[RADIATOR] help with AuthBy LSA failure
Jason Mueller
jasmuell at indiana.edu
Fri Jul 11 10:37:08 CDT 2008
Hugh (or others),
I am still having authentication issues with the <AuthBy LSA> module
and PEAP. The configuration file has not changed from the initial
post. I have corrected the SE_TCB_PRIVILEGE error per Hugh's
suggestion (thanks). I am not generally in the role of a Windows
admin, and I *thought* running the module with an administrator
account met the requirement (which is not the same as using the
Administrator account). I am not sure if the SSLeay error is expected
or not, but it also occurs when using <AuthBy FILE> for the inner
authentication, which is successful.
Again . . . any help is appreciated. Thanks.
-Jason
Here is the output from the Radiator:
----------
Fri Jul 11 11:09:54 2008: DEBUG: Finished reading configuration file
'C:\Program Files\Radiator\radius.cfg'
This Radiator license will expire on 2008-08-30
This Radiator license will stop operating after 1000 requests
To purchase an unlimited full source version of Radiator, see
http://www.open.com.au/ordering.html
To extend your license period, contact admin at open.com.au
Fri Jul 11 11:09:54 2008: DEBUG: Reading dictionary file 'E:/Radiator/
dictionary'
Fri Jul 11 11:09:54 2008: DEBUG: Creating authentication port
0.0.0.0:1812
Fri Jul 11 11:09:55 2008: DEBUG: Creating accounting port 0.0.0.0:1813
Fri Jul 11 11:09:55 2008: NOTICE: Server started: Radiator 4.2 on
iubiastest (LOCKED)
Fri Jul 11 11:10:12 2008: ERR: Attribute number 255 (vendor 11) is not
defined in your dictionary
Fri Jul 11 11:10:12 2008: ERR: Attribute number 255 (vendor 11) is not
defined in your dictionary
Fri Jul 11 11:10:12 2008: ERR: Attribute number 255 (vendor 11) is not
defined in your dictionary
Fri Jul 11 11:10:12 2008: ERR: Attribute number 255 (vendor 11) is not
defined in your dictionary
Fri Jul 11 11:10:12 2008: ERR: Attribute number 255 (vendor 11) is not
defined in your dictionary
Fri Jul 11 11:10:12 2008: ERR: Attribute number 255 (vendor 11) is not
defined in your dictionary
Fri Jul 11 11:10:12 2008: ERR: Attribute number 255 (vendor 11) is not
defined in your dictionary
Fri Jul 11 11:10:12 2008: ERR: Attribute number 255 (vendor 11) is not
defined in your dictionary
Fri Jul 11 11:10:12 2008: DEBUG: Packet dump:
*** Received from 129.79.9.37 port 1026 ....
Code: Access-Request
Identifier: 27
Authentic: <222>@<149><222><243><30>z]CGr"$<18><132><166>
Attributes:
Framed-MTU = 1466
NAS-IP-Address = 129.79.9.37
NAS-Identifier = "jcm-test"
User-Name = "jasmuell"
Service-Type = Framed-User
Framed-Protocol = PPP
NAS-Port = 24
NAS-Port-Type = Ethernet
NAS-Port-Id = "A24"
Called-Station-Id = "00-17-a4-bb-07-00"
Calling-Station-Id = "00-16-cb-8a-a8-7e"
Connect-Info = "CONNECT Ethernet 1000Mbps Full duplex"
Tunnel-Type = 0:VLAN
Tunnel-Medium-Type = 0:802
Tunnel-Private-Group-ID = 100
EAP-Message = <2><23><0><13><1>jasmuell
Message-Authenticator = <158><249><239><137><174>q
+<149><156>c<130>o"<203><146>C
MS-RAS-Vendor = 11
Fri Jul 11 11:10:12 2008: DEBUG: Handling request with Handler ''
Fri Jul 11 11:10:12 2008: DEBUG: Deleting session for jasmuell,
129.79.9.37, 24
Fri Jul 11 11:10:12 2008: DEBUG: Handling with Radius::AuthFILE:
Fri Jul 11 11:10:12 2008: DEBUG: Handling with EAP: code 2, 23, 13, 1
Fri Jul 11 11:10:12 2008: DEBUG: Response type 1
Prototype mismatch: sub Net::SSLeay::randomize (;$$) vs none at (eval
48) line 1.
Fri Jul 11 11:10:12 2008: ERR: TLS could not load_verify_locations , :
Fri Jul 11 11:10:12 2008: DEBUG: EAP result: 1, EAP TLS Could not
initialise context
Fri Jul 11 11:10:12 2008: DEBUG: AuthBy FILE result: REJECT, EAP TLS
Could not initialise context
Fri Jul 11 11:10:12 2008: INFO: Access rejected for jasmuell: EAP TLS
Could not initialise context
Fri Jul 11 11:10:12 2008: DEBUG: Packet dump:
*** Sending to 129.79.9.37 port 1026 ....
Code: Access-Reject
Identifier: 27
Authentic: h<253><192>z<193><153><159><147><27>_<148><224><20><26><0>z
Attributes:
Reply-Message = "Request Denied"
----------
More information about the radiator
mailing list