Top-Themen

AppleEntwicklungHardwareInternetLinuxMicrosoftMultimediaNetzwerkeOff TopicSicherheitSonstige SystemeVirtualisierungWeiterbildungZusammenarbeit

Aktuelle Themen

Administrator.de FeedbackApache ServerAppleAssemblerAudioAusbildungAuslandBackupBasicBatch & ShellBenchmarksBibliotheken & ToolkitsBlogsCloud-DiensteClusterCMSCPU, RAM, MainboardsCSSC und C++DatenbankenDatenschutzDebianDigitiales FernsehenDNSDrucker und ScannerDSL, VDSLE-BooksE-BusinessE-MailEntwicklungErkennung und -AbwehrExchange ServerFestplatten, SSD, RaidFirewallFlatratesGoogle AndroidGrafikGrafikkarten & MonitoreGroupwareHardwareHosting & HousingHTMLHumor (lol)Hyper-VIconsIDE & EditorenInformationsdiensteInstallationInstant MessagingInternetInternet DomäneniOSISDN & AnaloganschlüsseiTunesJavaJavaScriptKiXtartKVMLAN, WAN, WirelessLinuxLinux DesktopLinux NetzwerkLinux ToolsLinux UserverwaltungLizenzierungMac OS XMicrosoftMicrosoft OfficeMikroTik RouterOSMonitoringMultimediaMultimedia & ZubehörNetzwerkeNetzwerkgrundlagenNetzwerkmanagementNetzwerkprotokolleNotebook & ZubehörNovell NetwareOff TopicOpenOffice, LibreOfficeOutlook & MailPapierkorbPascal und DelphiPeripheriegerätePerlPHPPythonRechtliche FragenRedHat, CentOS, FedoraRouter & RoutingSambaSAN, NAS, DASSchriftartenSchulung & TrainingSEOServerServer-HardwareSicherheitSicherheits-ToolsSicherheitsgrundlagenSolarisSonstige SystemeSoziale NetzwerkeSpeicherkartenStudentenjobs & PraktikumSuche ProjektpartnerSuseSwitche und HubsTipps & TricksTK-Netze & GeräteUbuntuUMTS, EDGE & GPRSUtilitiesVB for ApplicationsVerschlüsselung & ZertifikateVideo & StreamingViren und TrojanerVirtualisierungVisual StudioVmwareVoice over IPWebbrowserWebentwicklungWeiterbildungWindows 7Windows 8Windows 10Windows InstallationWindows MobileWindows NetzwerkWindows ServerWindows SystemdateienWindows ToolsWindows UpdateWindows UserverwaltungWindows VistaWindows XPXenserverXMLZusammenarbeit

Domain login via RADIUS auf 3com 4500g

Frage Netzwerke Netzwerkmanagement

Mitglied: DrNeopren

DrNeopren (Level 1) - Jetzt verbinden

04.11.2008 um 14:09 Uhr, 7616 Aufrufe, 1 Kommentar

Hallo,

Ich habe folgendes Problem,

Ich habe einen 3com 4500g Switch wie folgt fuer RADIUS domain login konfiguriert.

01.
domain default enable domainlogin 
02.
03.
radius scheme domainlogin 
04.
 server-type standard 
05.
 primary authentication <ip> 
06.
 primary accounting <ip> 
07.
 key authentication <key> 
08.
 key accounting <key> 
09.
 user-name-format without-domain 
10.
11.
domain domainlogin 
12.
 authentication default radius-scheme domainlogin 
13.
 authorization default radius-scheme domainlogin 
14.
 accounting default radius-scheme domainlogin 
15.
 authentication login radius-scheme domainlogin 
16.
 authorization login radius-scheme domainlogin 
17.
 accounting login radius-scheme domainlogin 
18.
 access-limit enable 10  
19.
 state active  
20.
 idle-cut disable  
21.
 self-service-url disable  
22.
23.
 ssh server enable 
24.
25.
user-interface aux 0 
26.
 authentication-mode scheme  
27.
user-interface vty 0 4 
28.
 authentication-mode scheme  
29.
 user privilege level 3
Ich kann auch per Console oder per SSH und meinem Domain Login mich auf dem Switch einloggen.

