(RADIATOR) Mac-Adress Check and LDAP on OS X
Urs Landis
urs.landis at mac.com
Tue Mar 1 02:17:50 CST 2005
Hugh
Im not sure that you have understand my problem (proberly because of my
bad english??)
If i try to connect with radpwtst i get the following trace4: All looks
good and he says that he look for a match with 987654321, find it and
goes to the LDAP
If i try the same thing from the AccessPoint he says that he is looking
for a match with urs_landis, but he should look for the mac-address, is
this only a strange message, or what is wrong? The mac Address of the
connecting Computer is in the address-file as he is printed in the
trace Calling-Station-Id file without the "".
Where is my fault???
Please help!!
Urs
trace from radpwtst:
Tue Mar 1 09:01:12 2005: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 50650 ....
Code: Access-Request
Identifier: 207
Authentic: 1234567890123456
Attributes:
User-Name = "Urs_Landis"
Service-Type = Framed-User
NAS-IP-Address = 203.63.154.1
NAS-Port = 1234
Called-Station-Id = "123456789"
Calling-Station-Id = "987654321"
NAS-Port-Type = Async
User-Password =
"Q<238><228><168><185><212><156>F<177>/<190><8>L<1>@<233>"
Tue Mar 1 09:01:12 2005: DEBUG: Handling request with Handler 'DEFAULT'
Tue Mar 1 09:01:12 2005: DEBUG: Deleting session for Urs_Landis,
203.63.154.1, 1234
Tue Mar 1 09:01:12 2005: DEBUG: Handling with Radius::AuthFILE:
CheckMACAddress
Tue Mar 1 09:01:12 2005: DEBUG: Radius::AuthFILE looks for match with
987654321
Tue Mar 1 09:01:12 2005: DEBUG: Handling with Radius::AuthLDAP2:
CheckLDAP
Tue Mar 1 09:01:12 2005: INFO: Connecting to 192.168.1.21, port 389
Tue Mar 1 09:01:12 2005: INFO: Attempting to bind to LDAP server
192.168.1.21:389)
Trace 'from AccessPoint'
Tue Mar 1 09:04:06 2005: DEBUG: Packet dump:
*** Received from 192.168.95.59 port 21649 ....
Code: Access-Request
Identifier: 84
Authentic: .]<212><28>?<24>8<185><162><207><148>j<229>H<13><235>
Attributes:
User-Name = "urs_landis"
Framed-MTU = 1400
Called-Station-Id = "0013.19fc.2f90"
Calling-Station-Id = "0030.6503.0a96"
Service-Type = Login-User
Message-Authenticator =
<169>C<246>5<136><219><208>`+<168><225>3<149><195><181><250>
EAP-Message = <2><1><0><15><1>urs_landis
NAS-Port-Type = Wireless-IEEE-802-11
NAS-Port = 1121
NAS-IP-Address = 192.168.95.59
NAS-Identifier = "AP-09-023"
Tue Mar 1 09:04:06 2005: DEBUG: Handling request with Handler 'DEFAULT'
Tue Mar 1 09:04:06 2005: DEBUG: Deleting session for urs_landis,
192.168.95.59, 1121
Tue Mar 1 09:04:06 2005: DEBUG: Handling with Radius::AuthFILE:
CheckMACAddress
Tue Mar 1 09:04:06 2005: DEBUG: Handling with EAP: code 2, 1, 15
Tue Mar 1 09:04:06 2005: DEBUG: Response type 1
Tue Mar 1 09:04:06 2005: DEBUG: EAP result: 3, EAP LEAP Challenge
Tue Mar 1 09:04:06 2005: DEBUG: Access challenged for urs_landis: EAP
LEAP Challenge
Tue Mar 1 09:04:06 2005: DEBUG: Packet dump:
*** Sending to 192.168.95.59 port 21649 ....
Code: Access-Challenge
Identifier: 84
Authentic: .]<212><28>?<24>8<185><162><207><148>j<229>H<13><235>
Attributes:
EAP-Message =
<1><2><0><26><17><1><0><8>U<176>9<138><27><200><255><26>urs_landis
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Tue Mar 1 09:04:06 2005: DEBUG: Packet dump:
*** Received from 192.168.95.59 port 21649 ....
Code: Access-Request
Identifier: 85
Authentic: <172><187>*gh<29><199><227>b<242><4><141><127>2<7><151>
Attributes:
User-Name = "urs_landis"
Framed-MTU = 1400
Called-Station-Id = "0013.19fc.2f90"
Calling-Station-Id = "0030.6503.0a96"
Service-Type = Login-User
Message-Authenticator =
F<167><233>1U<153><24>1<145><143>2Y<22><253><134>U
EAP-Message =
<2><2><0>*<17><1><0><24><214><200>z<204><136>8o<15><166><233>i<241>rD&<1
98><28><232>m<146><236>i<227><146>urs_landis
NAS-Port-Type = Wireless-IEEE-802-11
NAS-Port = 1121
NAS-IP-Address = 192.168.95.59
NAS-Identifier = "AP-09-023"
Tue Mar 1 09:04:06 2005: DEBUG: Handling request with Handler 'DEFAULT'
Tue Mar 1 09:04:06 2005: DEBUG: Deleting session for urs_landis,
192.168.95.59, 1121
Tue Mar 1 09:04:06 2005: DEBUG: Handling with Radius::AuthFILE:
CheckMACAddress
Tue Mar 1 09:04:06 2005: DEBUG: Handling with EAP: code 2, 2, 42
Tue Mar 1 09:04:06 2005: DEBUG: Response type 17
Tue Mar 1 09:04:06 2005: DEBUG: Radius::AuthFILE looks for match with
urs_landis
Tue Mar 1 09:04:06 2005: DEBUG: EAP result: 1, EAP LEAP failed: no
such user urs_landis
My config:
# leap.cfg
#
Foreground
LogStdout
LogDir /var/log/radius
DbDir /etc/radiator
# User a lower trace level in production systems:
Trace 4
<Client DEFAULT>
Secret xxxxxx
DupInterval 0
</Client>
<AuthBy FILE>
Identifier CheckMACAddress
Filename %D/addresses.mac
AuthenticateAttribute Calling-Station-Id
EAPType LEAP
# EAPType TTLS
# EAPTLS_CAFile %D/certificates/demoCA/cacert.pem
# EAPTLS_CertificateFile %D/certificates/cert-srv.pem
# EAPTLS_CertificateType PEM
# EAPTLS_PrivateKeyFile %D/certificates/cert-srv.pem
# EAPTLS_PrivateKeyPassword whatever
# EAPTLS_MaxFragmentSize 1000
# AutoMPPEKeys
</AuthBy>
<AuthBy LDAP2>
Identifier CheckLDAP
Host 192.168.1.21
BaseDN dc=hopro, dc=edu
Version 3
UsernameAttr uid
ServerChecksPassword
# SearchFilter (&(uid=%1)(buildingName=WLAN))
# AddToReply buildingName
</AuthBy>
<Handler DEFAULT>
AuthBy CheckMACAddress
</Handler>
my addresses file:
# MAC-Adressen Tabelle
# PowerBook G4 17" von Urs Landis Privat
00:03:93:eb:cf:2f Auth-Type = CheckLDAP
# Testadresse radpwtst
987654321 Auth-Type = CheckLDAP
# iBook Urs Landis
0011.242b.11a9 Auth-Type = CheckLDAP
#PowerBook-LG-05
0030.6503.0a96 Auth-Type = CheckLDAP
Urs Landis
ICT
Kantonsschule
Hohe Promenade
Postfach
Promenadengasse 11
CH-8090 Zürich
Am 28.02.2005 um 21:06 schrieb Hugh Irvine:
>
> Hello Urs -
>
> Your configuration file says to use the AuthBy CheckMACAddress:
>
>>
>> <Handler DEFAULT>
>> AuthBy CheckMACAddress
>> </Handler>
>
> So that is what it is doing.
>
> regards
>
> Hugh
>
>
> On 28 Feb 2005, at 18:51, Urs Landis wrote:
>
>> Hi all
>>
>> now i tried with LEAP. with radpwtst it looks great! With the access
>> point i have a strange error message! It looks for a user in the
>> mac-address file! But why?
