(RADIATOR) Authby KRB is not invoked in TunneledbyTTLS handler configuration
Joon Yun
joon at berkeley.edu
Wed Jan 4 22:46:13 CST 2006
Hi Hugh,
I've scoured the web and the Radiator archives but non of it seems to
help me get the EAP/TTLS-PAP with Kerberos in the background using the
SecureW2 windows supplicant working. It works perfectly fine if under
the TunnelbyTTLS handler the method is Authby FILE but the Kerberos
auth is never ever called when configured for Authby KRB5. I've tried
this with the outer authentication both set and also not set as
anonymous with the same results. I've appended 2 traces and my config
file. Any help would be much appreciated.
Regards,
Joon Yun
UC Berkeley
****Trace 4 with outter identity NOT set to anonymous****
[ndrl5] ~/Radiator-Locked-3.13> perl radiusd -config radius.cfg
Wed Jan 4 20:24:55 2006: DEBUG: Finished reading configuration file
'radius.cfg'
Wed Jan 4 20:24:55 2006: DEBUG: Reading dictionary file './dictionary'
Wed Jan 4 20:24:55 2006: DEBUG: Creating authentication port
0.0.0.0:1645
Wed Jan 4 20:24:55 2006: DEBUG: Creating accounting port 0.0.0.0:1646
Wed Jan 4 20:24:55 2006: NOTICE: Server started: Radiator 3.13 on
ndrl5.berkeley.edu
Wed Jan 4 20:25:59 2006: DEBUG: Packet dump:
*** Received from 128.32.231.226 port 1812 ....
Code: Access-Request
Identifier: 109
Authentic: <255><191>u_ <178><23>><141><129>><235><19><252><235>1
Attributes:
NAS-IP-Address = 128.32.231.226
NAS-Port = 50002
NAS-Port-Type = Ethernet
User-Name = "joon"
Called-Station-Id = "00-12-7F-E3-48-42"
Calling-Station-Id = "00-C0-4F-80-36-EA"
Service-Type = Framed-User
Framed-MTU = 1500
EAP-Message = <2><0><0><9><1>joon
Message-Authenticator =
3<156><210><18>&<226>uz63#<19><146>]<180><132>
Wed Jan 4 20:25:59 2006: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Wed Jan 4 20:25:59 2006: DEBUG: Deleting session for joon,
128.32.231.226, 50002
Wed Jan 4 20:25:59 2006: DEBUG: Handling with Radius::AuthFILE:
Wed Jan 4 20:25:59 2006: DEBUG: Handling with EAP: code 2, 0, 9
Wed Jan 4 20:25:59 2006: DEBUG: Response type 1
Wed Jan 4 20:25:59 2006: DEBUG: EAP result: 3, EAP TTLS Challenge
Wed Jan 4 20:25:59 2006: DEBUG: AuthBy FILE result: CHALLENGE, EAP
TTLS Challenge
Wed Jan 4 20:25:59 2006: DEBUG: Access challenged for joon: EAP TTLS
Challenge
Wed Jan 4 20:25:59 2006: DEBUG: Packet dump:
*** Sending to 128.32.231.226 port 1812 ....
Code: Access-Challenge
Identifier: 109
Authentic: <255><191>u_ <178><23>><141><129>><235><19><252><235>1
Attributes:
EAP-Message = <1><1><0><6><21>
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Wed Jan 4 20:25:59 2006: DEBUG: Packet dump:
*** Received from 128.32.231.226 port 1812 ....
Code: Access-Request
Identifier: 110
Authentic: Aj'=7'O<9><211><174>8<134><22><241>n^
Attributes:
NAS-IP-Address = 128.32.231.226
NAS-Port = 50002
NAS-Port-Type = Ethernet
User-Name = "joon"
Called-Station-Id = "00-12-7F-E3-48-42"
Calling-Station-Id = "00-C0-4F-80-36-EA"
Service-Type = Framed-User
Framed-MTU = 1500
EAP-Message =
<2><1><0><<21><128><0><0><0>2<22><3><1><0>-
<1><0><0>)<3><1><144><1>9<0>E<194><22><218>4<190><1>_<158><170><242><201
><153>:
<189><6>`rl<242>)<4><187><182><168><135><235><26><0><0><2><0><10><1><0>
Message-Authenticator =
RE<2>l<233><199><159>_<175><166>L<208><186><233><202><15>
Wed Jan 4 20:25:59 2006: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Wed Jan 4 20:25:59 2006: DEBUG: Deleting session for joon,
128.32.231.226, 50002
Wed Jan 4 20:25:59 2006: DEBUG: Handling with Radius::AuthFILE:
Wed Jan 4 20:25:59 2006: DEBUG: Handling with EAP: code 2, 1, 60
Wed Jan 4 20:25:59 2006: DEBUG: Response type 21
Wed Jan 4 20:25:59 2006: DEBUG: EAP TTLS data, 24576, 1, -1
Wed Jan 4 20:25:59 2006: DEBUG: EAP TLS SSL_accept result: -1, 2, 8576
Wed Jan 4 20:25:59 2006: DEBUG: EAP result: 3, EAP TTLS Challenge
Wed Jan 4 20:25:59 2006: DEBUG: AuthBy FILE result: CHALLENGE, EAP
TTLS Challenge
Wed Jan 4 20:25:59 2006: DEBUG: Access challenged for joon: EAP TTLS
Challenge
Wed Jan 4 20:25:59 2006: DEBUG: Packet dump:
