(RADIATOR) EAP/PEAP issue, Radiator doesn't talk to AD (was: how do I fix "Could not AdjustPrivilege SE_TCB_PRIVILEGE"?)
Veaceslav Revutchi
slavarevutchi at yahoo.com
Sun Sep 25 21:48:27 CDT 2005
Thanks, Mike, Hugh. Enabling that policy for
administrator fixed the priviledge problem.
I'm one step further, but I'm stuck at something else
now. In short I'm trying authenticate wireless
clients against Active Directory. Radiator is running
on an XP machine part of the "WB" domain. In the logs
I'm seeing my auth. requests being handled by the null
handler "Handling request with Handler ''" and
Ethereal shows no communication between Radiator and
AD. I am attaching my config and the log file. In the
log you can see authentication attempts for user
"wb12345" part of "WB" domain.
10.220.7.205 is the wireless controller.
10.220.115.196 is the AD server.
Any hints appreciated.
--------- begin radius.cfg ---------------
Foreground
LogStdout
LogDir c:/Program Files/Radiator
DbDir c:/Program Files/Radiator
# This will log at DEBUG level: very verbose
# User a lower trace level in production systems,
typically use 3
Trace 4
# You will probably want to add other Clients to suit
your site,
# one for each NAS you want to work with. This will
work
# at least with radpwtst running on the local machine
<Client DEFAULT>
Secret mysecret
DupInterval 0
</Client>
<Handler TunnelledByPEAP=1>
<AuthBy LSA>
Domain WB
DomainController 10.220.115.196
EAPType MSCHAP-V2
</AuthBy>
</Handler>
<Handler>
<AuthBy FILE>
Filename %D/users
EAPType PEAP
EAPTLS_CAFile
%D/certificates/demoCA/cacert.pem
EAPTLS_CertificateFile
%D/certificates/cert-srv.pem
EAPTLS_CertificateType PEM
EAPTLS_PrivateKeyFile
%D/certificates/cert-srv.pem
EAPTLS_PrivateKeyPassword whatever
EAPTLS_MaxFragmentSize 1000
SSLeayTrace 4
</AuthBy>
</Handler>
-------------- end radius.cfg ------------
---------- begin logfile -----------------
...
Sun Sep 25 17:05:43 2005: DEBUG: Finished reading
configuration file 'C:\Program
Files\Radiator\radius.cfg'
Sun Sep 25 17:05:43 2005: DEBUG: Reading dictionary
file 'c:/Program Files/Radiator/dictionary'
Sun Sep 25 17:05:43 2005: DEBUG: Creating
authentication port 0.0.0.0:1645
Sun Sep 25 17:05:43 2005: DEBUG: Creating accounting
port 0.0.0.0:1646
Sun Sep 25 17:05:43 2005: NOTICE: Server started:
Radiator 3.13 on rocks (LOCKED)
Sun Sep 25 17:06:01 2005: ERR: Attribute number 1
(vendor 14179) is not defined in your dictionary
Sun Sep 25 17:06:02 2005: DEBUG: Packet dump:
*** Received from 10.220.7.205 port 1024 ....
Code: Access-Request
Identifier: 35
Authentic:
<207>qf<235>{<205>7<27><196><224>N<236><189>Ta<151>
Attributes:
User-Name = "WB\wb195291"
Calling-Station-Id = "00:0C:41:DD:C5:1C"
Called-Station-Id = "00:0B:85:24:BA:E0:radi"
NAS-Port = 1
NAS-IP-Address = 10.220.7.205
NAS-Identifier = "wlc-fh1"
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-IEEE-802-11
Tunnel-Type = 0:VLAN
Tunnel-Medium-Type = 0:802
Tunnel-Private-Group-ID = 90
EAP-Message = <2><0><0><16><1>WB\wb195291
Message-Authenticator =
<252><207><30><246><238><249><238>{<142><30><162><251><183><231><26><242>
Sun Sep 25 17:06:02 2005: DEBUG: Handling request with
Handler ''
Sun Sep 25 17:06:02 2005: DEBUG: Deleting session for
WB\wb195291, 10.220.7.205, 1
Sun Sep 25 17:06:02 2005: DEBUG: Handling with
Radius::AuthFILE:
Sun Sep 25 17:06:02 2005: DEBUG: Handling with EAP:
code 2, 0, 16
Sun Sep 25 17:06:02 2005: DEBUG: Response type 1
Sun Sep 25 17:06:04 2005: DEBUG: EAP result: 3, EAP
PEAP Challenge
Sun Sep 25 17:06:04 2005: DEBUG: AuthBy FILE result:
CHALLENGE, EAP PEAP Challenge
Sun Sep 25 17:06:04 2005: DEBUG: Access challenged for
WB\wb195291: EAP PEAP Challenge
Sun Sep 25 17:06:04 2005: DEBUG: Packet dump:
*** Sending to 10.220.7.205 port 1024 ....
Code: Access-Challenge
Identifier: 35
Authentic:
<207>qf<235>{<205>7<27><196><224>N<236><189>Ta<151>
Attributes:
EAP-Message = <1><1><0><6><25>!