>>
>> my config
>>
>> # leap.cfg
>> #
>>
>> Foreground
>> LogStdout
>> LogDir /var/log/radius
>> DbDir /etc/radiator
>>
>> # User a lower trace level in production systems:
>> Trace 4
>>
>> <Client DEFAULT>
>> Secret xxxyyy
>> DupInterval 0
>> </Client>
>>
>> <AuthBy FILE>
>> Identifier CheckMACAddress
>> Filename %D/addresses.mac
>>
>> AuthenticateAttribute Calling-Station-Id
>> EAPType LEAP
>>
>>
>> </AuthBy>
>>
>> <AuthBy LDAP2>
>> Identifier CheckLDAP
>> Host xxx.xxx.xxx.xxx
>> BaseDN dc=aaa, dc=bbb
>> Version 3
>> UsernameAttr uid
>> ServerChecksPassword
>> SearchFilter (&(uid=%1)(buildingName=WLAN))
>> AddToReply buildingName
>> </AuthBy>
>> <Handler DEFAULT>
>> AuthBy CheckMACAddress
>> </Handler>
>>
>> The trace 4 log:
>>
>> Mon Feb 28 18:44:09 2005: DEBUG: Packet dump:
>> *** Received from 192.168.95.59 port 21648 ....
>> Code: Access-Request
>> Identifier: 224
>> Authentic: <184><198>f<136>t<211>`]<162>=W<9><131><26><17>M
>> Attributes:
>> User-Name = "urs_landis"
>> Framed-MTU = 1400
>> Called-Station-Id = "0013.19fc.2f90"
>> Calling-Station-Id = "0030.6503.0a96"
>> Service-Type = Login-User
>> Message-Authenticator =
>> <158><208>Y<145><244><8>>.<155>U<12><159><177><17><237>g
>> EAP-Message = <2><1><0><15><1>urs_landis
>> NAS-Port-Type = Wireless-IEEE-802-11
>> NAS-Port = 1050
>> NAS-IP-Address = 192.168.95.59
>> NAS-Identifier = "AP-09-023"
>>
>> Mon Feb 28 18:44:09 2005: DEBUG: Handling request with Handler
>> 'DEFAULT'
>> Mon Feb 28 18:44:09 2005: DEBUG: Deleting session for urs_landis,
>> 192.168.95.59, 1050
>> Mon Feb 28 18:44:09 2005: DEBUG: Handling with Radius::AuthFILE:
>> CheckMACAddress
>> Mon Feb 28 18:44:09 2005: DEBUG: Handling with EAP: code 2, 1, 15
>> Mon Feb 28 18:44:09 2005: DEBUG: Response type 1
>> Mon Feb 28 18:44:09 2005: DEBUG: EAP result: 3, EAP LEAP Challenge
>> Mon Feb 28 18:44:09 2005: DEBUG: Access challenged for urs_landis:
>> EAP LEAP Challenge
>> Mon Feb 28 18:44:09 2005: DEBUG: Packet dump:
>> *** Sending to 192.168.95.59 port 21648 ....
>> Code: Access-Challenge
>> Identifier: 224
>> Authentic: <184><198>f<136>t<211>`]<162>=W<9><131><26><17>M
>> Attributes:
>> EAP-Message =
>> <1><2><0><26><17><1><0><8>6<249>#<6>I<127><189><20>urs_landis
>> Message-Authenticator =
>> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>>
>> Mon Feb 28 18:44:09 2005: DEBUG: Packet dump:
>> *** Received from 192.168.95.59 port 21648 ....