*** Sending to 128.32.231.226 port 1812 ....
Code: Access-Challenge
Identifier: 110
Authentic: Aj'=7'O<9><211><174>8<134><22><241>n^
Attributes:
EAP-Message =
<1><2><3><242><21><192><0><0><7>x<22><3><1><0>J<2><0><0>F<3><1>C<188><15
9><215><28><238>u4<252>,+v<146><252>{<128>%<175><206><223><144>*<129><17
2><244><229><<15><244><234>x<172>
<203>OR<227><25>ha<11>Ms<176><167><131>j<166><212><251>En<249>L<220>eH<5
>&<:
S<240><251><31><0><10><0><22><3><1><7><27><11><0><7><23><0><7><20><0><2>
<209>0<130><2><205>0<130><2>6<160><3><2><1><2><2><1><2>0<13><6><9>*<134>
H<134><247><13><1><1><4><5><0>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU
1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melb
ourne1<30>0<28><6><3>U<4><10><19><21>OSC Demo
Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate Sec
EAP-Message = tion1/0-<6><3>U<4><3><19>&OSC Test CA (do not use
in production)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<30><
23><13>040316080209Z<23><13>060316080209Z0u1<11>0<9><6><3>U<4><6><19><2>
AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Me
lbourne1<24>0<22><6><3>U<4><10><19><15>My Test
Company1%0#<6><3>U<4><3><19><28>test.server.some.company.com0<129><159>0
<13><6><9>*<134>H<134><247><13><1><1>
EAP-Message =
<1><5><0><3><129><141><0>0<129><137><2><129><129><0><216>4<7><6><214><23
4>/
<241>.9<209><250>\y<1><149>[<215><24>e<133><15><223>d<176><132>Z<222>#<2
34><12>%<133>aF<28><20><24><218><160><197><239><237><136><222><218><138>
<6><19><247>}*3B<155><24>TE<18><240><194><220><164><183>9<192><176>/
<16>HI<220><169>vN<215>)<31><207><24><157><230>G<186>)<246>J<195><171><1
54><249><220>v<17><159><2>x<29><136><148>:
b<170><254><4><207><183><144><210><251>+<233><135>0<212>Y<207><158>N<226
><136><12><132><143><250><182><218>W<2><3><1><0><1><163><23>0<21>0<19><6
><3>U<29>%<4><12>0<10><6><8>+<6><1><5><5><7><3><1>0<13><6><9>*<134>H<134
><247><13><1><1><4><5><0><3><129><129><0>n<23><196><159>c<165><188>>q<12
9>X<13>=l?
<174><155><170><162><189><20><25>az<19>o<202><250>|B8N<209><225><253>?
hv<170><193><235><2>b<16><201>}<250>,<181>q<154>%<182><29><179>p<211><24
8>oba<
EAP-Message =
JP<13>p<12>+<154><199>1<16><208><138><21><141>'wrX<214>NUW<231><173><25>
w<215><13><152><154>T<218><8><246><202>.<177>9s*<220><219>n"Gu<188><254>
<206>U?
<214>)<181>I2^<157><225><174><232>2e<185>k<131><0><4>=0<130><4>90<130><3
><162><160><3><2><1><2><2><1><0>0<13><6><9>*<134>H<134><247><13><1><1><4
><5><0>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8>
<19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<
4><10><19><21>OSC Demo Certificates1!0<31><6><3>U<4><11><19><24>Test
Certificate Section1/0-<6><3>U<4><3><19>&OSC Test CA (do no
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Wed Jan 4 20:25:59 2006: DEBUG: Packet dump:
*** Received from 128.32.231.226 port 1812 ....
Code: Access-Request
Identifier: 111
Authentic: <233>9<203><217><195>n<187>bo<179><7><5>C<149><232><12>
Attributes:
NAS-IP-Address = 128.32.231.226
NAS-Port = 50002
NAS-Port-Type = Ethernet
User-Name = "joon"
Called-Station-Id = "00-12-7F-E3-48-42"
Calling-Station-Id = "00-C0-4F-80-36-EA"
Service-Type = Framed-User
Framed-MTU = 1500
EAP-Message = <2><2><0><6><21><0>
Message-Authenticator =
<185>2Z<204><221><238><166><154>%<199><130><166><24>[{n
Wed Jan 4 20:25:59 2006: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Wed Jan 4 20:25:59 2006: DEBUG: Deleting session for joon,
128.32.231.226, 50002
Wed Jan 4 20:25:59 2006: DEBUG: Handling with Radius::AuthFILE:
Wed Jan 4 20:25:59 2006: DEBUG: Handling with EAP: code 2, 2, 6
Wed Jan 4 20:25:59 2006: DEBUG: Response type 21
Wed Jan 4 20:25:59 2006: DEBUG: EAP result: 3, EAP TTLS Challenge
Wed Jan 4 20:25:59 2006: DEBUG: AuthBy FILE result: CHALLENGE, EAP
TTLS Challenge
Wed Jan 4 20:25:59 2006: DEBUG: Access challenged for joon: EAP TTLS
Challenge
Wed Jan 4 20:25:59 2006: DEBUG: Packet dump:
*** Sending to 128.32.231.226 port 1812 ....
Code: Access-Challenge
Identifier: 111
Authentic: <233>9<203><217><195>n<187>bo<179><7><5>C<149><232><12>
Attributes:
EAP-Message = <1><3><3><150><21><0>t use in production)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<30><
23><13>040316080125Z<23><13>060316080125Z0<129><202>1<11>0<9><6><3>U<4><
6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7>
<19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC Demo
Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate
Section1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in p
EAP-Message = roduction)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<129>
<159>0<13><6><9>*<134>H<134><247><13><1><1><1><5><0><3><129><141><0>0<12
9><137><2><129><129><0><204><181>%Q<192>7g0<140><153>0xg<240><152><248><
199><214><253>W<7><220>|fd<163><137>%F<216><220><148><230><6><18>ie<144>
'<244>P<8>DxJ<138>n<203>k8<164><239><179>H<237>K<182>mo<155><145><138><1
43><136><127><230><<9>l<172><210><205><136><162><29>)1<4><206><11>g<163>
<226>i@<206>o<210>,<185><173><234><3>^4<221><252><168>H<178><158><25><23
5><152><250>g<199><172><250>uSr<156><205>P<150>O<197><240>=a<255>_<209><
12><163><0>U<2><3><1><0><1><163><130><1>+0<130><1>'0<29><6><3>U<29><14><
4><22><4><20><23><2><196>#<233><210>F0D<173>f]r<193>H?