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Sun Sep 25 17:06:04 2005: ERR: Attribute number 1
(vendor 14179) is not defined in your dictionary
Sun Sep 25 17:06:05 2005: DEBUG: Packet dump:
*** Received from 10.220.7.205 port 1024 ....
Code: Access-Request
Identifier: 35
Authentic:
<207>qf<235>{<205>7<27><196><224>N<236><189>Ta<151>
Attributes:
User-Name = "WB\wb195291"
Calling-Station-Id = "00:0C:41:DD:C5:1C"
Called-Station-Id = "00:0B:85:24:BA:E0:radi"
NAS-Port = 1
NAS-IP-Address = 10.220.7.205
NAS-Identifier = "wlc-fh1"
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-IEEE-802-11
Tunnel-Type = 0:VLAN
Tunnel-Medium-Type = 0:802
Tunnel-Private-Group-ID = 90
EAP-Message = <2><0><0><16><1>WB\wb195291
Message-Authenticator =
<252><207><30><246><238><249><238>{<142><30><162><251><183><231><26><242>
Sun Sep 25 17:06:05 2005: DEBUG: Handling request with
Handler ''
Sun Sep 25 17:06:05 2005: DEBUG: Deleting session for
WB\wb195291, 10.220.7.205, 1
Sun Sep 25 17:06:05 2005: DEBUG: Handling with
Radius::AuthFILE:
Sun Sep 25 17:06:05 2005: DEBUG: Handling with EAP:
code 2, 0, 16
Sun Sep 25 17:06:05 2005: DEBUG: Response type 1
Sun Sep 25 17:06:05 2005: DEBUG: Resuming session for
Radius::Context=HASH(0x1e0e4f4)
Sun Sep 25 17:06:05 2005: DEBUG: EAP result: 3, EAP
PEAP Challenge
Sun Sep 25 17:06:05 2005: DEBUG: AuthBy FILE result:
CHALLENGE, EAP PEAP Challenge
Sun Sep 25 17:06:05 2005: DEBUG: Access challenged for
WB\wb195291: EAP PEAP Challenge
Sun Sep 25 17:06:05 2005: DEBUG: Packet dump:
*** Sending to 10.220.7.205 port 1024 ....
Code: Access-Challenge
Identifier: 35
Authentic:
<207>qf<235>{<205>7<27><196><224>N<236><189>Ta<151>
Attributes:
EAP-Message = <1><1><0><6><25>!
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Sun Sep 25 17:06:05 2005: ERR: Attribute number 1
(vendor 14179) is not defined in your dictionary
Sun Sep 25 17:06:06 2005: DEBUG: Packet dump:
*** Received from 10.220.7.205 port 1024 ....
Code: Access-Request
Identifier: 36
Authentic:
<219><254><14><29><134><236>8k<22><205>(*<138>u<1><252>
Attributes:
User-Name = "WB\wb195291"
Calling-Station-Id = "00:0C:41:DD:C5:1C"
Called-Station-Id = "00:0B:85:24:BA:E0:radi"
NAS-Port = 1
NAS-IP-Address = 10.220.7.205
NAS-Identifier = "wlc-fh1"
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-IEEE-802-11
Tunnel-Type = 0:VLAN
Tunnel-Medium-Type = 0:802
Tunnel-Private-Group-ID = 90
EAP-Message =
<2><1><0>P<25><128><0><0><0>F<22><3><1><0>A<1><0><0>=<3><1>C7;qO<135><28><223><30>?<211>#<199><136><149><148><224><185>zC[<147>D<197>D<28><174>$<204><224><177><17><0><0><22><0><4><0><5><0><10><0><9><0>d<0>b<0><3><0><6><0><19><0><18><0>c<1><0>
Message-Authenticator =
<218><238>d<12><203><237><133><176>^<135><133>y<187>W<167><255>
Sun Sep 25 17:06:06 2005: DEBUG: Handling request with
Handler ''
Sun Sep 25 17:06:06 2005: DEBUG: Deleting session for
WB\wb195291, 10.220.7.205, 1
Sun Sep 25 17:06:06 2005: DEBUG: Handling with
Radius::AuthFILE:
Sun Sep 25 17:06:06 2005: DEBUG: Handling with EAP:
code 2, 1, 80
Sun Sep 25 17:06:06 2005: DEBUG: Response type 25
Sun Sep 25 17:06:06 2005: DEBUG: EAP TLS SSL_accept
result: -1, 2, 8576
Sun Sep 25 17:06:06 2005: DEBUG: EAP result: 3, EAP
PEAP Challenge
Sun Sep 25 17:06:06 2005: DEBUG: AuthBy FILE result:
CHALLENGE, EAP PEAP Challenge
Sun Sep 25 17:06:06 2005: DEBUG: Access challenged for
WB\wb195291: EAP PEAP Challenge
Sun Sep 25 17:06:07 2005: DEBUG: Packet dump:
*** Sending to 10.220.7.205 port 1024 ....
Code: Access-Challenge
Identifier: 36
Authentic:
<219><254><14><29><134><236>8k<22><205>(*<138>u<1><252>
Attributes:
EAP-Message =
<1><2><3><242><25><192><0><0><8>Q<22><3><1><0>J<2><0><0>F<3><1>C7;n<225><148>8N`<141><199><132><183>Ps/<228>#<238>5b<150><136><19><240><182><171>j+K<202><223>
<233><235>b<237><172><171>}<135><195><187>`<163><188>4
<255><11>7<194><215><0><148><185><0>C<139><165><13><148>h<128>(<0><4><0><22><3><1><7><27><11><0><7><23><0><7><20><0><2><209>0<130><2><205>0<130><2>6<160><3><2><1><2><2><1><2>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC
Demo Certificates1!0<31><6><3>U<4><11><19><24>Test
Certificate Sec
EAP-Message = tion1/0-<6><3>U<4><3><19>&OSC Test CA
(do not use in production)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<30><23><13>040316080209Z<23><13>060316080209Z0u1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<24>0<22><6><3>U<4><10><19><15>My
Test
Company1%0#<6><3>U<4><3><19><28>test.server.some.company.com0<129><159>0<13><6><9>*<134>H<134><247><13><1><1>
EAP-Message =
<1><5><0><3><129><141><0>0<129><137><2><129><129><0><216>4<7><6><214><234>/<241>.9<209><250>\y<1><149>[<215><24>e<133><15><223>d<176><132>Z<222>#<234><12>%<133>aF<28><20><24><218><160><197><239><237><136><222><218><138><6><19><247>}*3B<155><24>TE<18><240><194><220><164><183>9<192><176>/<16>HI<220><169>vN<215>)<31><207><24><157><230>G<186>)<246>J<195><171><154><249><220>v<17><159><2>x<29><136><148>:b<170><254><4><207><183><144><210><251>+<233><135>0<212>Y<207><158>N<226><136><12><132><143><250><182><218>W<2><3><1><0><1><163><23>0<21>0<19><6><3>U<29>%<4><12>0<10><6><8>+<6><1><5><5><7><3><1>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0><3><129><129><0>n<23><196><159>c<165><188>>q<129>X<13>=l?<174><155><170><162><189><20><25>az<19>o<202><250>|B8N<209><225><253>?hv<170><193><235><2>b<16><201>}<250>,<181>q<154>%<182><29><179>p<211><248>oba<
EAP-Message =
JP<13>p<12>+<154><199>1<16><208><138><21><141>'wrX<214>NUW<231><173><25>w<215><13><152><154>T<218><8><246><202>.<177>9s*<220><219>n"Gu<188><254><206>U?<214>)<181>I2^<157><225><174><232>2e<185>k<131><0><4>=0<130><4>90<130><3><162><160><3><2><1><2><2><1><0>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC
Demo Certificates1!0<31><6><3>U<4><11><19><24>Test
Certificate Section1/0-<6><3>U<4><3><19>&OSC Test CA
(do no
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Sun Sep 25 17:06:39 2005: DEBUG: Finished reading
configuration file 'C:\Program
Files\Radiator\radius.cfg'
Sun Sep 25 17:06:39 2005: DEBUG: Reading dictionary
file 'c:/Program Files/Radiator/dictionary'
Sun Sep 25 17:06:40 2005: DEBUG: Creating
authentication port 0.0.0.0:1645
Sun Sep 25 17:06:40 2005: DEBUG: Creating accounting
port 0.0.0.0:1646
Sun Sep 25 17:06:40 2005: NOTICE: Server started:
Radiator 3.13 on rocks (LOCKED)
Sun Sep 25 17:07:00 2005: ERR: Attribute number 1
(vendor 14179) is not defined in your dictionary
Sun Sep 25 17:07:00 2005: DEBUG: Packet dump:
*** Received from 10.220.7.205 port 1024 ....
Code: Access-Request
Identifier: 38
Authentic:
<146>t<30><249><145><252>S<163>m_<205>)a<163>|<153>
Attributes:
User-Name = "WB\wb12345"
Calling-Station-Id = "00:0C:41:DD:C5:1C"
Called-Station-Id = "00:0B:85:24:BF:F0:radi"
NAS-Port = 1
NAS-IP-Address = 10.220.7.205
NAS-Identifier = "wlc-fh1"
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-IEEE-802-11
Tunnel-Type = 0:VLAN
Tunnel-Medium-Type = 0:802
Tunnel-Private-Group-ID = 90
EAP-Message = <2><0><0><15><1>WB\wb12345
Message-Authenticator =
`/G<147>G<8>hM<27><159><215><6>r<221><191><21>
Sun Sep 25 17:07:00 2005: DEBUG: Handling request with
Handler ''
Sun Sep 25 17:07:00 2005: DEBUG: Deleting session for
WB\wb12345, 10.220.7.205, 1
Sun Sep 25 17:07:01 2005: DEBUG: Handling with
Radius::AuthFILE:
Sun Sep 25 17:07:01 2005: DEBUG: Handling with EAP:
code 2, 0, 15
Sun Sep 25 17:07:01 2005: DEBUG: Response type 1
Sun Sep 25 17:07:03 2005: DEBUG: EAP result: 3, EAP
PEAP Challenge
Sun Sep 25 17:07:03 2005: DEBUG: AuthBy FILE result:
CHALLENGE, EAP PEAP Challenge
Sun Sep 25 17:07:03 2005: DEBUG: Access challenged for
WB\wb12345: EAP PEAP Challenge
Sun Sep 25 17:07:03 2005: DEBUG: Packet dump:
*** Sending to 10.220.7.205 port 1024 ....
Code: Access-Challenge
Identifier: 38
Authentic:
<146>t<30><249><145><252>S<163>m_<205>)a<163>|<153>
Attributes:
EAP-Message = <1><1><0><6><25>!
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Sun Sep 25 17:07:03 2005: ERR: Attribute number 1
(vendor 14179) is not defined in your dictionary
Sun Sep 25 17:07:04 2005: DEBUG: Packet dump:
*** Received from 10.220.7.205 port 1024 ....
Code: Access-Request
Identifier: 38
Authentic:
<146>t<30><249><145><252>S<163>m_<205>)a<163>|<153>
Attributes:
User-Name = "WB\wb12345"
Calling-Station-Id = "00:0C:41:DD:C5:1C"
Called-Station-Id = "00:0B:85:24:BF:F0:radi"
NAS-Port = 1
NAS-IP-Address = 10.220.7.205
NAS-Identifier = "wlc-fh1"
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-IEEE-802-11
Tunnel-Type = 0:VLAN
Tunnel-Medium-Type = 0:802
Tunnel-Private-Group-ID = 90
EAP-Message = <2><0><0><15><1>WB\wb12345
Message-Authenticator =
`/G<147>G<8>hM<27><159><215><6>r<221><191><21>
Sun Sep 25 17:07:04 2005: DEBUG: Handling request with
Handler ''
Sun Sep 25 17:07:04 2005: DEBUG: Deleting session for
WB\wb12345, 10.220.7.205, 1
Sun Sep 25 17:07:04 2005: DEBUG: Handling with
Radius::AuthFILE:
Sun Sep 25 17:07:04 2005: DEBUG: Handling with EAP:
code 2, 0, 15
Sun Sep 25 17:07:04 2005: DEBUG: Response type 1
Sun Sep 25 17:07:04 2005: DEBUG: Resuming session for
Radius::Context=HASH(0x1e0e4f4)
Sun Sep 25 17:07:04 2005: DEBUG: EAP result: 3, EAP
PEAP Challenge
Sun Sep 25 17:07:04 2005: DEBUG: AuthBy FILE result:
CHALLENGE, EAP PEAP Challenge
Sun Sep 25 17:07:04 2005: DEBUG: Access challenged for
WB\wb12345: EAP PEAP Challenge
Sun Sep 25 17:07:04 2005: DEBUG: Packet dump:
*** Sending to 10.220.7.205 port 1024 ....
Code: Access-Challenge
Identifier: 38
Authentic:
<146>t<30><249><145><252>S<163>m_<205>)a<163>|<153>
Attributes:
EAP-Message = <1><1><0><6><25>!
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Sun Sep 25 17:07:04 2005: ERR: Attribute number 1
(vendor 14179) is not defined in your dictionary
Sun Sep 25 17:07:05 2005: DEBUG: Packet dump:
*** Received from 10.220.7.205 port 1024 ....
Code: Access-Request
Identifier: 39
Authentic: [2h<10><127><4><129>\+<214>c<8>Yf<6>R
Attributes:
User-Name = "WB\wb12345"
Calling-Station-Id = "00:0C:41:DD:C5:1C"
Called-Station-Id = "00:0B:85:24:BF:F0:radi"
NAS-Port = 1
NAS-IP-Address = 10.220.7.205
NAS-Identifier = "wlc-fh1"
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-IEEE-802-11
Tunnel-Type = 0:VLAN
Tunnel-Medium-Type = 0:802
Tunnel-Private-Group-ID = 90
EAP-Message =
<2><1><0>P<25><128><0><0><0>F<22><3><1><0>A<1><0><0>=<3><1>C7;<172><148>(d<152><19>~hW<10><3><131><231>~8P<195><0><229><216>~<9>Va<9><21><135>7-<0><0><22><0><4><0><5><0><10><0><9><0>d<0>b<0><3><0><6><0><19><0><18><0>c<1><0>
Message-Authenticator =
J<177><248><221><236><236><222>"<240>*7<150><162>w<241><232>
Sun Sep 25 17:07:05 2005: DEBUG: Handling request with
Handler ''
Sun Sep 25 17:07:05 2005: DEBUG: Deleting session for
WB\wb12345, 10.220.7.205, 1
Sun Sep 25 17:07:05 2005: DEBUG: Handling with
Radius::AuthFILE:
Sun Sep 25 17:07:05 2005: DEBUG: Handling with EAP:
code 2, 1, 80
Sun Sep 25 17:07:05 2005: DEBUG: Response type 25
Sun Sep 25 17:07:05 2005: DEBUG: EAP TLS SSL_accept
result: -1, 2, 8576
Sun Sep 25 17:07:05 2005: DEBUG: EAP result: 3, EAP
PEAP Challenge
Sun Sep 25 17:07:05 2005: DEBUG: AuthBy FILE result:
CHALLENGE, EAP PEAP Challenge
Sun Sep 25 17:07:05 2005: DEBUG: Access challenged for
WB\wb12345: EAP PEAP Challenge
Sun Sep 25 17:07:06 2005: DEBUG: Packet dump:
*** Sending to 10.220.7.205 port 1024 ....
Code: Access-Challenge
Identifier: 39
Authentic: [2h<10><127><4><129>\+<214>c<8>Yf<6>R
Attributes:
EAP-Message =
<1><2><3><242><25><192><0><0><8>Q<22><3><1><0>J<2><0><0>F<3><1>C7;<169>R"=f<227><248>#@<170>(<19>BCG<4>[`f*x<254><140><27><174>Z<3><240>
<202>[g<163><170><235>4'<9><215><200>
<142><170><220><6>,$<139>&W<11><129>I<231>R&<194>R<19>'<200><0><4><0><22><3><1><7><27><11><0><7><23><0><7><20><0><2><209>0<130><2><205>0<130><2>6<160><3><2><1><2><2><1><2>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC
Demo Certificates1!0<31><6><3>U<4><11><19><24>Test
Certificate Sec
EAP-Message = tion1/0-<6><3>U<4><3><19>&OSC Test CA
(do not use in production)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<30><23><13>040316080209Z<23><13>060316080209Z0u1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<24>0<22><6><3>U<4><10><19><15>My
Test
Company1%0#<6><3>U<4><3><19><28>test.server.some.company.com0<129><159>0<13><6><9>*<134>H<134><247><13><1><1>
EAP-Message =
<1><5><0><3><129><141><0>0<129><137><2><129><129><0><216>4<7><6><214><234>/<241>.9<209><250>\y<1><149>[<215><24>e<133><15><223>d<176><132>Z<222>#<234><12>%<133>aF<28><20><24><218><160><197><239><237><136><222><218><138><6><19><247>}*3B<155><24>TE<18><240><194><220><164><183>9<192><176>/<16>HI<220><169>vN<215>)<31><207><24><157><230>G<186>)<246>J<195><171><154><249><220>v<17><159><2>x<29><136><148>:b<170><254><4><207><183><144><210><251>+<233><135>0<212>Y<207><158>N<226><136><12><132><143><250><182><218>W<2><3><1><0><1><163><23>0<21>0<19><6><3>U<29>%<4><12>0<10><6><8>+<6><1><5><5><7><3><1>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0><3><129><129><0>n<23><196><159>c<165><188>>q<129>X<13>=l?<174><155><170><162><189><20><25>az<19>o<202><250>|B8N<209><225><253>?hv<170><193><235><2>b<16><201>}<250>,<181>q<154>%<182><29><179>p<211><248>oba<
EAP-Message =
JP<13>p<12>+<154><199>1<16><208><138><21><141>'wrX<214>NUW<231><173><25>w<215><13><152><154>T<218><8><246><202>.<177>9s*<220><219>n"Gu<188><254><206>U?<214>)<181>I2^<157><225><174><232>2e<185>k<131><0><4>=0<130><4>90<130><3><162><160><3><2><1><2><2><1><0>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC
Demo Certificates1!0<31><6><3>U<4><11><19><24>Test
Certificate Section1/0-<6><3>U<4><3><19>&OSC Test CA
(do no
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Sun Sep 25 17:07:06 2005: ERR: Attribute number 1
(vendor 14179) is not defined in your dictionary
Sun Sep 25 17:07:06 2005: DEBUG: Packet dump:
*** Received from 10.220.7.205 port 1024 ....
Code: Access-Request
Identifier: 39
Authentic: [2h<10><127><4><129>\+<214>c<8>Yf<6>R
Attributes:
User-Name = "WB\wb12345"
Calling-Station-Id = "00:0C:41:DD:C5:1C"
Called-Station-Id = "00:0B:85:24:BF:F0:radi"
NAS-Port = 1
NAS-IP-Address = 10.220.7.205
NAS-Identifier = "wlc-fh1"
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-IEEE-802-11
Tunnel-Type = 0:VLAN
Tunnel-Medium-Type = 0:802
Tunnel-Private-Group-ID = 90
EAP-Message =
<2><1><0>P<25><128><0><0><0>F<22><3><1><0>A<1><0><0>=<3><1>C7;<172><148>(d<152><19>~hW<10><3><131><231>~8P<195><0><229><216>~<9>Va<9><21><135>7-<0><0><22><0><4><0><5><0><10><0><9><0>d<0>b<0><3><0><6><0><19><0><18><0>c<1><0>
Message-Authenticator =
J<177><248><221><236><236><222>"<240>*7<150><162>w<241><232>
Sun Sep 25 17:07:06 2005: DEBUG: Handling request with
Handler ''
Sun Sep 25 17:07:06 2005: DEBUG: Deleting session for
WB\wb12345, 10.220.7.205, 1
Sun Sep 25 17:07:06 2005: DEBUG: Handling with
Radius::AuthFILE:
Sun Sep 25 17:07:06 2005: DEBUG: Handling with EAP:
code 2, 1, 80
Sun Sep 25 17:07:06 2005: DEBUG: Response type 25
Sun Sep 25 17:07:06 2005: DEBUG: EAP TLS SSL_accept
result: -1, 2, 8576
Sun Sep 25 17:07:06 2005: DEBUG: EAP result: 3, EAP
PEAP Challenge
Sun Sep 25 17:07:07 2005: DEBUG: AuthBy FILE result:
CHALLENGE, EAP PEAP Challenge
Sun Sep 25 17:07:07 2005: DEBUG: Access challenged for
WB\wb12345: EAP PEAP Challenge
Sun Sep 25 17:07:07 2005: DEBUG: Packet dump:
*** Sending to 10.220.7.205 port 1024 ....
Code: Access-Challenge
Identifier: 39
Authentic: [2h<10><127><4><129>\+<214>c<8>Yf<6>R
Attributes:
EAP-Message = <1><2><3><238><25>@t use in
production)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<30><23><13>040316080125Z<23><13>060316080125Z0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC
Demo Certificates1!0<31><6><3>U<4><11><19><24>Test
Certificate Section1/0-<6><3>U<4><3><19>&OSC Test CA
(do not use in p
EAP-Message = roduction)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<129><159>0<13><6><9>*<134>H<134><247><13><1><1><1><5><0><3><129><141><0>0<129><137><2><129><129><0><204><181>%Q<192>7g0<140><153>0xg<240><152><248><199><214><253>W<7><220>|fd<163><137>%F<216><220><148><230><6><18>ie<144>'<244>P<8>DxJ<138>n<203>k8<164><239><179>H<237>K<182>mo<155><145><138><143><136><127><230><<9>l<172><210><205><136><162><29>)1<4><206><11>g<163><226>i@<206>o<210>,<185><173><234><3>^4<221><252><168>H<178><158><25><235><152><250>g<199><172><250>uSr<156><205>P<150>O<197><240>=a<255>_<209><12><163><0>U<2><3><1><0><1><163><130><1>+0<130><1>'0<29><6><3>U<29><14><4><22><4><20><23><2><196>#<233><210>F0D<173>f]r<193>H?<164><27>ke0<129><247><6><3>U<29>#
EAP-Message =
<4><129><239>0<129><236><128><20><23><2><196>#<233><210>F0D<173>f]r<193>H?<164><27>ke<161><129><208><164><129><205>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC
Demo Certificates1!0<31><6><3>U<4><11><19><24>Test
Certificate Section1/0-<6><3>U<4><3><19>&OSC Test CA
(do not use in production)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au<130><1><0>0<12><6><3>U<29><19><4><5>0<3>
EAP-Message =
<1><1><255>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0><3><129><129><0>0<3>=<202><190><236>S<216><228>o<177><242><18>hEBe<219>W<136><245>tf<202><143><160><29><220>p9<5><24>2<185>)<128><227>8<17><247>'_J<28><159>;_<202><254><242>+{=P<245><215>K<160><136>qml<181><24>3<0>f<166>Q(<2><193><29>-<228><19><184>C<139>9}r1<188>DTlK<255><15><12>TL<160><177>DuY+<156><143><225><149><237><135>ix<22>O<231><212><154><184><10>fZ<248>Va#<192><160>l<21><129>0<199>6<22><3><1><0><221><13><0><0><213><3><1><2><5><0><207><0><205>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC
Demo Certi
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Sun Sep 25 17:07:07 2005: ERR: Attribute number 1
(vendor 14179) is not defined in your dictionary
Sun Sep 25 17:07:07 2005: DEBUG: Packet dump:
*** Received from 10.220.7.205 port 1024 ....
Code: Access-Request
Identifier: 40
Authentic:
<1>qB<170><255>"<242><225><20><189><199>H<208><144><9><184>
Attributes:
User-Name = "WB\wb12345"
Calling-Station-Id = "00:0C:41:DD:C5:1C"
Called-Station-Id = "00:0B:85:24:BF:F0:radi"
NAS-Port = 1
NAS-IP-Address = 10.220.7.205
NAS-Identifier = "wlc-fh1"
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-IEEE-802-11
Tunnel-Type = 0:VLAN
Tunnel-Medium-Type = 0:802
Tunnel-Private-Group-ID = 90
EAP-Message = <2><2><0><6><25><0>
Message-Authenticator =
<225><187>?M<192><8><24><248><187><255><160><172>}<209><142><164>
Sun Sep 25 17:07:07 2005: DEBUG: Handling request with
Handler ''
Sun Sep 25 17:07:07 2005: DEBUG: Deleting session for
WB\wb12345, 10.220.7.205, 1
Sun Sep 25 17:07:08 2005: DEBUG: Handling with
Radius::AuthFILE:
Sun Sep 25 17:07:08 2005: DEBUG: Handling with EAP:
code 2, 2, 6
Sun Sep 25 17:07:08 2005: DEBUG: Response type 25
Sun Sep 25 17:07:08 2005: DEBUG: EAP result: 3, EAP
PEAP Challenge
Sun Sep 25 17:07:08 2005: DEBUG: AuthBy FILE result:
CHALLENGE, EAP PEAP Challenge
Sun Sep 25 17:07:08 2005: DEBUG: Access challenged for
WB\wb12345: EAP PEAP Challenge
Sun Sep 25 17:07:08 2005: DEBUG: Packet dump:
*** Sending to 10.220.7.205 port 1024 ....
Code: Access-Challenge
Identifier: 40
Authentic:
<1>qB<170><255>"<242><225><20><189><199>H<208><144><9><184>
Attributes:
EAP-Message =
<1><3><3><238><25>@ficates1!0<31><6><3>U<4><11><19><24>Test
Certificate Section1/0-<6><3>U<4><3><19>&OSC Test CA
(do not use in production)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au<14><0><0><0><22><3><1><0>J<2><0><0>F<3><1>C7;<170><218>D<27>0Bh<138><130><151>wA"4<151>f<233><205><227><231>^H4`<225><214><175>]<241>
!<6>W at _<241><207><24><199>Y<226><130>2<198><10><240><21>b<222>F
t4<228>y%<<143><210><217>3<27><0><4><0><22><3><1><7><27><11><0><7><23><0><7><20><0><2><209>0<130><2><205>0<130><2>6<160><3><2><1><2><2><1><2>0<13><6><9>*<134>H<134>
EAP-Message =
<247><13><1><1><4><5><0>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC
Demo Certificates1!0<31><6><3>U<4><11><19><24>Test
Certificate Section1/0-<6><3>U<4><3><19>&OSC Test CA
(do not use in production)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<30><23><13>040316080209Z<23><13>060316080209Z0u1<11>0<9><6><3>U
EAP-Message =
<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<24>0<22><6><3>U<4><10><19><15>My
Test
Company1%0#<6><3>U<4><3><19><28>test.server.some.company.com0<129><159>0<13><6><9>*<134>H<134><247><13><1><1><1><5><0><3><129><141><0>0<129><137><2><129><129><0><216>4<7><6><214><234>/<241>.9<209><250>\y<1><149>[<215><24>e<133><15><223>d<176><132>Z<222>#<234><12>%<133>aF<28><20><24><218><160><197><239><237><136><222><218><138><6><19><247>}*3B<155><24>TE<18><240><194><220><164><183>9<192><176>/<16>HI<220><169>vN<215>)<31><207><24><157><230>G<186>)<246>J<195><171><154><249><220>v<17><159><2>x<29><136><148>:b<170><254><4><207><183><144><210><251>+<233><135>0
EAP-Message =
<212>Y<207><158>N<226><136><12><132><143><250><182><218>W<2><3><1><0><1><163><23>0<21>0<19><6><3>U<29>%<4><12>0<10><6><8>+<6><1><5><5><7><3><1>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0><3><129><129><0>n<23><196><159>c<165><188>>q<129>X<13>=l?<174><155><170><162><189><20><25>az<19>o<202><250>|B8N<209><225><253>?hv<170><193><235><2>b<16><201>}<250>,<181>q<154>%<182><29><179>p<211><248>oba<JP<13>p<12>+<154><199>1<16><208><138><21><141>'wrX<214>NUW<231><173><25>w<215><13><152><154>T<218><8><246><202>.<177>9s*<220><219>n"Gu<188><254><206>U?<214>)<181>I2^<157><225><174><232>2e<185>k<131><0><4>=0<130><4>90<130><3><162><160><3><2><1><2><2><1><0>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Sun Sep 25 17:07:08 2005: ERR: Attribute number 1
(vendor 14179) is not defined in your dictionary
Sun Sep 25 17:07:09 2005: DEBUG: Packet dump:
*** Received from 10.220.7.205 port 1024 ....
Code: Access-Request
Identifier: 40
Authentic:
<1>qB<170><255>"<242><225><20><189><199>H<208><144><9><184>
Attributes:
User-Name = "WB\wb12345"
Calling-Station-Id = "00:0C:41:DD:C5:1C"
Called-Station-Id = "00:0B:85:24:BF:F0:radi"
NAS-Port = 1
NAS-IP-Address = 10.220.7.205
NAS-Identifier = "wlc-fh1"
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-IEEE-802-11
Tunnel-Type = 0:VLAN
Tunnel-Medium-Type = 0:802
Tunnel-Private-Group-ID = 90
EAP-Message = <2><2><0><6><25><0>
Message-Authenticator =
<225><187>?M<192><8><24><248><187><255><160><172>}<209><142><164>
Sun Sep 25 17:07:09 2005: DEBUG: Handling request with
Handler ''
Sun Sep 25 17:07:09 2005: DEBUG: Deleting session for
WB\wb12345, 10.220.7.205, 1
Sun Sep 25 17:07:09 2005: DEBUG: Handling with
Radius::AuthFILE:
Sun Sep 25 17:07:09 2005: DEBUG: Handling with EAP:
code 2, 2, 6
Sun Sep 25 17:07:09 2005: DEBUG: Response type 25
Sun Sep 25 17:07:09 2005: DEBUG: EAP result: 3, EAP
PEAP Challenge
Sun Sep 25 17:07:09 2005: DEBUG: AuthBy FILE result:
CHALLENGE, EAP PEAP Challenge
Sun Sep 25 17:07:09 2005: DEBUG: Access challenged for
WB\wb12345: EAP PEAP Challenge
Sun Sep 25 17:07:09 2005: DEBUG: Packet dump:
*** Sending to 10.220.7.205 port 1024 ....
Code: Access-Challenge
Identifier: 40
Authentic:
<1>qB<170><255>"<242><225><20><189><199>H<208><144><9><184>
Attributes:
EAP-Message =
<1><3><3><238><25>@U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC
Demo Certificates1!0<31><6><3>U<4><11><19><24>Test
Certificate Section1/0-<6><3>U<4><3><19>&OSC Test CA
(do not use in production)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<30><23><13>040316080125Z<23><13>060316080125Z0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victo
EAP-Message =
ria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC
Demo Certificates1!0<31><6><3>U<4><11><19><24>Test
Certificate Section1/0-<6><3>U<4><3><19>&OSC Test CA
(do not use in production)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<129><159>0<13><6><9>*<134>H<134><247><13><1><1><1><5><0><3><129><141><0>0<129><137><2><129><129><0><204><181>%Q<192>7g0<140><153>0xg<240><152><248><199><214><253>W<7><220>|fd<163><137>%F<216><220><148><230><6><18>ie<144>'<244>P<8>DxJ<138>n<203>k8<164>
EAP-Message =
<239><179>H<237>K<182>mo<155><145><138><143><136><127><230><<9>l<172><210><205><136><162><29>)1<4><206><11>g<163><226>i@<206>o<210>,<185><173><234><3>^4<221><252><168>H<178><158><25><235><152><250>g<199><172><250>uSr<156><205>P<150>O<197><240>=a<255>_<209><12><163><0>U<2><3><1><0><1><163><130><1>+0<130><1>'0<29><6><3>U<29><14><4><22><4><20><23><2><196>#<233><210>F0D<173>f]r<193>H?<164><27>ke0<129><247><6><3>U<29>#<4><129><239>0<129><236><128><20><23><2><196>#<233><210>F0D<173>f]r<193>H?<164><27>ke<161><129><208><164><129><205>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC
Demo Certificates1!0
EAP-Message = <31><6><3>U<4><11><19><24>Test
Certificate Section1/0-<6><3>U<4><3><19>&OSC Test CA
(do not use in production)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au<130><1><0>0<12><6><3>U<29><19><4><5>0<3><1><1><255>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0><3><129><129><0>0<3>=<202><190><236>S<216><228>o<177><242><18>hEBe<219>W<136><245>tf<202><143><160><29><220>p9<5><24>2<185>)<128><227>8<17><247>'_J<28><159>;_<202><254><242>+{=P<245><215>K<160><136>qml<181><24>3<0>f<166>Q(<2><193><29>-<228><19><184>C<139>9}r1<188>DTlK<255><15><12>TL<160><177>D
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Sun Sep 25 17:07:10 2005: ERR: Attribute number 1
(vendor 14179) is not defined in your dictionary
Sun Sep 25 17:07:10 2005: DEBUG: Packet dump:
*** Received from 10.220.7.205 port 1024 ....
Code: Access-Request
Identifier: 41
Authentic: <202>4<129><205>
OU<160><18>%x<132>"<195><198>>
Attributes:
User-Name = "WB\wb12345"
Calling-Station-Id = "00:0C:41:DD:C5:1C"
Called-Station-Id = "00:0B:85:24:BF:F0:radi"
NAS-Port = 1
NAS-IP-Address = 10.220.7.205
NAS-Identifier = "wlc-fh1"
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-IEEE-802-11
Tunnel-Type = 0:VLAN
Tunnel-Medium-Type = 0:802
Tunnel-Private-Group-ID = 90
EAP-Message = <2><3><0><6><25><0>
Message-Authenticator =
<181><246><187><220>y<253><140><185>p<129><180><F<9><192>!
