(RADIATOR) Problem with AuthByOPIE

lisha.john at wipro.com lisha.john at wipro.com
Fri Aug 20 03:19:13 CDT 2004





Hi Hugh,



Can u help me in this.....Iam trying to test with
AuthBy OPIE.i hav already posted the log file and
the config file...

please itz urgent....


Regards,
Lisha John

-----Original Message-----
From: Hugh Irvine [mailto:hugh at open.com.au]
Sent: Friday, August 20, 2004 1:21 PM
To: Lisha John
Cc: mikem at open.com.au; radiator at open.com.au
Subject: Re: (RADIATOR) Problem with AuthByOPIE



Hello John -

Mike is away for a few days so he probably won't see this until Monday.

regards

Hugh


On 20 Aug 2004, at 16:51, <lisha.john at wipro.com> wrote:

>
>
>
>
> Hi Mike,
>
> I am sending u the entire radiator log file....
>
>
>
> root at lisha]# radiusd -foreground -config_file eap_opie.cfg Fri Aug 20
> 12:08:17 2004: DEBUG: Finished reading configuration file 'eap_opie.c
> fg'
> This Radiator license will expire on 2005-02-01
> This Radiator license will stop operating after 1000 requests
> To purchase an unlimited full source version of Radiator, see
> http://www.open.com.au/ordering.html
> To extend your evaluation period, contact admin at open.com.au
>
> Fri Aug 20 12:08:17 2004: DEBUG: Reading dictionary file
> '/etc/radiator/dictiona ry'
> Fri Aug 20 12:08:17 2004: DEBUG: Creating authentication port
> 0.0.0.0:1645
> Fri Aug 20 12:08:17 2004: DEBUG: Creating accounting port 0.0.0.0:1646
> Fri Aug 20 12:08:17 2004: NOTICE: Server started: Radiator 3.9 on
> m3-ipneg-lisha
>  (LOCKED)
> Fri Aug 20 12:08:23 2004: DEBUG: Packet dump:
> *** Received from 127.0.0.1 port 32773 ....
>
> Packet length = 103
> 01 61 00 67 31 32 33 34 35 36 37 38 39 30 31 32
> 33 34 35 36 01 07 6d 69 6b 65 6d 06 06 00 00 00
> 02 04 06 cb 3f 9a 01 05 06 00 00 04 d2 1e 0b 31
> 32 33 34 35 36 37 38 39 1f 0b 39 38 37 36 35 34
> 33 32 31 3d 06 00 00 00 00 4f 0c 02 00 00 0a 01
> 6d 69 6b 65 6d 50 12 ed 41 6b 75 c4 2d 07 c7 99
> 2a 00 de 5c 55 ee e3
> Code:       Access-Request
> Identifier: 97
> Authentic:  1234567890123456
> Attributes:
>         User-Name = "mikem"
>         Service-Type = Framed-User
>         NAS-IP-Address = 203.63.154.1
>         NAS-Port = 1234
>         Called-Station-Id = "123456789"
>         Calling-Station-Id = "987654321"
>         NAS-Port-Type = Async
>         EAP-Message = <2><0><0><10><1>mikem
>         Message-Authenticator =
> <237>Aku<196>-<7><199><153>*<0><222>\U<238><227>
>
> Fri Aug 20 12:08:23 2004: DEBUG: Handling request with Handler
> 'Realm=DEFAULT' Fri Aug 20 12:08:23 2004: DEBUG:  Deleting session for