<164><27>ke0<129><247><6><3>U<29>#
EAP-Message =
<4><129><239>0<129><236><128><20><23><2><196>#<233><210>F0D<173>f]r<193>
H?
<164><27>ke<161><129><208><164><129><205>0<129><202>1<11>0<9><6><3>U<4><
6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7>
<19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC Demo
Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate
Section1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in production)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au<130><
1><0>0<12><6><3>U<29><19><4><5>0<3>
EAP-Message =
<1><1><255>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0><3><129><129><
0>0<3>=<202><190><236>S<216><228>o<177><242><18>hEBe<219>W<136><245>tf<2
02><143><160><29><220>p9<5><24>2<185>)<128><227>8<17><247>'_J<28><159>;
_<202><254><242>+{=P<245><215>K<160><136>qml<181><24>3<0>f<166>Q(<2><193
><29>-
<228><19><184>C<139>9}r1<188>DTlK<255><15><12>TL<160><177>DuY+<156><143>
<225><149><237><135>ix<22>O<231><212><154><184><10>fZ<248>Va#<192><160>l
<21><129>0<199>6<22><3><1><0><4><14><0><0><0>
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Wed Jan 4 20:26:00 2006: DEBUG: Packet dump:
*** Received from 128.32.231.226 port 1812 ....
Code: Access-Request
Identifier: 112
Authentic: 2<29><159><237><28>Y<138><240>G<156><15><176><130>W<167><17>
Attributes:
NAS-IP-Address = 128.32.231.226
NAS-Port = 50002
NAS-Port-Type = Ethernet
User-Name = "joon"
Called-Station-Id = "00-12-7F-E3-48-42"
Calling-Station-Id = "00-C0-4F-80-36-EA"
Service-Type = Framed-User
Framed-MTU = 1500
EAP-Message =
<2><3><0><200><21><128><0><0><0><190><22><3><1><0><134><16><0><0><130><0
><128>V_<212>(<239>y<247><171><1>PX|l<222>'<201><128><243><181>"?
<131><137><228>q<138><244>qyG<182>3<204><1><252><152><154>m
<202><240><8><215><253>P<197><228><230>*9<253><189><217>s<146><177><163>
<149><143><226><18><223>p<234><138><250><221>L<166><25><167>l<129><28>3<
148><152><4>tVr<181>{<250><154><153>y<160>{ce<166><30>c<0><180><28>
<4><208><245><183>$u<197><246><12>*<191>-
<208><9><214><128><157><130><253><177><136><247>k<197><202><168>'<213><2
>5<20><3><1><0><1><1><22><3><1><0>(<141>C<197>7m
<138>O<163>wK<2><136><222><6><157><174>/
<208><134><181><200><18>i<187><130><237>o<191><185><150>S<13>W<160><<147
><185><194><235>
Message-Authenticator =
<234><233><156>`<29><138>F<252><246>}6<141><241><157>KJ
Wed Jan 4 20:26:00 2006: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Wed Jan 4 20:26:00 2006: DEBUG: Deleting session for joon,
128.32.231.226, 50002
Wed Jan 4 20:26:00 2006: DEBUG: Handling with Radius::AuthFILE:
Wed Jan 4 20:26:00 2006: DEBUG: Handling with EAP: code 2, 3, 200
Wed Jan 4 20:26:00 2006: DEBUG: Response type 21
Wed Jan 4 20:26:00 2006: DEBUG: EAP TTLS data, 8576, 3, 1
Wed Jan 4 20:26:00 2006: DEBUG: EAP TLS SSL_accept result: 1, 0, 3
Wed Jan 4 20:26:00 2006: DEBUG: EAP result: 3, EAP TTLS Challenge
Wed Jan 4 20:26:00 2006: DEBUG: AuthBy FILE result: CHALLENGE, EAP
TTLS Challenge
Wed Jan 4 20:26:00 2006: DEBUG: Access challenged for joon: EAP TTLS
Challenge
Wed Jan 4 20:26:00 2006: DEBUG: Packet dump:
*** Sending to 128.32.231.226 port 1812 ....
Code: Access-Challenge
Identifier: 112
Authentic: 2<29><159><237><28>Y<138><240>G<156><15><176><130>W<167><17>
Attributes:
EAP-Message =
<1><4><0>=<21><128><0><0><0>3<20><3><1><0><1><1><22><3><1><0>(<23><184><
198><217><183><0>d)<10>Y<152><242><148>3<145><160><25><180>(<232>Ic2q<25
><222>8<4><193>.<181>r/<254><178><210><0>U<31><129>
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Wed Jan 4 20:26:00 2006: DEBUG: Packet dump:
*** Received from 128.32.231.226 port 1812 ....
Code: Access-Request
Identifier: 113
Authentic: }<243><164><132>C<20>t<196>:<221><175>s<163>3<132><140>
Attributes:
NAS-IP-Address = 128.32.231.226
NAS-Port = 50002
NAS-Port-Type = Ethernet
User-Name = "joon"
Called-Station-Id = "00-12-7F-E3-48-42"
Calling-Station-Id = "00-C0-4F-80-36-EA"
Service-Type = Framed-User
Framed-MTU = 1500
EAP-Message =
<2><4><0>O<21><128><0><0><0>E<23><3><1><0>@,e<245>}iu<191>I<219>F<174><2
22>cy$<163><202>JF?
<184><138><251>(<167>}<255><140><206><168><244><253><221>S<21><208><193>
<29><178><178>S<182>tW<141><158>(<133>1Qt<216>W<22><137>a<251><237>5<189
><137><204>*?
