(RADIATOR) WPA on Linksys Acces Point WAP54G not working :-(
Mike McCauley
mikem at open.com.au
Fri Mar 4 00:23:14 CST 2005
Hello Pavel,
On Friday 04 March 2005 12:56, Pavel Paprok wrote:
> Hi,
>
> we have a working Radiator which control many WPA access points
> via EAP-PEAP or EAP-TTLS. Access points are some D-Links
> (DWL-2000AP+ or similar models of D-Link) and everything are
> configured and working fine.
>
> But now I try to get work as WPA access point also other device:
> Linksys Access Point WAP54G (fw2.08), with configuration
> same as DLink, all other configs are same, but unfortunatelly
> no luck, in logfile it seems like "Identifier" not changing and still
> equal 0, so Radiator everytime thinks than all subsequent packets
> are duplicates of first one and ignore these.
>
> Notice that I try update Radiator (3.6 -> 3.11 incl. patches)
> also to be sure that problem is not in some Radiator bug,
> but problem not solved.
>
> Has anybody working similar Linksys wireless AP in WPA mode
> auth by Radiator?
>
> Or must be some speciality in Radiator config for Linksys AP?
> Maybe it is not related - I found in some old post that some
> Linksys need set "State" attribute, anybody knows some details?
> http://www.open.com.au/archives/radiator/2003-03/msg00030.html
This looks like quite broken behaviour from the AP. Are you sure you have the
latest firmware for the AP?
But you should be able to work around it by setting:
DupInterval 0
in the <Client> clause for that AP.
Cheers.
>
> Bye,
>
> Pavel
>
>
> Attached sample logfile with this problem:
>
>
> Thu Mar 3 15:14:59 2005: DEBUG: Packet dump:
> *** Received from 192.168.152.3 port 3074 ....
> Code: Access-Request
> Identifier: 0
> Authentic: <181>5Zy<0><0><0><0><0><0><0><0><0><0><0><0>
> Attributes:
> User-Name = "XXXXX"
> NAS-IP-Address = 192.168.152.3
> Called-Station-Id = "000f66e9ab25"
> Calling-Station-Id = "00042348f1f3"
> NAS-Identifier = "000f66e9ab25"
> NAS-Port = 10
> Framed-MTU = 1400
> NAS-Port-Type = Wireless-IEEE-802-11
> EAP-Message = <2><0><0><10><1>XXXXX
> Message-Authenticator =
> <208><8><199>f<242>R<146><212>BE<131>8<26><13><151><130>
>
> Thu Mar 3 15:14:59 2005: DEBUG: Handling request with Handler ''
> Thu Mar 3 15:14:59 2005: DEBUG: Deleting session for XXXXX,
> 192.168.152.3, 10 Thu Mar 3 15:14:59 2005: DEBUG: Handling with
> Radius::AuthFILE:
> Thu Mar 3 15:14:59 2005: DEBUG: Handling with EAP: code 2, 0, 10
> Thu Mar 3 15:14:59 2005: DEBUG: Response type 1
> Thu Mar 3 15:14:59 2005: DEBUG: EAP result: 3, EAP PEAP Challenge
> Thu Mar 3 15:14:59 2005: DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP
> Challenge Thu Mar 3 15:14:59 2005: DEBUG: Access challenged for XXXXX: EAP
> PEAP Challenge Thu Mar 3 15:14:59 2005: DEBUG: Packet dump:
> *** Sending to 192.168.152.3 port 3074 ....
> Code: Access-Challenge
> Identifier: 0
> Authentic: <181>5Zy<0><0><0><0><0><0><0><0><0><0><0><0>
> Attributes:
> EAP-Message = <1><1><0><6><25>
> Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>
> Thu Mar 3 15:14:59 2005: DEBUG: Packet dump:
> *** Received from 192.168.152.3 port 3074 ....
