[RADIATOR] PAM - and EAP

Hugh Irvine hugh at open.com.au
Thu Aug 28 01:51:07 CDT 2008 

Hello Judy -

I will need to see complete trace 4 debugs from both HostA and HostB  
showing both successful and unsuccessful authentications.

 From what you show below, Radiator is not configured for EAP on  
either host.

regards

Hugh


On 28 Aug 2008, at 07:21, Judy Angel wrote:

> Hi
> we have HostA sending a request to HostB which is a solaris server  
> that uses PAM authentication,
>
>
> HostA:#
> <Realm domain>
>   RewriteUsername      s/^([^@]+).*/$1/
>   <AuthBy RADIUS>
>     Host PAMxxxx
>     Secret yyyyyy
>   </AuthBy>
>        # Log accounting to the detail file in LogDir
>        AcctLogFileName %L/detail
> </Realm>
>
>
> HostB:
> <Realm DEFAULT>
>        # Authenticate from the PAM service called 'passwd'
>        # see above for details. Need to be root to use that service
>        <AuthBy PAM>
>                Service Password
>        </AuthBy>
> </Realm>
>
>
> That works very well on site. However when a remote user tries to  
> authenticate user at domain with EAP it fails. How can the HostB be  
> set up to authenticate both instances?
>
> the debug output:
>        User-Name = "jo3xx"
>        EAP-Message = <2><2><0><22><1>jo3xx at domain
> Wed Aug 27 15:42:55 2008: DEBUG:  Deleting session for jo3xx,  
> 172.16.46.17, 2152
> Wed Aug 27 15:42:55 2008: INFO: Access rejected for jo3xx:  
> Authentication failed:
>
>
> thanks
> Judy Angel
> University of Hertfordshire
>
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator



NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/ 
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
Have you checked the RadiusExpert wiki:
http://www.open.com.au/wiki/index.php/Main_Page

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

More information about the radiator mailing list