(RADIATOR) Re: RADIATOR RADIUS for Cisco AP 350

Mike McCauley mikem at open.com.au
Mon Nov 11 16:17:26 CST 2002 

Hello Bon,

On Tue, 12 Nov 2002 08:52, Bon sy wrote:
> On Tue, 12 Nov 2002, Mike McCauley wrote:
> > Hello Bon,
> >
> > How is your project coming along?
>
> We are getting there but a bit slower than I plan. I got tied up by the
> responsibility for taking a lead on a multi-institutional grant proposal
> that was just completed a week ago. This activity pushes back the RADIUS
> project schedule for a month. ETA now is the end of this semester.
>
> > When will be able to make some joint announcements?
>
> I hope to be able to do so toward the end of Dec or early Jan.
>
> > We have a 340 here, which I think is very similar to your 350.
> >
> > It is very important that you get the latest firmware for both the AP and
> > the client wireless card (if its a Cisco wireless card).
>
> Mine is the latest already. System firmware 12.00T, Radio Firmware 5.02B

OK.

>
> > To get basic radius authentication working, you should only need to set
> > up the setup -> security -> authentication server page.
>
> I did this part already, and more in my posting to the mailing list.

OK.

>
> > If your Radiatror is not receiving any requests from the AP when a client
> > tries to authenticate, it probably means that you have entered the wrong
> > address for your Radiator server, or the wrong port number. Note that the
> > default port that Radiator uses is 1645, but the default that Cisco use
> > is 1812. We usually change the Cisco config to 1645 on the Authenticator
> > Configuration page.
>
> I am running both the AP and radius out of 1645, even Cisco said that 1645
> is for their own ACS while 1821 should be used for radius. But I use 1645
> on both ends.

OK. 1645 is fine.

>
> Even if I assume the problem is wrong address or port number, should I not
> see the packets sending out using radius protocol while I monitor the
> subnet using ethereal? Ethereal displays all the packets traffic in my
> subnet.

Yes, you should see radius packets leaving the AP. If not, ther may be a 
packet filter in the way.

Another possibility is that your wireless client is not even trying/able to 
get an association (and therefore not starting the authentication process), 
perhaps becuase you have static WEP keys that disagree?


>
> I am not at the location of the AP now. I will do a screen dump of my AP
> setup and email you the next few hours when I get to the location of the
> AP.
>
> Thanks for the help!
>
> Bon
>
> > I have attached a snapshot of our 340 authetnication page (note its set
> > for EAP, not MAC auth).
> >
> > > regards
> > >
> > > Hugh
> > >
> > > On Monday, Nov 11, 2002, at 00:09 Canada/Eastern, Bon sy wrote:
> > > > Hi Huge and others,
> > > >
> > > > 	Anyone in the list has ever tried to set up RADIATOR to work with
> > > > Cisco AP 350/352. The system and radio firmware versions are 12.00T
> > > > and 5.02B respectively.
> > > >
> > > > 	I started with very basic "MAC authentication" (under
> > > > setup -> security -> authentication server). But the RADIATOR does
> > > > not seem to pick up. The configuration that I added to the RADIATOR
> > > > config file is just simply
> > > >
> > > > <Client 192.123.168.101>
> > > >    secret SharedSecret
> > > >    DupInterval 0
> > > > </client>
> > > >
> > > > 	As a side note, the same RADIATOR config file works for Orinoco
> > > > AP-500 and AP-1000, but not for Cisco Ap 350. I wonder anyone in the
> > > > list
> > > > can shed lights on the proper settings on the side of the Cisco AP
> > > > 350 that I should start checking.
> > > >
> > > > 	Many thanks in advance!
> > > >
> > > > Bon
> > >
> > > NB: I am travelling this week, so there may be delays in our
> > > correspondence.
> >
> > --
> > Mike McCauley                               mikem at open.com.au
> > Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
> > 24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
> > Phone +61 3 9598-0985                       Fax   +61 3 9598-0955
> >
> > Radiator: the most portable, flexible and configurable RADIUS server
> > anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> > Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
> > TTLS etc on Unix, Windows, MacOS etc.

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985                       Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS etc on Unix, Windows, MacOS etc.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list