(RADIATOR) Enterasys R2 TTLS authent failing

Terry Simons galimore at mac.com
Tue Jan 13 00:21:35 CST 2004


Enterasys claims this is a problem with Radiator, and we have had some 
disagreements with them about this.

When every other AP on the market works but theirs, I doubt it's a 
server problem. ;-)

Try setting your chunk size to <= 1000 or so and see if that works... I 
believe that was the problem.

- Terry

On Jan 12, 2004, at 10:05 PM, Hugh Irvine wrote:

>
> Hello Michael -
>
> Comments below.
>
> On 13 Jan 2004, at 15:54, Michael Harlow wrote:
>
>>
>> I have successfully set up EAP-TTLS/PAP authenticated against a mySQL
>> database, for my Cisco 350 and 1200 AP, in both VxWorks and IOS 
>> versions.
>> However, when I try and turn on 802.1x in my Enterasys R2 AP, the 
>> client
>> (Odyssey) does not prompt for password, and I see the Radiator 
>> sending a
>> copy of a certificate to the AP, but nothing happens. The following 
>> also
>> appears on the console of the R2:
>>
>> function send_eapol_packet_to_supplicant in file aaa_eapol_mux.c line 
>> 425:
>> out, cannot get cluster for pdu part of EAPOL msg!
>>
>
> Sounds like a problem on the R2.
>
> I don't think we have tested these here.
>
>> Has anyone got an R2 working, and can help me work out which tick 
>> boxes I
>> need to make it behave as nicely as the Cisco's?
>>
>
> Anyone on the list?
>
>> I've read everything I can find on the Funk and Enterasys sites.
>>
>> A second unrelated problem. With the Cisco 1200's I get different 
>> accounting
>> records to the 350's running VxWorks rather than IOS. The IOS AP's 
>> don't
>> seem to log the accounting data with a NASIDENTIFIER field, just a 
>> NASPORT,
>> whereas the 350's running VxWorks do list their domain name 
>> (NASIDENTIFIER
>> and NASPORT) in the accounting data. Is this a configuration problem?
>
> I doubt that this is a configuration issue - different 
> hardware/software send different accounting information (if they send 
> accounting at all).
>
> regards
>
> Hugh
>
>
> NB: have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
>
> -- 
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> -
> CATool: Private Certificate Authority for Unix and Unix-like systems.
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list