(RADIATOR) Problem with AuthByOPIE
Hugh Irvine
hugh at open.com.au
Fri Aug 20 02:50:39 CDT 2004
Hello John -
Mike is away for a few days so he probably won't see this until Monday.
regards
Hugh
On 20 Aug 2004, at 16:51, <lisha.john at wipro.com> wrote:
>
>
>
>
> Hi Mike,
>
> I am sending u the entire radiator log file....
>
>
>
> root at lisha]# radiusd -foreground -config_file eap_opie.cfg
> Fri Aug 20 12:08:17 2004: DEBUG: Finished reading configuration file
> 'eap_opie.c
> fg'
> This Radiator license will expire on 2005-02-01
> This Radiator license will stop operating after 1000 requests
> To purchase an unlimited full source version of Radiator, see
> http://www.open.com.au/ordering.html
> To extend your evaluation period, contact admin at open.com.au
>
> Fri Aug 20 12:08:17 2004: DEBUG: Reading dictionary file
> '/etc/radiator/dictiona
> ry'
> Fri Aug 20 12:08:17 2004: DEBUG: Creating authentication port
> 0.0.0.0:1645
> Fri Aug 20 12:08:17 2004: DEBUG: Creating accounting port 0.0.0.0:1646
> Fri Aug 20 12:08:17 2004: NOTICE: Server started: Radiator 3.9 on
> m3-ipneg-lisha
> (LOCKED)
> Fri Aug 20 12:08:23 2004: DEBUG: Packet dump:
> *** Received from 127.0.0.1 port 32773 ....
>
> Packet length = 103
> 01 61 00 67 31 32 33 34 35 36 37 38 39 30 31 32
> 33 34 35 36 01 07 6d 69 6b 65 6d 06 06 00 00 00
> 02 04 06 cb 3f 9a 01 05 06 00 00 04 d2 1e 0b 31
> 32 33 34 35 36 37 38 39 1f 0b 39 38 37 36 35 34
> 33 32 31 3d 06 00 00 00 00 4f 0c 02 00 00 0a 01
> 6d 69 6b 65 6d 50 12 ed 41 6b 75 c4 2d 07 c7 99
> 2a 00 de 5c 55 ee e3
> Code: Access-Request
> Identifier: 97
> Authentic: 1234567890123456
> Attributes:
> User-Name = "mikem"
> Service-Type = Framed-User
> NAS-IP-Address = 203.63.154.1
> NAS-Port = 1234
> Called-Station-Id = "123456789"
> Calling-Station-Id = "987654321"
> NAS-Port-Type = Async
> EAP-Message = <2><0><0><10><1>mikem
> Message-Authenticator =
> <237>Aku<196>-<7><199><153>*<0><222>\U<238><227>
>
> Fri Aug 20 12:08:23 2004: DEBUG: Handling request with Handler
> 'Realm=DEFAULT'
> Fri Aug 20 12:08:23 2004: DEBUG: Deleting session for mikem,
> 203.63.154.1, 1234
> Fri Aug 20 12:08:23 2004: DEBUG: Handling with Radius::AuthOPIE:
> Fri Aug 20 12:08:23 2004: DEBUG: Handling with EAP: code 2, 0, 10
> Fri Aug 20 12:08:23 2004: DEBUG: Response type 1
> Fri Aug 20 12:08:23 2004: ERR: Could not handle an EAP request:
> Undefined subrou tine
> &OPIE::opie_challenge called at
> /usr/lib/perl5/site_perl/Radius/AuthOPIE.pm
> line 105.
>
> Fri Aug 20 12:08:23 2004: INFO: Access rejected for mikem: Could not
> handle an E AP request
> Fri Aug 20 12:08:23 2004: DEBUG: Packet dump:
> *** Sending to 127.0.0.1 port 32773 ....
>
> Packet length = 36
> 03 61 00 24 06 9a c4 ec bb f8 04 90 00 9a db e9
> 75 df 3d a9 12 10 52 65 71 75 65 73 74 20 44 65
> 6e 69 65 64
> Code: Access-Reject
> Identifier: 97
> Authentic: 1234567890123456
> Attributes:
> Reply-Message = "Request Denied"
>
>
>
> Thanx in advance.
