(RADIATOR) MAC address filtering?
Jim Michael
JMichael at chesterfield.mo.us
Wed Jan 26 10:16:39 CST 2005
Hi Hugh and Mike-
I tried the latest config file (with the authby FILE mac check within
the TTLS handler) and it too fails. In this case, it is getting to that
point and then trying to look for my *user name* in the addresses.mac
file, which of course is impossible, and it fails. It seems that any
solution where we try to look at the mac address on the "inner"
authentication will not work because it will always want to look for the
user in the file? Note that the addresses.mac file contains only the raw
mac address as Mike suggested, nothing more. (though I also tried with
AuthType=Accept again and that doesn't help).Here's the latest log, in
case it tells you anything, or gives you more ideas. I never imagined
such a simple concept would be so hard to implement! <g>
Jim
START LOG
Wed Jan 26 09:59:53 2005: NOTICE: Server started: Radiator 3.11 on
suser (LOCKED)
Wed Jan 26 10:00:06 2005: DEBUG: Finished reading configuration file
'/etc/radiator/coc.cfg'
Wed Jan 26 10:00:06 2005: DEBUG: Reading dictionary file
'/etc/radiator/dictionary'
Wed Jan 26 10:00:06 2005: DEBUG: Creating authentication port
0.0.0.0:1812
Wed Jan 26 10:00:06 2005: DEBUG: Creating accounting port 0.0.0.0:1813
Wed Jan 26 10:00:06 2005: NOTICE: Server started: Radiator 3.11 on
suser (LOCKED)
Wed Jan 26 10:00:39 2005: DEBUG: Packet dump:
*** Received from 192.168.10.41 port 1144 ....
Code: Access-Request
Identifier: 77
Authentic: ^E^E^E^E^E^E^E^E
Attributes:
NAS-IP-Address = 192.168.10.41
NAS-Port-Type = Wireless-IEEE-802-11
NAS-Port = 1
Framed-MTU = 1400
User-Name = "anonymous"
Calling-Station-Id = "000bcd5a0861"
Called-Station-Id = "000d9df60559"
NAS-Identifier = "Enterprise AP"
EAP-Message = <2><1><0><14><1>anonymous
Message-Authenticator =
MgA<143><24>Y<221><154><191><134><16>_<233>f<224><195>
Wed Jan 26 10:00:39 2005: DEBUG: Handling request with Handler ''
Wed Jan 26 10:00:39 2005: DEBUG: Deleting session for anonymous,
192.168.10.41, 1
Wed Jan 26 10:00:39 2005: DEBUG: Handling with Radius::AuthFILE:
Wed Jan 26 10:00:39 2005: DEBUG: Handling with EAP: code 2, 1, 14
Wed Jan 26 10:00:39 2005: DEBUG: Response type 1
Wed Jan 26 10:00:39 2005: DEBUG: EAP result: 3, EAP TTLS Challenge
Wed Jan 26 10:00:39 2005: DEBUG: Access challenged for anonymous: EAP
TTLS Challenge
Wed Jan 26 10:00:39 2005: DEBUG: Packet dump:
*** Sending to 192.168.10.41 port 1144 ....
Code: Access-Challenge
Identifier: 77
Authentic: ^E^E^E^E^E^E^E^E
Attributes:
EAP-Message = <1><2><0><6><21>
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Wed Jan 26 10:00:40 2005: DEBUG: Packet dump:
*** Received from 192.168.10.41 port 1145 ....
Code: Access-Request
Identifier: 78
Authentic: 8<228>8<228>8<228>8<228>8<228>8<228>8<228>8<228>
Attributes:
NAS-IP-Address = 192.168.10.41
NAS-Port-Type = Wireless-IEEE-802-11
NAS-Port = 1
Framed-MTU = 1400
User-Name = "anonymous"
Calling-Station-Id = "000bcd5a0861"
Called-Station-Id = "000d9df60559"
NAS-Identifier = "Enterprise AP"
EAP-Message =
<2><2><0>b<21><128><0><0><0>X<22><3><1><0>S<1><0><0>O<3><1>A<247><190><168><207>u<225><23>~v<146><173><234><202>_<221><152><223><252>S<240>M9<243><163><5>wT<19><21><160><214><0><0>(<0><22><0><19><0>f<0><21><0><18><0><10><0><5><0><4><0><9><0>c<0>e<0>`<0>b<0>a<0>d<0><20><0><17><0><3><0><6><0><8><1><0>
Message-Authenticator = <127><205><220><243>
$<148><185><<31>S<176><212>8.b
Wed Jan 26 10:00:40 2005: DEBUG: Handling request with Handler ''
Wed Jan 26 10:00:40 2005: DEBUG: Deleting session for anonymous,
192.168.10.41, 1
Wed Jan 26 10:00:40 2005: DEBUG: Handling with Radius::AuthFILE:
Wed Jan 26 10:00:40 2005: DEBUG: Handling with EAP: code 2, 2, 98
Wed Jan 26 10:00:40 2005: DEBUG: Response type 21
Wed Jan 26 10:00:40 2005: DEBUG: EAP TTLS data, 24576, 2, -1
Wed Jan 26 10:00:40 2005: DEBUG: EAP TLS SSL_accept result: -1, 2,
8576
Wed Jan 26 10:00:40 2005: DEBUG: EAP result: 3, EAP TTLS Challenge
Wed Jan 26 10:00:40 2005: DEBUG: Access challenged for anonymous: EAP
TTLS Challenge
Wed Jan 26 10:00:40 2005: DEBUG: Packet dump:
*** Sending to 192.168.10.41 port 1145 ....
Code: Access-Challenge
Identifier: 78
Authentic: 8<228>8<228>8<228>8<228>8<228>8<228>8<228>8<228>
Attributes:
EAP-Message =
<1><3><3><242><21><192><0><0><10>h<22><3><1><0>J<2><0><0>F<3><1>A<247><190><168><169><186><10><129><190>9<218><157>k<253><185><7><188>0:<183><149><3><219>6<184>9<142><140>[<4>/<244>
l<12><220><134><219>3<2>>KR<128><158>S<235>rE<238><204><27>a<225><197><13><204>j<164>*Zo<241><255>F<0><10><0><22><3><1><8><213><11><0><8><209><0><8><206><0><4>T0<130><4>P0<130><3>8<160><3><2><1><2><2><16>UPH<255>9<15><147><25><219><183><133><143><26>ja<13>0<13><6><9>*<134>H<134><247><13><1><1><5><5><0>0M1<11>0<9><6><3>U<4><6><19><2>US1<22>0<20><6><3>U<4><10><19><13>DigiCert
Inc.1&0$<6><3>U<4><3><19><29>DigiCert Security Services
CA0<30><23><13>041112000000Z<23><13>06011
EAP-Message =
1235959Z0<129><215>1<11>0<9><6><3>U<4><6><19><2>US1<17>0<15><6><3>U<4><8><19><8>Missouri1<21>0<19><6><3>U<4><7><19><12>Chesterfield1<29>0<27><6><3>U<4><10><19><20>City
of Chesterfield1<28>0<26><6><3>U<4><11><19><19>Information
Systems1#0!<6><3>U<4><11><19><26>Provided by DigiCert,
Inc.1<29>0<27><6><3>U<4><11><19><20>DigiCertSSL
Wildcard1<29>0<27><6><3>U<4><3><20><20>*.chesterfield.mo.us0<129><159>0<13><6><9>*<134>H<134><247><13><1><1><1><5><0><3><129><141><0>0<129><137><2><129>
EAP-Message =
<129><0><201><187><180><213>rS<215><246>R<170><26>~U<197><12><216>|<21><200><214><19>g<24>A%?RQ<3><243><176><168><5><164><167>I(<151><16><144><231><127>|<241><250>6<141><219><184><162><128><200>C<159><246><197>n<254>d<186>J<170><187><131><136><247>G<211>CJL<234><234><187>[<163><248>ua<228><190><245>!'G<187><194><157><171>8<231>)}<137><171><178><178>;<214><237>)<31><200>?<242><5><10><138><16>B<20><23>.C<181>;<21><182><212><169><154><228><10><131>@`<147><221><2><3><1><0><1><163><130><1>#0<130><1><31>0<31><6><3>U<29>#<4><24>0<22><128><20>0T<225>@c<27>
<152>Wr0?bK<8>/S<135>=<8>0<29><6><3>U<29><14><4><22><4><20><243>7<145>W<237>aX^Qd<239>9<146><211><218><130><240>W<148><13>0<14><6><3>U<29><15><1><1><255><4><4><3><2><5><160>0<12><6><3>U<29><19><1><1><255><4><2>0<0>0<29><6><3>U<29>%<4><22>0<20><6><8>+<6><1>
EAP-Message =
<5><5><7><3><1><6><8>+<6><1><5><5><7><3><2>0<129><140><6><3>U<29><31><4><129><132>0<129><129>0><160><<160>:<134>8http://crl.digicert.com/DigiCertSecurityServicesCA_2.crl0?<160>=<160>;<134>9http://crl2.digicert.com/DigiCertSecurityServicesCA_2.crl0<17><6><9>`<134>H<1><134><248>B<1><1><4><4><3><2><6><192>0<13><6><9>*<134>H<134><247><13><1><1><5><5><0><3><130><1><1><0><202>c<255><163>k<223><138><156><162><188><247><149><162>W<255>B<146><12>D<226><189>X<26><254>]<211>yl<20><28>ro3$<248><194><15><144><200><20>K<191><165><216>7<206>(<176><242>$<15><237><164><177>
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Wed Jan 26 10:00:40 2005: DEBUG: Packet dump:
*** Received from 192.168.10.41 port 1146 ....
Code: Access-Request
Identifier: 79
Authentic:
<8><221><8><221><8><221><8><221><8><221><8><221><8><221><8><221>
Attributes:
NAS-IP-Address = 192.168.10.41
NAS-Port-Type = Wireless-IEEE-802-11
NAS-Port = 1
Framed-MTU = 1400
User-Name = "anonymous"
Calling-Station-Id = "000bcd5a0861"
Called-Station-Id = "000d9df60559"
NAS-Identifier = "Enterprise AP"
EAP-Message = <2><3><0><6><21><0>
Message-Authenticator =
\%<225>"f<19><219><182>$<247>\t<211><148><207><246>
Wed Jan 26 10:00:40 2005: DEBUG: Handling request with Handler ''
Wed Jan 26 10:00:40 2005: DEBUG: Deleting session for anonymous,
192.168.10.41, 1
Wed Jan 26 10:00:40 2005: DEBUG: Handling with Radius::AuthFILE:
Wed Jan 26 10:00:40 2005: DEBUG: Handling with EAP: code 2, 3, 6
Wed Jan 26 10:00:40 2005: DEBUG: Response type 21
Wed Jan 26 10:00:40 2005: DEBUG: EAP result: 3, EAP TTLS Challenge
Wed Jan 26 10:00:40 2005: DEBUG: Access challenged for anonymous: EAP
TTLS Challenge
Wed Jan 26 10:00:40 2005: DEBUG: Packet dump:
*** Sending to 192.168.10.41 port 1146 ....
Code: Access-Challenge
Identifier: 79
Authentic:
<8><221><8><221><8><221><8><221><8><221><8><221><8><221><8><221>
Attributes:
EAP-Message =
<1><4><3><238><21>@'<18>d<204><137><14>@<14><156>m<253><157><140><22>J<159><177><146><212>z<176><210>`<207>y<2><216><1><22><155>r<232><239>
<148><199><178><220><236>+<196><227><198><134><228>b`@<184>/<131>^l<235><132><20><208><128>*<188><245>D\M<164><21><182><6><138>!h<196><176>I<240><227><207><222><249>_<2><254>%n89<6><169>uC<173>9<177>O<189><145>=<0><31><142><254>dR<174>c<9><27><138><230><27><215>i<137><136>\0M0gL<156>@<195>E`S<168>"<201><254><211><171>swWw<0>)d<181><31><156><22><173><12>(c<151>Te
<196><7><10><172>>R<20><13><219>[<172>b<16><250><210><246><175><161><131>xR<19><237>d<10>"$y<7><150><141><249><236>D<171>e<173><148><190><216><226>H<168>WT<200><239><129><201>5R<0><4>t0<130><4>p0<130><3><217><160><3><2><1><2><2><4><4><0><3><163>0<13><6><9>*<134>H<134><247><13><1><1><5><5><0>0u1<11>0<9><6><3>
EAP-Message =
U<4><6><19><2>US1<24>0<22><6><3>U<4><10><19><15>GTE
Corporation1'0%<6><3>U<4><11><19><30>GTE CyberTrust Solutions,
Inc.1#0!<6><3>U<4><3><19><26>GTE CyberTrust Global
Root0<30><23><13>041013185100Z<23><13>111013235900Z0M1<11>0<9><6><3>U<4><6><19><2>US1<22>0<20><6><3>U<4><10><19><13>DigiCert
Inc.1&0$<6><3>U<4><3><19><29>DigiCert Security Services
CA0<130><1>"0<13><6><9>*<134>H<134><247><13><1><1><1><5><0><3><130><1><15><0>0<130><1><10><2><130><1>