>> Code: Access-Request
>> Identifier: 225
>> Authentic: <238><208><201>#|<148>q<172><12><201><140><132><3><<132>n
>> Attributes:
>> User-Name = "urs_landis"
>> Framed-MTU = 1400
>> Called-Station-Id = "0013.19fc.2f90"
>> Calling-Station-Id = "0030.6503.0a96"
>> Service-Type = Login-User
>> Message-Authenticator =
>> <26><194><2><30><201><144>E<181><31><193><251>g<23><205><127><13>
>> EAP-Message =
>> <2><2><0>*<17><1><0><24><188><6><24>t<7>W]<203>B<191><6>(<29><233><216
>> ><141>;%<235><27>^?<27><161>urs_landis
>> NAS-Port-Type = Wireless-IEEE-802-11
>> NAS-Port = 1050
>> NAS-IP-Address = 192.168.95.59
>> NAS-Identifier = "AP-09-023"
>>
>> Mon Feb 28 18:44:09 2005: DEBUG: Handling request with Handler
>> 'DEFAULT'
>> Mon Feb 28 18:44:09 2005: DEBUG: Deleting session for urs_landis,
>> 192.168.95.59, 1050
>> Mon Feb 28 18:44:09 2005: DEBUG: Handling with Radius::AuthFILE:
>> CheckMACAddress
>> Mon Feb 28 18:44:09 2005: DEBUG: Handling with EAP: code 2, 2, 42
>> Mon Feb 28 18:44:09 2005: DEBUG: Response type 17
>> Mon Feb 28 18:44:09 2005: DEBUG: Radius::AuthFILE looks for match
>> with urs_landis
>> Mon Feb 28 18:44:09 2005: DEBUG: EAP result: 1, EAP LEAP failed: no
>> such user urs_landis
>> Mon Feb 28 18:44:09 2005: INFO: Access rejected for urs_landis: EAP
>> LEAP failed: no such user urs_landis
>> Mon Feb 28 18:44:09 2005: DEBUG: Packet dump:
>> *** Sending to 192.168.95.59 port 21648 ....
>> Code: Access-Reject
>> Identifier: 225
>> Authentic: <238><208><201>#|<148>q<172><12><201><140><132><3><<132>n
>> Attributes:
>> EAP-Message = <4><2><0><4>
>> Message-Authenticator =
>> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>> Reply-Message = "Request Denied"
>>
>> Mon Feb 28 18:44:10 2005: DEBUG: Packet dump:
>> *** Received from 192.168.95.59 port 21648 ....
>> Code: Access-Request
>> Identifier: 226
>> Authentic: <246>8Hc<246>P<186>q<136>J<147><252><238><22><184>$
>> Attributes:
>> User-Name = "urs_landis"
>> Framed-MTU = 1400
>> Called-Station-Id = "0013.19fc.2f90"
>> Calling-Station-Id = "0030.6503.0a96"
>> Service-Type = Login-User
>> Message-Authenticator =
>> <171><226><160><206>#<240><204><29><237><11><22><243><127>e<156><129>
>> EAP-Message = <2><1><0><15><1>urs_landis
>> NAS-Port-Type = Wireless-IEEE-802-11
>> NAS-Port = 1051
>> NAS-IP-Address = 192.168.95.59
>> NAS-Identifier = "AP-09-023"
>>
>> Mon Feb 28 18:44:10 2005: DEBUG: Handling request with Handler
>> 'DEFAULT'
>> Mon Feb 28 18:44:10 2005: DEBUG: Deleting session for urs_landis,
>> 192.168.95.59, 1051
>> Mon Feb 28 18:44:10 2005: DEBUG: Handling with Radius::AuthFILE:
>> CheckMACAddress
>> Mon Feb 28 18:44:10 2005: DEBUG: Handling with EAP: code 2, 1, 15
>> Mon Feb 28 18:44:10 2005: DEBUG: Response type 1
>> Mon Feb 28 18:44:10 2005: DEBUG: EAP result: 3, EAP LEAP Challenge
>> Mon Feb 28 18:44:10 2005: DEBUG: Access challenged for urs_landis:
>> EAP LEAP Challenge
>> Mon Feb 28 18:44:10 2005: DEBUG: Packet dump:
>> *** Sending to 192.168.95.59 port 21648 ....
>> Code: Access-Challenge
>> Identifier: 226
>> Authentic: <246>8Hc<246>P<186>q<136>J<147><252><238><22><184>$
>> Attributes:
>> EAP-Message =
>> <1><2><0><26><17><1><0><8><17>(<251><195><230>E<237>durs_landis
>> Message-Authenticator =
>> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>>
>> Mon Feb 28 18:44:10 2005: DEBUG: Packet dump:
>> *** Received from 192.168.95.59 port 21648 ....