> mikem, 203.63.154.1, 1234
> Fri Aug 20 12:08:23 2004: DEBUG: Handling with Radius::AuthOPIE:
> Fri Aug 20 12:08:23 2004: DEBUG: Handling with EAP: code 2, 0, 10
> Fri Aug 20 12:08:23 2004: DEBUG: Response type 1
> Fri Aug 20 12:08:23 2004: ERR: Could not handle an EAP request:
> Undefined subrou                                            tine
> &OPIE::opie_challenge called at
> /usr/lib/perl5/site_perl/Radius/AuthOPIE.pm
> line 105.
>
> Fri Aug 20 12:08:23 2004: INFO: Access rejected for mikem: Could not
> handle an E                                            AP request
> Fri Aug 20 12:08:23 2004: DEBUG: Packet dump:
> *** Sending to 127.0.0.1 port 32773 ....
>
> Packet length = 36
> 03 61 00 24 06 9a c4 ec bb f8 04 90 00 9a db e9
> 75 df 3d a9 12 10 52 65 71 75 65 73 74 20 44 65
> 6e 69 65 64
> Code:       Access-Reject
> Identifier: 97
> Authentic:  1234567890123456
> Attributes:
>         Reply-Message = "Request Denied"
>
>
>
> Thanx in advance.
>
> Regards,
> Lisha John
>
>
> -----Original Message-----
> From: Mike McCauley [mailto:mikem at open.com.au]
> Sent: Friday, August 20, 2004 2:34 AM
> To: Lisha John
> Subject: Re: (RADIATOR) Problem with AuthByOPIE
>
>
> Hello John,
>
>
> On Thursday 19 August 2004 22:00, you wrote:
>> Hello Mike,
>>
>>
>> Thanx a lot for sending me the tar file....
>>
>> I installed that using the commands:
>>
>> perl Makefile.PL
>> make
>> make test
>> make install
>>
>> I have installed opie-2.4 and OPIE-0.75 in
>> /usr/lib/perl5/site_perl/5.8.0/Radius.
>>
>> But still it is showing the same error.
>
> There is probably another error message higher in the log file.
>
> You will need to post the entire log file showing all messages from
> the time you start Radiator to the Radiator mailing list: I wont be
> able to help you
> directly from here.
>
> Cheers.
>
>>
>> Regards,
>>
>> Lisha John
>>
>>
>> -----Original Message-----
>> From:	Mike McCauley [mailto:mikem at open.com.au]
>> Sent:	Thu 8/19/2004 4:52 PM
>> To:	Lisha John
>> Cc:
>> Subject:	Re: (RADIATOR) Problem with AuthByOPIE
>>
>> Hello,
>>
>> On Thursday 19 August 2004 20:50, you wrote:
>>> Hi Mike,
>>>
>>>
>>>
>>> I had searched in CPAN for OPIE-0.75.tar.gz but only
>>> Authen-OPIE-1.00 was available....
>>>
>>> i also tried searching it in google....but i didnt get any.....
>>>
>>> and regarding the log file,after installing opie-2.4 and
>>> Authen-OPIE-1.00,this is the only error that i got.
>>
>> Actually, after looking at Authen-OPIE, its a more recent release of
>> OPIE. AuthOPIE.pm could be made to work with the new one with little
>> effort, and we will probably do this very shortly. In the meantime,
>> you may want to use the OPIE I just sent you.
>>
>> Cheers.
>>
>>> Regards,
>>> Lisha John
>>>
>>>
>>>
>>> -----Original Message-----
>>> From: Mike McCauley [mailto:mikem at open.com.au]
>>> Sent: Thursday, August 19, 2004 3:52 PM
>>> To: Lisha John
>>> Cc: radiator at open.com.au
>>> Subject: Re: (RADIATOR) Problem with AuthByOPIE
>>>
>>>
>>> Hello John,
>>>
>>> On Thursday 19 August 2004 20:01, lisha.john at wipro.com wrote:
>>>> Hi All,
>>>>
>>>> I am having a problem running the radiator with AuthByOPIE
>>>>
>>>> I am trying to test it with the radpwtst cmd :
>>>>
>>>> ./radpwtst -noacct -eapotp
>>>>
>>>> But i am getting an error,
>>>>
>>>> Could not handle an EAP request: Undefined subroutine
>>>> &OPIE::opie_challenge called at
>>>> /usr/lib/perl5/site_perl/5.8.0/Radius/AuthOPIE.pm line 105.
>>>
>>> Probably you do not have the required perl OPIE module installed
>>> properly. You should have seen an error message to that effect
>>> earlier in your log file. You will need to get OPIE-0.75.tar.gz from

