(RADIATOR) EAP-TTLS and Authby File

Jim Michael JMichael at chesterfield.mo.us
Wed Jan 5 09:34:05 CST 2005


I'm new to Radiator and while our ultimate goal is to authenticate
against our eDirectory tree via LDAP, I decided to take baby steps and
get a local authentication working first. I am using the Odyssey client
on Windows configured for EAP-TTLS/PAP, and have started with a tweaked
version of eap_ttls.cfg on Radiator. I have added a user "anonymous" (no
password) and a user "jimm" with password "password" to the users file.
I am using the test certificates and told the Odyssey client to NOT
validate the server cert.

When I try to connect, Odyssey prompts me for the password, then a few
seconds pass and it prompts again. In the server terminal I see this:
(sorry for the length, but I don't know which parts are relevant). The
problem seems to be related to this

Wed Jan  5 09:23:05 2005: ERR: Could not handle an EAP request: Can't
locate auto/Net/SSLeay/get_client_.al in @INC (@INC contains: .
/usr/lib/perl5/5.8.0/i586-linux-thread-multi /usr/lib/perl5/5.8.0
/usr/lib/perl5/site_perl/5.8.0/i586-linux-thread-multi
/usr/lib/perl5/site_perl/5.8.0 /usr/lib/perl5/site_perl .) at
/usr/lib/perl5/site_perl/Radius/TLS.pm line 42

But I don't know what that means. Any help determining what is wrong
would be appreciated!

Jim

-----
doing start
Wed Jan  5 09:22:57 2005: DEBUG: Finished reading configuration file
'/etc/radiator/eap_ttls.cfg'
doing start
This Radiator license will expire on 2005-04-01
This Radiator license will stop operating after 1000 requests
To purchase an unlimited full source version of Radiator, see
http://www.open.com.au/ordering.html 
To extend your license period, contact admin at open.com.au 

Wed Jan  5 09:22:57 2005: DEBUG: Reading dictionary file
'/etc/radiator/dictionary'
Wed Jan  5 09:22:58 2005: DEBUG: Creating authentication port
0.0.0.0:1812
Wed Jan  5 09:22:58 2005: DEBUG: Creating accounting port 0.0.0.0:1646
Wed Jan  5 09:22:58 2005: NOTICE: Server started: Radiator 3.11 on
suser (LOCKED)
Wed Jan  5 09:23:00 2005: DEBUG: Packet dump:
*** Received from 192.168.10.41 port 1333 ....
Code:       Access-Request
Identifier: 2
Authentic:  9<255>9<255>9<255>9<255>9<255>9<255>9<255>9<255>
Attributes:
	NAS-IP-Address = 192.168.10.41
	NAS-Port-Type = Wireless-IEEE-802-11
	NAS-Port = 1
	Framed-MTU = 1400
	User-Name = "anonymous"
	Calling-Station-Id = "000bcd5a0861"
	Called-Station-Id = "000d9df60559"
	NAS-Identifier = "Enterprise AP"
	EAP-Message = <2><1><0><14><1>anonymous
	Message-Authenticator =
<168><149><21>W<17><146><249>j;9<206><19>)<139><197>6

Wed Jan  5 09:23:00 2005: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Wed Jan  5 09:23:00 2005: DEBUG:  Deleting session for anonymous,
192.168.10.41, 1
Wed Jan  5 09:23:00 2005: DEBUG: Handling with Radius::AuthFILE: 
Wed Jan  5 09:23:00 2005: DEBUG: Handling with EAP: code 2, 1, 14
Wed Jan  5 09:23:00 2005: DEBUG: Response type 1
Wed Jan  5 09:23:00 2005: DEBUG: EAP result: 3, EAP TTLS Challenge
Wed Jan  5 09:23:00 2005: DEBUG: Access challenged for anonymous: EAP
TTLS Challenge
Wed Jan  5 09:23:00 2005: DEBUG: Packet dump:
*** Sending to 192.168.10.41 port 1333 ....
Code:       Access-Challenge
Identifier: 2
Authentic:  9<255>9<255>9<255>9<255>9<255>9<255>9<255>9<255>
Attributes:
	EAP-Message = <1><2><0><6><21> 
	Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Wed Jan  5 09:23:00 2005: DEBUG: Packet dump:
*** Received from 192.168.10.41 port 1334 ....
Code:       Access-Request
Identifier: 3
Authentic: 
<20><158><20><158><20><158><20><158><20><158><20><158><20><158><20><158>
Attributes:
	NAS-IP-Address = 192.168.10.41
	NAS-Port-Type = Wireless-IEEE-802-11
	NAS-Port = 1
	Framed-MTU = 1400
	User-Name = "anonymous"
	Calling-Station-Id = "000bcd5a0861"
	Called-Station-Id = "000d9df60559"
	NAS-Identifier = "Enterprise AP"
	EAP-Message =
<2><2><0>b<21><128><0><0><0>X<22><3><1><0>S<1><0><0>O<3><1>A<220><6>V<200><210><20><131><132>\7<140><19>r<192>l<190><218>4<214><213><147><1>}<201><172><179>.<237>H<200><229><0><0>(<0><22><0><19><0>f<0><21><0><18><0><10><0><5><0><4><0><9><0>c<0>e<0>`<0>b<0>a<0>d<0><20><0><17><0><3><0><6><0><8><1><0>
	Message-Authenticator =
<0>B<127><233>1`_:<253>8<241><174><163><2><251><199>

