(RADIATOR) EAP-TTLS Problems

Russell Owen rowen at solutionsit.com.au
Sun Jan 11 19:56:15 CST 2004


Hi All,
I've been racking my brain on this one for a few days now and would appreciate if anyone has some input on what I may be doing wrong!
 
Situation is, Radiator eval configured for TTLS with LSA module, cisco 1100 series AP (also tried 1200), Funk Oddyssey client on PPC 2003 and also WinXP client using Alfa-Ariss SecureW2. The radiator logs show that the client is connecting and authenticating with out any problems (that I can see). The Funk client also shows that the Authentication result is a success and the authentication type is EAP-TTLS [PAP]. The WinXP client also connects and authenticates without any problems. After the clients (both WinXp and PPC) connect and authenticate, they are unable to transmit any data over the wireless link. If I diasble EAP, everything works fine. I have also disabled the LSA module and just tried to authenticate with the <AuthBy FILE> module but that dosen't seem to make any difference. 
 
To me it seems that Radiator is not the problem, as that seems to be authenticating the user correctly, but I could be wrong!
 
Another thing i noticed was that after I eable the TTLS hooks as mentioned in EAP_TTLS.cfg, anonymous is still getting logged for both the Inner and Outer user in the Accounting. Could this be related to my problem?
 
Thanks in advance,
Russ.
 
Config files and Logs follow (I haven't botherd masking any details as this setup is on a test network and will be changed for production):
 
# Radiusd.cfg
Foreground
LogStdout
LogDir  c:/Program Files/Radiator
DbDir  c:/Program Files/Radiator
Trace   4

<Client 192.168.22.100>
 Secret password
</Client>
<Realm DEFAULT>
 <AuthBy FILE>
  Filename %D/users
  EAPType TTLS
  EAPTLS_CAFile c:/radiator/certificates/demoCA/cacert.pem
#  EAPTLS_CAPath
  EAPTLS_CertificateFile c:/radiator/certificates/cert-srv.pem
  EAPTLS_CertificateType PEM
  EAPTLS_PrivateKeyFile c:/radiator/certificates/cert-srv.pem
  EAPTLS_PrivateKeyPassword whatever
#  EAPTLS_RandomFile %D/certificates/random
  EAPTLS_MaxFragmentSize 1000
#  EAPTLS_DHFile %D/certificates/cert/dh
  AutoMPPEKeys
  SSLeayTrace 4
 </AuthBy>
</Realm>
<Realm DEFAULT>
 <AuthBy LSA>
  EAPType TTLS
  EAPTLS_CAFile c:/radiator/certificates/demoCA/cacert.pem
#  EAPTLS_CAPath
  EAPTLS_CertificateFile c:/radiator/certificates/cert-srv.pem
  EAPTLS_CertificateType PEM
  EAPTLS_PrivateKeyFile c:/radiator/certificates/cert-srv.pem
  EAPTLS_PrivateKeyPassword whatever
#  EAPTLS_RandomFile %D/certificates/random
  EAPTLS_MaxFragmentSize 1000
#  EAPTLS_DHFile %D/certificates/cert/dh
  AutoMPPEKeys
  SSLeayTrace 4
 </AuthBy>
 PreProcessingHook file:"c:/radiator/goodies/eap_anon_hook.pl"
 PostAuthHook file:"c:/radiator/goodies/eap_anon_hook.pl"
 AcctLogFileName %D/detail
</Realm>
 
Radiator Debug:
 
