You may want to check the versions of snmp that you have running on the two boxes and verify that the redhat 9 snmpget program can get the information off the NAS to verify simultanious logins. There were a number of bugs in the snmp protocol that were patched over the last year or so and you may find that this has affected the ability of the radius server to query your NAS. You may want to do things such as turning on debugging for snmp on the cisco box and verify that the redhat box is indeed sending an snmp request to verify port usage. Another thing to check is that you didnt just copy the binary over and have the helper apps (snmp applications) in a different directory or outside the path environment that the radius server runs with (are the logs generating errors like "cant find snmpget" or similar ?) Turn on as much debug info on the radius server as you can - not too sure about the cistron radius server but it should have flags to pass at startup that will increase the ammount of debug messages it sends to its logfiles. This may also impart clues as to whats going on. Also check that you are not firewalling the snmp replys from the NAS (or even the outgoing request) On another note, you may want to look into purchasing Radiator (http://www.open.com.au) - it is IMHO the best radius server out there and very affordable, support is excellent, the developers are active on their mailing lists and respond to queries within minuites and it is highly configurable with excellend debug output. It also runs well with Redhat 7.x, 8 and 9 :-) -- Steve. On Tue, 9 Mar 2004, Nabin Limbu wrote: > Hi, > > Sorry for asking an off topic question. But its really important for me. > I have gone throught the mailing list of radiusd-cistron but in vain. > I thought some one might be using radiusd-cistron and may help me. > > I am using radiusd-cistron-1.6.7 with portslave and cisco router as NAS > in RH 9 box. > > I had no problem in RedHat 7 with the same configuration but in RedHat > 9.0, radius can't restrict multiple connections. > > I have also gone through the manual of simultaneous connection but > didn't help me much. I have checked the secret key and snmp key both in > my NAS and in /etc/clients and they are also same. > > How can I solve this problem? Is there any way to diagonise the problem > further? > > Below are the configuration of my radius server. Did I leave any thing > in the configuration part? > > 1) /etc/naslist > ----------------- > 202.52.231.195 access cisco > 202.52.231.194 access portslave > localhost access portslave > > 2) /etc/clients > --------------- > 202.52.231.195 secretkey1 > 202.52.231.194 secretkey2 > localhost secretkey2 > > 3) /etc/huntgroups > --------------------- > cisco NAS-IP-Address = 202.52.231.195 > portslave1 NAS-IP-Address = 202.52.231.194, NAS-Port-Id = 0-3 > portslave2 NAS-IP-Address = 202.52.231.194, NAS-Port-Id = 5-6 > > 4) /etc/raddb/users > ---------------------- > # Restrict email users from dialing into cisco ports > DEFAULT Group = "email", Huntgroup-Name = "cisco", Auth-Type = Reject > Reply-Message = "Email users are not allowed to dial in this number", > Fall-Through = No > > # Allow email users from dialing into portslave prots (C4 - C6) > DEFAULT Group = "email", Huntgroup-Name = "portslave2", Auth-Type = System, Simultaneous-Use = 1 > Service-Type = Framed-User, > Framed-Protocol = PPP, > Framed-Routing = None, > Fall-Through = No > > # Default setting for all remaining users > DEFAULT Auth-Type = System, Simultaneous-Use = 1 > Service-Type = Framed-User, > Framed-Protocol = PPP, > Framed-Routing = None > > > Hoping for your kind support. > > With Regards > Nabin Limbu > > > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
