(RADIATOR) TTLS and Calling-Station-Id attribute in the user

Hugh Irvine hugh at open.com.au
Thu Jul 15 20:29:13 CDT 2004 

Hello Fernando -

It looks like there is no Calling-Station-Id attribute in the request.

Also if you want to match against a list of values you must use the 
following syntax (with "/.../"):

mrs00020                Password = "xxxxx" , Calling-Station-Id =
"/00-20-D8-03-8D-47|00-0A-F4-9C-4C-07|00-40-96-A1-D7-F9/"

Can you please send a copy of your configuration file (no secrets) 
together with a trace 4 debug from Radiator showing what is happening.

regards

Hugh


On 16 Jul 2004, at 01:23, Fernando Romão wrote:

>      Hi,
>
>        I'm using radiator to authenticate PEAP users of a wireless 
> network.
>        But I want to support TTLS, but the TTLS doesn't work if I use 
> the
> calling-Station-id attribute in the user file. If I try with a user 
> with no
> calling-station-id attribute in the user file it has a successfully
> authentication.
>        In the PEAP authentication method there are no problems with 
> this
> attribute.
>
>        I use a user file in radiator with the following format:
>
>          # Fernando Romao
> mrs00020                Password = "xxxxx" , Calling-Station-Id =
> "00-20-D8-03-8D-47|00-0A-F4-9C-4C-07|00-40-96-A1-D7-F9"
>
>
>               Thanks in advanced,
>                   Fernando
>
>
>
>         This is the radiator error
> --------------------------------------------------------------------
>
> Thu Jul 15 15:03:52 2004: DEBUG: Handling with Radius::AuthSQL
> Thu Jul 15 15:03:52 2004: DEBUG: Handling with Radius::AuthFILE:
> Thu Jul 15 15:03:52 2004: DEBUG: Radius::AuthFILE looks for match with
> mrs00020
> Thu Jul 15 15:03:52 2004: DEBUG: Radius::AuthFILE REJECT: Check item
> Calling-Station-Id expression
> '00-20-D8-03-8D-47|00-0A-F4-9C-4C-07|00-40-96-A1-D7-F9' does not match 
> '' in
> request
> Thu Jul 15 15:03:52 2004: INFO: Access rejected for mrs00020: Check 
> item
> Calling-Station-Id expression
> '00-20-D8-03-8D-47|00-0A-F4-9C-4C-07|00-40-96-A1-D7-F9' does not match 
> '' in
> request
> Thu Jul 15 15:03:52 2004: DEBUG: EAP result: 1, EAP TTLS inner
> authentication redespatched to a Handler
> Thu Jul 15 15:03:52 2004: INFO: Access rejected for anonymous: EAP TTLS
> inner authentication redespatched to a Handler
> Thu Jul 15 15:03:52 2004: DEBUG: Packet dump:
> *** Sending to 192.168.2.3 port 21649 ...
> -------------------------------------------------------------------
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list