(RADIATOR) Wireless Config

Hugh Irvine hugh at open.com.au
Thu Oct 27 02:46:58 CDT 2005 

Hello Andrew -

As mentioned in my previous mail I suspect there is a prerequisite  
missing.

You should check the Radiator startup messages to see what is happening.

For checking this sort of thing it is usually easier to run radiusd  
from the command line:

         cd /your/Radiator/distribution

         perl radiusd -foreground -log_stdout -trace 4 -config_file / 
your/configuration/file/....

regards

Hugh


On 27 Oct 2005, at 17:09, Andrew wrote:

> Thanks Hugh, hope you don't mind me dumping the info here. I have  
> also tried
> updating to 3.13 and applying the latest patches. Please note I have
> *hidden* some user/directory details.
>
>
> ---- TRACE ---
>
> *** Received from 192.168.0.251 port 1316 ....
> Code:       Access-Request
> Identifier: 0
> Authentic:  .<137>K<246>N<217>]<182>L<176>%vz<254><17><228>
> Attributes:
>         Message-Authenticator = <156><A33K<229>\ 
> (n<232><255><172>U<223><137>
>         Service-Type = Framed-User
>         User-Name = "***"
>         Framed-MTU = 1488
>         Called-Station-Id = "00-11-95-E5-C3-90:Acenet"
>         Calling-Station-Id = "00-0F-3D-A9-7E-09"
>         NAS-Identifier = "D-Link Access Point"
>         NAS-Port-Type = Wireless-IEEE-802-11
>         Connect-Info = "CONNECT 54Mbps 802.11g"
>         EAP-Message = <2><0><0><11><1>****
>         NAS-IP-Address = 192.168.0.251
>         NAS-Port = 1
>         NAS-Port-Id = "STA port # 1"
>
> Tue Dec 27 22:31:56 2005: DEBUG: Handling request with Handler ''
> Tue Dec 27 22:31:56 2005: DEBUG:  Deleting session for ***,  
> 192.168.0.251, 1
> Tue Dec 27 22:31:56 2005: DEBUG: Handling with Radius::AuthFILE:
> Tue Dec 27 22:31:56 2005: DEBUG: Handling with EAP: code 2, 0, 11
> Tue Dec 27 22:31:56 2005: DEBUG: Response type 1
> Tue Dec 27 22:31:56 2005: ERR: Could not handle an EAP request:  
> Can't locate
> object method "response_identity" via package "Radius::EAP_25" at
> /usr/local/lib/perl5/site_perl/5.8.0/Radius/EAP.pm line 145.
>
> Tue Dec 27 22:31:56 2005: DEBUG: AuthBy FILE result: REJECT, Could not
> handle an EAP request
> Tue Dec 27 22:31:56 2005: INFO: Access rejected for ***: Could not  
> handle an
> EAP request
> Tue Dec 27 22:31:56 2005: DEBUG: Packet dump:
> *** Sending to 192.168.0.251 port 1316 ....
> Code:       Access-Reject
> Identifier: 0
> Authentic:  .<137>K<246>N<217>]<182>L<176>%vz<254><17><228>
> Attributes:
>         Reply-Message = "Could not handle an EAP request"
>
>
>
>
>
> ------- CONFIG -------
>
> LogStdout
> #Trace 3
> Trace 4
> LogDir          /**/wlan
> DictionaryFile  /**/dictionary
> BindAddress 192.168.0.253
>
> <Client DEFAULT>
>         Secret  airtunnel
> </Client>
>
> <AuthLog FILE>
>         Identifier authlog
>         Filename /**/authlog
>         LogSuccess 1
>         LogFailure 1
> </AuthLog>
>
> <Log FILE>
>         Identifier acelogger
>         Filename /**/radius.log
> </Log>
>
> <Handler TunnelledByPEAP=1>
>         RejectHasReason
>         AuthByPolicy ContinueWhileReject
>         Log acelogger
>         <AuthBy FILE>
>                 Filename /**/users
>                 EAPType MSCHAP-V2
>         </AuthBy>
>         AcctLogFileName /**/detail
>         AuthLog authlog
> </Handler>
>
>
> <Handler>
>         RejectHasReason
>         AuthByPolicy ContinueWhileReject
>         Log acelogger
>         <AuthBy FILE>
>                 Filename /**/users
>                 EAPType PEAP
>                 EAPTLS_CAFile /**/certificates/demoCA/cacert.pem
>                 EAPTLS_CertificateFile /**/certificates/cert-srv.pem
>                 EAPTLS_CertificateType PEM
>                 EAPTLS_PrivateKeyFile /**/certificates/cert-srv.pem
>                 EAPTLS_PrivateKeyPassword whatever
>                 EAPTLS_MaxFragmentSize 1000
>                 AutoMPPEKeys
>         </AuthBy>
>         AcctLogFileName /**/detail
>         AuthLog authlog
> </Handler>
>
>
>
> -- Andrew
>
>
>> -----Original Message-----
>> From: owner-radiator at open.com.au [mailto:owner- 
>> radiator at open.com.au] On
>> Behalf Of Hugh Irvine
>> Sent: Thursday, 27 October 2005 4:06 PM
>> To: andrewb at acenet.net.au
>> Cc: radiator at open.com.au
>> Subject: Re: (RADIATOR) Wireless Config
>>
>>
>> Hello Andrew -
>>
>> As always, without a copy of your configuration file and a trace 4
>> debug from Radiator showing what is happening it is impossible to  
>> say.
>>
>> At a guess there is some prerequisite missing - check the startup
>> messages for details.
>>
>> regards
>>
>> Hugh
>>
>>
>> On 27 Oct 2005, at 15:52, Andrew wrote:
>>
>>
>>>
>>> Hi All,
>>>
>>> I've just re-setup an AP with WPA/EAP (TKIP). Previously my
>>> Radiator was
>>> working ok (with this particular AP), but now I'm getting the
>>> following
>>> error.
>>>
>>> Can't locate object method "response_identity" via package
>>> "Radius::EAP_25"
>>>
>>> I noticed also in the Authlog that the inner 'anonymous' auth isn't
>>> occurring where previously it was. Does this has anything to do
>>> with it?
>>>
>>> Anybody have any hints?
>>>
>>> -- Andrew
>>>
>>>
>>> --
>>> Archive at http://www.open.com.au/archives/radiator/
>>> Announcements on radiator-announce at open.com.au
>>> To unsubscribe, email 'majordomo at open.com.au' with
>>> 'unsubscribe radiator' in the body of the message.
>>>
>>>
>>
>>
>> NB:
>>
>> Have you read the reference manual ("doc/ref.html")?
>> Have you searched the mailing list archive (www.open.com.au/archives/
>> radiator)?
>> Have you had a quick look on Google (www.google.com)?
>> Have you included a copy of your configuration file (no secrets),
>> together with a trace 4 debug showing what is happening?
>>
>> --
>> Radiator: the most portable, flexible and configurable RADIUS server
>> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
>> -
>> Nets: internetwork inventory and management - graphical, extensible,
>> flexible with hardware, software, platform and database independence.
>> -
>> CATool: Private Certificate Authority for Unix and Unix-like systems.
>>
>>
>> --
>> Archive at http://www.open.com.au/archives/radiator/
>> Announcements on radiator-announce at open.com.au
>> To unsubscribe, email 'majordomo at open.com.au' with
>> 'unsubscribe radiator' in the body of the message.
>>
>
>
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>


NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/ 
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list