>> Code: Access-Request
>> Identifier: 227
>> Authentic: <2><251><21><205><234>4<215>o<244><231>=<200><188>^<167>x
>> Attributes:
>> User-Name = "urs_landis"
>> Framed-MTU = 1400
>> Called-Station-Id = "0013.19fc.2f90"
>> Calling-Station-Id = "0030.6503.0a96"
>> Service-Type = Login-User
>> Message-Authenticator =
>> <255>,<171>K<219><221>Y'<157><180>+e<164>X-&
>> EAP-Message =
>> <2><2><0>*<17><1><0><24><157>G<24><197>*!
>> K<136><0>t<254>V<228><161><177><155>&<4><19><205><204>M<170>3urs_landi
>> s
>> NAS-Port-Type = Wireless-IEEE-802-11
>> NAS-Port = 1051
>> NAS-IP-Address = 192.168.95.59
>> NAS-Identifier = "AP-09-023"
>>
>> Mon Feb 28 18:44:10 2005: DEBUG: Handling request with Handler
>> 'DEFAULT'
>> Mon Feb 28 18:44:10 2005: DEBUG: Deleting session for urs_landis,
>> 192.168.95.59, 1051
>> Mon Feb 28 18:44:10 2005: DEBUG: Handling with Radius::AuthFILE:
>> CheckMACAddress
>> Mon Feb 28 18:44:10 2005: DEBUG: Handling with EAP: code 2, 2, 42
>> Mon Feb 28 18:44:10 2005: DEBUG: Response type 17
>> Mon Feb 28 18:44:10 2005: DEBUG: Radius::AuthFILE looks for match
>> with urs_landis
>> Mon Feb 28 18:44:10 2005: DEBUG: EAP result: 1, EAP LEAP failed: no
>> such user urs_landis
>> Mon Feb 28 18:44:10 2005: INFO: Access rejected for urs_landis: EAP
>> LEAP failed: no such user urs_landis
>> Mon Feb 28 18:44:10 2005: DEBUG: Packet dump:
>> *** Sending to 192.168.95.59 port 21648 ....
>> Code: Access-Reject
>> Identifier: 227
>> Authentic: <2><251><21><205><234>4<215>o<244><231>=<200><188>^<167>x
>> Attributes:
>> EAP-Message = <4><2><0><4>
>> Message-Authenticator =
>> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>> Reply-Message = "Request Denied"
>>
>> Mon Feb 28 18:44:12 2005: DEBUG: Packet dump:
>> *** Received from 192.168.95.59 port 21648 ....
>> Code: Access-Request
>> Identifier: 228
>> Authentic: +h<201><218>1o<163><186><148><246><194><238>q<186><225>9
>> Attributes:
>> User-Name = "urs_landis"
>> Framed-MTU = 1400
>> Called-Station-Id = "0013.19fc.2f90"
>> Calling-Station-Id = "0030.6503.0a96"
>> Service-Type = Login-User
>> Message-Authenticator =
>> 7<152>!c<159><4>w<173><191>Pt<138><147><231><15>%
>> EAP-Message = <2><1><0><15><1>urs_landis
>> NAS-Port-Type = Wireless-IEEE-802-11
>> NAS-Port = 1052
>> NAS-IP-Address = 192.168.95.59
>> NAS-Identifier = "AP-09-023"
>>
>> Mon Feb 28 18:44:12 2005: DEBUG: Handling request with Handler
>> 'DEFAULT'
>> Mon Feb 28 18:44:12 2005: DEBUG: Deleting session for urs_landis,
>> 192.168.95.59, 1052
>> Mon Feb 28 18:44:12 2005: DEBUG: Handling with Radius::AuthFILE:
>> CheckMACAddress
>> Mon Feb 28 18:44:12 2005: DEBUG: Handling with EAP: code 2, 1, 15
>> Mon Feb 28 18:44:12 2005: DEBUG: Response type 1
>> Mon Feb 28 18:44:12 2005: DEBUG: EAP result: 3, EAP LEAP Challenge
>> Mon Feb 28 18:44:12 2005: DEBUG: Access challenged for urs_landis:
>> EAP LEAP Challenge
>> Mon Feb 28 18:44:12 2005: DEBUG: Packet dump:
>> *** Sending to 192.168.95.59 port 21648 ....