>
> Regards,
> Lisha John
>
>
> -----Original Message-----
> From: Mike McCauley [mailto:mikem at open.com.au]
> Sent: Friday, August 20, 2004 2:34 AM
> To: Lisha John
> Subject: Re: (RADIATOR) Problem with AuthByOPIE
>
>
> Hello John,
>
>
> On Thursday 19 August 2004 22:00, you wrote:
>> Hello Mike,
>>
>>
>> Thanx a lot for sending me the tar file....
>>
>> I installed that using the commands:
>>
>> perl Makefile.PL
>> make
>> make test
>> make install
>>
>> I have installed opie-2.4 and OPIE-0.75 in
>> /usr/lib/perl5/site_perl/5.8.0/Radius.
>>
>> But still it is showing the same error.
>
> There is probably another error message higher in the log file.
>
> You will need to post the entire log file showing all messages from the
> time
> you start Radiator to the Radiator mailing list: I wont be able to help
> you
> directly from here.
>
> Cheers.
>
>>
>> Regards,
>>
>> Lisha John
>>
>>
>> -----Original Message-----
>> From: Mike McCauley [mailto:mikem at open.com.au]
>> Sent: Thu 8/19/2004 4:52 PM
>> To: Lisha John
>> Cc:
>> Subject: Re: (RADIATOR) Problem with AuthByOPIE
>>
>> Hello,
>>
>> On Thursday 19 August 2004 20:50, you wrote:
>>> Hi Mike,
>>>
>>>
>>>
>>> I had searched in CPAN for OPIE-0.75.tar.gz but only
>>> Authen-OPIE-1.00 was available....
>>>
>>> i also tried searching it in google....but i didnt get any.....
>>>
>>> and regarding the log file,after installing opie-2.4 and
>>> Authen-OPIE-1.00,this is the only error that i got.
>>
>> Actually, after looking at Authen-OPIE, its a more recent release of
>> OPIE. AuthOPIE.pm could be made to work with the new one with little
>> effort, and we will probably do this very shortly. In the meantime,
>> you may want to use the OPIE I just sent you.
>>
>> Cheers.
>>
>>> Regards,
>>> Lisha John
>>>
>>>
>>>
>>> -----Original Message-----
>>> From: Mike McCauley [mailto:mikem at open.com.au]
>>> Sent: Thursday, August 19, 2004 3:52 PM
>>> To: Lisha John
>>> Cc: radiator at open.com.au
>>> Subject: Re: (RADIATOR) Problem with AuthByOPIE
>>>
>>>
>>> Hello John,
>>>
>>> On Thursday 19 August 2004 20:01, lisha.john at wipro.com wrote:
>>>> Hi All,
>>>>
>>>> I am having a problem running the radiator with AuthByOPIE
>>>>
>>>> I am trying to test it with the radpwtst cmd :
>>>>
>>>> ./radpwtst -noacct -eapotp
>>>>
>>>> But i am getting an error,
>>>>
>>>> Could not handle an EAP request: Undefined subroutine
>>>> &OPIE::opie_challenge called at
>>>> /usr/lib/perl5/site_perl/5.8.0/Radius/AuthOPIE.pm line 105.
>>>
>>> Probably you do not have the required perl OPIE module installed
>>> properly. You should have seen an error message to that effect
>>> earlier in your log file.
>>> You will need to get OPIE-0.75.tar.gz from CPAN abd build and
> install
>>> it.
>>>
>>> Cheers.
>>>
>>>> The config file that i have used is
>>>>
>>>> Foreground
>>>>
>>>> LogStdout
>>>>
>>>> LogDir .
>>>>
>>>> DbDir .
>>>>
>>>> # User a lower trace level in production systems:
>>>>
>>>> Trace 5
>>>>
>>>> # You will probably want to add other Clients to suit your site, #
>
>>>> one
>>>>
>>>> for each NAS you want to work with <Client DEFAULT>
>>>>
>>>> Secret mysecret
>>>>
>>>> DupInterval 0
>>>>
>>>> </Client>
>>>>
>>>> <Realm DEFAULT>
>>>>
>>>> <AuthBy OPIE>
>>>>
>>>> # EAPType sets the EAP type(s) that Radiator will honour.