Wed Jan  5 09:23:00 2005: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Wed Jan  5 09:23:00 2005: DEBUG:  Deleting session for anonymous,
192.168.10.41, 1
Wed Jan  5 09:23:00 2005: DEBUG: Handling with Radius::AuthFILE: 
Wed Jan  5 09:23:00 2005: DEBUG: Handling with EAP: code 2, 2, 98
Wed Jan  5 09:23:00 2005: DEBUG: Response type 21
Wed Jan  5 09:23:00 2005: DEBUG: EAP TTLS data, 24576, 2, -1
Wed Jan  5 09:23:00 2005: DEBUG: EAP TLS SSL_accept result: -1, 2,
8576
Wed Jan  5 09:23:00 2005: DEBUG: EAP result: 3, EAP TTLS Challenge
Wed Jan  5 09:23:00 2005: DEBUG: Access challenged for anonymous: EAP
TTLS Challenge
Wed Jan  5 09:23:00 2005: DEBUG: Packet dump:
*** Sending to 192.168.10.41 port 1334 ....
Code:       Access-Challenge
Identifier: 3
Authentic: 
<20><158><20><158><20><158><20><158><20><158><20><158><20><158><20><158>
Attributes:
	EAP-Message =
<1><3><3><242><21><192><0><0><8>P<22><3><1><0>J<2><0><0>F<3><1>A<220><6>T<250><200>z<215>@<222><232><216>VO<24><207>T<226>(.<184><165>h<26><136>h<155><221><165>)<5>R
<238><168><245><145><4><245>$<230>po<7>x<242><146><1>T<173>/K<234><232>^5o<9>"<178><19><248>^<193><<0><10><0><22><3><1><7><27><11><0><7><23><0><7><20><0><2><209>0<130><2><205>0<130><2>6<160><3><2><1><2><2><1><2>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC
Demo Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate Sec
	EAP-Message = tion1/0-<6><3>U<4><3><19>&OSC Test CA (do not use
in production)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<30><23><13>040316080209Z<23><13>060316080209Z0u1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<24>0<22><6><3>U<4><10><19><15>My
Test
Company1%0#<6><3>U<4><3><19><28>test.server.some.company.com0<129><159>0<13><6><9>*<134>H<134><247><13><1><1>
	EAP-Message =
<1><5><0><3><129><141><0>0<129><137><2><129><129><0><216>4<7><6><214><234>/<241>.9<209><250>\y<1><149>[<215><24>e<133><15><223>d<176><132>Z<222>#<234><12>%<133>aF<28><20><24><218><160><197><239><237><136><222><218><138><6><19><247>}*3B<155><24>TE<18><240><194><220><164><183>9<192><176>/<16>HI<220><169>vN<215>)<31><207><24><157><230>G<186>)<246>J<195><171><154><249><220>v<17><159><2>x<29><136><148>:b<170><254><4><207><183><144><210><251>+<233><135>0<212>Y<207><158>N<226><136><12><132><143><250><182><218>W<2><3><1><0><1><163><23>0<21>0<19><6><3>U<29>%<4><12>0<10><6><8>+<6><1><5><5><7><3><1>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0><3><129><129><0>n<23><196><159>c<165><188>>q<129>X<13>=l?<174><155><170><162><189><20><25>az<19>o<202><250>|B8N<209><225><253>?hv<170><193><235><2>b<16><201>}<250>,<181>q<154>%<182><29><179>p<211><248>oba<
	EAP-Message =
JP<13>p<12>+<154><199>1<16><208><138><21><141>'wrX<214>NUW<231><173><25>w<215><13><152><154>T<218><8><246><202>.<177>9s*<220><219>n"Gu<188><254><206>U?<214>)<181>I2^<157><225><174><232>2e<185>k<131><0><4>=0<130><4>90<130><3><162><160><3><2><1><2><2><1><0>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC
Demo Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate
Section1/0-<6><3>U<4><3><19>&OSC Test CA (do no
	Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Wed Jan  5 09:23:00 2005: DEBUG: Packet dump:
*** Received from 192.168.10.41 port 1335 ....
Code:       Access-Request
Identifier: 4
Authentic:  a<10>a<10>a<10>a<10>a<10>a<10>a<10>a<10>
Attributes:
	NAS-IP-Address = 192.168.10.41
	NAS-Port-Type = Wireless-IEEE-802-11
	NAS-Port = 1
	Framed-MTU = 1400
	User-Name = "anonymous"
	Calling-Station-Id = "000bcd5a0861"
	Called-Station-Id = "000d9df60559"
	NAS-Identifier = "Enterprise AP"
	EAP-Message = <2><3><0><6><21><0>
	Message-Authenticator =
0<250><145>n<184><198><230><189>i^j<192><159>G<170><171>

