User unauthenticated errors
Hi there. I am running a Hiper ARC (V4.2.32) on a USR Chassis with quad-modems. Periodically, users dial into the NAS but do not get authenticated. On monitoring radius packets on the Hiper, I get "user unauthenticated". On monitoring the radius server error logs, it appears to be getting "unauthenticated" as the user, and subsequently, it rejects the requests. Most recently, it occured when I simply changed the Radius server's IP. then mysteriously, it cleared up by itself.Any ideas on what could be causing this. Extract +++++++++ --------------------------------------------------------------------- Source-IP Src-Port Destination-IP Dest-Port Id Packet-Type --------------------------------------------------------------------- 195.202.78.253 1646 195.202.85.132 1646 11 Accounting-Request --------------------------------------------------------------------- User-Name : unauthenticated NAS-IP-Address : 195.202.78.253 Acct-Status-Type : 2 Acct-Session-Id : 184681380 Acct-Delay-Time : 0 Service-Type : 2 NAS-Port-Type : 0 NAS-Port : 2819 Interface-Index : 4075 Chassis-Call-Slot : 12 Chassis-Call-Span : 16 Chassis-Call-Channel : 3 Unauthenticated-Time : 41 Modem-Training-Time : 14 Calling-Station-Id : Called-Station-Id : Modulation-Type : 20 Error-Control : 4 Compression-Type : 2 Initial-Connect-Rate : 12 Framed-Protocol : PPP Framed-IP-Address : 0.0.0.0 Acct-Session-Time : 55 Acct-Terminate-Cause : 1 Rad-Acct-Term-Cause : 8 Acct-Input-Octets : 222 Acct-Output-Octets : 194 Acct-Input-Packets : 10 Acct-Output_Packets : 9 Call-Arrival-Time : 202939523 Call-End-Time : 202939578 --------------------------------------------------------------------- Source-IP Src-Port Destination-IP Dest-Port Id Packet-Type --------------------------------------------------------------------- 195.202.85.132 1646 195.202.78.253 1646 11 Accounting-Response --------------------------------------------------------------------- Cheers, Patrick Ndegwa --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.368 / Virus Database: 204 - Release Date: 5/29/2002
isn't your radius configured to accept only PAP as authentication protocol? dial up uses CHAP if PAP isn't forced. do a test logging via telnet at TC with an manage-level user and use that command: _authenticate username password if you can authenticate this way at the command line when dial-up users are failling then probably you are using CHAP and ypur radius PAP you can configure to pap with: set ppp authentication_preference pap HTH orlando Patrick Ndegwa wrote:
Hi there.
I am running a Hiper ARC (V4.2.32) on a USR Chassis with quad-modems. Periodically, users dial into the NAS but do not get authenticated. On monitoring radius packets on the Hiper, I get "user unauthenticated". On monitoring the radius server error logs, it appears to be getting "unauthenticated" as the user, and subsequently, it rejects the requests. Most recently, it occured when I simply changed the Radius server's IP. then mysteriously, it cleared up by itself.Any ideas on what could be causing this.