Mon Jan 12 10:04:01 2004: DEBUG: Reading users file c:/Program Files/Radiator/users
Mon Jan 12 10:04:01 2004: DEBUG: Finished reading configuration file 'C:\Program Files\Radiator\radius.cfg'
This Radiator license will expire on 2004-07-01
This Radiator license will stop operating after 1000 requests
To purchase an unlimited full source version of Radiator, see 
http://www.open.com.au/ordering.html
To extend your evaluation period, contact admin at open.com.au
Mon Jan 12 10:04:01 2004: DEBUG: Reading dictionary file 'c:/Program Files/Radiator/dictionary'
Mon Jan 12 10:04:02 2004: DEBUG: Creating authentication port 0.0.0.0:1645
Mon Jan 12 10:04:02 2004: DEBUG: Creating accounting port 0.0.0.0:1646
Mon Jan 12 10:04:02 2004: NOTICE: Server started: Radiator 3.8 on thebeast (EVALUATION)
Mon Jan 12 10:04:33 2004: DEBUG: Packet dump:
*** Received from 192.168.22.100 port 21645 ....
Code:       Access-Request
Identifier: 133
Authentic:  |<28>E!<165><186><8><243>6t<178><188><191>e<6>w
Attributes:
 User-Name = "anonymous"
 Framed-MTU = 1400
 Called-Station-Id = "000e.8311.6b50"
 Calling-Station-Id = "0010.c620.88f7"
 Message-Authenticator = f<214>z<128><<254>(/<203>/<186><141>PH<229><221>
 EAP-Message = <2><1><0><14><1>anonymous
 NAS-Port-Type = Wireless-IEEE-802-11
 NAS-Port = 280
 Service-Type = Framed-User
 NAS-IP-Address = 192.168.22.100
 NAS-Identifier = "ap"
Mon Jan 12 10:04:33 2004: DEBUG: Handling request with Handler 'Realm=DEFAULT'
Mon Jan 12 10:04:33 2004: DEBUG:  Deleting session for anonymous, 192.168.22.100, 280
Mon Jan 12 10:04:33 2004: DEBUG: Handling with Radius::AuthLSA: 
Mon Jan 12 10:04:33 2004: DEBUG: Handling with EAP: code 2, 1, 14
Mon Jan 12 10:04:33 2004: DEBUG: Response type 1
Mon Jan 12 10:04:33 2004: DEBUG: EAP result: 3, EAP TTLS Challenge
Mon Jan 12 10:04:33 2004: DEBUG: Access challenged for anonymous: EAP TTLS Challenge
Mon Jan 12 10:04:33 2004: DEBUG: Packet dump:
*** Sending to 192.168.22.100 port 21645 ....
Code:       Access-Challenge
Identifier: 133
Authentic:  |<28>E!<165><186><8><243>6t<178><188><191>e<6>w
Attributes:
 EAP-Message = <1><2><0><6><21> 
 Message-Authenticator = <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Mon Jan 12 10:04:33 2004: DEBUG: Packet dump:
*** Received from 192.168.22.100 port 21645 ....
Code:       Access-Request
Identifier: 134
Authentic:  j<G<4><188>;<139>r5*<239><15>I<179><232><14>
Attributes:
 User-Name = "anonymous"
 Framed-MTU = 1400
 Called-Station-Id = "000e.8311.6b50"
 Calling-Station-Id = "0010.c620.88f7"
 Message-Authenticator = <228>w<142><167>~<186><234><182><249><205>3<252><230><216><181><29>
 EAP-Message = <2><2><0><132><21><128><0><0><0>z<22><3><1><0>u<1><0><0>q<3><1>><205><161>j<129><132>+<15>j<23><255>HU<178><143><235><200><150><162>A<13>/<180>f<15>j-<26>(pA<196> KYB<245>o<14><221><135>G<220><185><200><4><247>r(=<249><212>E<147><227>w<4><145><220><183><234><1><254><161><21><0>*<0><22><0><19><0>f<0><21><0><18><0><10><0><5><0><4><0><7><0><9><0>c<0>e<0>`<0>b<0>a<0>d<0><20><0><17><0><3><0><6><0><8><1><0>
 NAS-Port-Type = Wireless-IEEE-802-11
 NAS-Port = 280
 Service-Type = Framed-User
 NAS-IP-Address = 192.168.22.100
 NAS-Identifier = "ap"
Mon Jan 12 10:04:33 2004: DEBUG: Handling request with Handler 'Realm=DEFAULT'
Mon Jan 12 10:04:33 2004: DEBUG:  Deleting session for anonymous, 192.168.22.100, 280
Mon Jan 12 10:04:33 2004: DEBUG: Handling with Radius::AuthLSA: 
Mon Jan 12 10:04:33 2004: DEBUG: Handling with EAP: code 2, 2, 132
Mon Jan 12 10:04:33 2004: DEBUG: Response type 21
Mon Jan 12 10:04:33 2004: DEBUG: EAP TLS SSL_accept result: -1, 2, 8576