Wed Jan  5 09:23:00 2005: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Wed Jan  5 09:23:00 2005: DEBUG:  Deleting session for anonymous,
192.168.10.41, 1
Wed Jan  5 09:23:00 2005: DEBUG: Handling with Radius::AuthFILE: 
Wed Jan  5 09:23:00 2005: DEBUG: Handling with EAP: code 2, 3, 6
Wed Jan  5 09:23:00 2005: DEBUG: Response type 21
Wed Jan  5 09:23:00 2005: DEBUG: EAP result: 3, EAP TTLS Challenge
Wed Jan  5 09:23:00 2005: DEBUG: Access challenged for anonymous: EAP
TTLS Challenge
Wed Jan  5 09:23:00 2005: DEBUG: Packet dump:
*** Sending to 192.168.10.41 port 1335 ....
Code:       Access-Challenge
Identifier: 4
Authentic:  a<10>a<10>a<10>a<10>a<10>a<10>a<10>a<10>
Attributes:
	EAP-Message = <1><4><3><238><21>@t use in production)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<30><23><13>040316080125Z<23><13>060316080125Z0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC
Demo Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate
Section1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in p
	EAP-Message = roduction)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<129><159>0<13><6><9>*<134>H<134><247><13><1><1><1><5><0><3><129><141><0>0<129><137><2><129><129><0><204><181>%Q<192>7g0<140><153>0xg<240><152><248><199><214><253>W<7><220>|fd<163><137>%F<216><220><148><230><6><18>ie<144>'<244>P<8>DxJ<138>n<203>k8<164><239><179>H<237>K<182>mo<155><145><138><143><136><127><230><<9>l<172><210><205><136><162><29>)1<4><206><11>g<163><226>i@<206>o<210>,<185><173><234><3>^4<221><252><168>H<178><158><25><235><152><250>g<199><172><250>uSr<156><205>P<150>O<197><240>=a<255>_<209><12><163><0>U<2><3><1><0><1><163><130><1>+0<130><1>'0<29><6><3>U<29><14><4><22><4><20><23><2><196>#<233><210>F0D<173>f]r<193>H?<164><27>ke0<129><247><6><3>U<29>#
	EAP-Message =
<4><129><239>0<129><236><128><20><23><2><196>#<233><210>F0D<173>f]r<193>H?<164><27>ke<161><129><208><164><129><205>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC
Demo Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate
Section1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in production)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au<130><1><0>0<12><6><3>U<29><19><4><5>0<3>
	EAP-Message =
<1><1><255>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0><3><129><129><0>0<3>=<202><190><236>S<216><228>o<177><242><18>hEBe<219>W<136><245>tf<202><143><160><29><220>p9<5><24>2<185>)<128><227>8<17><247>'_J<28><159>;_<202><254><242>+{=P<245><215>K<160><136>qml<181><24>3<0>f<166>Q(<2><193><29>-<228><19><184>C<139>9}r1<188>DTlK<255><15><12>TL<160><177>DuY+<156><143><225><149><237><135>ix<22>O<231><212><154><184><10>fZ<248>Va#<192><160>l<21><129>0<199>6<22><3><1><0><220><13><0><0><212><2><1><2><0><207><0><205>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC
Demo Certif
	Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Wed Jan  5 09:23:00 2005: DEBUG: Packet dump:
*** Received from 192.168.10.41 port 1336 ....
Code:       Access-Request
Identifier: 5
Authentic:  -v-v-v-v-v-v-v-v
Attributes:
	NAS-IP-Address = 192.168.10.41
	NAS-Port-Type = Wireless-IEEE-802-11
	NAS-Port = 1
	Framed-MTU = 1400
	User-Name = "anonymous"
	Calling-Station-Id = "000bcd5a0861"
	Called-Station-Id = "000d9df60559"
	NAS-Identifier = "Enterprise AP"
	EAP-Message = <2><4><0><6><21><0>
	Message-Authenticator =
R2G<162><235><150><152>Zy<135>O<193><4><<233>E

