(RADIATOR) MikroTIK

Mike McCauley mikem at open.com.au
Wed Mar 9 17:10:52 CST 2005 

Hello Dejan,


On Thursday 10 March 2005 00:48, Dejan Tanasijevic wrote:
> A use Mikrotik Router (www.mikrotik.com <http://www.mikrotik.com/> ) for
> wireless user access. Client is Windows XP, authenticate through PPTP or
> PPPoE on wireless interface. When I connect with local account and
> ecryption ON (on XP) there is no problem. But when I try to authenticate
> with radius Radiator radius server problem is that it works only if I
> turn off encryption on Windows XP client. Logs on radius server show
> that he accept request in both scenario, but with encryption turn on
> Mikrotik do not allow connection. I suggest that problem is with access
> accept packet from radius server to Mikrotik. Here is log from radius.

I cant see from your log what the Radiator reply to the AP was, but I suspect 
that you do not have AutoMPPEKeys enabled in your AuthBy, and that therfore 
Radiator is not sending back the encryption keys.

Cheers.

>
>
>
> *** Received from 194.106.161.138 port 1024 ....
>
> Code:       Access-Request
>
> Identifier: 127
>
> Authentic:  xp<174>Z<188><13><254>$<164><201>w<186>r<200>F<198>
>
> Attributes:
>
>             Service-Type = Framed-User
>
>             Framed-Protocol = PPP
>
>             NAS-Identifier = "MikroTik"
>
>             NAS-Port = 100
>
>             NAS-Port-Type = Virtual
>
>             User-Name = "dejan"
>
>             Calling-Station-Id = "10.1.1.100"
>
>             Called-Station-Id = "10.1.1.2"
>
>             MS-CHAP-Challenge =
> "Zd<184><184>N<27><232><188><<166>]<6><216><10><14>l"
>
>             MS-CHAP2-Response =
> "<1><0><220>x<224><135>7<191><160><247>!<152>6<145>v<194>G<245><0><0><0>
> <0><0><0><0><0><236>(<195><248><17><220><129><229>i!<252>E<150>f<193>d>u
> <150><174>#<148><193><129>"
>
>             NAS-IP-Address = 194.106.161.138
>
>
>
> Wed Mar  9 15:21:55 2005: DEBUG: Rewrote user name to dejan
>
> Wed Mar  9 15:21:55 2005: DEBUG: Handling request with Handler
> 'NAS-IP-Address=194.106.161.138'
>
> Wed Mar  9 15:21:55 2005: DEBUG: Rewrote user name to dejan
>
> Wed Mar  9 15:21:55 2005: DEBUG: Handling with Radius::AuthLSA:
>
> Wed Mar  9 15:21:55 2005: DEBUG: Radius::AuthLSA looks for match with
> dejan
>
> Wed Mar  9 15:21:55 2005: DEBUG: Radius::AuthLSA ACCEPT:
>
> Wed Mar  9 15:21:55 2005: DEBUG: Access accepted for dejan
>
> Wed Mar  9 15:21:55 2005: DEBUG: Packet dump:
>
> *** Sending to 194.106.161.138 port 1024 ....

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
9 Bulbul Place Currumbin Waters QLD 4223 Australia   http://www.open.com.au
Phone +61 7 5598-7474                       Fax   +61 7 5598-7070

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP etc on Unix, Windows, MacOS etc.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list