Ascend Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
(ASCEND) Authentication MAX200+, RADIUS, ACE/SERVER problem
We want to authenticate users with token-cards through a RADIUS. The
configuration is shown below.
Configuration:
RAS ---> ISDN ---> MAX 200+ ---> Ether ---> UNIX-Host
NT EURO- RADIUS
TOKEN ISDN ACE/SERVER
PROBLEM:
We got no connection from our WinNT-Client to the ACE/SERVER; no
activity was recorded in the
ACE/SERVER log-file. The pincode was not accepted at all.
First we tested the RADIUS-ACE/SERVER connection with radpwtst. A user
was connected with normal
challenge/response procedure.
Second a connection from the RAS-client to RADIUS was established, too.
QUESTION:
How do we have to setup MAX/RADIUS and ACE/SERVER to get a connection
from a RAS-client? Configuration-Files? Any experience with it?
- Net
255.255.255.224
- RAS
System: WinNT 4.0 (Server/SP3)
ISDN-Card: AVM/Fritz!
Protocol: TCP/IP, PPP (WinNT/Internet)
- MAX 200+
Software: Version 5.0Ap33
Config: Ethernet->Answer: Profile Reqd (Yes)
... (default)
Ethernet->Answer->Encaps: default
Ethernet->Answer->PPP Options: Recieve Auth (PAP)
... (default)
Ethernet->Mod Config->Ether options: IP Adrs (valid ip)
... (default)
Ethernet->Mod Config->Auth: Auth (RADIUS)
Auth Host#1/2/3 (valid ip)
Auth Port (1645)
Auth Timeout (30)
Auth Key (...)
... (default)
Conn-Prof: Ethernet->Connections->... Station (secuid00)
Active (Yes)
Encaps (PPP)
... (default)
Ethernet->Connections->...->Encaps Opt. Send Auth (None)
Recieve PW (...)
... (default)
- UNIX-Host
System: SUN Sparc 5/Solaris 2.5.1
- RADIUS
Type: Ascend Access Control
Version: r1_0Ap2
Location: /etc/raddb
Client-File: # RADIUS CLIENTS CONFIGURATIONS
# Ascend MAX 200+
(valid-ip) ... type=Ascend:NAS
Users-File: # RADIUS USERS PROFILES
secuid00 Authentication-Type = ACE, Ascend-Token-Expiry = 540,
Ascend-Token-Idle = 60,
Ascend-Token-Immediate = Tok-Imm-No,
Service-Type = Framed,
Framed-Protocol = PPP,
Framed-IP-Address = ...,
Framed-IP-Netmask = 255.255.255.224,
Ascend-Idle-Limit = 300
- ACE/SERVER
Version: 3.01
User: secuid00 with assigned TOKEN
Client: gonzo
Config: sdconf.rec -> /etc/raddb
MfG
scc-tech@de.uu.net
++ Ascend Users Mailing List ++
To unsubscribe: send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd: <http://www.nealis.net/ascend/faq>