Allerdings komme ich ueber ssh nur in den privilege mode 0 ... und wenn ich ueber "super" ne ebene hoeher gelangen moechte, bekomm ich ne fehlermeldung.
Ueber Console kann ich bis in den privilege mode 3.

Irgendwer ne Idee was ich in der Konfiguration aendern muss, damit die User die ueber SSH sich auf den switch connecten auch in den "manager" mode kommen?

Beste,
Neopren
Mitglied: floaty
03.04.2010 um 19:35 Uhr
vermutlich kommt der beitrag wieder 2 jahre zu spaet ... egal maybe isses ja gut fuer refuerbished equipment : )

... gerade das selbe problem beim kunden gehabt, (liebe gruesse an dieser stelle ins reich der mitte [ auch chinesische radius-server muessen verkauf werden ] , aber die verfuegbare doku ist schlamm am bauch eines aals.

ich hab das zeug mit der local-server function von h3c (3com) debugged (leider erst meine zweite idee) und die nicht dokumentierten radius-attribute rausgepopelt:

tasks:

die folgenden schritte orientieren sich an einer debian/freeradius installation, sind aber auf alle anderen rads adaptierbar ...
dictionary des radius-servers anpassen:

spezielle vendor-attribute ergaenzen:

in meinem vendor file fehlte 29 und dat braucht man !



01.
  
02.
vi /usr/share/freeradius/dictionary.h3c   
03.
 
04.
############################################################################## 
05.
06.
#       Dictionary for Huawei-3Com.  See also dictionary.huawei 
07.
08.
#       http://www.h3c.com 
09.
10.
#       $Id: dictionary.h3c,v 1.2 2007/09/20 17:07:08 aland Exp $ 
11.
12.
############################################################################## 
13.
 
14.
VENDOR          H3C                             25506 
15.
 
16.
BEGIN-VENDOR    H3C 
17.
 
18.
ATTRIBUTE       H3C-Connect_Id                          26      integer 
19.
ATTRIBUTE       H3C-Exec_Privilege                      29      integer 
20.
ATTRIBUTE       H3C-NAS-Startup-Timestamp               59      integer 
21.
ATTRIBUTE       H3C-Ip-Host-Addr                        60      string 
22.
ATTRIBUTE       H3C-Product-ID                          255     string 
23.
 
24.
END-VENDOR      H3C 
25.
 
26.
~


beim local-radius des 4210-switch von 3com werden sowohl das h3c als auch das 3com attribute geliefert, hier darf experimentiert werden, ob eines der beiden reicht ..!?

01.
02.
#       3com SuperStack Firewall dictionary 
03.
#       Bought from Sonicwall, apparently, from Enterprise number 8741. 
04.
05.
#               $Id: dictionary.3com,v 1.8 2007/11/18 06:53:20 aland Exp $ 
06.
07.
 
08.
VENDOR          3com                            43 
09.
 
10.
11.
#       These attributes contain the access-level value. 
12.
13.
BEGIN-VENDOR    3com 
14.
 
15.
ATTRIBUTE       3Com-User-Access-Level                  1       integer 
16.
 
17.
#       Read-only access to basic network tools (ping, etc) 
18.
VALUE   3Com-User-Access-Level          3Com-Visitor            0 
19.
 
20.
#       Read-only access to manageable (not security) parameters 
21.
VALUE   3Com-User-Access-Level          3Com-Monitor            1 
22.
 
23.
#       Read-write access to manageable (not security) parameters 
24.
VALUE   3Com-User-Access-Level          3Com-Manager            2 
25.
 
26.
#       Read-write access to all manageable parameters 
27.
VALUE   3Com-User-Access-Level          3Com-Administrator      3 
28.
 