Wed Jan  5 09:23:00 2005: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Wed Jan  5 09:23:00 2005: DEBUG:  Deleting session for anonymous,
192.168.10.41, 1
Wed Jan  5 09:23:00 2005: DEBUG: Handling with Radius::AuthFILE: 
Wed Jan  5 09:23:00 2005: DEBUG: Handling with EAP: code 2, 4, 6
Wed Jan  5 09:23:00 2005: DEBUG: Response type 21
Wed Jan  5 09:23:00 2005: DEBUG: EAP result: 3, EAP TTLS Challenge
Wed Jan  5 09:23:00 2005: DEBUG: Access challenged for anonymous: EAP
TTLS Challenge
Wed Jan  5 09:23:00 2005: DEBUG: Packet dump:
*** Sending to 192.168.10.41 port 1336 ....
Code:       Access-Challenge
Identifier: 5
Authentic:  -v-v-v-v-v-v-v-v
Attributes:
	EAP-Message =
<1><5><0><134><21><0>icates1!0<31><6><3>U<4><11><19><24>Test Certificate
Section1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in production)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au<14><0><0><0>
	Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Wed Jan  5 09:23:00 2005: DEBUG: Packet dump:
*** Received from 192.168.10.41 port 1337 ....
Code:       Access-Request
Identifier: 6
Authentic:  8<28>8<28>8<28>8<28>8<28>8<28>8<28>8<28>
Attributes:
	NAS-IP-Address = 192.168.10.41
	NAS-Port-Type = Wireless-IEEE-802-11
	NAS-Port = 1
	Framed-MTU = 1400
	User-Name = "anonymous"
	Calling-Station-Id = "000bcd5a0861"
	Called-Station-Id = "000d9df60559"
	NAS-Identifier = "Enterprise AP"
	EAP-Message =
<2><5><0><212><21><128><0><0><0><202><22><3><1><0><7><11><0><0><3><0><0><0><22><3><1><0><134><16><0><0><130><0><128>mD<228>k<130>g/<13>R<140><164>k~p<157><190><231><227>_S_<134><27><159><224>e<238><128>e<147><246><25>|<13><233>.<25>,d(*:<2><2><222><159>*<243><179>se<223>/<142><217>4<221>g<29><197>%<223><235>f<14>r<185><22><217>V<247>}/<180><198><137>R<22>$<167><129><159>H<24>u<224>!Wb<199>Y<187><175><212>^<10><26>r<146>c<247>U<185><211><199><15>{0<162><129><187><219><26><224><195><231>H<194><229><247><152><199>>9<146><221><143>f<20><3><1><0><1><1><22><3><1><0>(<199><28><241>AL\g[<21><221>e<132><249><135><156><144><196>-<31>/<30><154>F<129><149>A<236><160>ML<200><213><232>)<235>1<6>v<199><250>
	Message-Authenticator =
Z<224><163>vg[O`Y<19><174><217>rM<31><226>