> Code: Access-Request
> Identifier: 0
> Authentic: <169>><151>y<0><0><0><0><0><0><0><0><0><0><0><0>
> Attributes:
> User-Name = "XXXXX"
> NAS-IP-Address = 192.168.152.3
> Called-Station-Id = "000f66e9ab25"
> Calling-Station-Id = "00042348f1f3"
> NAS-Identifier = "000f66e9ab25"
> NAS-Port = 10
> Framed-MTU = 1400
> NAS-Port-Type = Wireless-IEEE-802-11
> EAP-Message =
> <2><1><0>p<25><128><0><0><0>f<22><3><1><0>a<1><0><0>]<3><1>B'<27><226>E<228
>>Lx3<237><223>h-T,6<182>X44<178><157>_<152>Qt<171>C<211>'<224><212>
> <224><139>g<249>?>F"h<154><208>#<22>+<132><171><146><135>i0$9<142><159><194
>>OI<229>X+<231><214><0><22><0><4><0><5><0><10><0><9><0>d<0>b<0><3><0><6><0><
>19><0><18><0>c<1><0> Message-Authenticator =
> R<26><184>a<198><12>=:<206><151><207><29>skc<133>
>
> Thu Mar 3 15:14:59 2005: INFO: Duplicate request id 0 received from
> 192.168.152.3(3074): ignored Thu Mar 3 15:15:29 2005: DEBUG: Packet dump:
> *** Received from 192.168.152.3 port 3074 ....
> Code: Access-Request
> Identifier: 0
> Authentic: <203><157><190>b<0><0><0><0><0><0><0><0><0><0><0><0>
> Attributes:
> NAS-IP-Address = 192.168.152.3
> Called-Station-Id = "000f66e9ab25"
> Calling-Station-Id = "00042348f1f3"
> NAS-Identifier = "000f66e9ab25"
> NAS-Port = 10
> Framed-MTU = 1400
> NAS-Port-Type = Wireless-IEEE-802-11
> EAP-Message =
> <2><1><0>p<25><128><0><0><0>f<22><3><1><0>a<1><0><0>]<3><1>B'<27><226>E<228
>>Lx3<237><223>h-T,6<182>X44<178><157>_<152>Qt<171>C<211>'<224><212>
> <224><139>g<249>?>F"h<154><208>#<22>+<132><171><146><135>i0$9<142><159><194
>>OI<229>X+<231><214><0><22><0><4><0><5><0><10><0><9><0>d<0>b<0><3><0><6><0><
>19><0><18><0>c<1><0> Message-Authenticator =
> <205><212><185><220><17><178><158>S<218>Av<145>D<0><190>$
>
> Thu Mar 3 15:15:29 2005: DEBUG: Handling request with Handler ''
> Thu Mar 3 15:15:29 2005: DEBUG: Deleting session for , 192.168.152.3, 10
> Thu Mar 3 15:15:29 2005: DEBUG: Handling with Radius::AuthFILE:
> Thu Mar 3 15:15:29 2005: DEBUG: Handling with EAP: code 2, 1, 112
> Thu Mar 3 15:15:29 2005: DEBUG: Response type 25
> Thu Mar 3 15:15:29 2005: DEBUG: EAP result: 2, TLS not initialised
> Thu Mar 3 15:15:29 2005: DEBUG: AuthBy FILE result: IGNORE, TLS not
> initialised Thu Mar 3 15:15:59 2005: DEBUG: Packet dump:
> *** Received from 192.168.152.3 port 3074 ....
> Code: Access-Request
> Identifier: 0
> Authentic: S<253><213><244><0><0><0><0><0><0><0><0><0><0><0><0>
> Attributes:
> User-Name = "XXXXX"
> NAS-IP-Address = 192.168.152.3
> Called-Station-Id = "000f66e9ab25"
> Calling-Station-Id = "00042348f1f3"
> NAS-Identifier = "000f66e9ab25"
> NAS-Port = 10
> Framed-MTU = 1400
> NAS-Port-Type = Wireless-IEEE-802-11
> EAP-Message = <2><0><0><10><1>XXXXX
> Message-Authenticator =
> m\<7><155>%<151><31><17><169><237><169>=<250><208><29><249>
>
> Thu Mar 3 15:15:59 2005: DEBUG: Handling request with Handler ''
> Thu Mar 3 15:15:59 2005: DEBUG: Deleting session for XXXXX,
> 192.168.152.3, 10 Thu Mar 3 15:15:59 2005: DEBUG: Handling with
> Radius::AuthFILE:
> Thu Mar 3 15:15:59 2005: DEBUG: Handling with EAP: code 2, 0, 10
> Thu Mar 3 15:15:59 2005: DEBUG: Response type 1
> Thu Mar 3 15:15:59 2005: DEBUG: Resuming session for
> Radius::Context=HASH(0x906e83c)
>
> Thu Mar 3 15:15:59 2005: DEBUG: EAP result: 3, EAP PEAP Challenge
> Thu Mar 3 15:15:59 2005: DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP
> Challenge Thu Mar 3 15:15:59 2005: DEBUG: Access challenged for XXXXX: EAP
> PEAP Challenge Thu Mar 3 15:15:59 2005: DEBUG: Packet dump:
> *** Sending to 192.168.152.3 port 3074 ....