>> Code: Access-Challenge
>> Identifier: 228
>> Authentic: +h<201><218>1o<163><186><148><246><194><238>q<186><225>9
>> Attributes:
>> EAP-Message =
>> <1><2><0><26><17><1><0><8><255><175><20>p<190>&<225>Vurs_landis
>> Message-Authenticator =
>> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>>
>> Mon Feb 28 18:44:12 2005: DEBUG: Packet dump:
>> *** Received from 192.168.95.59 port 21648 ....
>> Code: Access-Request
>> Identifier: 229
>> Authentic:
>> <254><148><29><176>"<251><146><163>4<219><141><231>U<203><193><159>
>> Attributes:
>> User-Name = "urs_landis"
>> Framed-MTU = 1400
>> Called-Station-Id = "0013.19fc.2f90"
>> Calling-Station-Id = "0030.6503.0a96"
>> Service-Type = Login-User
>> Message-Authenticator = c<189>n?`-X0[6$<186><186>j<5>F
>> EAP-Message =
>> <2><2><0>*<17><1><0><24><233>;
>> <243>P<240><160>9i<25>q<229><4><188>[bQt*8<179><197><15>|<235>urs_land
>> is
>> NAS-Port-Type = Wireless-IEEE-802-11
>> NAS-Port = 1052
>> NAS-IP-Address = 192.168.95.59
>> NAS-Identifier = "AP-09-023"
>>
>> Mon Feb 28 18:44:12 2005: DEBUG: Handling request with Handler
>> 'DEFAULT'
>> Mon Feb 28 18:44:12 2005: DEBUG: Deleting session for urs_landis,
>> 192.168.95.59, 1052
>> Mon Feb 28 18:44:12 2005: DEBUG: Handling with Radius::AuthFILE:
>> CheckMACAddress
>> Mon Feb 28 18:44:12 2005: DEBUG: Handling with EAP: code 2, 2, 42
>> Mon Feb 28 18:44:12 2005: DEBUG: Response type 17
>> Mon Feb 28 18:44:12 2005: DEBUG: Radius::AuthFILE looks for match
>> with urs_landis
>> Mon Feb 28 18:44:12 2005: DEBUG: EAP result: 1, EAP LEAP failed: no
>> such user urs_landis
>> Mon Feb 28 18:44:12 2005: INFO: Access rejected for urs_landis: EAP
>> LEAP failed: no such user urs_landis
>> Mon Feb 28 18:44:12 2005: DEBUG: Packet dump:
>> *** Sending to 192.168.95.59 port 21648 ....
>> Code: Access-Reject
>> Identifier: 229
>> Authentic:
>> <254><148><29><176>"<251><146><163>4<219><141><231>U<203><193><159>
>> Attributes:
>> EAP-Message = <4><2><0><4>
>> Message-Authenticator =
>> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>> Reply-Message = "Request Denied"
>>
>> Mon Feb 28 18:44:13 2005: DEBUG: Packet dump:
>> *** Received from 192.168.95.59 port 21648 ....
>> Code: Access-Request
>> Identifier: 230
>> Authentic: N<217>V<237><12>(<166>(<201><216><208><173>Q<9><239><29>
>> Attributes:
>> User-Name = "urs_landis"
>> Framed-MTU = 1400
>> Called-Station-Id = "0013.19fc.2f90"
>> Calling-Station-Id = "0030.6503.0a96"
>> Service-Type = Login-User
>> Message-Authenticator =
>> <182>7ZH<150><235>E<15><185><250>g<235><1><145><192>C
>> EAP-Message = <2><1><0><15><1>urs_landis
>> NAS-Port-Type = Wireless-IEEE-802-11
>> NAS-Port = 1053
>> NAS-IP-Address = 192.168.95.59
>> NAS-Identifier = "AP-09-023"
>>
>> Mon Feb 28 18:44:13 2005: DEBUG: Handling request with Handler
>> 'DEFAULT'
>> Mon Feb 28 18:44:13 2005: DEBUG: Deleting session for urs_landis,
>> 192.168.95.59, 1053
>> Mon Feb 28 18:44:13 2005: DEBUG: Handling with Radius::AuthFILE:
>> CheckMACAddress
>> Mon Feb 28 18:44:13 2005: DEBUG: Handling with EAP: code 2, 1, 15
>> Mon Feb 28 18:44:13 2005: DEBUG: Response type 1
>> Mon Feb 28 18:44:13 2005: DEBUG: EAP result: 3, EAP LEAP Challenge
>> Mon Feb 28 18:44:13 2005: DEBUG: Access challenged for urs_landis:
>> EAP LEAP Challenge
>> Mon Feb 28 18:44:13 2005: DEBUG: Packet dump:
>> *** Sending to 192.168.95.59 port 21648 ....