Wed Jan  5 09:23:00 2005: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Wed Jan  5 09:23:00 2005: DEBUG:  Deleting session for anonymous,
192.168.10.41, 1
Wed Jan  5 09:23:00 2005: DEBUG: Handling with Radius::AuthFILE: 
Wed Jan  5 09:23:00 2005: DEBUG: Handling with EAP: code 2, 5, 212
Wed Jan  5 09:23:00 2005: DEBUG: Response type 21
Wed Jan  5 09:23:00 2005: DEBUG: EAP TTLS data, 8576, 5, 2
Wed Jan  5 09:23:00 2005: DEBUG: EAP TLS SSL_accept result: 1, 0, 3
Wed Jan  5 09:23:00 2005: DEBUG: EAP result: 3, EAP TTLS Challenge
Wed Jan  5 09:23:00 2005: DEBUG: Access challenged for anonymous: EAP
TTLS Challenge
Wed Jan  5 09:23:00 2005: DEBUG: Packet dump:
*** Sending to 192.168.10.41 port 1337 ....
Code:       Access-Challenge
Identifier: 6
Authentic:  8<28>8<28>8<28>8<28>8<28>8<28>8<28>8<28>
Attributes:
	EAP-Message =
<1><6><0>=<21><128><0><0><0>3<20><3><1><0><1><1><22><3><1><0>(<142><164>S?<167><236>N*<143><140>g><132><234><198>?n<175>E<14><232><128><137><166><224><133><150>y<145><253>#u<216>PD^I<3><185>&
	Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Wed Jan  5 09:23:05 2005: DEBUG: Packet dump:
*** Received from 192.168.10.41 port 1338 ....
Code:       Access-Request
Identifier: 7
Authentic:  *<151>*<151>*<151>*<151>*<151>*<151>*<151>*<151>
Attributes:
	NAS-IP-Address = 192.168.10.41
	NAS-Port-Type = Wireless-IEEE-802-11
	NAS-Port = 1
	Framed-MTU = 1400
	User-Name = "anonymous"
	Calling-Station-Id = "000bcd5a0861"
	Called-Station-Id = "000d9df60559"
	NAS-Identifier = "Enterprise AP"
	EAP-Message =
<2><6><0>G<21><128><0><0><0>=<23><3><1><0>89"n<208>s4<7>U<4>E<207>*<26>;<212><167><222><179><12>
<0><181><240><158>5<11><232>U^B<220>4<27><218><15><163><230>l5<174>Q<179><191><159><228>q<246><191>!%<11><185><198><130><131><209>
	Message-Authenticator =
G<235><138>$<<219><15><26><198><155><139><255><166><20><3><27>

Wed Jan  5 09:23:05 2005: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Wed Jan  5 09:23:05 2005: DEBUG:  Deleting session for anonymous,
192.168.10.41, 1
Wed Jan  5 09:23:05 2005: DEBUG: Handling with Radius::AuthFILE: 
Wed Jan  5 09:23:05 2005: DEBUG: Handling with EAP: code 2, 6, 71
Wed Jan  5 09:23:05 2005: DEBUG: Response type 21
Wed Jan  5 09:23:05 2005: DEBUG: EAP TTLS data, 3, 6, 5
Wed Jan  5 09:23:05 2005: DEBUG: EAP TTLS inner authentication request
for jimm
Wed Jan  5 09:23:05 2005: DEBUG: TTLS Tunnelled Diameter Packet dump:
Code:       Access-Request
Identifier: UNDEF
Authentic: 
<196><252><130><140><210><201><214><143><244>p<232><14><135><216><159><21>
Attributes:
	User-Name = "jimm"
	User-Password = "password"

Wed Jan  5 09:23:05 2005: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Wed Jan  5 09:23:05 2005: DEBUG:  Deleting session for jimm,
192.168.10.41, 
Wed Jan  5 09:23:05 2005: DEBUG: Handling with Radius::AuthFILE: 
Wed Jan  5 09:23:05 2005: DEBUG: Reading users file
/etc/radiator/users
Wed Jan  5 09:23:05 2005: DEBUG: Radius::AuthFILE looks for match with
jimm
Wed Jan  5 09:23:05 2005: DEBUG: Radius::AuthFILE ACCEPT: 
Wed Jan  5 09:23:05 2005: DEBUG: Access accepted for jimm
Wed Jan  5 09:23:05 2005: ERR: Could not handle an EAP request: Can't
locate auto/Net/SSLeay/get_client_.al in @INC (@INC contains: .
/usr/lib/perl5/5.8.0/i586-linux-thread-multi /usr/lib/perl5/5.8.0
/usr/lib/perl5/site_perl/5.8.0/i586-linux-thread-multi
/usr/lib/perl5/site_perl/5.8.0 /usr/lib/perl5/site_perl .) at
/usr/lib/perl5/site_perl/Radius/TLS.pm line 42

Wed Jan  5 09:23:05 2005: INFO: Access rejected for anonymous: Could
not handle an EAP request
Wed Jan  5 09:23:05 2005: DEBUG: Packet dump:
*** Sending to 192.168.10.41 port 1338 ....
Code:       Access-Reject
Identifier: 7
Authentic:  *<151>*<151>*<151>*<151>*<151>*<151>*<151>*<151>
Attributes:
	Reply-Message = "Request Denied"

Wed Jan  5 09:23:10 2005: DEBUG: Packet dump:
*** Received from 192.168.10.41 port 1339 ....
Code:       Access-Request
Identifier: 8
Authentic: 
<13><249><13><249><13><249><13><249><13><249><13><249><13><249><13><249>
Attributes:
	NAS-IP-Address = 192.168.10.41
	NAS-Port-Type = Wireless-IEEE-802-11
	NAS-Port = 1
	Framed-MTU = 1400
	User-Name = "anonymous"
	Calling-Station-Id = "000bcd5a0861"
	Called-Station-Id = "000d9df60559"
	NAS-Identifier = "Enterprise AP"
	EAP-Message = <2><7><0><14><1>anonymous
	Message-Authenticator =
<29><24><2><190>Z<233><202>j<198><160><16>Nns I