>>> CPAN abd build and
> install
>>> it.
>>>
>>> Cheers.
>>>
>>>> The config file that i have used is
>>>>
>>>> Foreground
>>>>
>>>> LogStdout
>>>>
>>>> LogDir .
>>>>
>>>> DbDir .
>>>>
>>>> # User a lower trace level in production systems:
>>>>
>>>> Trace 5
>>>>
>>>> # You will probably want to add other Clients to suit your site, #
>
>>>> one
>>>>
>>>> for each NAS you want to work with <Client DEFAULT>
>>>>
>>>> Secret mysecret
>>>>
>>>> DupInterval 0
>>>>
>>>> </Client>
>>>>
>>>> <Realm DEFAULT>
>>>>
>>>> <AuthBy OPIE>
>>>>
>>>> # EAPType sets the EAP type(s) that Radiator will honour.
>>>>
>>>> # Options are: MD5-Challenge, One-Time-Password
>>>>
>>>> # Generic-Token, TLS, TTLS, PEAP, MSCHAP-V2
>>>>
>>>> # Multiple types can be comma separated. With the default (most
>>>>
>>>> # preferred) type given first
>>>>
>>>> EAPType One-Time-Password
>>>>
>>>> </AuthBy>
>>>>
>>>> </Realm>
>>>>
>>>>
>>>>
>>>> and the radiator log is
>>>>
>>>>
>>>>
>>>> hu Aug 19 14:23:45 2004: DEBUG: Reading dictionary file
>>>> './dictionary'
>>>>
>>>> Thu Aug 19 14:23:45 2004: DEBUG: Creating authentication port
>>>> 0.0.0.0:1645 Thu Aug 19 14:23:45 2004: DEBUG: Creating accounting
>>>> port
>>>>
>>>> 0.0.0.0:1646 Thu Aug 19 14:23:45 2004: NOTICE: Server started:
>>>> Radiator 3.9 on m3-ipneg-lisha (EVALUATION) Thu Aug 19 14:23:47
>>>> 2004:
>>>> DEBUG: Packet dump:
>>>>
>>>> *** Received from 127.0.0.1 port 32775 ....
>>>>
>>>> Packet length = 103
>>>>
>>>> 01 6b 00 67 31 32 33 34 35 36 37 38 39 30 31 32
>>>>
>>>> 33 34 35 36 01 07 6d 69 6b 65 6d 06 06 00 00 00
>>>>
>>>> 02 04 06 cb 3f 9a 01 05 06 00 00 04 d2 1e 0b 31
>>>>
>>>> 32 33 34 35 36 37 38 39 1f 0b 39 38 37 36 35 34
>>>>
>>>> 33 32 31 3d 06 00 00 00 00 4f 0c 02 00 00 0a 01
>>>>
>>>> 6d 69 6b 65 6d 50 12 00 8e 1d a7 31 21 8f 1f 3c
>>>>
>>>> fb 30 10 73 27 f9 ec
>>>>
>>>> Code: Access-Request
>>>>
>>>> Identifier: 107
>>>>
>>>> Authentic: 1234567890123456
>>>>
>>>> Attributes:
>>>>
>>>> User-Name = "mikem"
>>>>
>>>> Service-Type = Framed-User
>>>>
>>>> NAS-IP-Address = 203.63.154.1
>>>>
>>>> NAS-Port = 1234
>>>>
>>>> Called-Station-Id = "123456789"
>>>>
>>>> Calling-Station-Id = "987654321"
>>>>
>>>> NAS-Port-Type = Async
>>>>
>>>> EAP-Message = <2><0><0><10><1>mikem
>>>>
>>>> Message-Authenticator =
>>>> <0><142><29><167>1!<143><31><<251>0<16>s'<249><236>
>>>>
>>>> Thu Aug 19 14:23:47 2004: DEBUG: Handling request with Handler
>>>> 'Realm=DEFAULT' Thu Aug 19 14:23:47 2004: DEBUG: Deleting session
>>>> for mikem, 203.63.154.1, 1234 Thu Aug 19 14:23:47 2004: DEBUG:
>>>> Handling with
>>>> Radius::AuthOPIE: Thu Aug 19 14:23:47 2004: DEBUG: Handling with
>>>> EAP: code 2, 0, 10 Thu Aug 19 14:23:47 2004: DEBUG: Response type 1