Mon Jan 12 10:04:33 2004: DEBUG: EAP result: 3, EAP TTLS Challenge
Mon Jan 12 10:04:33 2004: DEBUG: Access challenged for anonymous: EAP TTLS Challenge
Mon Jan 12 10:04:34 2004: DEBUG: Packet dump:
*** Sending to 192.168.22.100 port 21645 ....
Code:       Access-Challenge
Identifier: 134
Authentic:  j<G<4><188>;<139>r5*<239><15>I<179><232><14>
Attributes:
 EAP-Message = <1><3><3><242><21><192><0><0><8>P<22><3><1><0>J<2><0><0>F<3><1>@<2><0><177><27><228><152><134><192><193><129><145><133><255><161><252><157><28>,<163><142><137><247>3fD<200>&<157>v<164><236> c<22>n<169><177>Y;<132><204>=<20><163><231><189><254><229><170><8><234><7><3><153><25>7<21>=M<242>X<18><249>@<0><10><0><22><3><1><7><27><11><0><7><23><0><7><20><0><2><209>0<130><2><205>0<130><2>6<160><3><2><1><2><2><1><2>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC Demo Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate Sec
 EAP-Message = tion1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in production)1 0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<30><23><13>030227061500Z<23><13>040227061500Z0u1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<24>0<22><6><3>U<4><10><19><15>My Test Company1%0#<6><3>U<4><3><19><28>test.server.some.company.com0<129><159>0<13><6><9>*<134>H<134><247><13><1><1>
 EAP-Message = <1><5><0><3><129><141><0>0<129><137><2><129><129><0><196><186>)<217><245><205><159>@<144><133><177><255>0<165><3><215>cGR<136><231><253>9<193><13><255>m@<220>y^<160><244><236>Sa'<198>^<231><158>4<156>"<242>IS<151><30><211>$<142><196>!}R<146><166><129>yh<17><162><207><196><0><171>5s<187><229><139>2<250><146><1><187><207><226><203>5<251><178><1><212><178><141><219>O<253><134><213>N|<172>:J<23><173><161><191><141><25>&<198>Fi<17><181><137>Fy<0><177><210><215><186>x<141><197><212>s<145><235>\<164><8>!<2><3><1><0><1><163><23>0<21>0<19><6><3>U<29>%<4><12>0<10><6><8>+<6><1><5><5><7><3><1>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0><3><129><129><0><20>m<159><141><185><184><252><248><201>FM<195>PB(^<127>3<24><136><172><19><211><137><132>EF<170>9<236>^<187><146><253><171><200><183><230><148><142><21>_<9>^<227><10>3<162><186><214><206><197>Tq<219><4>r<239>?<1><16><203>
 EAP-Message = T<0><161>wm<173>S<4><0>)<141><209><<197>tT<228><150>P<156><22>^zes^<202>u<161><176>F3=<4><200><229><154>q<146><194>cy<23>z*o><219><28><206>t<196><188><3><195>.%<19>mD<242><149><237>O<138><193><0><4>=0<130><4>90<130><3><162><160><3><2><1><2><2><1><0>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC Demo Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate Section1/0-<6><3>U<4><3><19>&OSC Test CA (do no
 Message-Authenticator = <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Mon Jan 12 10:04:34 2004: DEBUG: Packet dump:
*** Received from 192.168.22.100 port 21645 ....
Code:       Access-Request
Identifier: 135
Authentic:  1<9><236><246>S<8>*<129><205>n<189><252>qOl!
Attributes:
 User-Name = "anonymous"
 Framed-MTU = 1400
 Called-Station-Id = "000e.8311.6b50"
 Calling-Station-Id = "0010.c620.88f7"
 Message-Authenticator = ,<19>S6<255>9{<217><245>$z<146>0r)S
 EAP-Message = <2><3><0><6><21><0>
 NAS-Port-Type = Wireless-IEEE-802-11
 NAS-Port = 280
 Service-Type = Framed-User
 NAS-IP-Address = 192.168.22.100
 NAS-Identifier = "ap"
Mon Jan 12 10:04:34 2004: DEBUG: Handling request with Handler 'Realm=DEFAULT'
Mon Jan 12 10:04:34 2004: DEBUG:  Deleting session for anonymous, 192.168.22.100, 280
Mon Jan 12 10:04:34 2004: DEBUG: Handling with Radius::AuthLSA: 
Mon Jan 12 10:04:34 2004: DEBUG: Handling with EAP: code 2, 3, 6