Wed Jan  5 09:23:10 2005: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Wed Jan  5 09:23:10 2005: DEBUG:  Deleting session for anonymous,
192.168.10.41, 1
Wed Jan  5 09:23:10 2005: DEBUG: Handling with Radius::AuthFILE: 
Wed Jan  5 09:23:10 2005: DEBUG: Handling with EAP: code 2, 7, 14
Wed Jan  5 09:23:10 2005: DEBUG: Response type 1
Wed Jan  5 09:23:10 2005: DEBUG: Resuming session for
Radius::Context=HASH(0x86410d8)

Wed Jan  5 09:23:10 2005: DEBUG: EAP result: 3, EAP TTLS Challenge
Wed Jan  5 09:23:10 2005: DEBUG: Access challenged for anonymous: EAP
TTLS Challenge
Wed Jan  5 09:23:10 2005: DEBUG: Packet dump:
*** Sending to 192.168.10.41 port 1339 ....
Code:       Access-Challenge
Identifier: 8
Authentic: 
<13><249><13><249><13><249><13><249><13><249><13><249><13><249><13><249>
Attributes:
	EAP-Message = <1><8><0><6><21> 
	Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Wed Jan  5 09:23:10 2005: DEBUG: Packet dump:
*** Received from 192.168.10.41 port 1340 ....
Code:       Access-Request
Identifier: 9
Authentic: 
<24><158><24><158><24><158><24><158><24><158><24><158><24><158><24><158>
Attributes:
	NAS-IP-Address = 192.168.10.41
	NAS-Port-Type = Wireless-IEEE-802-11
	NAS-Port = 1
	Framed-MTU = 1400
	User-Name = "anonymous"
	Calling-Station-Id = "000bcd5a0861"
	Called-Station-Id = "000d9df60559"
	NAS-Identifier = "Enterprise AP"
	EAP-Message =
<2><8><0>b<21><128><0><0><0>X<22><3><1><0>S<1><0><0>O<3><1>A<220><6>`-<205>78<185><208><240><12>w<248><16><191><18>5<168><187><185>@Y<132>\<251><184><240><229>)<154>j<0><0>(<0><22><0><19><0>f<0><21><0><18><0><10><0><5><0><4><0><9><0>c<0>e<0>`<0>b<0>a<0>d<0><20><0><17><0><3><0><6><0><8><1><0>
	Message-Authenticator = 
<239><131><16><4><132>xxz<229><206>(<203>8<253><223>

