Re: (usr-tc) Radius and VPN-Neighbor

4 Feb 2000

      On Feb 3,  2:06pm, G. Douglas Davidson wrote:
...
Subject: Re: (usr-tc) Radius and VPN-Neighbor
On Feb 3, 12:28pm, Brian wrote:
...
Subject: Re: (usr-tc) Radius and VPN-Neighbor
What attribute id are you using.  I have used:
VENDORATTR  429	USR-VPN-Neighbor	36872	ipaddr
successfully.  It has to be one hop away to work however.
I have tried both of these attribute formats:
ATTRIBUTE	USR-PW_VPN_Neighbor		0x9008	ipaddr
ATTRIBUTE	USR-PW_VPN_Neighbor		36872	ipaddr
I believe that I have the attribute successfully transmitted to the TC.  The
format that worked for me was:

ATTRIBUTE       USR-PW-VPN-Neighbor                     36872   ipaddr  USR

with the Radius users file set:

USR-PW-VPN-Neighbor = 198.144.34.46,

I end up with:

INFORMATION FOR SESSION     me
Service Type:                            Framed
Framed Protocol:                         PPP
Speed of Connection:                     Auto
Login Service:                           Telnet
Interface Name:                          slot:9/mod:4
IEA Next Hop Gateway IP Address:         198.144.34.46
Active Session ID:                       2031616
Framed IP Netmask:                       0.0.0.0
Framed Routing:                          None
Framed Callback Identifier:              0
Framed MTU:                              1441
Compression Algorithm:                   None
Compression Reset Mode:                  Auto
Receive Acc Map:                         0
Transmit Acc Map:                        0

I neglected to increment a length field in the section of Radius that returns
attributes to the client, and so I stomped on a few things.

BUT, it still is not working.  I can ping the Next Hop Gateway.  It is on the
same subnet at the ethernet IP on the TC.  Some other settings:

IEA Radius Source Port Authentication      ENABLED
IEA User Radius supplied username          DISABLED
IP RIP                                     ENABLED
IP Number RIP Interfaces:                  1
IP Number RIP Neighbors:                   0
IP RIP Flags:                              METRICS
                                           SEND_REQUEST
IEA Next Hop Routing:                      ENABLED
IEA Send Unsolicited Proxy Arp:            DISABLED
IEA Force Next Hop Route:                  DISABLED

Any thought would be appreciated.

-- 
-----
G Douglas Davidson                      | CityNet, Inc.
douglas@city-net.com                    | Pittsburgh, PA
voice: 412.481.5406			| fax: 412.431.1315

-
 To unsubscribe to usr-tc, send an email to "majordomo@xmission.com"
 with "unsubscribe usr-tc" in the body of the message.
 For information on digests or retrieving files and old messages send
 "help" to the same address.  Do not use quotes in your message.