Extract +++++++++
--------------------------------------------------------------------- Source-IP Src-Port Destination-IP Dest-Port Id Packet-Type --------------------------------------------------------------------- 195.202.78.253 1646 195.202.85.132 1646 11 Accounting-Request ---------------------------------------------------------------------
User-Name : unauthenticated NAS-IP-Address : 195.202.78.253 Acct-Status-Type : 2 Acct-Session-Id : 184681380 Acct-Delay-Time : 0 Service-Type : 2 NAS-Port-Type : 0 NAS-Port : 2819 Interface-Index : 4075 Chassis-Call-Slot : 12 Chassis-Call-Span : 16 Chassis-Call-Channel : 3 Unauthenticated-Time : 41 Modem-Training-Time : 14 Calling-Station-Id : Called-Station-Id : Modulation-Type : 20 Error-Control : 4 Compression-Type : 2 Initial-Connect-Rate : 12 Framed-Protocol : PPP Framed-IP-Address : 0.0.0.0 Acct-Session-Time : 55 Acct-Terminate-Cause : 1 Rad-Acct-Term-Cause : 8 Acct-Input-Octets : 222 Acct-Output-Octets : 194 Acct-Input-Packets : 10 Acct-Output_Packets : 9 Call-Arrival-Time : 202939523 Call-End-Time : 202939578
--------------------------------------------------------------------- Source-IP Src-Port Destination-IP Dest-Port Id Packet-Type --------------------------------------------------------------------- 195.202.85.132 1646 195.202.78.253 1646 11 Accounting-Response ---------------------------------------------------------------------
Cheers,
Patrick Ndegwa --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.368 / Virus Database: 204 - Release Date: 5/29/2002
_______________________________________________ USR-TC mailing list USR-TC@mailman.xmission.com http://mailman.xmission.com/cgi-bin/mailman/listinfo/usr-tc
-- ,~~v~~, ,~~v~~, ,'. .', ,'. .', === + === === + === / ~ \ / ~ \ /\_m m_/\ /\_m m_/\ .\ +----------------------+ /. / ! jorlando@uol.com.br ! \ / +----------------------+ \ `\m/ \m/' `\m/ \m/'
I saw this on 4.2.32 and it was a nasty memory leak of some sort. A reboot every 4 to 6 months seems to fix it up. The only other symptom I saw was some odd CLI responses. Hitting enter would sometimes not cause a reaction, or would sometimes cause two lines to scroll. Very odd. Charles -- Charles Sprickman spork@inch.com On Thu, 6 Jun 2002, Patrick Ndegwa wrote:
Hi there.
I am running a Hiper ARC (V4.2.32) on a USR Chassis with quad-modems. Periodically, users dial into the NAS but do not get authenticated. On monitoring radius packets on the Hiper, I get "user unauthenticated". On monitoring the radius server error logs, it appears to be getting "unauthenticated" as the user, and subsequently, it rejects the requests. Most recently, it occured when I simply changed the Radius server's IP. then mysteriously, it cleared up by itself.Any ideas on what could be causing this.
Extract +++++++++
--------------------------------------------------------------------- Source-IP Src-Port Destination-IP Dest-Port Id Packet-Type --------------------------------------------------------------------- 195.202.78.253 1646 195.202.85.132 1646 11 Accounting-Request ---------------------------------------------------------------------
User-Name : unauthenticated NAS-IP-Address : 195.202.78.253 Acct-Status-Type : 2 Acct-Session-Id : 184681380 Acct-Delay-Time : 0 Service-Type : 2 NAS-Port-Type : 0 NAS-Port : 2819 Interface-Index : 4075 Chassis-Call-Slot : 12 Chassis-Call-Span : 16 Chassis-Call-Channel : 3 Unauthenticated-Time : 41 Modem-Training-Time : 14 Calling-Station-Id : Called-Station-Id : Modulation-Type : 20 Error-Control : 4 Compression-Type : 2 Initial-Connect-Rate : 12 Framed-Protocol : PPP Framed-IP-Address : 0.0.0.0 Acct-Session-Time : 55 Acct-Terminate-Cause : 1 Rad-Acct-Term-Cause : 8 Acct-Input-Octets : 222 Acct-Output-Octets : 194 Acct-Input-Packets : 10 Acct-Output_Packets : 9 Call-Arrival-Time : 202939523 Call-End-Time : 202939578
--------------------------------------------------------------------- Source-IP Src-Port Destination-IP Dest-Port Id Packet-Type --------------------------------------------------------------------- 195.202.85.132 1646 195.202.78.253 1646 11 Accounting-Response ---------------------------------------------------------------------
Cheers,
Patrick Ndegwa --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.368 / Virus Database: 204 - Release Date: 5/29/2002
_______________________________________________ USR-TC mailing list USR-TC@mailman.xmission.com http://mailman.xmission.com/cgi-bin/mailman/listinfo/usr-tc
participants (3)
-
Charles Sprickman -
Jose Orlando T. Ribeiro -
Patrick Ndegwa