>>>>
>>>> # Options are: MD5-Challenge, One-Time-Password
>>>>
>>>> # Generic-Token, TLS, TTLS, PEAP, MSCHAP-V2
>>>>
>>>> # Multiple types can be comma separated. With the default (most
>>>>
>>>> # preferred) type given first
>>>>
>>>> EAPType One-Time-Password
>>>>
>>>> </AuthBy>
>>>>
>>>> </Realm>
>>>>
>>>>
>>>>
>>>> and the radiator log is
>>>>
>>>>
>>>>
>>>> hu Aug 19 14:23:45 2004: DEBUG: Reading dictionary file
>>>> './dictionary'
>>>>
>>>> Thu Aug 19 14:23:45 2004: DEBUG: Creating authentication port
>>>> 0.0.0.0:1645 Thu Aug 19 14:23:45 2004: DEBUG: Creating accounting
>>>> port
>>>>
>>>> 0.0.0.0:1646 Thu Aug 19 14:23:45 2004: NOTICE: Server started:
>>>> Radiator 3.9 on m3-ipneg-lisha (EVALUATION) Thu Aug 19 14:23:47
>>>> 2004:
>>>> DEBUG: Packet dump:
>>>>
>>>> *** Received from 127.0.0.1 port 32775 ....
>>>>
>>>> Packet length = 103
>>>>
>>>> 01 6b 00 67 31 32 33 34 35 36 37 38 39 30 31 32
>>>>
>>>> 33 34 35 36 01 07 6d 69 6b 65 6d 06 06 00 00 00
>>>>
>>>> 02 04 06 cb 3f 9a 01 05 06 00 00 04 d2 1e 0b 31
>>>>
>>>> 32 33 34 35 36 37 38 39 1f 0b 39 38 37 36 35 34
>>>>
>>>> 33 32 31 3d 06 00 00 00 00 4f 0c 02 00 00 0a 01
>>>>
>>>> 6d 69 6b 65 6d 50 12 00 8e 1d a7 31 21 8f 1f 3c
>>>>
>>>> fb 30 10 73 27 f9 ec
>>>>
>>>> Code: Access-Request
>>>>
>>>> Identifier: 107
>>>>
>>>> Authentic: 1234567890123456
>>>>
>>>> Attributes:
>>>>
>>>> User-Name = "mikem"
>>>>
>>>> Service-Type = Framed-User
>>>>
>>>> NAS-IP-Address = 203.63.154.1
>>>>
>>>> NAS-Port = 1234
>>>>
>>>> Called-Station-Id = "123456789"
>>>>
>>>> Calling-Station-Id = "987654321"
>>>>
>>>> NAS-Port-Type = Async
>>>>
>>>> EAP-Message = <2><0><0><10><1>mikem
>>>>
>>>> Message-Authenticator =
>>>> <0><142><29><167>1!<143><31><<251>0<16>s'<249><236>
>>>>
>>>> Thu Aug 19 14:23:47 2004: DEBUG: Handling request with Handler
>>>> 'Realm=DEFAULT' Thu Aug 19 14:23:47 2004: DEBUG: Deleting session
>>>> for mikem, 203.63.154.1, 1234 Thu Aug 19 14:23:47 2004: DEBUG:
>>>> Handling with
>>>> Radius::AuthOPIE: Thu Aug 19 14:23:47 2004: DEBUG: Handling with
>>>> EAP: code 2, 0, 10 Thu Aug 19 14:23:47 2004: DEBUG: Response type
>>>> 1 Thu Aug 19 14:23:47 2004: ERR: Could not handle an EAP request:
>>>> Undefined subroutine &OPIE::opie_challenge called at
>>>> /usr/lib/perl5/site_perl/5.8.0/Radius/AuthOPIE.pm line 105.
>>>>
>>>> Thu Aug 19 14:23:47 2004: INFO: Access rejected for mikem: Could
>>>> not handle an EAP request Thu Aug 19 14:23:47 2004: DEBUG: Packet
>>>> dump:
>>>>
>>>> *** Sending to 127.0.0.1 port 32775 ....