EAP-Message =
<1><0><208><170><180><165>\f<254><16><171>p<31><18><201><216>Sl/E<134>m<17>q<172><179><242>z<18><237>_<13><201>-<223><219>X<148>va<15>0<14>g<23><7><202><170>
<15>-<15><186><143><19>F{<238>)<220>%<167><238>g=]'<234>K<222><254><213><227><224><205><253><229><201><129><231>O<206>I6<164><244><7>1<144>jy<142><197>sh<229>:<168>!?<249><249><242>`<202><225>n<234>g9/<201><152><129><146><188><184>wCs<185>1"<190><146><253><180>4<232><163><184>wxM<132><240>+<224>v<246><162>_<18>yY<231>W<145><154><14>)<136><165><203>=<172><250><254>t<151><171><11><187>7V<180><131><200>R<135><19>=Qe<231><23>5<139>X<243>Bc]<1><244>z<23><136><174>E<11>u<228><24><242><159>g<5>|<11>Z<139><200><220><128>}G<131><180>.<160><225><208>t0X<136><4><23><169><196>5<22><151><<236><222><211><14>Z<200>q<156><20><159><165>
<232><173>u<157><3> <166>j<138>0,<205>]|<132>_
EAP-Message =
<200><245>M<159>[<2><3><1><0><1><163><130><1><175>0<130><1><171>0E<6><3>U<29><31><4>>0<0:<160>8<160>6<134>4http://www.public-trust.com/cgi-bin/CRL/2018/cdp.crl0<29><6><3>U<29><14><4><22><4><20>0T<225>@c<27>
<152>Wr0?bK<8>/S<135>=<8>0<129><146><6><3>U<29>
<4><129><138>0<129><135>0H<6><9>+<6><1><4><1><177>><1><0>0;09<6><8>+<6><1><5><5><7><2><1><22>-http://www.public-trust.com/CPS/OmniRoot.html0;<6><12>+<6><1><4><1><178>1<1><2><1><3><1>0+0)<6><8>+<6><1><5><5><7><2><1><22><29>https:/
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Wed Jan 26 10:00:40 2005: DEBUG: Packet dump:
*** Received from 192.168.10.41 port 1147 ....
Code: Access-Request
Identifier: 80
Authentic: UIUIUIUIUIUIUIUI
Attributes:
NAS-IP-Address = 192.168.10.41
NAS-Port-Type = Wireless-IEEE-802-11
NAS-Port = 1
Framed-MTU = 1400
User-Name = "anonymous"
Calling-Station-Id = "000bcd5a0861"
Called-Station-Id = "000d9df60559"
NAS-Identifier = "Enterprise AP"
EAP-Message = <2><4><0><6><21><0>
Message-Authenticator =
Uf<215>\<227><222>X<253><20><31><170>L<247><153><22>=
Wed Jan 26 10:00:40 2005: DEBUG: Handling request with Handler ''
Wed Jan 26 10:00:40 2005: DEBUG: Deleting session for anonymous,
192.168.10.41, 1
Wed Jan 26 10:00:40 2005: DEBUG: Handling with Radius::AuthFILE:
Wed Jan 26 10:00:40 2005: DEBUG: Handling with EAP: code 2, 4, 6
Wed Jan 26 10:00:40 2005: DEBUG: Response type 21
Wed Jan 26 10:00:40 2005: DEBUG: EAP result: 3, EAP TTLS Challenge
Wed Jan 26 10:00:40 2005: DEBUG: Access challenged for anonymous: EAP
TTLS Challenge
Wed Jan 26 10:00:40 2005: DEBUG: Packet dump:
*** Sending to 192.168.10.41 port 1147 ....
Code: Access-Challenge
Identifier: 80
Authentic: UIUIUIUIUIUIUIUI
Attributes:
EAP-Message =
<1><5><2><158><21><0>/secure.comodo.net/CPS0<129><137><6><3>U<29>#<4><129><129>0<127><161>y<164>w0u1<11>0<9><6><3>U<4><6><19><2>US1<24>0<22><6><3>U<4><10><19><15>GTE
Corporation1'0%<6><3>U<4><11><19><30>GTE CyberTrust Solutions,
Inc.1#0!<6><3>U<4><3><19><26>GTE CyberTrust Global
Root<130><2><1><165>0<14><6><3>U<29><15><1><1><255><4><4><3><2><1><6>0<18><6><3>U<29><19><1><1><255><4><8>0<6><1><1><255><2><1><0>0<13><6><9>*<134>H<134><247><13><1><1><5><5><0><3><129><129><0>*<27><206><144><4><253><15><9><2><253>o<201>|<132><178><178><11>z4<194><208><16>}<196>~W<218><181>X<156>
EAP-Message =
<203><234><23><145>I<222><250><21><30><15><185><12><242>:N<198>ev<152>L<237><234><1>f<246><9><198><243><252><165>G<163><176><239><240>7<131>lc<21><183><<21><198>1<154><0>,<170><3><144>T<192><153><239><179><222><176>8<173>w<134><246><142>&<171>2<15><230>g<213>fE<23>?r<218>dB<147><225><28><165><205><22>1HpM<227><236>D<139>3<179><160><150>e<22><3><1><1>:<13><0><1>2<2><1><2><1>-<0><218>0<129><215>1<11>0<9><6><3>U<4><6><19><2>US1<17>0<15><6><3>U<4><8><19><8>Missouri1<21>0<19><6><3>U<4><7><19><12>Chesterfield1<29>0<27><6><3>U<4><10><19><20>City
of Chesterfield1<28>0<26><6><3>U<4><11><19><19>Information
Systems1#0!<6><3>U<4><11><19><26>Provided
EAP-Message = by DigiCert,
Inc.1<29>0<27><6><3>U<4><11><19><20>DigiCertSSL
Wildcard1<29>0<27><6><3>U<4><3><20><20>*.chesterfield.mo.us<0>O0M1<11>0<9><6><3>U<4><6><19><2>US1<22>0<20><6><3>U<4><10><19><13>DigiCert
Inc.1&0$<6><3>U<4><3><19><29>DigiCert Security Services CA<14><0><0><0>
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Wed Jan 26 10:00:40 2005: DEBUG: Packet dump:
*** Received from 192.168.10.41 port 1148 ....
Code: Access-Request
Identifier: 81
Authentic: !<181>!<181>!<181>!<181>!<181>!<181>!<181>!<181>
Attributes:
NAS-IP-Address = 192.168.10.41
NAS-Port-Type = Wireless-IEEE-802-11
NAS-Port = 1
Framed-MTU = 1400
User-Name = "anonymous"
Calling-Station-Id = "000bcd5a0861"
Called-Station-Id = "000d9df60559"
NAS-Identifier = "Enterprise AP"
EAP-Message =
<2><5><0><212><21><128><0><0><0><202><22><3><1><0><7><11><0><0><3><0><0><0><22><3><1><0><134><16><0><0><130><0><128><186><166><155>B<199><28><26><210>fl<209><171>I!<253><246><2><158>
<193>b4<131><233><175><136>?-<188><179><30><228><166><134>vq<248>k<138>5<225><164><12><178><221><151>yQ<200>?<240><150><18><192><222>R<31><149>c<0><232>KM<211><218><182><2>xu,<129><202>D<219><221>g<231>q<237>!<229>*<23>I<165><246><225><18>g<147><27><228><182>]O<155><209><151><220><244>m<192>#<205>c]<190>)<23><201>t4}<131><135><18><201>I<245><157><23>W)E<127>X<133><243><20><3><1><0><1><1><22><3><1><0>(<249><25><203><207>$<127>@;<193><242><254><150>'t<253>4<167><0><215>$<214>N^<22><12><214>k<237>]<176><150>6<18>v<7>6<225><193>c<254>
Message-Authenticator = ;R<191><249><212>44nm4Ga<147>m><176>
Wed Jan 26 10:00:40 2005: DEBUG: Handling request with Handler ''
Wed Jan 26 10:00:40 2005: DEBUG: Deleting session for anonymous,
192.168.10.41, 1
Wed Jan 26 10:00:40 2005: DEBUG: Handling with Radius::AuthFILE:
Wed Jan 26 10:00:40 2005: DEBUG: Handling with EAP: code 2, 5, 212
Wed Jan 26 10:00:40 2005: DEBUG: Response type 21
Wed Jan 26 10:00:40 2005: DEBUG: EAP TTLS data, 8576, 5, 2
Wed Jan 26 10:00:40 2005: DEBUG: EAP TLS SSL_accept result: 1, 0, 3
Wed Jan 26 10:00:40 2005: DEBUG: EAP result: 3, EAP TTLS Challenge
Wed Jan 26 10:00:40 2005: DEBUG: Access challenged for anonymous: EAP
TTLS Challenge
Wed Jan 26 10:00:40 2005: DEBUG: Packet dump:
*** Sending to 192.168.10.41 port 1148 ....
Code: Access-Challenge
Identifier: 81
Authentic: !<181>!<181>!<181>!<181>!<181>!<181>!<181>!<181>
Attributes:
EAP-Message =
<1><6><0>=<21><128><0><0><0>3<20><3><1><0><1><1><22><3><1><0>(<143>?<248>H.Og<131><234><9><233>3O$<129><248><218><22>/8<218><210>SrV<204><165><246><172><154><138>d<150>9<164><0><227>C<240>'
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Wed Jan 26 10:00:49 2005: DEBUG: Packet dump:
*** Received from 192.168.10.41 port 1149 ....
Code: Access-Request
Identifier: 82
Authentic: \(\(\(\(\(\(\(\(
Attributes:
NAS-IP-Address = 192.168.10.41
NAS-Port-Type = Wireless-IEEE-802-11
NAS-Port = 1
Framed-MTU = 1400
User-Name = "anonymous"
Calling-Station-Id = "000bcd5a0861"
Called-Station-Id = "000d9df60559"
NAS-Identifier = "Enterprise AP"
EAP-Message =
<2><6><0>G<21><128><0><0><0>=<23><3><1><0>8><184><217><1><140>~<223><159><132><225><225>2<23><188><250>z<31><176><1><194><172>`u<|<3><13><157>!!+D<217><31><169><203><135><239><212><26><237><147>qG<141><133>I<214><172>`$<129><241>x<14><133>
Message-Authenticator =
<24>V<216><226><175>~X<202><29><231><178>9<187>!gD
Wed Jan 26 10:00:49 2005: DEBUG: Handling request with Handler ''
Wed Jan 26 10:00:49 2005: DEBUG: Deleting session for anonymous,
192.168.10.41, 1
Wed Jan 26 10:00:49 2005: DEBUG: Handling with Radius::AuthFILE:
Wed Jan 26 10:00:49 2005: DEBUG: Handling with EAP: code 2, 6, 71
Wed Jan 26 10:00:49 2005: DEBUG: Response type 21
Wed Jan 26 10:00:49 2005: DEBUG: EAP TTLS data, 3, 6, 5
Wed Jan 26 10:00:49 2005: DEBUG: EAP TTLS inner authentication request
for jimm
Wed Jan 26 10:00:50 2005: DEBUG: TTLS Tunnelled Diameter Packet dump:
Code: Access-Request
Identifier: UNDEF
Authentic: ?<202><221><17><1><185>'<140>l<202>;<250><169>[<232><16>
Attributes:
User-Name = "jimm"
User-Password = "xxxxxxxxx"
Wed Jan 26 10:00:50 2005: DEBUG: Handling request with Handler
'TunnelledByTTLS=1'
Wed Jan 26 10:00:50 2005: DEBUG: Deleting session for jimm,
192.168.10.41,
Wed Jan 26 10:00:50 2005: DEBUG: Handling with Radius::AuthFILE:
Wed Jan 26 10:00:50 2005: DEBUG: Radius::AuthFILE looks for match with
Wed Jan 26 10:00:50 2005: DEBUG: Reading users file
/etc/radiator/addresses.mac
Wed Jan 26 10:00:50 2005: INFO: Access rejected for jimm: No such user
Wed Jan 26 10:00:50 2005: DEBUG: EAP result: 1, EAP TTLS inner
authentication redespatched to a Handler
Wed Jan 26 10:00:50 2005: INFO: Access rejected for anonymous: EAP TTLS
inner authentication redespatched to a Handler
Wed Jan 26 10:00:50 2005: DEBUG: Packet dump:
*** Sending to 192.168.10.41 port 1149 ....
Code: Access-Reject
Identifier: 82
Authentic: \(\(\(\(\(\(\(\(
Attributes:
EAP-Message = <4><6><0><4>
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Reply-Message = "Request Denied"
END LOG
>>> Mike McCauley <mikem at open.com.au> 1/26/2005 1:05:16 AM >>>
Hi Hugh,
actually, the mac address file just needs to have the addresses one per
line:
00409638d4cb
00409638d4cc
no Auth-Type check items should be required.
Cheers.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list