Message-Authenticator =
uiM<241><176>P<22><183><178><195><241><135><246><231><235>e
Wed Jan 4 20:26:00 2006: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Wed Jan 4 20:26:00 2006: DEBUG: Deleting session for joon,
128.32.231.226, 50002
Wed Jan 4 20:26:00 2006: DEBUG: Handling with Radius::AuthFILE:
Wed Jan 4 20:26:00 2006: DEBUG: Handling with EAP: code 2, 4, 79
Wed Jan 4 20:26:00 2006: DEBUG: Response type 21
Wed Jan 4 20:26:00 2006: DEBUG: EAP TTLS data, 3, 4, 3
Wed Jan 4 20:26:00 2006: DEBUG: EAP TTLS inner authentication request
for joon
Wed Jan 4 20:26:00 2006: DEBUG: TTLS Tunnelled Diameter Packet dump:
Code: Access-Request
Identifier: UNDEF
Authentic:
<225><173><207><189><179>I<14><131><148><211><27>/<5>T<218><2>
Attributes:
User-Name = "joon"
User-Password = MyPassword
Wed Jan 4 20:26:00 2006: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Wed Jan 4 20:26:00 2006: DEBUG: Deleting session for joon,
128.32.231.226,
Wed Jan 4 20:26:00 2006: DEBUG: Handling with Radius::AuthFILE:
Wed Jan 4 20:26:00 2006: DEBUG: Reading users file ./users
Wed Jan 4 20:26:00 2006: DEBUG: Radius::AuthFILE looks for match with
joon [joon]
Wed Jan 4 20:26:00 2006: DEBUG: Radius::AuthFILE REJECT: No such user:
joon [joon]
Wed Jan 4 20:26:00 2006: DEBUG: Radius::AuthFILE looks for match with
DEFAULT [joon]
Wed Jan 4 20:26:00 2006: DEBUG: Radius::AuthFILE REJECT: Check item
Service-Type expression 'Administrative-User' does not match '' in
request: DEFAULT [joon]
Wed Jan 4 20:26:00 2006: DEBUG: Radius::AuthFILE looks for match with
DEFAULT1 [joon]
Wed Jan 4 20:26:00 2006: DEBUG: Radius::AuthFILE REJECT: Check item
Service-Type expression 'Login-User' does not match '' in request:
DEFAULT1 [joon]
Wed Jan 4 20:26:00 2006: DEBUG: Radius::AuthFILE looks for match with
DEFAULT2 [joon]
Wed Jan 4 20:26:00 2006: DEBUG: Radius::AuthFILE REJECT: Check item
Service-Type expression 'Outbound-User' does not match '' in request:
DEFAULT2 [joon]
Wed Jan 4 20:26:00 2006: DEBUG: Radius::AuthFILE looks for match with
DEFAULT3 [joon]
Wed Jan 4 20:26:00 2006: WARNING: Could not find Identifier for
Auth-Type 'System'
Wed Jan 4 20:26:00 2006: DEBUG: Radius::AuthFILE REJECT: Could not
find Identifier for Auth-Type 'System': DEFAULT3 [joon]
Wed Jan 4 20:26:00 2006: DEBUG: Radius::AuthFILE looks for match with
DEFAULT4 [joon]
Wed Jan 4 20:26:00 2006: DEBUG: Radius::AuthFILE REJECT: Username not
suffixed with .ppp: DEFAULT4 [joon]
Wed Jan 4 20:26:00 2006: DEBUG: Radius::AuthFILE looks for match with
DEFAULT5 [joon]
Wed Jan 4 20:26:00 2006: DEBUG: Radius::AuthFILE REJECT: Username not
prefixed with P: DEFAULT5 [joon]
Wed Jan 4 20:26:00 2006: DEBUG: Radius::AuthFILE looks for match with
DEFAULT6 [joon]
Wed Jan 4 20:26:00 2006: WARNING: This AuthBy does not know how to
check Group membership
Wed Jan 4 20:26:00 2006: DEBUG: Radius::AuthFILE REJECT: User joon is
not in Group group1: DEFAULT6 [joon]
Wed Jan 4 20:26:00 2006: DEBUG: AuthBy FILE result: REJECT, User joon
is not in Group group1
Wed Jan 4 20:26:00 2006: INFO: Access rejected for joon: User joon is
not in Group group1
Wed Jan 4 20:26:00 2006: DEBUG: Returned TTLS tunnelled Diameter
Packet dump:
Code: Access-Reject
Identifier: UNDEF
Authentic:
<225><173><207><189><179>I<14><131><148><211><27>/<5>T<218><2>
Attributes:
Reply-Message = "Request Denied"
Wed Jan 4 20:26:00 2006: DEBUG: EAP result: 1, EAP TTLS inner
authentication redespatched to a Handler
Wed Jan 4 20:26:00 2006: DEBUG: AuthBy FILE result: REJECT, EAP TTLS
inner authentication redespatched to a Handler
Wed Jan 4 20:26:00 2006: INFO: Access rejected for joon: EAP TTLS
inner authentication redespatched to a Handler
Wed Jan 4 20:26:00 2006: DEBUG: Packet dump:
*** Sending to 128.32.231.226 port 1812 ....
Code: Access-Reject
Identifier: 113
Authentic: }<243><164><132>C<20>t<196>:<221><175>s<163>3<132><140>
Attributes:
EAP-Message = <4><4><0><4>
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Reply-Message = "Request Denied"
****Trace 4 with outter identity NOT set to anonymous****
[ndrl5] ~/Radiator-Locked-3.13> perl radiusd -config radius.cfg
Wed Jan 4 20:37:58 2006: DEBUG: Finished reading configuration file
'radius.cfg'
Wed Jan 4 20:37:58 2006: DEBUG: Reading dictionary file './dictionary'
Wed Jan 4 20:37:58 2006: DEBUG: Creating authentication port
0.0.0.0:1645
Wed Jan 4 20:37:58 2006: DEBUG: Creating accounting port 0.0.0.0:1646
Wed Jan 4 20:37:58 2006: NOTICE: Server started: Radiator 3.13 on
ndrl5.berkeley.edu
Wed Jan 4 20:40:06 2006: DEBUG: Packet dump:
*** Received from 128.32.231.226 port 1812 ....
Code: Access-Request
Identifier: 119
Authentic:
<5><25><133>~<128>5<27><166>6<216><143><190><162><250><17><26>
Attributes:
NAS-IP-Address = 128.32.231.226
NAS-Port = 50002
NAS-Port-Type = Ethernet
User-Name = "anonymous"
Called-Station-Id = "00-12-7F-E3-48-42"
Calling-Station-Id = "00-C0-4F-80-36-EA"
Service-Type = Framed-User
Framed-MTU = 1500
EAP-Message = <2><0><0><14><1>anonymous
Message-Authenticator =
<151>d<10>u*J7j<248><251><235><247><169>{<180>Q
Wed Jan 4 20:40:06 2006: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Wed Jan 4 20:40:06 2006: DEBUG: Deleting session for anonymous,
128.32.231.226, 50002
Wed Jan 4 20:40:06 2006: DEBUG: Handling with Radius::AuthFILE:
Wed Jan 4 20:40:07 2006: DEBUG: Handling with EAP: code 2, 0, 14
Wed Jan 4 20:40:07 2006: DEBUG: Response type 1
Wed Jan 4 20:40:07 2006: DEBUG: EAP result: 3, EAP TTLS Challenge
Wed Jan 4 20:40:07 2006: DEBUG: AuthBy FILE result: CHALLENGE, EAP
TTLS Challenge
Wed Jan 4 20:40:07 2006: DEBUG: Access challenged for anonymous: EAP
TTLS Challenge
Wed Jan 4 20:40:07 2006: DEBUG: Packet dump:
*** Sending to 128.32.231.226 port 1812 ....
Code: Access-Challenge
Identifier: 119
Authentic:
<5><25><133>~<128>5<27><166>6<216><143><190><162><250><17><26>
Attributes:
EAP-Message = <1><1><0><6><21>
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Wed Jan 4 20:40:07 2006: DEBUG: Packet dump:
*** Received from 128.32.231.226 port 1812 ....
Code: Access-Request
Identifier: 120
Authentic: `<203><201><210>4(78<158><133>m<160><8>"Y<192>
Attributes:
NAS-IP-Address = 128.32.231.226
NAS-Port = 50002
NAS-Port-Type = Ethernet
User-Name = "anonymous"
Called-Station-Id = "00-12-7F-E3-48-42"
Calling-Station-Id = "00-C0-4F-80-36-EA"
Service-Type = Framed-User
Framed-MTU = 1500
EAP-Message =
<2><1><0><<21><128><0><0><0>2<22><3><1><0>-
<1><0><0>)<3><1><186><2><4><0><22>s<212><249>j<142>?
<8><184><249><154>C<205><235><183><251>$WR<26>m<176><179><10>U<237>K<190
><0><0><2><0><10><1><0>
Message-Authenticator =
<30>]<243><227><136>4<184><155>O<226><<16><216><245> <7>
Wed Jan 4 20:40:07 2006: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Wed Jan 4 20:40:07 2006: DEBUG: Deleting session for anonymous,
128.32.231.226, 50002
Wed Jan 4 20:40:07 2006: DEBUG: Handling with Radius::AuthFILE:
Wed Jan 4 20:40:07 2006: DEBUG: Handling with EAP: code 2, 1, 60
Wed Jan 4 20:40:07 2006: DEBUG: Response type 21
Wed Jan 4 20:40:07 2006: DEBUG: EAP TTLS data, 24576, 1, -1
Wed Jan 4 20:40:07 2006: DEBUG: EAP TLS SSL_accept result: -1, 2, 8576
Wed Jan 4 20:40:07 2006: DEBUG: EAP result: 3, EAP TTLS Challenge
Wed Jan 4 20:40:07 2006: DEBUG: AuthBy FILE result: CHALLENGE, EAP
TTLS Challenge
Wed Jan 4 20:40:07 2006: DEBUG: Access challenged for anonymous: EAP
TTLS Challenge
Wed Jan 4 20:40:07 2006: DEBUG: Packet dump:
*** Sending to 128.32.231.226 port 1812 ....
Code: Access-Challenge
Identifier: 120
Authentic: `<203><201><210>4(78<158><133>m<160><8>"Y<192>
Attributes:
EAP-Message =
<1><2><3><242><21><192><0><0><7>x<22><3><1><0>J<2><0><0>F<3><1>C<188><16
3>'<153><132><139>O<204><251><201><225>sjhu<213>~<181><245>Q<179><144>N<
6><31><226><154>|p<5><182>
<181><191>!
b<172><187><244><<28><181>O<185><12><18><170><171><26>h<<176><219><190><
137>
L<133><180><28><211><194><138><7><0><10><0><22><3><1><7><27><11><0><7><2
3><0><7><20><0><2><209>0<130><2><205>0<130><2>6<160><3><2><1><2><2><1><2
>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0>0<129><202>1<11>0<9><6><
3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>
U<4><7><19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC Demo
Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate Sec
EAP-Message = tion1/0-<6><3>U<4><3><19>&OSC Test CA (do not use
in production)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<30><
23><13>040316080209Z<23><13>060316080209Z0u1<11>0<9><6><3>U<4><6><19><2>
AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Me
lbourne1<24>0<22><6><3>U<4><10><19><15>My Test
Company1%0#<6><3>U<4><3><19><28>test.server.some.company.com0<129><159>0
<13><6><9>*<134>H<134><247><13><1><1>
EAP-Message =
<1><5><0><3><129><141><0>0<129><137><2><129><129><0><216>4<7><6><214><23
4>/
<241>.9<209><250>\y<1><149>[<215><24>e<133><15><223>d<176><132>Z<222>#<2
34><12>%<133>aF<28><20><24><218><160><197><239><237><136><222><218><138>
<6><19><247>}*3B<155><24>TE<18><240><194><220><164><183>9<192><176>/
<16>HI<220><169>vN<215>)<31><207><24><157><230>G<186>)<246>J<195><171><1
54><249><220>v<17><159><2>x<29><136><148>:
b<170><254><4><207><183><144><210><251>+<233><135>0<212>Y<207><158>N<226
><136><12><132><143><250><182><218>W<2><3><1><0><1><163><23>0<21>0<19><6
><3>U<29>%<4><12>0<10><6><8>+<6><1><5><5><7><3><1>0<13><6><9>*<134>H<134
><247><13><1><1><4><5><0><3><129><129><0>n<23><196><159>c<165><188>>q<12
9>X<13>=l?
