Below is the resul of Monitor RADIUS and show interface where I connect to the system: --------------------------------------------------------------------- Source-IP Src-Port Destination-IP Dest-Port Id Packet-Type --------------------------------------------------------------------- 202.154.4.104 1645 202.154.57.45 1645 5 Access-Request --------------------------------------------------------------------- User-Name : novi User-Password : xxxxxxxxxx NAS-IP-Address : 202.154.4.104 NAS-Port : 1798 Acct-Session-Id : 117768442 Interface-Index : 3054 Nas-Supports-Tags : 0 Service-Type : 2 Framed-Protocol : PPP Chassis-Call-Slot : 8 Chassis-Call-Span : 1 Chassis-Call-Channel : 6 Calling-Station-Id : 0315472663 Called-Station-Id : Initial-Connect-Rate : 1 NAS-Port-Type : 0 --------------------------------------------------------------------- Source-IP Src-Port Destination-IP Dest-Port Id Packet-Type --------------------------------------------------------------------- 202.154.57.45 1645 202.154.4.104 1645 5 Access-Accept --------------------------------------------------------------------- Framed-Compression : 1 Primary-DNS-Server : ca 9a 39 22 Secondary-DNS-Server : ca 9a 1 2 Framed-MTU : 576 Session-Timeout : 36000 Reply-Message : Auth ok. HiPer>> show interfaCE slot:8/mod:6 INTERFACE slot:8/mod:6 SETTINGS Description: GWC Modem Driver Type: RS232 Speed: 24000 High Speed: 0 Administrative Status: Up Operational Status: Up Link Up/Down Traps: DISABLED Promiscuous Mode: FALSE Connector Present: TRUE Filter Access: OFF Last Change: 0d 00:01:25 Input Filter: Output Filter: Host Type: SELECT Connection Type: NORMAL Port Type: LOGIN_NETWORK User Name: Access: TWO_WAY Dial Prefix: Init Script: USR_int TCP Port: 0 Protocol: PPP Prompt: \nlogin: Prompt Style: LOCAL Message: \nWelcome to 3Com Total Control HiPer ARC (TM)\nNetworks That Go The Distance (TM)\n Host Address: 0.0.0.0 Disable Authentication for call type: NONE Login Service: TELNET Call Type : NONE DNIS Authentication: DISABLED DNIS Authentication Time: BEFORE_ANSWER DNIS Authentication Type: DNIS Character Mode: NO_PARITY_EIGHT_BIT DNIS Authentication Timeout: 0 Prompt Delay: 0 seconds Prompt Timeout: 300 seconds Special Xon Xoff Flow Control DISABLED Use DNIS Authenticated Pool: DISABLED We have an idea to set the system to factory default first and then re-configure again to our setting. Do you have any comment about our planning? -mna- On Wednesday 17 December 2003 19:08, alex wrote:
Can you put here any radius authentication packet (access-accept)? You can do it on ARC: monitor radius.
It will look like this one: --------------------------------------------------------------------- Source-IP Src-Port Destination-IP Dest-Port Id Packet-Type --------------------------------------------------------------------- x.x.x.x 1812 y.y.y.y 1645 182 Access-Accept --------------------------------------------------------------------- Time Stamp : 17-DEC-2003 17:03:01 ---------------------------------------------------------------------
Framed-IP-Address : 255.255.255.254 Framed-IP-Netmask : 255.255.255.255 Framed-Protocol : PPP Service-Type : 2 Session-Timeout : 86400
Lewis Bergman wrote:
The strange is, it not happen on Windows 9x. I use Windows 98 SE and I don't get any dificulties. But my friend with Windows XP can not browsing to the most of site. So I think the RADIUS is find. I already tried with other RADIUS also (FreeRADIUS) and I get the same situation.
I agree it is strange. I think this has come up on the list before though. Check the archives.
That if you are using filters you disble them until you figure this out.
Actually, we have blocking packet from and to our customer (at modem interface site) for TCP and UDP port 135 - 139. It for blocking virus -like bluster. Here is the filter: HiPer>> show file filter.135 #filter IP: 010 AND tcp-dst-port >= 135; 020 REJECT tcp-dst-port <= 139; 030 AND udp-dst-port >= 135; 040 REJECT udp-dst-port <= 139; 050 AND tcp-src-port >= 135; 060 REJECT tcp-src-port <= 139; 070 AND udp-src-port >= 135; 080 REJECT udp-src-port <= 139;
Do you think this is the problem? If it true, why it anly happen at Windows 32 bit (like Windows XP)? and not at Windows 9x?
When I have a problerm I try to get to the base level, get it working, then add stuff back in one at a time. Exactly what attributes are you replying from radius with?
_______________________________________________ USR-TC mailing list USR-TC@mailman.xmission.com http://mailman.xmission.com/cgi-bin/mailman/listinfo/usr-tc