(RADIATOR) Enterasys R2 TTLS authent failing

Hugh Irvine hugh at open.com.au
Mon Jan 12 23:05:23 CST 2004 

Hello Michael -

Comments below.

On 13 Jan 2004, at 15:54, Michael Harlow wrote:

>
> I have successfully set up EAP-TTLS/PAP authenticated against a mySQL
> database, for my Cisco 350 and 1200 AP, in both VxWorks and IOS 
> versions.
> However, when I try and turn on 802.1x in my Enterasys R2 AP, the 
> client
> (Odyssey) does not prompt for password, and I see the Radiator sending 
> a
> copy of a certificate to the AP, but nothing happens. The following 
> also
> appears on the console of the R2:
>
> function send_eapol_packet_to_supplicant in file aaa_eapol_mux.c line 
> 425:
> out, cannot get cluster for pdu part of EAPOL msg!
>

Sounds like a problem on the R2.

I don't think we have tested these here.

> Has anyone got an R2 working, and can help me work out which tick 
> boxes I
> need to make it behave as nicely as the Cisco's?
>

Anyone on the list?

> I've read everything I can find on the Funk and Enterasys sites.
>
> A second unrelated problem. With the Cisco 1200's I get different 
> accounting
> records to the 350's running VxWorks rather than IOS. The IOS AP's 
> don't
> seem to log the accounting data with a NASIDENTIFIER field, just a 
> NASPORT,
> whereas the 350's running VxWorks do list their domain name 
> (NASIDENTIFIER
> and NASPORT) in the accounting data. Is this a configuration problem?

I doubt that this is a configuration issue - different 
hardware/software send different accounting information (if they send 
accounting at all).

regards

Hugh


NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list