29.
ATTRIBUTE       3Com-VLAN-Name                          2       string 
30.
ATTRIBUTE       3Com-Mobility-Profile                   3       string 
31.
ATTRIBUTE       3Com-Encryption-Type                    4       string 
32.
ATTRIBUTE       3Com-Time-Of-Day                        5       string 
33.
ATTRIBUTE       3Com-SSID                               6       string 
34.
 
35.
#       String formatted as: YY/MM/DD-HH:MM 
36.
#       NOT as a "date" attribute! 
37.
ATTRIBUTE       3Com-End-Date                           7       string 
38.
 
39.
#       Commented out, because the 3Com documentation 
40.
#       gives it the same number as End-Date, above. 
41.
#ATTRIBUTE      3Com-Start-Date                         7       string 
42.
 
43.
#       URL where the user is redirected after WebAAA 
44.
ATTRIBUTE       3Com-URL                                8       string 
45.
 
46.
ATTRIBUTE       3Com-Connect_Id                         26      integer 
47.
ATTRIBUTE       3Com-NAS-Startup-Timestamp              59      integer 
48.
ATTRIBUTE       3Com-Ip-Host-Addr                       60      string 
49.
ATTRIBUTE       3Com-Product-ID                         255     string 
50.
 
51.
END-VENDOR      3com


das ist der PUNKT !!! (3com-50 [ - von mir so genannt - ist ssh ] ... 3com-52 evtl.ftp ... nicht ausproboiert und nicht sicher !)

01.
 
02.
vi dictionary.rfc2865 
03.
 
04.
 
05.
#snipped ............. 
06.
VALUE   Framed-Compression              IPX-Header-Compression  2 
07.
VALUE   Framed-Compression              Stac-LZS                3 
08.
 
09.
#       Login Services 
10.
 
11.
VALUE   Login-Service                   Telnet                  0 
12.
VALUE   Login-Service                   Rlogin                  1 
13.
VALUE   Login-Service                   TCP-Clear               2 
14.
VALUE   Login-Service                   PortMaster              3 
15.
VALUE   Login-Service                   LAT                     4 
16.
VALUE   Login-Service                   X25-PAD                 5 
17.
VALUE   Login-Service                   X25-T3POS               6 
18.
VALUE   Login-Service                   TCP-Clear-Quiet         8 
19.
VALUE   Login-Service                   3com-50                 50 
20.
VALUE   Login-Service                   3com-52                 52 
21.
 
22.
 
23.
#       Login-TCP-Port          (see /etc/services for more examples) 
24.
 
25.
VALUE   Login-TCP-Port                  Telnet                  23 
26.
                  
27.
#snipped ............. 
28.
 


3com / H3C Switch-Config

01.
 
02.
domain default enable freerad 
03.
 
04.
#                                                               
05.
radius scheme freerad                          
06.
 server-type extended                      
07.
 primary authentication "freerad-ip"       
08.
 primary accounting "freerad-ip"           
09.
 accounting optional                       
10.
 key authentication "freerad-key"               
11.
 key accounting "freerad-key"                   
12.
 user-name-format without-domain           
13.
#                                          
14.
domain freerad                                
15.
 scheme radius-scheme freerad  
16.
17.
user-interface vty 0 4 
18.
 authentication-mode scheme 
19.
 accounting commands scheme 
20.
 user privilege level 3 
21.
 idle-timeout 60 0 
22.
 


freeradius users-file


01.
 
02.
otto    Cleartext-Password := "XXXXXXXX" 
03.
        Service-Type += Login-User, 
04.
        Login-Service += Telnet, 
05.
        Login-Service += 3com-50, 
06.
        H3C-Exec_Privilege = 3, 
07.
        3Com-User-Access-Level = 3Com-Administrator 
08.
 



01.
  
02.
login as: otto 
03.
otto@172.25.50.175's password: 
04.
 
05.
******************************************************************************** 
06.
*  Copyright(c) 2004-2009 3Com Corp. and its licensors. All rights reserved.   * 
07.
*  Without the owner's prior written consent,                                  * 
08.
*  no decompiling or reverse-engineering shall be allowed.                     * 
09.
******************************************************************************** 
10.
 
