(RADIATOR) "not properly formatted" when proxying EAP-TLS to IAS
Hugh Irvine
hugh at open.com.au
Mon Jun 13 05:38:27 CDT 2005
Hello Chris -
I'm afraid I don't know much about IAS, so all I can suggest is you
try searching the Microsoft web site or try using Google.
The request looks perfectly fine to me, but maybe you need to either
add attributes to or remove attributes from the requests so IAS will
accept them.
Have you verified the shared secrets?
Does anyone else on the list have any experience with this?
regards
Hugh
On 13 Jun 2005, at 17:57, Chris Hills wrote:
> Hi
>
> My configuration is as follows:-
>
> <Handler Realm=ad-test.its.ne-worcs.ac.uk>
>
> <AuthBy RADIUS>
>
> Identifier CheckAD1
>
> Host my.ias.server
> Secret mysecret
>
> AuthPort 1812
> AcctPort 1813
>
> </AuthBy>
>
> AcctLogFileName %L/detail.myserver
>
> </Handler>
>
> When a client attempts to authenticate, it proxies the request, but
> IAS has the following log message:-
>
> Access request for user user at my.ias.server was discarded.
> Fully-Qualified-User-Name = <undetermined>
> NAS-IP-Address = 172.18.100.14
> NAS-Identifier = <not present>
> Called-Station-Identifier = <not present>
> Calling-Station-Identifier = 00-06-5B-E4-0E-0B
> Client-Friendly-Name = RADIATOR
> Client-IP-Address = ra.di.at.or
> NAS-Port-Type = Ethernet
> NAS-Port = 238
> Proxy-Policy-Name = *@my.realm
> Authentication-Provider = Windows
> Authentication-Server = <undetermined>
> Reason-Code = 3
> Reason = The Remote Authentication Dial-In User Service (RADIUS)
> request was not properly formatted.
>
> For more information, see Help and Support Center at http://
> go.microsoft.com/fwlink/events.asp.
>
> For reference, Radiator said:-
>
> Mon Jun 13 08:28:22 2005: INFO: AuthRADIUS: No reply after 3
> retransmissions to my.ias.server:1812 for chills at ad-test.its.ne-
> worcs.ac.uk (24)
> Mon Jun 13 08:28:22 2005: INFO: AuthRADIUS could not find a working
> host to forward to. Ignoring
>
>
> Is there something wrong with my configuration? I know I had this
> working before!
>
> --
> Chris Hills
> IT Services
> North East Worcestershire College
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
NB:
Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list