Mon Jan 12 10:04:34 2004: DEBUG: Response type 21
Mon Jan 12 10:04:34 2004: DEBUG: EAP result: 3, EAP TTLS Challenge
Mon Jan 12 10:04:34 2004: DEBUG: Access challenged for anonymous: EAP TTLS Challenge
Mon Jan 12 10:04:34 2004: DEBUG: Packet dump:
*** Sending to 192.168.22.100 port 21645 ....
Code:       Access-Challenge
Identifier: 135
Authentic:  1<9><236><246>S<8>*<129><205>n<189><252>qOl!
Attributes:
 EAP-Message = <1><4><3><238><21>@t use in production)1 0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<30><23><13>030227061411Z<23><13>050226061411Z0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC Demo Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate Section1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in p
 EAP-Message = roduction)1 0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<129><159>0<13><6><9>*<134>H<134><247><13><1><1><1><5><0><3><129><141><0>0<129><137><2><129><129><0><193>@h<28><185>'<7><254><247>{9<233><245>3S<209>=<173>>c<144>Z<239>?b<150><224><171><219><170><170>i<226><251><234>\Jwi<210><141><249><141><148><224>|<188>V<24><209><8><223>f?<149><172><6><226><18><232>1<249><227>$<176>G<164>'Y<193><160>$n<160>e<153>V<166>x<2><162><<244><4><225>T>n<18><<204><210><135><162>T<16><221><6>Pn<9>7<141><197><160><197><245><155>6<3><172><154>p<230><210>Z<159><149><192>C<255><154><220><149><3>*<156>q<2><3><1><0><1><163><130><1>+0<130><1>'0<29><6><3>U<29><14><4><22><4><20><180><27><24>R'<27><169>)<152><148>o<139>c<198><6>9\<249>s<196>0<129><247><6><3>U<29>#
 EAP-Message = <4><129><239>0<129><236><128><20><180><27><24>R'<27><169>)<152><148>o<139>c<198><6>9\<249>s<196><161><129><208><164><129><205>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC Demo Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate Section1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in production)1 0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au<130><1><0>0<12><6><3>U<29><19><4><5>0<3>
 EAP-Message = <1><1><255>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0><3><129><129><0>A<130>4<253><23>-<13><9><9><222>3<19><171>aj<23><187><195>gs<145><194>w<164>1m#<242>t<233><144><146>&g<162><190><234><145>H<159><10>^6IQ<223><219><193>@><204>b<245><12><6><133><147><132><192>fU<165><197><180>k<136>:<8><198><152><165>*%<221><237><188><23><251><255><172>'n<142>H<25>q<173>t<215><212><221><239><20>FZyd<205><240>Wbd<143><139>q]h<236><127><16><143>tA<163>4I<236><230><147><218>><175>B^<130><0>*9<22><3><1><0><220><13><0><0><212><2><1><2><0><207><0><205>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC Demo Certif
 Message-Authenticator = <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Mon Jan 12 10:04:34 2004: DEBUG: Packet dump:
*** Received from 192.168.22.100 port 21645 ....
Code:       Access-Request
Identifier: 136
Authentic:  <238><28><227><224><27>;Cb<229><6><231>Y<3>Z<230><133>
Attributes:
 User-Name = "anonymous"
 Framed-MTU = 1400
 Called-Station-Id = "000e.8311.6b50"
 Calling-Station-Id = "0010.c620.88f7"
 Message-Authenticator = <199>ET<214><200>n6<0>gs<153>!8T<222><194>
 EAP-Message = <2><4><0><6><21><0>
 NAS-Port-Type = Wireless-IEEE-802-11
 NAS-Port = 280
 Service-Type = Framed-User
 NAS-IP-Address = 192.168.22.100
 NAS-Identifier = "ap"
Mon Jan 12 10:04:34 2004: DEBUG: Handling request with Handler 'Realm=DEFAULT'
Mon Jan 12 10:04:34 2004: DEBUG:  Deleting session for anonymous, 192.168.22.100, 280
Mon Jan 12 10:04:34 2004: DEBUG: Handling with Radius::AuthLSA: 
Mon Jan 12 10:04:34 2004: DEBUG: Handling with EAP: code 2, 4, 6
Mon Jan 12 10:04:34 2004: DEBUG: Response type 21