Sun Sep 25 17:07:10 2005: DEBUG: Handling request with
Handler ''
Sun Sep 25 17:07:10 2005: DEBUG: Deleting session for
WB\wb12345, 10.220.7.205, 1
Sun Sep 25 17:07:10 2005: DEBUG: Handling with
Radius::AuthFILE:
Sun Sep 25 17:07:10 2005: DEBUG: Handling with EAP:
code 2, 3, 6
Sun Sep 25 17:07:10 2005: DEBUG: Response type 25
Sun Sep 25 17:07:10 2005: DEBUG: EAP result: 3, EAP
PEAP Challenge
Sun Sep 25 17:07:10 2005: DEBUG: AuthBy FILE result:
CHALLENGE, EAP PEAP Challenge
Sun Sep 25 17:07:10 2005: DEBUG: Access challenged for
WB\wb12345: EAP PEAP Challenge
Sun Sep 25 17:07:11 2005: DEBUG: Packet dump:
*** Sending to 10.220.7.205 port 1024 ....
Code: Access-Challenge
Identifier: 41
Authentic: <202>4<129><205>
OU<160><18>%x<132>"<195><198>>
Attributes:
EAP-Message =
<1><4><1><8><25><0>uY+<156><143><225><149><237><135>ix<22>O<231><212><154><184><10>fZ<248>Va#<192><160>l<21><129>0<199>6<22><3><1><0><221><13><0><0><213><3><1><2><5><0><207><0><205>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC
Demo Certificates1!0<31><6><3>U<4><11><19><24>Test
Certificate Section1/0-<6><3>U<4><3><19>&OSC Test CA
(do not use in production)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open
EAP-Message = .com.au<14><0><0><0>
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Sun Sep 25 17:07:11 2005: ERR: Attribute number 1
(vendor 14179) is not defined in your dictionary
Sun Sep 25 17:07:11 2005: DEBUG: Packet dump:
*** Received from 10.220.7.205 port 1024 ....
Code: Access-Request
Identifier: 41
Authentic: <202>4<129><205>
OU<160><18>%x<132>"<195><198>>
Attributes:
User-Name = "WB\wb12345"
Calling-Station-Id = "00:0C:41:DD:C5:1C"
Called-Station-Id = "00:0B:85:24:BF:F0:radi"
NAS-Port = 1
NAS-IP-Address = 10.220.7.205
NAS-Identifier = "wlc-fh1"
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-IEEE-802-11
Tunnel-Type = 0:VLAN
Tunnel-Medium-Type = 0:802
Tunnel-Private-Group-ID = 90
EAP-Message = <2><3><0><6><25><0>
Message-Authenticator =
<181><246><187><220>y<253><140><185>p<129><180><F<9><192>!
Sun Sep 25 17:07:11 2005: DEBUG: Handling request with
Handler ''
Sun Sep 25 17:07:11 2005: DEBUG: Deleting session for
WB\wb12345, 10.220.7.205, 1
Sun Sep 25 17:07:11 2005: DEBUG: Handling with
Radius::AuthFILE:
Sun Sep 25 17:07:11 2005: DEBUG: Handling with EAP:
code 2, 3, 6
Sun Sep 25 17:07:11 2005: DEBUG: Response type 25
Sun Sep 25 17:07:11 2005: DEBUG: EAP result: 2, EAP
PEAP Nothing to read or write
Sun Sep 25 17:07:11 2005: DEBUG: AuthBy FILE result:
IGNORE, EAP PEAP Nothing to read or write
Sun Sep 25 17:07:11 2005: ERR: Attribute number 1
(vendor 14179) is not defined in your dictionary
Sun Sep 25 17:07:12 2005: DEBUG: Packet dump:
*** Received from 10.220.7.205 port 1024 ....
Code: Access-Request
Identifier: 42
Authentic:
<21>/<143>0<255><157><216><24>`<216><160><141>-<168>E<19>
Attributes:
User-Name = "WB\wb12345"
Calling-Station-Id = "00:0C:41:DD:C5:1C"
Called-Station-Id = "00:0B:85:24:BF:F0:radi"
NAS-Port = 1
NAS-IP-Address = 10.220.7.205
NAS-Identifier = "wlc-fh1"
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-IEEE-802-11
Tunnel-Type = 0:VLAN
Tunnel-Medium-Type = 0:802
Tunnel-Private-Group-ID = 90
EAP-Message =
<2><4><0><17><25><128><0><0><0><7><21><3><1><0><2><2>/
Message-Authenticator = q<135>F<11>G
<227>{<167><154>N at s,V<195>
Sun Sep 25 17:07:12 2005: DEBUG: Handling request with
Handler ''
Sun Sep 25 17:07:12 2005: DEBUG: Deleting session for
WB\wb12345, 10.220.7.205, 1
Sun Sep 25 17:07:12 2005: DEBUG: Handling with
Radius::AuthFILE:
Sun Sep 25 17:07:12 2005: DEBUG: Handling with EAP:
code 2, 4, 17
Sun Sep 25 17:07:12 2005: DEBUG: Response type 25
Sun Sep 25 17:07:12 2005: DEBUG: EAP TLS SSL_accept
result: 0, 1, 8576
Sun Sep 25 17:07:12 2005: ERR: EAP PEAP TLS Handshake
unsuccessful: 3168: 1 - error:14094417:SSL
routines:SSL3_READ_BYTES:sslv3 alert illegal parameter
Sun Sep 25 17:07:12 2005: DEBUG: EAP result: 1, EAP
PEAP TLS Handshake unsuccessful
Sun Sep 25 17:07:12 2005: DEBUG: AuthBy FILE result:
REJECT, EAP PEAP TLS Handshake unsuccessful
Sun Sep 25 17:07:12 2005: INFO: Access rejected for
WB\wb12345: EAP PEAP TLS Handshake unsuccessful
Sun Sep 25 17:07:12 2005: DEBUG: Packet dump:
*** Sending to 10.220.7.205 port 1024 ....
Code: Access-Reject
Identifier: 42
Authentic:
<21>/<143>0<255><157><216><24>`<216><160><141>-<168>E<19>
Attributes:
Reply-Message = "Request Denied"
-------------- end logfile -------------------
--- Mike McCauley <mikem at open.com.au> wrote:
> Hello Slava,
>
> Have you enabled the 'Act as part of the operating
> system' security policy for
> the user who runs Radiator (usually administrator)
>
> Cheers.
__________________________________
Yahoo! Mail - PC Magazine Editors' Choice 2005
http://mail.yahoo.com
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list