(RADIATOR) Tracking 802.1x access via postauth hook.

Hugh Irvine hugh at open.com.au
Wed Aug 20 22:00:09 CDT 2003 

Hello John -

I would like to see a copy of the configuration file (no secrets)  
together with a more complete trace 4 debug showing more of what is  
going on. And perhaps you could give me a bit more detail on what  
exactly you want to do.

regards

Hugh


On Thursday, Aug 21, 2003, at 03:08 Australia/Melbourne, John McFadden  
wrote:

> I'd like to write an access audit trail to a database via a postauth  
> hook and it looked good until but I tried
> to use the calling_station_id attribute as the mac address.
> It shows up ok when I processing the anonymous id it but is blank when  
> I'm processing the real userid.
>
> I suspect it's because it's EAP and the tunnel is hiding the mac as  
> the the Identifier is UNDEF as show it trace included at bottom of  
> note.
>
> Is this correct?
>
> Is there another way to get the mac from the request or reply?
>
> Any other suggestions?
>
> Thanks in advance
>
> John McFadden
>
>
> Code:       Access-Request
> Identifier: 22
> Authentic:  .v<230>1<171><128>2<200><143><189>+<22>a<146><31>L
> Attributes:
>    User-Name = "anonymous"
>    NAS-IP-Address = 129.100.182.17
>    Called-Station-Id = "00a0f8a45f4a"
>    Calling-Station-Id = "00022d23fa21"
>    NAS-Identifier = "W1NSC211Cx.nsc.wireless.uwo.ca"
>    NAS-Port = 29
>    Framed-MTU = 1300
>    NAS-Port-Type = Wireless-IEEE-802-11
>    EAP-Message =  
> <2><238><0>G<21><128><0><0><0>=<23><3><1><0>8<153><23>\<193><11><181><1 
> 77>Ssns<10><243><167><140>vD<213>&<143>a<131><4><230><148><213><247>a<2 
> 6><13>60@<221>8_<167><1><149><243><179>!<168><218>s<27>C&<171><132><247 
> ><198>_x_<169>
>    Message-Authenticator =  
> v:`5<150><1><243><226><23><207><156>T[0<229><165>
>
> Wed Aug 20 12:27:50 2003: DEBUG: Handling request with Handler  
> 'Realm=DEFAULT'
> Wed Aug 20 12:27:50 2003: DEBUG:  Deleting session for anonymous,  
> 129.100.182.17, 29
> Wed Aug 20 12:27:50 2003: DEBUG: Handling with Radius::AuthLDAP2:  
> UwoLdap
> Wed Aug 20 12:27:50 2003: DEBUG: Handling with EAP: code 2, 238, 71
> Wed Aug 20 12:27:50 2003: DEBUG: Response type 21
> Wed Aug 20 12:27:50 2003: DEBUG: EAP TTLS inner authentication request  
> for dasjlm
> Wed Aug 20 12:27:50 2003: DEBUG: TTLS Tunnelled Diameter Packet dump:
> Code:       Access-Request
> Identifier: UNDEF
> Authentic:  <172>[A<241>=<200><147>~<245><10><150>8<227>C<8><185>
> Attributes:
>    User-Name = "dasjlm"
>    User-Password = "xxxxxxx"
>
>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list