Mon Jan 12 10:04:34 2004: DEBUG: EAP result: 3, EAP TTLS Challenge
Mon Jan 12 10:04:34 2004: DEBUG: Access challenged for anonymous: EAP TTLS Challenge
Mon Jan 12 10:04:34 2004: DEBUG: Packet dump:
*** Sending to 192.168.22.100 port 21645 ....
Code:       Access-Challenge
Identifier: 136
Authentic:  <238><28><227><224><27>;Cb<229><6><231>Y<3>Z<230><133>
Attributes:
 EAP-Message = <1><5><0><134><21><0>icates1!0<31><6><3>U<4><11><19><24>Test Certificate Section1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in production)1 0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au<14><0><0><0>
 Message-Authenticator = <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Mon Jan 12 10:04:34 2004: DEBUG: Packet dump:
*** Received from 192.168.22.100 port 21645 ....
Code:       Access-Request
Identifier: 137
Authentic:  Sd<144>t<163><15>.&<222><156><239>k<16>8<136>Q
Attributes:
 User-Name = "anonymous"
 Framed-MTU = 1400
 Called-Station-Id = "000e.8311.6b50"
 Calling-Station-Id = "0010.c620.88f7"
 Message-Authenticator = xeJ'<214>K<218>0-<162>yI<170>q<176><135>
 EAP-Message = <2><5><0><212><21><128><0><0><0><202><22><3><1><0><7><11><0><0><3><0><0><0><22><3><1><0><134><16><0><0><130><0><128><149>c<209>A<200><237>m<160>s4<165><231>\<255><241><4><158><170><148><158><166><26><169>~<214><138><199>4^<223>)9<172><198><172>_<133><204>O$<184><<173><248>tI<238><166><151><183><157><1><182><207><218>d<184>t<18><185><127><172><216><235><192><171><220>L<250><161>#<14><2><175><2>d<209><<128><2><153><213><140><239>6<156>8@<152><249>}<25><158>&<18>-k<164><250><144><134>`<24><170><187><16><127>L<134>.<151><210><<231><237><132><186>}<185>X<202><163><162>=q<173>C<4><20><3><1><0><1><1><22><3><1><0>(|<190><207>^<18><171><211><15><192><27>W?<1><26><252><15><196>V<165>=<163><188>]<6><198>I<205>7s{*o<219><241>)<239><214><152>5<152>
 NAS-Port-Type = Wireless-IEEE-802-11
 NAS-Port = 280
 Service-Type = Framed-User
 NAS-IP-Address = 192.168.22.100
 NAS-Identifier = "ap"
Mon Jan 12 10:04:34 2004: DEBUG: Handling request with Handler 'Realm=DEFAULT'
Mon Jan 12 10:04:34 2004: DEBUG:  Deleting session for anonymous, 192.168.22.100, 280
Mon Jan 12 10:04:34 2004: DEBUG: Handling with Radius::AuthLSA: 
Mon Jan 12 10:04:34 2004: DEBUG: Handling with EAP: code 2, 5, 212
Mon Jan 12 10:04:34 2004: DEBUG: Response type 21
Mon Jan 12 10:04:34 2004: DEBUG: EAP TLS SSL_accept result: 1, 0, 3
Mon Jan 12 10:04:34 2004: DEBUG: EAP result: 3, EAP TTLS Challenge
Mon Jan 12 10:04:34 2004: DEBUG: Access challenged for anonymous: EAP TTLS Challenge
Mon Jan 12 10:04:34 2004: DEBUG: Packet dump:
*** Sending to 192.168.22.100 port 21645 ....
Code:       Access-Challenge
Identifier: 137
Authentic:  Sd<144>t<163><15>.&<222><156><239>k<16>8<136>Q
Attributes:
 EAP-Message = <1><6><0>=<21><128><0><0><0>3<20><3><1><0><1><1><22><3><1><0>(Ah<1>(<227><179><222><156><G<137>Vadc<207><159>\<222><134>><167>(<227>m<229><197><151>-<174><229><1><170>G<134> C<202><237>u
 Message-Authenticator = <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Mon Jan 12 10:04:34 2004: DEBUG: Packet dump:
*** Received from 192.168.22.100 port 21645 ....
Code:       Access-Request
Identifier: 138
Authentic:  <187><203>fJw<164>wh<198>$<173>Z<25><136>L6
Attributes:
 User-Name = "anonymous"
 Framed-MTU = 1400
 Called-Station-Id = "000e.8311.6b50"
 Calling-Station-Id = "0010.c620.88f7"
 Message-Authenticator = <215><194>rXX<1>'<226><8><247>=<149><211><147><174><173>
 EAP-Message = <2><6><0>\<21><128><0><0><0>R<23><3><1><0><24><245><217><159><213>.<178><228><152>_<3>s<165><11>T<255><224>&<160><200><207><203><254>:<157><23><3><1><0>0<1>A<154><130>W2<141><11>k0[ff<6><13>S<212>-s<160><224><<156><252><239>[<160><164><187>Gskh<230><214><16><227><242>'<214><227><189>J<200><164><149><23><164>