11.
<4210-FN09-175> 
12.
%Apr  3 17:22:40:784 2010 4210-FN09-175 SHELL/5/LOGIN:- 1 - otto(10.242.2.70) in unit1 login 
13.
<4210-FN09-175> 
14.
<4210-FN09-175> 
15.
<4210-FN09-175>? 
16.
User view commands: 
17.
  boot         Set boot option 
18.
  cd           Change current directory 
19.
  clock        Specify the system clock 
20.
  cluster      Run cluster command 
21.
  copy         Copy from one file to another 
22.
  debugging    Enable system debugging functions 
23.
  delete       Delete a file 
24.
  dir          List files on a file system 
25.
  display      Display current system information 
26.
  fixdisk      Recover lost chains in storage device 
27.
  format       Format the device 
28.
  free         Clear user terminal interface 
29.
  ftp          Open FTP connection 
30.
  lock         Lock current user terminal interface 
31.
  mkdir        Create a new directory 
32.
  more         Display the contents of a file 
33.
  move         Move a file 
34.
  nslookup     Query Internet name servers 
35.
  ntdp         Run NTDP commands 
36.
  ping         Ping function 
37.
  pwd          Display current working directory 
38.
  quit         Exit from current command view 
39.
  reboot       Reset switch 
40.
  rename       Rename a file or directory 
41.
  ---- More ----   
42.
  : ) 
43.
 



freeradius-debug ...:

01.
 
