(RADIATOR) EAP Framed-MTU Fragment Issues

David Miles imonholiday at hotmail.com
Fri Feb 6 19:15:12 CST 2004


I am having some trouble where Radiator (3.6) is sending an access-challenge 
(as part of PEAP) to a Colubris access point, and it is failing because the 
EAP message is too large.
Checking the conversation, the Framed-MTU is being passed to Radiator, 
however the response if far in excess of Framed-MTU - 4.

Any help would be greatly appreciated,

Cheers,

David Miles

Conversation below:

Code:       Access-Request
Identifier: 222
Authentic:  <238><214>V<194>(<154>Q<238>wjz<6><215>LP<199>
Attributes:
        Acct-Session-Id = "2e5020f0"
        NAS-Port = 1
        NAS-Port-Type = Wireless-IEEE-802-11
        User-Name = "davidm"
        Calling-Station-Id = "00-40-96-51-97-AC"
        Called-Station-Id = "00-03-52-07-F1-C0"
        EAP-Message = <2><8><0><11><1>davidm
        NAS-Identifier = "M031-00022"
        NAS-IP-Address = 210.54.2.5
        Framed-MTU = 1496
        Connect-Info = "IEEE802.1X"
        Service-Type = Framed-User
        Message-Authenticator = 
EG<176><153><212>D<215><27>x<133><193><193>Jpg$

Code:       Access-Challenge
Identifier: 222
Authentic:  <238><214>V<194>(<154>Q<238>wjz<6><215>LP<199>
Attributes:
        EAP-Message = <1><9><0><6><25>!
        Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>


Code:       Access-Request
Identifier: 25
Authentic:  <194><173><216>G<20><29><17>{<139><198><241>o<27><157><168><1>
Attributes:
        Acct-Session-Id = "2e5020f0"
        NAS-Port = 1
        NAS-Port-Type = Wireless-IEEE-802-11
        User-Name = "davidm"
        Calling-Station-Id = "00-40-96-51-97-AC"
        Called-Station-Id = "00-03-52-07-F1-C0"
        EAP-Message = 
<2><9><0>P<25><128><0><0><0>F<22><3><1><0>A<1><0><0>=<3><1>@"<237>)L<241><199><251>*<0> 
<210>Kf<131><21><198><137><176>@(<187><17>7v<248>\<205><190>\<14><254><0><0><22><0><4><0><5><0><10><0><9><0>d<0>b<0><3><0><6><0><19><0><18><0>c<1><0>
        NAS-Identifier = "M031-00022"
        NAS-IP-Address = 210.54.2.5
        Framed-MTU = 1496
        Connect-Info = "IEEE802.1X"
        Service-Type = Framed-User
        Message-Authenticator = 
;<211>c<236>V<232><240><30><21><173>w<26><10>Z<131>\