 NAS-Port-Type = Wireless-IEEE-802-11
 NAS-Port = 280
 Service-Type = Framed-User
 NAS-IP-Address = 192.168.22.100
 NAS-Identifier = "ap"
Mon Jan 12 10:04:34 2004: DEBUG: Handling request with Handler 'Realm=DEFAULT'
Mon Jan 12 10:04:34 2004: DEBUG:  Deleting session for anonymous, 192.168.22.100, 280
Mon Jan 12 10:04:34 2004: DEBUG: Handling with Radius::AuthLSA: 
Mon Jan 12 10:04:34 2004: DEBUG: Handling with EAP: code 2, 6, 92
Mon Jan 12 10:04:34 2004: DEBUG: Response type 21
Mon Jan 12 10:04:34 2004: DEBUG: EAP TTLS inner authentication request for test
Mon Jan 12 10:04:34 2004: DEBUG: TTLS Tunnelled Diameter Packet dump:
Code:       Access-Request
Identifier: UNDEF
Authentic:  <231><227><208><154>w<228><231>z<7><191>pn<233><153><24><145>
Attributes:
 User-Name = "test"
 User-Password = "test"
Mon Jan 12 10:04:34 2004: DEBUG: Handling request with Handler 'Realm=DEFAULT'
Mon Jan 12 10:04:34 2004: DEBUG:  Deleting session for test, 192.168.22.100, 
Mon Jan 12 10:04:34 2004: DEBUG: Handling with Radius::AuthLSA: 
Mon Jan 12 10:04:34 2004: DEBUG: Radius::AuthLSA looks for match with test
Mon Jan 12 10:04:34 2004: DEBUG: Radius::AuthLSA ACCEPT: 
Mon Jan 12 10:04:34 2004: DEBUG: Access accepted for test
Mon Jan 12 10:04:34 2004: DEBUG: EAP result: 0, EAP TTLS inner authentication redespatched to a Handler
Mon Jan 12 10:04:34 2004: DEBUG: Access accepted for anonymous
Mon Jan 12 10:04:34 2004: DEBUG: Packet dump:
*** Sending to 192.168.22.100 port 21645 ....
Code:       Access-Accept
Identifier: 138
Authentic:  <187><203>fJw<164>wh<198>$<173>Z<25><136>L6
Attributes:
 MS-MPPE-Send-Key = "<224>u<133><227><205><1><23>Ga)u<176><208><254><198>L<176>]<3><7><156><164><28><10><253><200>/_c<25><220><167>j<155><141><188><165>]<127><2>B<194>,<17><144><179><239><13><132>r"
 MS-MPPE-Recv-Key = "<130><199><4>t<28><17><5><222><148><204><207><216><4>;e<242><184><239>B<220>C<237><165>R<129><178>t<149><209><7>8Fy<254><222>!<240><144>R<237><179><230><252>1<27>z<254><15><218>r"
 EAP-Message = <3><6><0><4>
 Message-Authenticator = <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Mon Jan 12 10:04:34 2004: DEBUG: Packet dump:
*** Received from 192.168.22.100 port 21645 ....
Code:       Accounting-Request
Identifier: 139
Authentic:  g<187><6><7><247>C<1>!<149><178><212><190><202><242><147><208>
Attributes:
 Acct-Session-Id = "0000002B"
 Called-Station-Id = "000e.8311.6b50"
 Calling-Station-Id = "0010.c620.88f7"
 cisco-avpair = "ssid=tsunami"
 cisco-avpair = "nas-location=unspecified"
 cisco-avpair = "connect-progress=Call Up"
 Acct-Authentic = RADIUS
 User-Name = "anonymous"
 Acct-Status-Type = Start
 NAS-Port-Type = Wireless-IEEE-802-11
 Cisco-NAS-Port = "280"
 NAS-Port = 280
 Service-Type = Framed-User
 NAS-IP-Address = 192.168.22.100
 Acct-Delay-Time = 0
Mon Jan 12 10:04:34 2004: DEBUG: Handling request with Handler 'Realm=DEFAULT'
Mon Jan 12 10:04:34 2004: DEBUG:  Adding session for anonymous, 192.168.22.100, 280
Mon Jan 12 10:04:34 2004: DEBUG: Handling with Radius::AuthLSA: 
Mon Jan 12 10:04:34 2004: DEBUG: Accounting accepted
Mon Jan 12 10:04:34 2004: DEBUG: Packet dump:
*** Sending to 192.168.22.100 port 21645 ....
Code:       Accounting-Response
Identifier: 139
Authentic:  g<187><6><7><247>C<1>!<149><178><212><190><202><242><147><208>
Attributes:
 
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20040112/212432c2/attachment.html>


More information about the radiator mailing list