02.
rad_recv: Access-Request packet from host 172.25.50.175 port 5001, id=161, length=200 
03.
        User-Name = "otto" 
04.
        User-Password = "xxxxxxx" 
05.
        NAS-IP-Address = 172.25.50.175 
06.
        NAS-Identifier = "00225728c426" 
07.
        NAS-Port = 212993 
08.
        NAS-Port-Id = "unit=0;subslot=0;port=52;vlanid=1" 
09.
        NAS-Port-Type = Ethernet 
10.
        Service-Type = Login-User 
11.
        Login-IP-Host = 0.0.0.0 
12.
        Calling-Station-Id = "0000-0000-0000" 
13.
        Framed-IP-Address = 10.242.2.70 
14.
        H3C-Connect_Id = 195 
15.
        H3C-Product-ID = "4210" 
16.
        H3C-Ip-Host-Addr = "10.242.2.70 00:00:00:00:00:00" 
17.
        H3C-NAS-Startup-Timestamp = 954633312 
18.
+- entering group authorize 
19.
++[preprocess] returns ok 
20.
++[chap] returns noop 
21.
++[mschap] returns noop 
22.
    rlm_realm: No '@' in User-Name = "otto", looking up realm NULL 
23.
    rlm_realm: No such realm "NULL" 
24.
++[suffix] returns noop 
25.
  rlm_eap: No EAP-Message, not doing EAP 
26.
++[eap] returns noop 
27.
++[unix] returns notfound 
28.
    users: Matched entry otto at line 73 
29.
++[files] returns ok 
30.
++[expiration] returns noop 
31.
++[logintime] returns noop 
32.
++[pap] returns updated 
33.
  rad_check_password:  Found Auth-Type  
34.
auth: type "PAP" 
35.
+- entering group PAP 
36.
rlm_pap: login attempt with password "xxxxxxx" 
37.
rlm_pap: Using clear text password "xxxxxxx" 
38.
rlm_pap: User authenticated successfully 
39.
++[pap] returns ok 
40.
Login OK: [otto/xxxxxxx] (from client network-mgmt port 212993 cli 0000-0000-0000) 
41.
+- entering group post-auth 
42.
++[exec] returns noop 
43.
Sending Access-Accept of id 161 to 172.25.50.175 port 5001 
44.
        Service-Type += Login-User 
45.
        Login-Service += Telnet 
46.
        Login-Service += 3com-50 
47.
        H3C-Exec_Privilege = 3 
48.
        3Com-User-Access-Level = 3Com-Administrator 
49.
Finished request 9. 
50.
Going to the next request 
51.
Waking up in 4.9 seconds. 
52.
rad_recv: Accounting-Request packet from host 172.25.50.175 port 5001, id=229, length=212 
53.
        User-Name = "otto" 
54.
        NAS-Identifier = "00225728c426" 
55.
        NAS-Port = 212993 
56.
        NAS-Port-Id = "unit=0;subslot=0;port=52;vlanid=1" 
57.
        NAS-Port-Type = Ethernet 
58.
        Calling-Station-Id = "0000-0000-0000" 
59.
        Acct-Status-Type = Start 
60.
        Acct-Authentic = RADIUS 
61.
        Acct-Session-Id = "11100303173239" 
62.
        Framed-IP-Address = 10.242.2.70 
63.
        NAS-IP-Address = 172.25.50.175 
64.
        Event-Timestamp = "Apr  3 2010 19:32:12 CEST" 
65.
        Service-Type = Login-User 
66.
        Vendor-Specific = 0x2b000000010600000003 
67.
        H3C-Exec_Privilege = 3 
68.
        H3C-Ip-Host-Addr = "10.242.2.70 00:00:00:00:00:00" 
69.
+- entering group preacct 
70.
++[preprocess] returns ok 
71.
rlm_acct_unique: Hashing 'NAS-Port = 212993,Client-IP-Address = 172.25.50.175,NAS-IP-Address = 172.25.50.175,Acct-Session-Id = "11100303173239",User-Name = "otto"' 
72.
rlm_acct_unique: Acct-Unique-Session-ID = "a8b5f5304c232977". 
73.
++[acct_unique] returns ok 
74.
    rlm_realm: No '@' in User-Name = "otto", looking up realm NULL 
75.
    rlm_realm: No such realm "NULL" 
76.
++[suffix] returns noop 
77.
++[files] returns noop 
78.
+- entering group accounting 
79.
        expand: /var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d -> /var/log/freeradius/radacct/172.25.50.175/detail-20100403 
80.
rlm_detail: /var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d expands to /var/log/freeradius/radacct/172.25.50.175/detail-20100403 
81.
        expand: %t -> Sat Apr  3 19:17:47 2010 
82.
++[detail] returns ok 
83.
++[unix] returns ok 
84.
        expand: /var/log/freeradius/radutmp -> /var/log/freeradius/radutmp 
85.
        expand: %{User-Name} -> otto 
86.
++[radutmp] returns ok 
87.
        expand: %{User-Name} -> otto 
88.
 attr_filter: Matched entry DEFAULT at line 12 
89.
++[attr_filter.accounting_response] returns updated 
90.
Sending Accounting-Response of id 229 to 172.25.50.175 port 5001 
91.
Finished request 10. 
92.
Cleaning up request 10 ID 229 with timestamp +203 
93.
Going to the next request 
94.
Waking up in 4.9 seconds. 
95.
Cleaning up request 9 ID 161 with timestamp +202 
96.
Ready to process requests. 
97.
 
98.
 


switch-debug

01.
 
