(RADIATOR) Bad authenticator in request from DEFAULT ?

Hugh Irvine hugh at open.com.au
Thu May 31 18:40:36 CDT 2001 

Salut Pascal -

On Thursday 31 May 2001 23:26, Pascal Robert wrote:
> On 5/28/01 20:06, "Hugh Irvine" <hugh at open.com.au> wrote:
> > Hello Pascal -
> >
> > This is usually due to the shared secrets not being set correctly.
>
> Ok, I resolved this issue.  For some reasons, I have some IdenticalClients
> lines that were more than 80 chars and it didn't like it.
>
> Now, I have two other problems.  The log file reports that Attributes 197
> and 255 (Ascend-Xmit-Rate and Ascend-Data-Rate) are missing, even if they
> do are in the dictionnary (and accounting logs those attributes, strange).
>

Can you please send me the trace 4 debug from Radiator showing what is 
happening? 

> The other is that all outgoing proxy requests timeout:
>
> *** Received from 212.87.192.40 port 4901 ....
> Code:       Access-Request
> Identifier: 69
> Authentic:  <179><169><179><240><30>25<143><165>_<240><253>"<206>kQ
> Attributes:
>         User-Name = "radius-hq at pa.inter.net"
>         User-Password = "<225>Qh<166><23>i<243><228><146>:<221>c<252>\l/"
>
> Wed May 30 13:34:46 2001: DEBUG: Handling request with Handler
> 'Realm=pa.inter.net'
> Wed May 30 13:34:46 2001: DEBUG:  Deleting session for
> radius-hq at pa.inter.net, 212.87.192.40,
> Wed May 30 13:34:46 2001: DEBUG: Handling with Radius::AuthRADIUS
> Wed May 30 13:34:46 2001: DEBUG: Packet dump:
> *** Sending to 38.210.35.139 port 1645 ....
> Code:       Access-Request
> Identifier: 2
> Authentic:  <179><169><179><240><30>25<143><165>_<240><253>"<206>kQ
> Attributes:
>         User-Name = "radius-hq at pa.inter.net"
>         User-Password =
> "<3>\~Uo<167><187><127><132><182><169><165><136>6<23>7<23>&=<31>{?<243><207
>> <160><164><179><254>yruC"
>
> Wed May 30 13:34:47 2001: DEBUG: Timed out, retransmitting
> Wed May 30 13:34:47 2001: DEBUG: Packet dump:
> *** Sending to 38.210.35.139 port 1645 ....
> Code:       Access-Request
> Identifier: 2
> Authentic:  <179><169><179><240><30>25<143><165>_<240><253>"<206>kQ
> Attributes:
>         User-Name = "radius-hq at pa.inter.net"
>         User-Password =
> "<3>\~Uo<167><187><127><132><182><169><165><136>6<23>7<23>&=<31>{?<243><207
>> <160><164><179><254>yruC"
>

This log shows that you are sending proxy radius requests to host 
38.210.35.139 and UDP port 1645, but never getting a reply.

The first thing to check is whether this is the correct host and the correct 
port number. The second thing to check is whether or not the request is 
actually arriving there (check the remote log and perhaps a tcpdump on the 
remote host). The third thing to check is the shared secrets between the two 
hosts. The fourth thing to check is whether the reply is getting back to this 
Radiator host (ie. that there are no filters blocking the return path).

hth

Hugh


-- 
Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list