>> Code: Access-Challenge
>> Identifier: 230
>> Authentic: N<217>V<237><12>(<166>(<201><216><208><173>Q<9><239><29>
>> Attributes:
>> EAP-Message =
>> <1><2><0><26><17><1><0><8>|+M<237>u<144>4<183>urs_landis
>> Message-Authenticator =
>> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>>
>> Mon Feb 28 18:44:13 2005: DEBUG: Packet dump:
>> *** Received from 192.168.95.59 port 21648 ....
>> Code: Access-Request
>> Identifier: 231
>> Authentic: <155><235><174>$[Q<247><6><162>d<211>i<189><198><241><230>
>> Attributes:
>> User-Name = "urs_landis"
>> Framed-MTU = 1400
>> Called-Station-Id = "0013.19fc.2f90"
>> Calling-Station-Id = "0030.6503.0a96"
>> Service-Type = Login-User
>> Message-Authenticator =
>> <159><242>U<173><149><158><164><236><245><135>j<149><144><206>_W
>> EAP-Message =
>> <2><2><0>*<17><1><0><24>;
>> <20><245>Y<155><18><241><138>U#<208><1><169>o<252>$<231><8>.<131><236>
>> <206><237><253>urs_landis
>> NAS-Port-Type = Wireless-IEEE-802-11
>> NAS-Port = 1053
>> NAS-IP-Address = 192.168.95.59
>> NAS-Identifier = "AP-09-023"
>>
>> Mon Feb 28 18:44:13 2005: DEBUG: Handling request with Handler
>> 'DEFAULT'
>> Mon Feb 28 18:44:13 2005: DEBUG: Deleting session for urs_landis,
>> 192.168.95.59, 1053
>> Mon Feb 28 18:44:13 2005: DEBUG: Handling with Radius::AuthFILE:
>> CheckMACAddress
>> Mon Feb 28 18:44:13 2005: DEBUG: Handling with EAP: code 2, 2, 42
>> Mon Feb 28 18:44:13 2005: DEBUG: Response type 17
>> Mon Feb 28 18:44:13 2005: DEBUG: Radius::AuthFILE looks for match
>> with urs_landis
>> Mon Feb 28 18:44:13 2005: DEBUG: EAP result: 1, EAP LEAP failed: no
>> such user urs_landis
>> Mon Feb 28 18:44:13 2005: INFO: Access rejected for urs_landis: EAP
>> LEAP failed: no such user urs_landis
>> Mon Feb 28 18:44:13 2005: DEBUG: Packet dump:
>> *** Sending to 192.168.95.59 port 21648 ....
>> Code: Access-Reject
>> Identifier: 231
>> Authentic: <155><235><174>$[Q<247><6><162>d<211>i<189><198><241><230>
>> Attributes:
>> EAP-Message = <4><2><0><4>
>> Message-Authenticator =
>> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>> Reply-Message = "Request Denied"
>>
>>
>> Mit freundlichen Grüssen
>>
>>
>> Urs Landis
>> ICT
>> Kantonsschule
>> Hohe Promenade
>> Promenadengasse 11
>> CH-8001 Zürich
>>
>> --
>> Archive at http://www.open.com.au/archives/radiator/
>> Announcements on radiator-announce at open.com.au
>> To unsubscribe, email 'majordomo at open.com.au' with
>> 'unsubscribe radiator' in the body of the message.
>>
>>
>
> NB: I am travelling this week, so there may be delays in our
> correspondence.
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> -
> CATool: Private Certificate Authority for Unix and Unix-like systems.
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/enriched
Size: 23129 bytes
Desc: not available
URL: <http://www.open.com.au/pipermail/radiator/attachments/20050301/7698b1ac/attachment.bin>
More information about the radiator
mailing list