Code:       Access-Challenge
Identifier: 25
Authentic:  <194><173><216>G<20><29><17>{<139><198><241>o<27><157><168><1>
Attributes:
        EAP-Message = 
<1><10><8><10><25><192><0><0><8>P<22><3><1><0>J<2><0><0>F<3><1>@"<236><207><4>t<227><
22>G<175>~<196>U<210>"<171><168><155><159><202><6>s<28><172><245>kY<241><233><219><196><27> 
<168>X<183>>5<2
43><215><15>O<18>823 at 8<27><27><}t}<136>f<15><154><167><28>%<24><8><243>=<0><4><0><22><3><1><7><27><11><0><7
><23><0><7><20><0><2><209>0<130><2><205>0<130><2>6<160><3><2><1><2><2><1><2>0<13><6><9>*<134>H<134><247><13
><1><1><4><5><0>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><
6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC Demo 
Certificates1!0<31><6><3>U<4><11><19><
24>Test Certificate Sec
        EAP-Message = tion1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in 
production)1 0<30><6><9>*<134>H<
134><247><13><1><9><1><22><17>mikem at open.com.au0<30><23><13>030227061500Z<23><13>040227061500Z0u1<11>0<9><6
><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<24>0<22>
<6><3>U<4><10><19><15>My Test 
Company1%0#<6><3>U<4><3><19><28>test.server.some.company.com0<129><159>0<13><
6><9>*<134>H<134><247><13><1><1>
        EAP-Message = 
<1><5><0><3><129><141><0>0<129><137><2><129><129><0><196><186>)<217><245><205><159>@<
144><133><177><255>0<165><3><215>cGR<136><231><253>9<193><13><255>m@<220>y^<160><244><236>Sa'<198>^<231><15
8>4<156>"<242>IS<151><30><211>$<142><196>!}R<146><166><129>yh<17><162><207><196><0><171>5s<187><229><139>2<
250><146><1><187><207><226><203>5<251><178><1><212><178><141><219>O<253><134><213>N|<172>:J<23><173><161><1
91><141><25>&<198>Fi<17><181><137>Fy<0><177><210><215><186>x<141><197><212>s<145><235>\<164><8>!<2><3><1><0
><1><163><23>0<21>0<19><6><3>U<29>%<4><12>0<10><6><8>+<6><1><5><5><7><3><1>0<13><6><9>*<134>H<134><247><13>
<1><1><4><5><0><3><129><129><0><20>m<159><141><185><184><252><248><201>FM<195>PB(^<127>3<24><136><172><19><
211><137><132>EF<170>9<236>^<187><146><253><171><200><183><230><148><142><21>_<9>^<227><10>3<162><186><214>
<206><197>Tq<219><4>r<239>?<1><16><203>
        EAP-Message = 
T<0><161>wm<173>S<4><0>)<141><209><<197>tT<228><150>P<156><22>^zes^<202>u<161><176>F3
=<4><200><229><154>q<146><194>cy<23>z*o><219><28><206>t<196><188><3><195>.%<19>mD<242><149><237>O<138><193>
<0><4>=0<130><4>90<130><3><162><160><3><2><1><2><2><1><0>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0>0<1
29><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>
Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC Demo 
Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate
Section1/0-<6><3>U<4><3><19>&OSC Test CA (do not
        EAP-Message = use in production)1 
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.a
u0<30><23><13>030227061411Z<23><13>050226061411Z0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U
<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC 
Demo Certif
icates1!0<31><6><3>U<4><11><19><24>Test Certificate 
Section1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in
productio
        EAP-Message = n)1 
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<129><159>0<13
><6><9>*<134>H<134><247><13><1><1><1><5><0><3><129><141><0>0<129><137><2><129><129><0><193>@h<28><185>'<7><
254><247>{9<233><245>3S<209>=<173>>c<144>Z<239>?b<150><224><171><219><170><170>i<226><251><234>\Jwi<210><14
1><249><141><148><224>|<188>V<24><209><8><223>f?<149><172><6><226><18><232>1<249><227>$<176>G<164>'Y<193><1
60>$n<160>e<153>V<166>x<2><162><<244><4><225>T>n<18><<204><210><135><162>T<16><221><6>Pn<9>7<141><197><160>
<197><245><155>6<3><172><154>p<230><210>Z<159><149><192>C<255><154><220><149><3>*<156>q<2><3><1><0><1><163>
<130><1>+0<130><1>'0<29><6><3>U<29><14><4><22><4><20><180><27><24>R'<27><169>)<152><148>o<139>c<198><6>9\<2
49>s<196>0<129><247><6><3>U<29>#<4><129><239>0<129><236><128><20>
        EAP-Message = 
<180><27><24>R'<27><169>)<152><148>o<139>c<198><6>9\<249>s<196><161><129><208><164><1
29><205>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4
><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC Demo 
>Certificates1!0<31><6><3>U<4><11><19><24>Test
Certificate Section1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in 
production)1 0<30><6><9>*<134>H<134><24
7><13><1><9><1><22><17>mikem at open.com.au<130><1><0>0<12><6><3>U<29><19><4><5>0<3><1><1><255>0<13><6><9>*
        EAP-Message = 
<134>H<134><247><13><1><1><4><5><0><3><129><129><0>A<130>4<253><23>-<13><9><9><222>3<
19><171>aj<23><187><195>gs<145><194>w<164>1m#<242>t<233><144><146>&g<162><190><234><145>H<159><10>^6IQ<223>
<219><193>@><204>b<245><12><6><133><147><132><192>fU<165><197><180>k<136>:<8><198><152><165>*%<221><237><18
8><23><251><255><172>'n<142>H<25>q<173>t<215><212><221><239><20>FZyd<205><240>Wbd<143><139>q]h<236><127><16
><143>tA<163>4I<236><230><147><218>><175>B^<130><0>*9<22><3><1><0><220><13><0><0><212><2><1><2><0><207><0><
205>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7>
<19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC Demo 
Certificates1!0<31><6><3>U<4>
        EAP-Message = <11><19><24>Test Certificate Section1/0-<6><3>U
        Message-Authenticator = 
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

_________________________________________________________________
Create your own personal Web page with the info you use most, at My MSN. 
http://click.atdmt.com/AVE/go/onm00200364ave/direct/01/

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list