(RADIATOR) Hang on EAP-PEAP

Bon sy bon at bunny.cs.qc.edu
Fri Aug 22 17:01:36 CDT 2003


Hi all,
	
	I recently have a service call for my laptop running XP, but the
configuration of the system remains. I also replace the router NATing the
traffic between the wireless AP (Cisco 350) and the radius becuase it
busted duringthe NYC blackout last week. 

	Since the Cisco AP will only take the dynamic IP when the DHCP
is on. I have done few reconfiguration. After the reconfiguration, MAC add
auth, EAP-TLS etc all seem to work fine on all APs. I can also get
connected via the Cisco AP with EAP-TLS. 

	The problem I encountered is that when I ask for EAP-PEAP, it
hung (between the radius and the XP) at the point for "message
authenticator". After it hung, the radius stops working to
authenticate all devices. Below is the dump. I would appreicate if anyone
may have any insight why this happened and how to fix it. 

	Many thanks in advance!

Bon

Fri Aug 22 17:44:45 2003: DEBUG: Packet dump:
*** Received from 192.168.2.27 port 1096 ....
Code:       Access-Request
Identifier: 65
Authentic:  <186><164><215>K<151>.<220><172>d<167><21><239><174><203><20><142>
Attributes:
        User-Name = "TSMACH246\bon"
        cisco-avpair = "ssid=qcwireless"
        NAS-IP-Address = 192.168.2.27
        Called-Station-Id = "004096563106"
        Calling-Station-Id = "00022d1d364e"
        NAS-Identifier = "AP350-563106"
        NAS-Port = 37
        Framed-MTU = 1400
        NAS-Port-Type = Wireless-IEEE-802-11
        Service-Type = Login-User
        EAP-Message = <2>Y<0>)<25><0><23><3><1><0><30>w.F<179><219><189><156>q<129><135><167><140><170>p&<180>y+<157><250>h<3><207>1<253><Q <133><210>
        Message-Authenticator = <218><154>,+#<228>j<2>~?ge<143>8<231><142>

Fri Aug 22 17:44:45 2003: DEBUG: Handling request with Handler 'NAS-IP-Address = 192.168.2.27, Request-Type=Access-Request'
Fri Aug 22 17:44:45 2003: DEBUG:  Deleting session for TSMACH246\bon, 192.168.2.27, 37
Fri Aug 22 17:44:45 2003: DEBUG: Handling with Radius::AuthSQL
Fri Aug 22 17:44:45 2003: DEBUG: Handling with Radius::AuthSQL:
Fri Aug 22 17:44:45 2003: DEBUG: Handling with EAP: code 2, 89, 41
Fri Aug 22 17:44:45 2003: DEBUG: Response type 25
Fri Aug 22 17:44:45 2003: DEBUG: EAP PEAP inner authentication request for anonymous
Fri Aug 22 17:44:45 2003: DEBUG: PEAP Tunnelled request Packet dump:
Code:       Access-Request
Identifier: UNDEF
Authentic:  <252>',<213><141><5>#<254>Q<219><23>`<7><253>-<179>
Attributes:
        EAP-Message = <2>Y<0><14><1>TSMACH246\bon
        User-Name = "anonymous"
        NAS-IP-Address = 192.168.2.27
        NAS-Identifier = "AP350-563106"
        NAS-Port = 37
        Calling-Station-Id = "00022d1d364e"

Fri Aug 22 17:44:45 2003: DEBUG: Handling request with Handler 'TunnelledByPEAP=1'
Fri Aug 22 17:44:45 2003: DEBUG:  Deleting session for , 192.168.2.27, 37
Fri Aug 22 17:44:45 2003: DEBUG: Handling with Radius::AuthSQL
Fri Aug 22 17:44:45 2003: DEBUG: Handling with Radius::AuthSQL:
Fri Aug 22 17:44:45 2003: DEBUG: Handling with EAP: code 2, 89, 14
Fri Aug 22 17:44:45 2003: DEBUG: Response type 1
Fri Aug 22 17:44:45 2003: DEBUG: Access challenged for anonymous: EAP MSCHAP-V2 Challenge
Fri Aug 22 17:44:45 2003: DEBUG: Access challenged for TSMACH246\bon: EAP PEAP inner
authentication redespatched to a Handler
Fri Aug 22 17:44:45 2003: DEBUG: Packet dump:
*** Sending to 192.168.2.27 port 1096 ....
Code:       Access-Challenge
Identifier: 65
Authentic:  <186><164><215>K<151>.<220><172>d<167><21><239><174><203><20><142>
Attributes:
        EAP-Message = <1>Z<0>9<25><0><23><3><1><0>.<180>Z<190><250><22><192><8>6~J<192><220><172>{2<19><253><184>(<149><150><185>\<12><236><237>R<237><28><200><197><16>A<159><149>^b\<191><211><241><137>F<173><244>t
        Message-Authenticator = <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list