>>>>
>>>> Packet length = 36
>>>>
>>>> 03 6b 00 24 89 9a f8 cb 39 c0 d5 6c 4e cc 9f 06
>>>>
>>>> 3c 12 1d 8d 12 10 52 65 71 75 65 73 74 20 44 65
>>>>
>>>> 6e 69 65 64
>>>>
>>>> Code: Access-Reject
>>>>
>>>> Identifier: 107
>>>>
>>>> Authentic: 1234567890123456
>>>>
>>>> Attributes:
>>>>
>>>> Reply-Message = "Request Denied"
>>>>
>>>>
>>>>
>>>> I have also installed the opie-2.4 and Authen-OPIE-1.00 perl
>>>> module in
>>>>
>>>> /usr/lib/perl5/site_perl/5.8.0/Radius.The installation went on
>>>> fine...
>>>>
>>>> But i am stuck up with this error.
>>>>
>>>> As i am new to linux,i am not sure how this linking happens...
>>>>
>>>>
>>>>
>>>> please help.
>>>>
>>>>
>>>>
>>>> Regards,
>>>>
>>>> Lisha
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> Confidentiality Notice
>>>>
>>>> The information contained in this electronic message and any
>>>> attachments to this message are intended for the exclusive use of
>>>> the
>>>> addressee(s) and may contain confidential or privileged
> information.
>>>> If you are not the intended recipient, please notify the sender at
>>>> Wipro or Mailadmin at wipro.com immediately and destroy all copies of
>>>> this message and any attachments.
>>>
>>> --
>>> Mike McCauley mikem at open.com.au
>>> Open System Consultants Pty. Ltd Unix, Perl, Motif, C++,
> WWW
>>> 9 Bulbul Place Currumbin Waters QLD 4223 Australia
>>> http://www.open.com.au
>>> Phone +61 7 5598-7474 Fax +61 7 5598-7070
>>>
>>> Radiator: the most portable, flexible and configurable RADIUS server
>
>>> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>
>>> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP,
>>> TLS, TTLS, PEAP etc on Unix, Windows, MacOS etc.
>>>
>>>
>>>
>>>
>>> Confidentiality Notice
>>>
>>> The information contained in this electronic message and any
>>> attachments to this message are intended for the exclusive use of
>>> the addressee(s) and may contain confidential or privileged
>>> information. If you are not the intended recipient, please notify
>>> the sender at Wipro or Mailadmin at wipro.com immediately and destroy
>>> all copies of this message and any attachments.
>>
>> --
>> Mike McCauley mikem at open.com.au
>> Open System Consultants Pty. Ltd Unix, Perl, Motif, C++,
> WWW
>> 9 Bulbul Place Currumbin Waters QLD 4223 Australia
> http://www.open.com.au
>> Phone +61 7 5598-7474 Fax +61 7 5598-7070
>>
>> Radiator: the most portable, flexible and configurable RADIUS server
>> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP,
>> TLS, TTLS, PEAP etc on Unix, Windows, MacOS etc.
>>
>>
>>
>>
>>
>>
>>
>> Confidentiality Notice
>>
>> The information contained in this electronic message and any
>> attachments to this message are intended for the exclusive use of the
>> addressee(s) and may contain confidential or privileged information.
>> If you are not the intended recipient, please notify the sender at
>> Wipro or Mailadmin at wipro.com immediately and destroy all copies of
>> this message and any attachments.
>
> --
> Mike McCauley mikem at open.com.au
> Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
> 9 Bulbul Place Currumbin Waters QLD 4223 Australia
> http://www.open.com.au
> Phone +61 7 5598-7474 Fax +61 7 5598-7070
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
> TTLS, PEAP etc on Unix, Windows, MacOS etc.
>
>
>
> Confidentiality Notice
>
> The information contained in this electronic message and any
> attachments to this message are intended
> for the exclusive use of the addressee(s) and may contain confidential
> or privileged information. If
> you are not the intended recipient, please notify the sender at Wipro
> or Mailadmin at wipro.com immediately
> and destroy all copies of this message and any attachments.
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>
NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list