Wed Jan  5 09:23:10 2005: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Wed Jan  5 09:23:10 2005: DEBUG:  Deleting session for anonymous,
192.168.10.41, 1
Wed Jan  5 09:23:10 2005: DEBUG: Handling with Radius::AuthFILE: 
Wed Jan  5 09:23:10 2005: DEBUG: Handling with EAP: code 2, 8, 98
Wed Jan  5 09:23:10 2005: DEBUG: Response type 21
Wed Jan  5 09:23:10 2005: DEBUG: EAP TTLS data, 8465, 8, -1
Wed Jan  5 09:23:10 2005: DEBUG: EAP TLS SSL_accept result: -1, 2,
8576
Wed Jan  5 09:23:10 2005: DEBUG: EAP result: 3, EAP TTLS Challenge
Wed Jan  5 09:23:10 2005: DEBUG: Access challenged for anonymous: EAP
TTLS Challenge
Wed Jan  5 09:23:10 2005: DEBUG: Packet dump:
*** Sending to 192.168.10.41 port 1340 ....
Code:       Access-Challenge
Identifier: 9
Authentic: 
<24><158><24><158><24><158><24><158><24><158><24><158><24><158><24><158>
Attributes:
	EAP-Message =
<1><9><3><242><21><192><0><0><8>P<22><3><1><0>J<2><0><0>F<3><1>A<220><6>^<165><177><167>T'<15><180><198><11>%5<240>c<255><145><134><149><146>y<26>d\<160><194>\M<156>~
<16><9><144><203>%"'E9S<151><24>b<231>z<205><154>=<150><154><217><236>^<131><203><174><245>FJ1FD<0><10><0><22><3><1><7><27><11><0><7><23><0><7><20><0><2><209>0<130><2><205>0<130><2>6<160><3><2><1><2><2><1><2>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC
Demo Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate Sec
	EAP-Message = tion1/0-<6><3>U<4><3><19>&OSC Test CA (do not use
in production)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<30><23><13>040316080209Z<23><13>060316080209Z0u1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<24>0<22><6><3>U<4><10><19><15>My
Test
Company1%0#<6><3>U<4><3><19><28>test.server.some.company.com0<129><159>0<13><6><9>*<134>H<134><247><13><1><1>
	EAP-Message =
<1><5><0><3><129><141><0>0<129><137><2><129><129><0><216>4<7><6><214><234>/<241>.9<209><250>\y<1><149>[<215><24>e<133><15><223>d<176><132>Z<222>#<234><12>%<133>aF<28><20><24><218><160><197><239><237><136><222><218><138><6><19><247>}*3B<155><24>TE<18><240><194><220><164><183>9<192><176>/<16>HI<220><169>vN<215>)<31><207><24><157><230>G<186>)<246>J<195><171><154><249><220>v<17><159><2>x<29><136><148>:b<170><254><4><207><183><144><210><251>+<233><135>0<212>Y<207><158>N<226><136><12><132><143><250><182><218>W<2><3><1><0><1><163><23>0<21>0<19><6><3>U<29>%<4><12>0<10><6><8>+<6><1><5><5><7><3><1>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0><3><129><129><0>n<23><196><159>c<165><188>>q<129>X<13>=l?<174><155><170><162><189><20><25>az<19>o<202><250>|B8N<209><225><253>?hv<170><193><235><2>b<16><201>}<250>,<181>q<154>%<182><29><179>p<211><248>oba<
	EAP-Message =
JP<13>p<12>+<154><199>1<16><208><138><21><141>'wrX<214>NUW<231><173><25>w<215><13><152><154>T<218><8><246><202>.<177>9s*<220><219>n"Gu<188><254><206>U?<214>)<181>I2^<157><225><174><232>2e<185>k<131><0><4>=0<130><4>90<130><3><162><160><3><2><1><2><2><1><0>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC
Demo Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate
Section1/0-<6><3>U<4><3><19>&OSC Test CA (do no
	Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Wed Jan  5 09:23:10 2005: DEBUG: Packet dump:
*** Received from 192.168.10.41 port 1341 ....
Code:       Access-Request
Identifier: 10
Authentic:  e<11>e<11>e<11>e<11>e<11>e<11>e<11>e<11>
Attributes:
	NAS-IP-Address = 192.168.10.41
	NAS-Port-Type = Wireless-IEEE-802-11
	NAS-Port = 1
	Framed-MTU = 1400
	User-Name = "anonymous"
	Calling-Station-Id = "000bcd5a0861"
	Called-Station-Id = "000d9df60559"
	NAS-Identifier = "Enterprise AP"
	EAP-Message = <2><9><0><6><21><0>
	Message-Authenticator =
}<191><187>=_<159><223>%*<195><211><1><26><237><193>&