<174><155><170><162><189><20><25>az<19>o<202><250>|B8N<209><225><253>?
hv<170><193><235><2>b<16><201>}<250>,<181>q<154>%<182><29><179>p<211><24
8>oba<
EAP-Message =
JP<13>p<12>+<154><199>1<16><208><138><21><141>'wrX<214>NUW<231><173><25>
w<215><13><152><154>T<218><8><246><202>.<177>9s*<220><219>n"Gu<188><254>
<206>U?
<214>)<181>I2^<157><225><174><232>2e<185>k<131><0><4>=0<130><4>90<130><3
><162><160><3><2><1><2><2><1><0>0<13><6><9>*<134>H<134><247><13><1><1><4
><5><0>0<129><202>1<11>0<9><6><3>U<4><6><19><2>AU1<17>0<15><6><3>U<4><8>
<19><8>Victoria1<18>0<16><6><3>U<4><7><19><9>Melbourne1<30>0<28><6><3>U<
4><10><19><21>OSC Demo Certificates1!0<31><6><3>U<4><11><19><24>Test
Certificate Section1/0-<6><3>U<4><3><19>&OSC Test CA (do no
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Wed Jan 4 20:40:07 2006: DEBUG: Packet dump:
*** Received from 128.32.231.226 port 1812 ....
Code: Access-Request
Identifier: 121
Authentic: <26>sSWK<154><215><195><254>a<160>s<238><229><135><231>
Attributes:
NAS-IP-Address = 128.32.231.226
NAS-Port = 50002
NAS-Port-Type = Ethernet
User-Name = "anonymous"
Called-Station-Id = "00-12-7F-E3-48-42"
Calling-Station-Id = "00-C0-4F-80-36-EA"
Service-Type = Framed-User
Framed-MTU = 1500
EAP-Message = <2><2><0><6><21><0>
Message-Authenticator =
<220><184><146><142><225><20><164><226><225><164>/<159><184><170><214>w
Wed Jan 4 20:40:07 2006: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Wed Jan 4 20:40:07 2006: DEBUG: Deleting session for anonymous,
128.32.231.226, 50002
Wed Jan 4 20:40:07 2006: DEBUG: Handling with Radius::AuthFILE:
Wed Jan 4 20:40:07 2006: DEBUG: Handling with EAP: code 2, 2, 6
Wed Jan 4 20:40:07 2006: DEBUG: Response type 21
Wed Jan 4 20:40:07 2006: DEBUG: EAP result: 3, EAP TTLS Challenge
Wed Jan 4 20:40:07 2006: DEBUG: AuthBy FILE result: CHALLENGE, EAP
TTLS Challenge
Wed Jan 4 20:40:07 2006: DEBUG: Access challenged for anonymous: EAP
TTLS Challenge
Wed Jan 4 20:40:07 2006: DEBUG: Packet dump:
*** Sending to 128.32.231.226 port 1812 ....
Code: Access-Challenge
Identifier: 121
Authentic: <26>sSWK<154><215><195><254>a<160>s<238><229><135><231>
Attributes:
EAP-Message = <1><3><3><150><21><0>t use in production)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<30><
23><13>040316080125Z<23><13>060316080125Z0<129><202>1<11>0<9><6><3>U<4><
6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7>
<19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC Demo
Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate
Section1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in p
EAP-Message = roduction)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au0<129>
<159>0<13><6><9>*<134>H<134><247><13><1><1><1><5><0><3><129><141><0>0<12
9><137><2><129><129><0><204><181>%Q<192>7g0<140><153>0xg<240><152><248><
199><214><253>W<7><220>|fd<163><137>%F<216><220><148><230><6><18>ie<144>
'<244>P<8>DxJ<138>n<203>k8<164><239><179>H<237>K<182>mo<155><145><138><1
43><136><127><230><<9>l<172><210><205><136><162><29>)1<4><206><11>g<163>
<226>i@<206>o<210>,<185><173><234><3>^4<221><252><168>H<178><158><25><23
5><152><250>g<199><172><250>uSr<156><205>P<150>O<197><240>=a<255>_<209><
12><163><0>U<2><3><1><0><1><163><130><1>+0<130><1>'0<29><6><3>U<29><14><
4><22><4><20><23><2><196>#<233><210>F0D<173>f]r<193>H?
<164><27>ke0<129><247><6><3>U<29>#
EAP-Message =
<4><129><239>0<129><236><128><20><23><2><196>#<233><210>F0D<173>f]r<193>
H?
