(RADIATOR) Troubles with 802.1x authorization of M$ Windows XP

Jan Tomasek jan at tomasek.cz
Wed Jun 30 08:21:19 CDT 2004 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,
I'm trying to setup radiator to authorize access to wireless network by 802.1x
protocol. I successfuly tested my configuration with XSuplicat from Linux, but
it for some reason wont works with M$ Windows XP.

I'm getting tons of debug messages but can't guess reason of problems. Most
relevant sounds lines:

Wed Jun 30 14:44:13 2004: DEBUG: Access challenged for semik: EAP PEAP Inner
authentication failure

and

Wed Jun 30 14:44:22 2004: ERR: EAP PEAP TLS read failed:  18939: 1 -
error:1408F455:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac

Debug messages are attached as radiator.log.bz I had to compress them because
there is truly big amount of messages covering communication till my XP system
said that if failed to authorize.

Complete configuration is also attached, secrets and passwords were replaced
by xxx. In configuration file I used informations from goodies/eap_multi.cfg.

I'm planing to use user names in form <username>@<realm>. In debug is used
semik at cesnet.cz with pasword 'heslo'. Windows XP are configured to ask for
username and password any time it attempts to connect to wireless network. I
belive problem is in somewhere in misconfiguration of radiator, because this
XP box was able to authorize against freeradius, I'm almost sure I did not
touch that system because it is useless to me ;)

I will be very thankfull for any assistance in this problem I can get here.

Thanks
- --
- --------------------------------------------------------------
Jan Tomasek aka Semik           work: CESNET, z.s.p.o.
http://www.tomasek.cz/                Zikova 4, 160 00 Praha 6
                                      Czech Republic
phone(work): +420 2 2435 5279         http://www.cesnet.cz/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFA4r5N79++DGvj6tMRAoD9AJ4rpZXscIKwHWuZlr8lk2M0vJURqACfY2+W
dwZ8vRMhXvGnMwnNfqgwjDo=
=KiKL
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: radiator.log.bz2
Type: application/x-bzip
Size: 16543 bytes
Desc: not available
URL: <http://www.open.com.au/pipermail/radiator/attachments/20040630/8cec15a0/attachment.bin>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: radius.cfg
URL: <http://www.open.com.au/pipermail/radiator/attachments/20040630/8cec15a0/attachment.ksh>

More information about the radiator mailing list