Wed Jan  5 09:23:10 2005: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Wed Jan  5 09:23:10 2005: DEBUG:  Deleting session for anonymous,
192.168.10.41, 1
Wed Jan  5 09:23:10 2005: DEBUG: Handling with Radius::AuthFILE: 
Wed Jan  5 09:23:10 2005: DEBUG: Handling with EAP: code 2, 9, 6
Wed Jan  5 09:23:10 2005: DEBUG: Response type 21
Wed Jan  5 09:23:10 2005: DEBUG: EAP result: 3, EAP TTLS Challenge
Wed Jan  5 09:23:10 2005: DEBUG: Access challenged for anonymous: EAP
TTLS Challenge
Wed Jan  5 09:23:10 2005: DEBUG: Packet dump:
*** Sending to 192.168.10.41 port 1341 ....
Code:       Access-Challenge
Identifier: 10
Authentic:  e<11>e<11>e<11>e<11>e<11>e<11>e<11>e<11>
Attributes:
	EAP-Message = <1><10><3><238><21>@t use in production)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<30><23><13>040316080125Z<23><13>060316080125Z0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC
Demo Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate
Section1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in p
	EAP-Message = roduction)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<129><159>0<13><6><9>*<134>H<134><247><13><1><1><1><5><0><3><129><141><0>0<129><137><2><129><129><0><204><181>%Q<192>7g0<140><153>0xg<240><152><248><199><214><253>W<7><220>|fd<163><137>%F<216><220><148><230><6><18>ie<144>'<244>P<8>DxJ<138>n<203>k8<164><239><179>H<237>K<182>mo<155><145><138><143><136><127><230><<9>l<172><210><205><136><162><29>)1<4><206><11>g<163><226>i@<206>o<210>,<185><173><234><3>^4<221><252><168>H<178><158><25><235><152><250>g<199><172><250>uSr<156><205>P<150>O<197><240>=a<255>_<209><12><163><0>U<2><3><1><0><1><163><130><1>+0<130><1>'0<29><6><3>U<29><14><4><22><4><20><23><2><196>#<233><210>F0D<173>f]r<193>H?<164><27>ke0<129><247><6><3>U<29>#
	EAP-Message =
<4><129><239>0<129><236><128><20><23><2><196>#<233><210>F0D<173>f]r<193>H?<164><27>ke<161><129><208><164><129><205>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC
Demo Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate
Section1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in production)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au<130><1><0>0<12><6><3>U<29><19><4><5>0<3>
	EAP-Message =
<1><1><255>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0><3><129><129><0>0<3>=<202><190><236>S<216><228>o<177><242><18>hEBe<219>W<136><245>tf<202><143><160><29><220>p9<5><24>2<185>)<128><227>8<17><247>'_J<28><159>;_<202><254><242>+{=P<245><215>K<160><136>qml<181><24>3<0>f<166>Q(<2><193><29>-<228><19><184>C<139>9}r1<188>DTlK<255><15><12>TL<160><177>DuY+<156><143><225><149><237><135>ix<22>O<231><212><154><184><10>fZ<248>Va#<192><160>l<21><129>0<199>6<22><3><1><0><220><13><0><0><212><2><1><2><0><207><0><205>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC
Demo Certif
	Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Wed Jan  5 09:23:11 2005: DEBUG: Packet dump:
*** Received from 192.168.10.41 port 1342 ....
Code:       Access-Request
Identifier: 11
Authentic:  1w1w1w1w1w1w1w1w
Attributes:
	NAS-IP-Address = 192.168.10.41
	NAS-Port-Type = Wireless-IEEE-802-11
	NAS-Port = 1
	Framed-MTU = 1400
	User-Name = "anonymous"
	Calling-Station-Id = "000bcd5a0861"
	Called-Station-Id = "000d9df60559"
	NAS-Identifier = "Enterprise AP"
	EAP-Message = <2><10><0><6><21><0>
	Message-Authenticator =
l<138><240><147><170><|<135>2<225>N<253><166>k<13><191>

Wed Jan  5 09:23:11 2005: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Wed Jan  5 09:23:11 2005: DEBUG:  Deleting session for anonymous,
192.168.10.41, 1
Wed Jan  5 09:23:11 2005: DEBUG: Handling with Radius::AuthFILE: 
Wed Jan  5 09:23:11 2005: DEBUG: Handling with EAP: code 2, 10, 6
Wed Jan  5 09:23:11 2005: DEBUG: Response type 21
Wed Jan  5 09:23:11 2005: DEBUG: EAP result: 3, EAP TTLS Challenge
Wed Jan  5 09:23:11 2005: DEBUG: Access challenged for anonymous: EAP
TTLS Challenge
Wed Jan  5 09:23:11 2005: DEBUG: Packet dump:
*** Sending to 192.168.10.41 port 1342 ....
Code:       Access-Challenge
Identifier: 11
Authentic:  1w1w1w1w1w1w1w1w
Attributes:
	EAP-Message =
<1><11><0><134><21><0>icates1!0<31><6><3>U<4><11><19><24>Test
Certificate Section1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in
production)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au<14><0><0><0>
	Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>

Wed Jan  5 09:23:11 2005: DEBUG: Packet dump:
*** Received from 192.168.10.41 port 1343 ....
Code:       Access-Request
Identifier: 12
Authentic:  <<29><<29><<29><<29><<29><<29><<29><<29>
Attributes:
	NAS-IP-Address = 192.168.10.41
	NAS-Port-Type = Wireless-IEEE-802-11
	NAS-Port = 1
	Framed-MTU = 1400
	User-Name = "anonymous"
	Calling-Station-Id = "000bcd5a0861"
	Called-Station-Id = "000d9df60559"
	NAS-Identifier = "Enterprise AP"
	EAP-Message =
<2><11><0><212><21><128><0><0><0><202><22><3><1><0><7><11><0><0><3><0><0><0><22><3><1><0><134><16><0><0><130><0><128><3>
<178><204><15><252><234>KN<22><2><157><<9>n<208>_xA<133><211><205><0><160><127><238><197><179><220><23><198>]<160>\<158><28>O<4><243>;6<230><136><224><29><0>G<214><11>r<202><167>q<245><228><139><201>n<10>I<135><211>$<152><28><200>+e<7>D<4><167>*9v<182>3=<2><2><197><3><253><244>v<11><197>e<241>


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list