<164><27>ke<161><129><208><164><129><205>0<129><202>1<11>0<9><6><3>U<4><
6><19><2>AU1<17>0<15><6><3>U<4><8><19><8>Victoria1<18>0<16><6><3>U<4><7>
<19><9>Melbourne1<30>0<28><6><3>U<4><10><19><21>OSC Demo
Certificates1!0<31><6><3>U<4><11><19><24>Test Certificate
Section1/0-<6><3>U<4><3><19>&OSC Test CA (do not use in production)1
0<30><6><9>*<134>H<134><247><13><1><9><1><22><17>mikem at open.com.au<130><
1><0>0<12><6><3>U<29><19><4><5>0<3>
EAP-Message =
<1><1><255>0<13><6><9>*<134>H<134><247><13><1><1><4><5><0><3><129><129><
0>0<3>=<202><190><236>S<216><228>o<177><242><18>hEBe<219>W<136><245>tf<2
02><143><160><29><220>p9<5><24>2<185>)<128><227>8<17><247>'_J<28><159>;
_<202><254><242>+{=P<245><215>K<160><136>qml<181><24>3<0>f<166>Q(<2><193
><29>-
<228><19><184>C<139>9}r1<188>DTlK<255><15><12>TL<160><177>DuY+<156><143>
<225><149><237><135>ix<22>O<231><212><154><184><10>fZ<248>Va#<192><160>l
<21><129>0<199>6<22><3><1><0><4><14><0><0><0>
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Wed Jan 4 20:40:07 2006: DEBUG: Packet dump:
*** Received from 128.32.231.226 port 1812 ....
Code: Access-Request
Identifier: 122
Authentic: <17>u<131><229>uJ<2><244>)]zn<196>F<208><204>
Attributes:
NAS-IP-Address = 128.32.231.226
NAS-Port = 50002
NAS-Port-Type = Ethernet
User-Name = "anonymous"
Called-Station-Id = "00-12-7F-E3-48-42"
Calling-Station-Id = "00-C0-4F-80-36-EA"
Service-Type = Framed-User
Framed-MTU = 1500
EAP-Message =
<2><3><0><200><21><128><0><0><0><190><22><3><1><0><134><16><0><0><130><0
><128><205>d<222><127>6<240><235><253>$_Fq<195><219><168><25><<201><234>
<202><5><176><204><131><251>x<9><188><218><154>5<200>D<229><186>o<151><1
76><255><243><142><223>f8<156><175>L<252><238><197>1<187><j@<25><128>c<1
85><160><4>XZ<185><145><199>a,<240>S<217><236><189><213><165><5><170><15
7>7<239><140><159><234>%<200><20>K<181>R{<23><182><161>O<150>U<237>;
T<137><154>5<192><236><207><238><241>E<160>4<185><183>N^<0>f<197>P<184>z
<192>5<2><233>"(G<203><20><3><1><0><1><1><22><3><1><0>(<204><171>^<11><2
13><164>UP<132><227><20>J1<199><14>z1Z<236>f6<203>H<198><231><226><128>U
<254><201><141>nfeg~S<206><222>Q
Message-Authenticator =
<213><220><157>N<163><216>i~<170><137><168><171><153>bV<202>
Wed Jan 4 20:40:07 2006: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Wed Jan 4 20:40:07 2006: DEBUG: Deleting session for anonymous,
128.32.231.226, 50002
Wed Jan 4 20:40:07 2006: DEBUG: Handling with Radius::AuthFILE:
Wed Jan 4 20:40:07 2006: DEBUG: Handling with EAP: code 2, 3, 200
Wed Jan 4 20:40:07 2006: DEBUG: Response type 21
Wed Jan 4 20:40:07 2006: DEBUG: EAP TTLS data, 8576, 3, 1
Wed Jan 4 20:40:07 2006: DEBUG: EAP TLS SSL_accept result: 1, 0, 3
Wed Jan 4 20:40:07 2006: DEBUG: EAP result: 3, EAP TTLS Challenge
Wed Jan 4 20:40:07 2006: DEBUG: AuthBy FILE result: CHALLENGE, EAP
TTLS Challenge
Wed Jan 4 20:40:07 2006: DEBUG: Access challenged for anonymous: EAP
TTLS Challenge
Wed Jan 4 20:40:07 2006: DEBUG: Packet dump:
*** Sending to 128.32.231.226 port 1812 ....
Code: Access-Challenge
Identifier: 122
Authentic: <17>u<131><229>uJ<2><244>)]zn<196>F<208><204>
Attributes:
EAP-Message =
<1><4><0>=<21><128><0><0><0>3<20><3><1><0><1><1><22><3><1><0>(<231><186>
]<11><195><198>A<153>7<144><19><240><137><211><242>pO<150><2><10><7><195
>7<212>6x<16><12><0><248><4>E<212><211><18><143><145><153><216><132>
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Wed Jan 4 20:40:07 2006: DEBUG: Packet dump:
*** Received from 128.32.231.226 port 1812 ....
Code: Access-Request
Identifier: 123
Authentic: S<193><179>c<184>)<251><220><142>Jx<23><207><228><184><221>
Attributes:
NAS-IP-Address = 128.32.231.226
NAS-Port = 50002
NAS-Port-Type = Ethernet
User-Name = "anonymous"
Called-Station-Id = "00-12-7F-E3-48-42"
Calling-Station-Id = "00-C0-4F-80-36-EA"
Service-Type = Framed-User
Framed-MTU = 1500
EAP-Message =
<2><4><0>O<21><128><0><0><0>E<23><3><1><0>@<26><163>~<195>3_<16><224>D]<
214><159><16>X<186>o<216>v<183>pqv<190>3<230><138><242><165><17><160><25
3>3<222><25><207><205><207>o<<173><207><174><212><236>uZ<223>:
<196><166>%0^<208>,ML<174>m<151><175>k5T
Message-Authenticator =
<152><186><199>><241><250><145>"<127><253><136><169>}P"k
Wed Jan 4 20:40:07 2006: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Wed Jan 4 20:40:07 2006: DEBUG: Deleting session for anonymous,
128.32.231.226, 50002
Wed Jan 4 20:40:07 2006: DEBUG: Handling with Radius::AuthFILE:
Wed Jan 4 20:40:07 2006: DEBUG: Handling with EAP: code 2, 4, 79
Wed Jan 4 20:40:07 2006: DEBUG: Response type 21
Wed Jan 4 20:40:07 2006: DEBUG: EAP TTLS data, 3, 4, 3
Wed Jan 4 20:40:07 2006: DEBUG: EAP TTLS inner authentication request
for joon
Wed Jan 4 20:40:07 2006: DEBUG: TTLS Tunnelled Diameter Packet dump:
Code: Access-Request
Identifier: UNDEF
Authentic: a<142><217><0>}<254>c<234><193><203>rL9<25><197><183>
Attributes:
User-Name = "joon"
User-Password = MyPassword
Wed Jan 4 20:40:07 2006: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Wed Jan 4 20:40:07 2006: DEBUG: Deleting session for joon,
128.32.231.226,
Wed Jan 4 20:40:07 2006: DEBUG: Handling with Radius::AuthFILE:
Wed Jan 4 20:40:07 2006: DEBUG: Reading users file ./users
Wed Jan 4 20:40:07 2006: DEBUG: Radius::AuthFILE looks for match with
joon [joon]
Wed Jan 4 20:40:07 2006: DEBUG: Radius::AuthFILE REJECT: No such user:
joon [joon]
Wed Jan 4 20:40:07 2006: DEBUG: Radius::AuthFILE looks for match with
DEFAULT [joon]
Wed Jan 4 20:40:07 2006: DEBUG: Radius::AuthFILE REJECT: Check item
Service-Type expression 'Administrative-User' does not match '' in
request: DEFAULT [joon]
Wed Jan 4 20:40:07 2006: DEBUG: Radius::AuthFILE looks for match with
DEFAULT1 [joon]
Wed Jan 4 20:40:07 2006: DEBUG: Radius::AuthFILE REJECT: Check item
Service-Type expression 'Login-User' does not match '' in request:
DEFAULT1 [joon]
Wed Jan 4 20:40:07 2006: DEBUG: Radius::AuthFILE looks for match with
DEFAULT2 [joon]
Wed Jan 4 20:40:07 2006: DEBUG: Radius::AuthFILE REJECT: Check item
Service-Type expression 'Outbound-User' does not match '' in request:
DEFAULT2 [joon]
Wed Jan 4 20:40:07 2006: DEBUG: Radius::AuthFILE looks for match with
DEFAULT3 [joon]
Wed Jan 4 20:40:07 2006: WARNING: Could not find Identifier for
Auth-Type 'System'
Wed Jan 4 20:40:07 2006: DEBUG: Radius::AuthFILE REJECT: Could not
find Identifier for Auth-Type 'System': DEFAULT3 [joon]
Wed Jan 4 20:40:07 2006: DEBUG: Radius::AuthFILE looks for match with
DEFAULT4 [joon]
Wed Jan 4 20:40:07 2006: DEBUG: Radius::AuthFILE REJECT: Username not
suffixed with .ppp: DEFAULT4 [joon]
Wed Jan 4 20:40:07 2006: DEBUG: Radius::AuthFILE looks for match with
DEFAULT5 [joon]
Wed Jan 4 20:40:07 2006: DEBUG: Radius::AuthFILE REJECT: Username not
prefixed with P: DEFAULT5 [joon]
Wed Jan 4 20:40:07 2006: DEBUG: Radius::AuthFILE looks for match with
DEFAULT6 [joon]
Wed Jan 4 20:40:07 2006: WARNING: This AuthBy does not know how to
check Group membership
Wed Jan 4 20:40:07 2006: DEBUG: Radius::AuthFILE REJECT: User joon is
not in Group group1: DEFAULT6 [joon]
Wed Jan 4 20:40:07 2006: DEBUG: AuthBy FILE result: REJECT, User joon
is not in Group group1
Wed Jan 4 20:40:07 2006: INFO: Access rejected for joon: User joon is
not in Group group1
Wed Jan 4 20:40:07 2006: DEBUG: Returned TTLS tunnelled Diameter
Packet dump:
Code: Access-Reject
Identifier: UNDEF
Authentic: a<142><217><0>}<254>c<234><193><203>rL9<25><197><183>
Attributes:
Reply-Message = "Request Denied"
Wed Jan 4 20:40:07 2006: DEBUG: EAP result: 1, EAP TTLS inner
authentication redespatched to a Handler
Wed Jan 4 20:40:07 2006: DEBUG: AuthBy FILE result: REJECT, EAP TTLS
inner authentication redespatched to a Handler
Wed Jan 4 20:40:07 2006: INFO: Access rejected for anonymous: EAP TTLS
inner authentication redespatched to a Handler
Wed Jan 4 20:40:07 2006: DEBUG: Packet dump:
*** Sending to 128.32.231.226 port 1812 ....
Code: Access-Reject
Identifier: 123
Authentic: S<193><179>c<184>)<251><220><142>Jx<23><207><228><184><221>
Attributes:
EAP-Message = <4><4><0><4>
Message-Authenticator =
<0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
Reply-Message = "Request Denied"
******************My radius.cfg****************
Foreground
LogStdout
LogDir .
DbDir .
Trace 4
<Client 128.32.231.226>
Secret n0thing
</Client>
<Realm DEFAULT>
<Handler TunneledByTTLS=1>
<AuthBy KRB5>
KrbRealm BERKELEY.EDU
</AuthBy>
</Handler>
<AuthBy FILE>
Filename %D/users
EAPType TTLS
EAPTLS_CAFile %D/certificates/demoCA/cacert.pem
EAPTLS_CertificateFile %D/certificates/cert-srv.pem
EAPTLS_CertificateType PEM
EAPTLS_PrivateKeyFile %D/certificates/cert-srv.pem
EAPTLS_PrivateKeyPassword whatever
EAPTLS_MaxFragmentSize 1000
AutoMPPEKeys
SSLeayTrace 4
# EAPAnonymous %0
</AuthBy>
</Realm>
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list