02.
<4210-FN09-175> 
03.
*1.1261557685 4210-FN09-175 SSH/8/debugging_msg_send:- 1 -SSH_VERSION_SEND message sent on VTY 2 
04.
*1.1261557799 4210-FN09-175 SSH/8/msg_rcv_vty:- 1 -SSH_VERSION_RECEIVE message received on VTY 2 
05.
*1.1261568575 4210-FN09-175 SSH/8/debug:- 1 -AAA auth: Successful to submit Login request (user name: otto). 
06.
*1.1261568582 4210-FN09-175 RDS/8/DEBUG:- 1 -Recv MSG,[MsgType=Normal auth request Index = 195, ulParam3=2183828452] 
07.
*1.1261568583 4210-FN09-175 RDS/8/DEBUG:- 1 -NAS name is too long, can not send Connect_port attribute 
08.
*1.1261568583 4210-FN09-175 RDS/8/DEBUG:- 1 -Send attribute list: 
09.
*1.1261568584 4210-FN09-175 RDS/8/DEBUG:- 1 - 
10.
[1  User-name                   ] [6 ] [otto] 
11.
[2  Password                    ] [18] [F2988323025E3865917930F89B48DB2D] 
12.
[4  NAS-IP-Address              ] [6 ] [172.25.50.175] 
13.
[32 NAS-Identifier              ] [14] [00225728c426] 
14.
[5  NAS-Port                    ] [6 ] [212993] 
15.
[87 NAS_Port_Id                 ] [35] [unit=0;subslot=0;port=52;vlanid=1] 
16.
*1.1261568585 4210-FN09-175 RDS/8/DEBUG:- 1 - 
17.
[61 NAS-Port-Type               ] [6 ] [15] 
18.
[3com-26 Connect_ID               ] [6 ] [195] 
19.
[6  Service-Type                ] [6 ] [1] 
20.
[14 Login-Host                  ] [6 ] [0.0.0.0] 
21.
[31 Caller-ID                   ] [16] [303030302D303030302D30303030] 
22.
[8  Framed-Address              ] [6 ] [10.242.2.70] 
23.
*1.1261568586 4210-FN09-175 RDS/8/DEBUG:- 1 - 
24.
[3com-255Product-ID               ] [6 ] [4210] 
25.
[3com-60 Ip-Host-Addr             ] [31] [10.242.2.70 00:00:00:00:00:00] 
26.
[3com-59 NAS-Startup-Timestamp    ] [6 ] [954633312] 
27.
*1.1261568587 4210-FN09-175 RDS/8/DEBUG:- 1 -Send: IP=[172.25.50.14], UserIndex=[195], ID=[161], RetryTimes=[0], Code=[1], Length=[200] 
28.
*1.1261568587 4210-FN09-175 RDS/8/DEBUG:- 1 -Send Raw Packet is: 
29.
*1.1261568588 4210-FN09-175 RDS/8/DEBUG:- 1 - 
30.
 01 a1 00 c8 d8 19 00 00 24 27 00 00 96 49 00 00  
31.
 6b 75 00 00 01 06 6f 74 74 6f 02 12 f2 98 83 23  
32.
 02 5e 38 65 91 79 30 f8 9b 48 db 2d 04 06 ac 19  
33.
 32 af 20 0e 30 30 32 32 35 37 32 38 63 34 32 36  
34.
 05 06 00 03 40 01 57 23 75 6e 69 74 3d 30 3b 73  
35.
 75 62 73 6c 6f 74 3d 30 3b 70 6f 72 74 3d 35 32  
36.
 3b 76 6c 61 6e 69 64 3d 31 3d 06 00 00 00 0f 06  
37.
 06 00 00 00 01 0e 06 00 00 00 00 1f 10 30 30 30  
38.
 30 2d 30 30 30 30 2d 30 30 30 30 08 06 0a f2 02  
39.
 46 1a 37 00 00 63 a2 1a 06 00 00 00 c3 ff 06 34  
40.
 32 31 30 3c 1f 31 30 2e 32 34 32 2e 32 2e 37 30  
41.
 20 30 30 3a 30 30 3a 30 30 3a 30 30 3a 30 30 3a  
42.
 30 30 3b 06 38 e6 8c 60  
43.
  
44.
*1.1261568596 4210-FN09-175 RDS/8/DEBUG:- 1 -Recv MSG,[MsgType=PKT response Index = 62, ulParam3=2183111092] 
45.
*1.1261568596 4210-FN09-175 RDS/8/DEBUG:- 1 -Receive Raw Packet is: 
46.
*1.1261568597 4210-FN09-175 RDS/8/DEBUG:- 1 - 
47.
 02 a1 00 3e 41 93 b1 ba e9 58 35 4e a4 7a 99 41  
48.
 80 33 64 55 06 06 00 00 00 01 0f 06 00 00 00 00  
49.
 0f 06 00 00 00 32 1a 0c 00 00 63 a2 1d 06 00 00  
50.
 00 03 1a 0c 00 00 00 2b 01 06 00 00 00 03  
51.
  
