(RADIATOR) dot1x auth problems on HP switch

Alex Sharaz A.Sharaz at hull.ac.uk
Fri Apr 25 05:56:15 CDT 2008 

Chaps,
We¹ve implemented wired 802.1x auth in one of our RESNET sites  usin HP 3400
switches. This has been running since sept 2007 without a problem.
I¹m now rolling out wired dot1x in one of our PC rooms (HP 2900 switch) .
Switch config wise there is no difference between the 3400 and the 2900
boxes.

The problem is that the 3400 always works and the 2900 is generating the
following in the Radiator logs:-

Fri Apr 25 11:02:38 2008: DEBUG: Packet dump:
*** Received from 150.237.162.254 port 2440 ....
Code:       Access-Request
Identifier: 18
Authentic:  ]<163>!<25><130><191><185>R<245>]<240><9><232>l<132><143>
Attributes:
        Framed-MTU = 1466
        NAS-IP-Address = 150.237.162.254
        NAS-Identifier = "CC_PC2_HP2900-48"
        User-Name = "ccsas at hull.ac.uk"
        Service-Type = Framed-User
        Framed-Protocol = PPP
        NAS-Port = 30
        NAS-Port-Type = Ethernet
        NAS-Port-Id = "30"
        Called-Station-Id = "00-1c-2e-11-4b-40"
        Calling-Station-Id = "00-a0-d1-bc-29-de"
        Connect-Info = "CONNECT Ethernet 1000Mbps Full duplex"
        Tunnel-Type = 0:VLAN
        Tunnel-Medium-Type = 0:802
        Tunnel-Private-Group-ID = 1620
        EAP-Message = <2><11><0><21><1>ccsas at hull.ac.uk
        Message-Authenticator =
<244><176>q<184><226><241><240><25><246>#<143><225><199><210>M<254>

Fri Apr 25 11:02:38 2008: WARNING: Bad EAP Message-Authenticator
Fri Apr 25 11:02:38 2008: WARNING: Bad authenticator in request from
150.237.162.254 (150.237.162.254)

Can¹t see anything wrong. The only difference seems to be in the Framed-MTU
size 

An hp 3400 box generates this:-

ri Apr 25 00:15:38 2008: DEBUG: Packet dump:
*** Received from 150.237.251.198 port 1024 ....
Code:       Access-Request
Identifier: 114
Authentic:  Z<182>&<237>.N<9>M6SU<173><177><194><220>u
Attributes:
        Framed-MTU = 1480
        NAS-IP-Address = 150.237.251.198
        NAS-Identifier = "TC2-Brantingham_HP3400"
        User-Name = "339804 at hull.ac.uk"
        Service-Type = Framed-User
        Framed-Protocol = PPP
        NAS-Port = 7
        NAS-Port-Type = Ethernet
        NAS-Port-Id = "7"
        Called-Station-Id = "00-12-79-49-7c-c0"
        Calling-Station-Id = "00-1b-24-48-65-60"
        Connect-Info = "CONNECT Ethernet 10Mbps Full duplex"
        Tunnel-Type = 0:VLAN
        Tunnel-Medium-Type = 0:802
        Tunnel-Private-Group-ID = 290
        EAP-Message = <2>?<0><22><1>339804 at hull.ac.uk
        Message-Authenticator =
En<180><241><248>6<232><178><225><154><242><160>K,<238><204>

Anyone using radiator with HP 2900 switches?

I¹m running radiator 4.2 with patch file 1.915

Alex
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20080425/fe825b2d/attachment.html>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: not available
URL: <http://www.open.com.au/pipermail/radiator/attachments/20080425/fe825b2d/attachment.ksh>

More information about the radiator mailing list