(RADIATOR) I need a little help validating against an NT doma in.

Hugh Irvine hugh at open.com.au
Thu Mar 31 09:53:38 CST 2005 

Hello Bill -

You will have to start by installing ActivePerl from ActiveState 
(www.activestate.com).

Once you have done that you should start with one of the EAP example 
configuration files in the "goodies" directory ("goodies/eap_*.cfg").

There is also an example LSA configuration file in "goodies/lsa.cfg".

Note the comment block at the beginning of the file and the 
prerequisite that must be installed.

regards

Hugh


On 31 Mar 2005, at 14:31, Stewart, Bill wrote:

> Hugh,
>
> 	Thanks!
>
> 	I've loaded the software on a Windows XP system.  I am new to this
> Radius stuff, and don't know quite where to start.  Does someone have 
> an
> example of connecting using a wireless connection and validating to an 
> NT
> domain using Radiator running on a windows platform?  I'm assuming 
> that LSA
> is the way to go, but I'm not sure what to do with it.
>
> Thanks!
>
> Bill Stewart   :-)
> Kaman Corporation
> 1332 Blue Hills Avenue
> Bloomfield, Connecticut, 06002
> (860) 243-7058
>
>
>
>> -----Original Message-----
>> From: Hugh Irvine [mailto:hugh at open.com.au]
>> Sent: Wednesday, March 30, 2005 10:57 AM
>> To: Stewart, Bill
>> Cc: 'radiator at open.com.au'
>> Subject: Re: (RADIATOR) I need a little help validating against an NT
>> doma in.
>>
>>
>>
>> Hello Bill -
>>
>> It appears from the trace shown below that you are trying to do EAP
>> authentication in a wireless environment?
>>
>> If so I suggest you run Radiator on Windows and use the AuthBy LSA
>> clause.
>>
>> There are a number of EAP configuration files in "goodies/eap_*.cfg".
>>
>> regards
>>
>> Hugh
>>
>>
>> On 30 Mar 2005, at 17:36, Stewart, Bill wrote:
>>
>>> Hugh,
>>>
>>> 	Thanks! I downloaded that package, and I no longer get the error
>>> starting up Radiator.  I am still unable to validate the user name
>>> password
>>> against the domain controller.  He is a sample of what id going on.
>>>
>>> 	Dose someone have an example cfg file that works for validating
>>> against an NT domain server.
>>>
>>> Bill
>>>
>>> Wed Mar 30 09:21:03 2005: DEBUG: Packet dump:
>>> *** Received from 149.158.3.250 port 1086 ....
>>> Code:       Access-Request
>>> Identifier: 61
>>> Authentic:  <225><6><0><0>r0<0><0>>?<0><0><173>C<0><0>
>>> Attributes:
>>>         Message-Authenticator =
>>> '<5><157><218>6<219>|<18><171>@<208>s-<228><160>w
>>>         User-Name = "LAN_KCNT\\wjs"
>>>         NAS-IP-Address = 149.158.3.250
>>>         NAS-Port = 2
>>>         NAS-Port-Type = Wireless-IEEE-802-11
>>>         Calling-Station-Id = "00-01-f4-ec-97-29"
>>>         EAP-Message = <2><1><0><18><1>LAN_KCNT\\wjs
>>>         Framed-MTU = 1000
>>>
>>> Wed Mar 30 09:21:03 2005: DEBUG: Handling request with Handler
>>> 'Realm=DEFAULT'
>>> Wed Mar 30 09:21:03 2005: DEBUG:  Deleting session for
>> LAN_KCNT\\wjs,
>>> 149.158.3.250, 2
>>> Wed Mar 30 09:21:03 2005: DEBUG: Handling with NT
>>> Wed Mar 30 09:21:03 2005: DEBUG: Handling with EAP: code 2, 1, 18
>>> Wed Mar 30 09:21:03 2005: DEBUG: Response type 1
>>> Wed Mar 30 09:21:03 2005: DEBUG: EAP result: 1, EAP
>> authentication is
>>> not
>>> permitted.
>>> Wed Mar 30 09:21:03 2005: DEBUG: AuthBy NT result: REJECT, EAP
>>> authentication is not permitted.
>>> Wed Mar 30 09:21:03 2005: INFO: Access rejected for
>> LAN_KCNT\\wjs: EAP
>>> authentication is not permitted.
>>> Wed Mar 30 09:21:03 2005: DEBUG: Packet dump:
>>> *** Sending to 149.158.3.250 port 1086 ....
>>>
>>>
>>>
>>
>
>

NB: I am travelling this week, so there may be delays in our 
correspondence.

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list