(RADIATOR) secret key usage in combination with CHAP/PAP

mohamed mohamedm at innovation.kpn.com
Tue Apr 29 09:11:08 CDT 2003 

Hi Hugh,
 
Sorry for the delay. Below you can find the configuration file and the
logfile output in case of CHAP and PAP.
 Note that this test is done in combination with a wrong secret.
 
With Kind Regards
Mohamed
__________________________________________
Configuration file
 
LogDir /opt/Radiator/log
DbDir /opt/Radiator/
#AcctDir /opt/APPradiator/log
Trace           4
AcctPort 1813
 
AuthPort 1812
LogFile
 
<Client DEFAULT>
        Secret          test
        DupInterval     0
</Client>
 
<Log FILE>
        Filename        %L/logfile-%Y-%m-%d
        Trace           5
</Log>
 
<Realm DEFAULT>
        
        RejectHasReason
        <AuthBy FILE>
                NoDefault
                Filename %D/users
        </AuthBy>
        
</Realm>
 
 
 
 
 
 
 
______________________________________
Output of an access-accept in case of CHAP:
 
 
Tue Apr 29 15:23:59 2003: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 1059 ....
Code:       Access-Request
Identifier: 88
Authentic:  1234567890123456
Attributes:
        User-Name = "user2 at isp2"
        Service-Type = Framed-User
        NAS-IP-Address = 203.63.154.1
        NAS-Port = 1234
        NAS-Port-Type = Async
        CHAP-Password =
5?K<9><199><204><157><145><187>s.<180>hR<133><253><161>
        CHAP-Challenge = 1234567890123456
 
Tue Apr 29 15:23:59 2003: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Tue Apr 29 15:23:59 2003: DEBUG:  Deleting session for user2 at isp2,
203.63.154.1, 1234
Tue Apr 29 15:23:59 2003: DEBUG: Handling with Radius::AuthFILE
Tue Apr 29 15:23:59 2003: DEBUG: Radius::AuthFILE looks for match with
user2 at isp2
Tue Apr 29 15:23:59 2003: DEBUG: Radius::AuthFILE ACCEPT:
Tue Apr 29 15:23:59 2003: DEBUG: Access accepted for user2 at isp2
Tue Apr 29 15:23:59 2003: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 1059 ....
Code:       Access-Accept
Identifier: 88
Authentic:  1234567890123456
Attributes:
        Framed-IP-Address = 10.17.32.17
        Framed-Protocol = PPP
        Service-Type = Framed-User
        Framed-IP-Netmask = 255.255.255.240
        Ascend-Client-Primary-DNS = 194.151.52.4


__________________________________
Output of an access-reject in case of PAP:
 
Tue Apr 29 15:27:14 2003: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 1059 ....
Code:       Access-Request
Identifier: 28
Authentic:  1234567890123456
Attributes:
        User-Name = "user2 at isp2"
        Service-Type = Framed-User
        NAS-IP-Address = 203.63.154.1
        NAS-Port = 1234
        NAS-Port-Type = Async
        User-Password =
"<140><248>:<223><157>\<4><246><188>8<9><160><216>}x<153>"
 
Tue Apr 29 15:27:14 2003: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Tue Apr 29 15:27:14 2003: DEBUG:  Deleting session for user2 at isp2,
203.63.154.1, 1234
Tue Apr 29 15:27:14 2003: DEBUG: Handling with Radius::AuthFILE
Tue Apr 29 15:27:14 2003: DEBUG: Radius::AuthFILE looks for match with
user2 at isp2
Tue Apr 29 15:27:14 2003: DEBUG: Radius::AuthFILE REJECT: Bad Password
Tue Apr 29 15:27:14 2003: INFO: Access rejected for user2 at isp2: Bad
Password
Tue Apr 29 15:27:14 2003: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 1059 ....
Code:       Access-Reject
Identifier: 28
Authentic:  1234567890123456
Attributes:
        Reply-Message = "Bad Password"
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20030429/e56921d3/attachment.html>

More information about the radiator mailing list