52.
*1.1261568598 4210-FN09-175 RDS/8/DEBUG:- 1 -Receive:IP=[172.25.50.14],Code=[2],Length=[62] 
53.
*1.1261568598 4210-FN09-175 RDS/8/DEBUG:- 1 - 
54.
[6  Service-Type                ] [6 ] [1] 
55.
[15 Login-Service               ] [6 ] [0] 
56.
[15 Login-Service               ] [6 ] [50] 
57.
[3com-29 Exec_Privilege           ] [6 ] [3] 
58.
[3com-1  User_Access_Level        ] [6 ] [3] 
59.
*1.1261568604 4210-FN09-175 RDS/8/DEBUG:- 1 -Recv MSG,[MsgType=Account request Index = 195, ulParam3=0] 
60.
*1.1261568605 4210-FN09-175 RDS/8/DEBUG:- 1 -Send attribute list: 
61.
*1.1261568605 4210-FN09-175 RDS/8/DEBUG:- 1 - 
62.
[1  User-name                   ] [6 ] [otto] 
63.
[32 NAS-Identifier              ] [14] [00225728c426] 
64.
[5  NAS-Port                    ] [6 ] [212993] 
65.
[87 NAS_Port_Id                 ] [35] [unit=0;subslot=0;port=52;vlanid=1] 
66.
[61 NAS-Port-Type               ] [6 ] [15] 
67.
[31 Caller-ID                   ] [16] [303030302D303030302D30303030] 
68.
*1.1261568606 4210-FN09-175 RDS/8/DEBUG:- 1 - 
69.
[40 Acct-Status-Type            ] [6 ] [1] 
70.
[45 Acct-Authentic              ] [6 ] [1] 
71.
[44 Acct-Session-Id             ] [16] [11100303173239] 
72.
[8  Framed-Address              ] [6 ] [10.242.2.70] 
73.
[4  NAS-IP-Address              ] [6 ] [172.25.50.175] 
74.
[55 Event-Timestamp             ] [6 ] [1270315932] 
75.
*1.1261568607 4210-FN09-175 RDS/8/DEBUG:- 1 - 
76.
[3com-28 Ftp_Directory            ] [2 ] [] 
77.
[6  Service-Type                ] [6 ] [1] 
78.
[3com-29 Exec_Privilege           ] [6 ] [3] 
79.
[3com-1  User_Access_Level        ] [6 ] [3] 
80.
[3com-60 Ip-Host-Addr             ] [31] [10.242.2.70 00:00:00:00:00:00] 
81.
*1.1261568607 4210-FN09-175 RDS/8/DEBUG:- 1 -Send: IP=[172.25.50.14], UserIndex=[195], ID=[229], RetryTimes=[0], Code=[4], Length=[212] 
82.
*1.1261568608 4210-FN09-175 RDS/8/DEBUG:- 1 -Send Raw Packet is: 
83.
*1.1261568608 4210-FN09-175 RDS/8/DEBUG:- 1 - 
84.
 04 e5 00 d4 a5 58 e0 76 37 5a 34 5c 15 17 ef 65  
85.
 45 98 59 82 01 06 6f 74 74 6f 20 0e 30 30 32 32  
86.
 35 37 32 38 63 34 32 36 05 06 00 03 40 01 57 23  
87.
 75 6e 69 74 3d 30 3b 73 75 62 73 6c 6f 74 3d 30  
88.
 3b 70 6f 72 74 3d 35 32 3b 76 6c 61 6e 69 64 3d  
89.
 31 3d 06 00 00 00 0f 1f 10 30 30 30 30 2d 30 30  
90.
 30 30 2d 30 30 30 30 28 06 00 00 00 01 2d 06 00  
91.
 00 00 01 2c 10 31 31 31 30 30 33 30 33 31 37 33  
92.
 32 33 39 08 06 0a f2 02 46 04 06 ac 19 32 af 37  
93.
 06 4b b7 7b 9c 06 06 00 00 00 01 1a 0c 2b 00 00  
94.
 00 01 06 00 00 00 03 1a 2d 00 00 63 a2 1c 02 1d  
95.
 06 00 00 00 03 3c 1f 31 30 2e 32 34 32 2e 32 2e  
96.
 37 30 20 30 30 3a 30 30 3a 30 30 3a 30 30 3a 30  
97.
 30 3a 30 30  
98.
  
