length = 19 octets value = 17 octets { 12 27 cf 5a 5c 57 6d a2 d3 17 a3 6b a9 30 92 ae .'.Z\Wm....k.0.. 6c l } } [2]= { type = 60 (CHAP-Challenge) length = 6 octets value = 4 octets { 40 6d 5d 97 @m]. } } [3]= { type = 4 (NAS-IP-Address) length = 6 octets value = 4 octets { 80 f2 73 b0 ..s. } } [4]= { type = 32 (NAS-Identifier) length = 21 octets value = 19 octets { 67 6b 31 2e 42 65 79 6f 6e 64 50 68 6f 6e 65 2e ghg1.BeyondPhone. 63 6f 6d com } } [5]= { type = 61 (NAS-Port-Type) length = 6 octets value = 4 octets { 00 00 00 05 .... } } [6]= { type = 6 (Service-Type) length = 6 octets value = 4 octets { 00 00 00 01 .... } } [7]= { type = 31 (Calling-Station-Id) length = 8 octets value = 6 octets { 73 61 6d 65 72 61 samera } } [8]= { type = 30 (Called-Station-Id) length = 12 octets value = 10 octets { 36 36 36 32 39 31 37 35 37 38 6662917578 } } [9]= { type = 26 (Vendor-Specific) length = 56 octets vendorId = 9 vendorValue = 50 octets { 18 32 68 33 32 33 2d 63 6f 6e 66 2d 69 64 3d 43 .2h323-conf-id=C 38 41 34 39 46 44 31 20 42 45 45 46 31 38 31 30 8A49FD1 BEEF1810 20 39 41 35 32 30 30 34 38 20 35 34 36 34 35 30 9A520048 546450 38 39 89 } } [10]= { type = 26 (Vendor-Specific) length = 34 octets vendorId = 9 vendorValue = 28 octets { 1a 1c 68 33 32 33 2d 63 61 6c 6c 2d 6f 72 69 67 ..h323-call-orig 69 6e 3d 6f 72 69 67 69 6e 61 74 65 in=originate } } [11]= { type = 26 (Vendor-Specific) length = 27 octets vendorId = 9 vendorValue = 21 octets { 1b 15 68 33 32 33 2d 63 61 6c 6c 2d 74 79 70 65 ..h323-call-type 3d 56 6f 49 50 =VoIP } } [12]= { type = 26 (Vendor-Specific) length = 38 octets vendorId = 9 vendorValue = 32 octets { 21 20 68 33 32 33 2d 67 77 2d 69 64 3d 67 6b 31 ! h323-gw-id=gk1 2e 42 65 79 6f 6e 64 50 68 6f 6e 65 2e 63 6f 6d .BeyondPhone.com } } } } 2004/04/02
04:37:32.233 5
radproto.cxx(1361) RADIUS Unmatched PDU received
(code:2,id:112)
2004/04/02 04:37:32.327 3 radproto.cxx(1825) RADIUS Received PDU from RADIUS server 138.252.115.176 (138.252.115.176 :1812) by socket port:24479[0,113-114], PDU: { code = 2 (Access-Accept) id = 113 length = 107 octets authenticator = 16 octets { b0 fe 7a cc 60 a8 e1 1f 0c aa 8e bd f3 10 a9 50 ..z.`..........P } attributes = 3 elements { [0]= { type = 26 (Vendor-Specific) length = 32 octets vendorId = 9 vendorValue = 26 octets { 65 1a 68 33 32 33 2d 63 72 65 64 69 74 2d 61 6d e.h323-credit-am 6f 75 6e 74 3d 31 30 2e 30 30 ount=10.00 } } [1]= { type = 26 (Vendor-Specific) length = 29 octets vendorId = 9 vendorValue = 23 octets { 66 17 68 33 32 33 2d 63 72 65 64 69 74 2d 74 69 f.h323-credit-ti 6d 65 3d 34 37 34 30 me=4740 } } [2]= { type = 26 (Vendor-Specific) length = 26 octets vendorId = 9 vendorValue = 20 octets { 67 14 68 33 32 33 2d 72 65 74 75 72 6e 2d 63 6f g.h323-return-co 64 65 3d 30 de=0 } } } } 2004/04/02
04:37:32.327 5
radauth.cxx(944) RADAUTH RadAuth ARQ check set duration limit set:
4740
2004/04/02 04:37:32.327 4 gkauth.cxx(392) GkAuth RadAuth check ok 2004/04/02 04:37:32.327 4 gkauth.cxx(392) GkAuth PrefixAuth check ok 2004/04/02 04:37:32.342 3 RasSrv.cxx(2227) GK Send to 138.252.115.176 :1719 |
