(RADIATOR) WiFi Protected Access - WPA

Hugh Irvine hugh at open.com.au
Tue Aug 5 18:24:12 CDT 2003 

Hello Fernando -

PEAP-GTC is Cisco's "generic token card" implementation.

Are you planning on using a token card?

In any case you will find a discussion on this issue here:

	Reference: http://www.suu.edu/it/nws/wireless/

regards

Hugh


On Wednesday, Aug 6, 2003, at 01:39 Australia/Melbourne, Fernando Romão 
wrote:

>    Hi,
>
>    A case was open at Cisco and based on the logs I sent, they said:
>
> «For your second problem (also considering debugs), it seems, Radiator
> is configured for PEAP-MS-CHAPv2 but client does PEAP-GTC (as it sends
> PEAP-MAC_Addr as username). PEAP-GTC is sending this users during phase
> 1 as identity protection.  »
>
>       Now, my question:
>             How I configure radiator for PEAP-GTC?
>
>
>               Thanks
>            Fernando Romão
>
> -----Original Message-----
> From: Mike McCauley [mailto:mikem at open.com.au]
> Sent: terça-feira, 24 de Junho de 2003 0:46
> To: Fernando Romão
> Subject: Re: (RADIATOR) WiFi Protected Access - WPA
>
>
> Hello Fernando ,
>
> Thanks for sending the detailed logs.
>> From the logs, it appears that Radiator behaves in exactly the same 
>> way
>
>> for
> both the WPA and the non-WPA case. It is sending back exaclty the same
> challenge to the client at the same time, but in the WPA case, the
> client
> never sends another request.
>
> Therfore I think this is a problem with your client. You should
> investigate
> your client configuration. There are some suggestions in the Radiator
> FAQ on
> how to get diagnostic information out of Windows XP at
> http://www.open.com.au/radiator/faq.html
>
> Cheers.
>
>
> On Tue, 24 Jun 2003 02:07 am, Fernando Romão wrote:
>> Hello Mike,
>>
>>    I follow your advice and I installed the latest patches, but ~I've
>> the same problem.
>>    Now have another problem, I can't authenticate with the old windows
>
>> XP SP1(PEAP).
>>
>>    In the file logfile are the logs for WPA and in the file logfile2
>> are the logs for old Windows XP SP1 (PEAP). My config file are in file
>
>> eap_peap38.cfg.
>>
>>        Have any idea what are the problem?
>>
>>                   Thanks
>>                    Fernando
>>
>>
>>
>>    Now I have the following log in logfile when I authenticated with
>> Windows XP SP1 (PEAP) and I have the log in logfile2
>>
>> -----Original Message-----
>> From: owner-radiator at open.com.au [mailto:owner-radiator at open.com.au]
>> On Behalf Of Mike McCauley
>> Sent: sexta-feira, 6 de Junho de 2003 0:41
>> To: Fernando Romão; radiator at open.com.au
>> Subject: Re: (RADIATOR) WiFi Protected Access - WPA
>>
>>
>> Hello Fernando,
>>
>> On Fri, 6 Jun 2003 01:37 am, Fernando Romão wrote:
>>>      Mikem,
>>>
>>>      These are my config files and logs.
>>>
>>>      Note that the user I used to login was mrs00020 and not
>>> PEAP-000B46BD5547.
>>>      This strange login is PEAP + MACaddreess of the wireless
> adapter.
>>>      Why this happens? I don’t know.
>>
>> I dont know the AP is sending this request to you.
>> I can tell you that this error:
>>
>> Thu Jun  5 12:20:43 2003: ERR: Could not load EAP module
>> Radius::EAP_2: Can't locate Radius/EAP_2.pm in @INC (@INC contains: .
>> /usr/local/lib/perl5/5.8.0/i686-linux /usr/local/lib/perl5/5.8.0
>> /usr/local/lib/perl5/site_perl/5.8.0/i686-linux
>> /usr/local/lib/perl5/site_perl/5.8.0 /usr/local/lib/perl5/site_perl .)
>> at
>> (eval 53) line 3.
>>
>> means that you need to install the latest Radiator 3.6 patches for a
>> Cisco compatibility issue.
>>
>> Cheers.
>>
>>>        Thanks
>>>       Fernando
>>>
>>>
>>> -----Original Message-----
>>> From: owner-radiator at open.com.au [mailto:owner-radiator at open.com.au]
>>> On Behalf Of Mike McCauley
>>> Sent: quinta-feira, 5 de Junho de 2003 1:05
>>> To: Fernando Romão; radiator at open.com.au
>>> Subject: Re: (RADIATOR) WiFi Protected Access - WPA
>>>
>>>
>>> Hello Fernando,
>>>
>>> On Thu, 5 Jun 2003 03:28 am, Fernando Romão wrote:
>>>>     Hi,
>>>>
>>>> 	Does Radiator support WiFi Protected Access (WPA)
>>>
>>> Authentication?
>>>
>>>> 	I using a PEAP authentication with radiator and it works fine.
>>>>
>>>>       Today i upgraded a Cisco 1100 AP with the version 12.2(11)JA
>
>>>> and
>>>>
>>>> the windows XP with WPA patch. I configure the AP with WPA and I
>>>> try
>>>>
>>>> to configure the Windows XP but the authentication method
>>>> MS-CHAPv2 were not present. I use other options but they didn't
>>>> work. Have the
>>>>
>>>> Radiator to support this new features or its possible to
>>>> workaround?
>>>
>>> We would not expect to see a problem with that. Will you please send
>
>>> me your config file (no secrets) and  Radiator log file at trace
>>> level
>>>
>>> 4, showing
>>> what happens during such a WPA authentication.
>>>
>>> Cheers.
>>>
>>>>                Thanks
>>>>             Fernando
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ===
>>>> Archive at http://www.open.com.au/archives/radiator/
>>>> Announcements on radiator-announce at open.com.au
>>>> To unsubscribe, email 'majordomo at open.com.au' with 'unsubscribe
>>>> radiator' in the body of the message.
>
> -- 
> Mike McCauley                               mikem at open.com.au
> Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
> 24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
> Phone +61 3 9598-0985                       Fax   +61 3 9598-0955
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
> TTLS, PEAP etc on Unix, Windows, MacOS etc.
>
>
>
>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list