99.
*1.1261568617 4210-FN09-175 RDS/8/DEBUG:- 1 -Recv MSG,[MsgType=PKT response Index = 20, ulParam3=2183111092] 
100.
*1.1261568617 4210-FN09-175 RDS/8/DEBUG:- 1 -Receive Raw Packet is: 
101.
*1.1261568618 4210-FN09-175 RDS/8/DEBUG:- 1 - 
102.
 05 e5 00 14 72 74 cf d1 e2 74 d8 93 da d5 4b bf  
103.
 7b 71 63 fe  
104.
  
105.
*1.1261568618 4210-FN09-175 RDS/8/DEBUG:- 1 -Receive:IP=[172.25.50.14],Code=[5],Length=[20] 
106.
*1.1261568619 4210-FN09-175 RDS/8/DEBUG:- 1 -NULL 
107.
*1.1261568621 4210-FN09-175 SSH/8/debug:- 1 -AAA auth: Write queue (result: 260, ID: 195, privilege: 3). 
108.
*1.1261568627 4210-FN09-175 SSH/8/debug:- 1 -AAA auth: Read queue (result: 260, ID: 195, privilege: 3). 
109.
*1.1261568921 4210-FN09-175 SSH/8/msg_rcv_vty:- 1 -SSH_MSG_REQUEST_PTY message received on VTY 2 
110.
*1.1261569099 4210-FN09-175 SSH/8/msg_rcv_vty:- 1 -SSH_MSG_START_SHELL message received on VTY 2 
111.
%Apr  3 17:32:13:505 2010 4210-FN09-175 SHELL/5/LOGIN:- 1 - otto(10.242.2.70) in unit1 login 
112.
 



freilich kann man auch einen eigenen radius-server als proxy aufsetzen und den local-radius auf einem 3com/h3c-switch nutzen (der kann max. 7 radius-clients verknusen ... ab sieben muss also proximiert werden), das spart das gefummel in den dictionary-files ... ... eigentlich haette man alan de'kok auch die relevanten dictionaries rueberreichen koennen ... und fertich ... egal ...
Bitte warten ..
Neuester Wissensbeitrag
Windows 10

Powershell 5 BSOD

(1)

Tipp von agowa338 zum Thema Windows 10 ...

Ähnliche Inhalte
LAN, WAN, Wireless
gelöst 802.1x Authentifizierung - NPS - RADIUS MAC (4)

Frage von LKaderavek zum Thema LAN, WAN, Wireless ...

Batch & Shell
gelöst PowerShell Domain Join (2)

Frage von Patrick-IT zum Thema Batch & Shell ...

Erkennung und -Abwehr
Spam mit eigener Domain (12)

Frage von NoobOne zum Thema Erkennung und -Abwehr ...

Windows 10
Nonstop Login im Sperrbildschirm (4)

Frage von TiCar zum Thema Windows 10 ...

Heiß diskutierte Inhalte
LAN, WAN, Wireless
gelöst Server erkennt Client nicht wenn er ausserhalb des DHCP Pools liegt (28)

Frage von Mar-west zum Thema LAN, WAN, Wireless ...

Outlook & Mail
Outlook 2010 findet ost datei nicht (18)

Frage von Floh21 zum Thema Outlook & Mail ...

Windows Server
Server 2008R2 startet nicht mehr (Bad Patch 0xa) (18)

Frage von Haures zum Thema Windows Server ...