> Code: Access-Challenge
> Identifier: 0
> Authentic: S<253><213><244><0><0><0><0><0><0><0><0><0><0><0><0>
> Attributes:
> EAP-Message = <1><1><0><6><25>
> Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>
> Thu Mar 3 15:15:59 2005: DEBUG: Packet dump:
> *** Received from 192.168.152.3 port 3074 ....
> Code: Access-Request
> Identifier: 0
> Authentic: <132><216>J<203><0><0><0><0><0><0><0><0><0><0><0><0>
> Attributes:
> User-Name = "XXXXX"
> NAS-IP-Address = 192.168.152.3
> Called-Station-Id = "000f66e9ab25"
> Calling-Station-Id = "00042348f1f3"
> NAS-Identifier = "000f66e9ab25"
> NAS-Port = 10
> Framed-MTU = 1400
> NAS-Port-Type = Wireless-IEEE-802-11
> EAP-Message =
> <2><1><0>P<25><128><0><0><0>F<22><3><1><0>A<1><0><0>=<3><1>B'<28><30>K<228>
><141><129><254><206><140>v<198><234><241><12>21<198>U<18><6><172>^<130><144>
><129><186><152><250><182><147><0><0><22><0><4><0><5><0><10><0><9><0>d<0>b<0>
><3><0><6><0><19><0><18><0>c<1><0> Message-Authenticator =
> <161>bl<151>(<230><164>'0<8><153><203><250>t;<152>
>
> Thu Mar 3 15:15:59 2005: INFO: Duplicate request id 0 received from
> 192.168.152.3(3074): ignored Thu Mar 3 15:16:29 2005: DEBUG: Packet dump:
> *** Received from 192.168.152.3 port 3074 ....
> Code: Access-Request
> Identifier: 0
> Authentic: <220><210><202><195><0><0><0><0><0><0><0><0><0><0><0><0>
> Attributes:
> NAS-IP-Address = 192.168.152.3
> Called-Station-Id = "000f66e9ab25"
> Calling-Station-Id = "00042348f1f3"
> NAS-Identifier = "000f66e9ab25"
> NAS-Port = 10
> Framed-MTU = 1400
> NAS-Port-Type = Wireless-IEEE-802-11
> EAP-Message =
> <2><1><0>P<25><128><0><0><0>F<22><3><1><0>A<1><0><0>=<3><1>B'<28><30>K<228>
><141><129><254><206><140>v<198><234><241><12>21<198>U<18><6><172>^<130><144>
><129><186><152><250><182><147><0><0><22><0><4><0><5><0><10><0><9><0>d<0>b<0>
><3><0><6><0><19><0><18><0>c<1><0> Message-Authenticator =
> $<193>Co<192><246><227>7<249><7><17>1<217><183>Q<25>
>
> Thu Mar 3 15:16:29 2005: DEBUG: Handling request with Handler ''
> Thu Mar 3 15:16:29 2005: DEBUG: Deleting session for , 192.168.152.3, 10
> Thu Mar 3 15:16:29 2005: DEBUG: Handling with Radius::AuthFILE:
> Thu Mar 3 15:16:29 2005: DEBUG: Handling with EAP: code 2, 1, 80
> Thu Mar 3 15:16:29 2005: DEBUG: Response type 25
> Thu Mar 3 15:16:29 2005: DEBUG: EAP result: 2, TLS not initialised
> Thu Mar 3 15:16:29 2005: DEBUG: AuthBy FILE result: IGNORE, TLS not
> initialised
>
>
>
> ---
> avast! Antivirus: Odchozi zprava cista.
> Virova databaze (VPS): 0509-4, 03.03.2005
> Testovano: 4.3.2005 3:57:39
> avast! (c) copyright 2000-2004 ALWIL Software.
> http://www.avast.com
--
Mike McCauley mikem at open.com.au
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
9 Bulbul Place Currumbin Waters QLD 4223 Australia http://www.open.com.au
Phone +61 7 5598-7474 Fax +61 7 5598-7070
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP etc on Unix, Windows, MacOS etc.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list