>>>> Thu Aug 19 14:23:47 2004: ERR: Could not handle an EAP request:
>>>> Undefined subroutine &OPIE::opie_challenge called at
>>>> /usr/lib/perl5/site_perl/5.8.0/Radius/AuthOPIE.pm line 105.
>>>>
>>>> Thu Aug 19 14:23:47 2004: INFO: Access rejected for mikem: Could
>>>> not handle an EAP request Thu Aug 19 14:23:47 2004: DEBUG: Packet
>>>> dump:
>>>>
>>>> *** Sending to 127.0.0.1 port 32775 ....
>>>>
>>>> Packet length = 36
>>>>
>>>> 03 6b 00 24 89 9a f8 cb 39 c0 d5 6c 4e cc 9f 06
>>>>
>>>> 3c 12 1d 8d 12 10 52 65 71 75 65 73 74 20 44 65
>>>>
>>>> 6e 69 65 64
>>>>
>>>> Code: Access-Reject
>>>>
>>>> Identifier: 107
>>>>
>>>> Authentic: 1234567890123456
>>>>
>>>> Attributes:
>>>>
>>>> Reply-Message = "Request Denied"
>>>>
>>>>
>>>>
>>>> I have also installed the opie-2.4 and Authen-OPIE-1.00 perl module

>>>> in
>>>>
>>>> /usr/lib/perl5/site_perl/5.8.0/Radius.The installation went on
>>>> fine...
>>>>
>>>> But i am stuck up with this error.
>>>>
>>>> As i am new to linux,i am not sure how this linking happens...
>>>>
>>>>
>>>>
>>>> please help.
>>>>
>>>>
>>>>
>>>> Regards,
>>>>
>>>> Lisha
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> Confidentiality Notice
>>>>
>>>> The information contained in this electronic message and any
>>>> attachments to this message are intended for the exclusive use of
>>>> the
>>>> addressee(s) and may contain confidential or privileged
> information.
>>>> If you are not the intended recipient, please notify the sender at
>>>> Wipro or Mailadmin at wipro.com immediately and destroy all copies of
>>>> this message and any attachments.
>>>
>>> --
>>> Mike McCauley                               mikem at open.com.au
>>> Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++,
> WWW
>>> 9 Bulbul Place Currumbin Waters QLD 4223 Australia
>>> http://www.open.com.au
>>> Phone +61 7 5598-7474                       Fax   +61 7 5598-7070
>>>
>>> Radiator: the most portable, flexible and configurable RADIUS server
>
>>> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>
>>> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP,
>>> TLS, TTLS, PEAP etc on Unix, Windows, MacOS etc.
>>>
>>>
>>>
>>>
>>> Confidentiality Notice
>>>
>>> The information contained in this electronic message and any
>>> attachments to this message are intended for the exclusive use of
>>> the addressee(s) and may contain confidential or privileged
>>> information. If you are not the intended recipient, please notify
>>> the sender at Wipro or Mailadmin at wipro.com immediately and destroy
>>> all copies of this message and any attachments.
>>
>> --
>> Mike McCauley                               mikem at open.com.au
>> Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++,
> WWW
>> 9 Bulbul Place Currumbin Waters QLD 4223 Australia
> http://www.open.com.au
>> Phone +61 7 5598-7474                       Fax   +61 7 5598-7070
>>
>> Radiator: the most portable, flexible and configurable RADIUS server
>> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP,
>> TLS, TTLS, PEAP etc on Unix, Windows, MacOS etc.
>>
>>
>>
>>
>>
>>
>>
>> Confidentiality Notice
>>
>> The information contained in this electronic message and any
>> attachments to this message are intended for the exclusive use of the
>> addressee(s) and may contain confidential or privileged information.
>> If you are not the intended recipient, please notify the sender at
>> Wipro or Mailadmin at wipro.com immediately and destroy all copies of
>> this message and any attachments.
>
> --
> Mike McCauley                               mikem at open.com.au
> Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++,
WWW
> 9 Bulbul Place Currumbin Waters QLD 4223 Australia
> http://www.open.com.au
> Phone +61 7 5598-7474                       Fax   +61 7 5598-7070
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP,
> TLS, TTLS, PEAP etc on Unix, Windows, MacOS etc.
>
>
>
> Confidentiality Notice
>
> The information contained in this electronic message and any
> attachments to this message are intended
> for the exclusive use of the addressee(s) and may contain confidential

> or privileged information. If
> you are not the intended recipient, please notify the sender at Wipro
> or Mailadmin at wipro.com immediately
> and destroy all copies of this message and any attachments.
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with 'unsubscribe
> radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.





Confidentiality Notice

The information contained in this electronic message and any attachments to this message are intended
for the exclusive use of the addressee(s) and may contain confidential or privileged information. If
you are not the intended recipient, please notify the sender at Wipro or Mailadmin at wipro.com immediately
and destroy all copies of this message and any attachments.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list