[RADIATOR] (no subject)

Hugh Irvine hugh at open.com.au
Mon Jul 28 23:55:21 CDT 2008 

Hello Charles -

Thanks for sending the debug, which does appear to indicate a problem  
with the certificate at one end or the other.

We are always happy to work with vendors to sort out any issues, so  
please feel free to discuss this with them and let us know if they  
would like to work with us.

BTW - why do they consider Radiator "not ideal"?

regards

Hugh



On 24 Jul 2008, at 23:17, Cottrell, Charles P. wrote:

> Hugh,
>
> I have attached a trace 4 debug.  The MAC of interest ends in  
> 00:80:92:3b:3b:a2.  At this time we have engaged the vendor and  
> they feel that the current implementation of Radiator is not ideal  
> for the silex bridge to authenticate properly.  However, they have  
> not provided any specific information.
>
> Thanks for looking at this!
>
> Charles
>
>
>
> -----Original Message-----
> From: Hugh Irvine [mailto:hugh at open.com.au]
> Sent: Monday, July 21, 2008 9:24 PM
> To: Cottrell, Charles P.
> Cc: radiator at open.com.au
> Subject: Re: [RADIATOR] (no subject)
>
>
> Hello Charles -
>
> I personally have no experience with any of these devices - but they
> may have been tested at Interop?
>
> Your configuration file looks OK, but without a trace 4 debug it is
> difficult to say much about what may be happening.
>
> Is there anyone else on the list with any relevant comments?
>
> regards
>
> Hugh
>
>
> On 21 Jul 2008, at 23:57, Cottrell, Charles P. wrote:
>
>> We have 3 devices that are supposed to have the ability to do
>> enterprise authentication via radius.  We are trying to use them as
>> bridges.  These devices are:
>>
>>
>>
>> Linksys WET54G
>>
>> 3Com WL-560
>>
>> Silex SX-500
>>
>>
>>
>> The Linksys connected via WPA only using PEAP and MSCHAP-V2, but is
>> inconsistent.  The 3Com will connect with WPA using TTLS and PAP,
>> but not with WPA/WPA2 and PEAP.  We must also assign a static
>> address to the 3com bridge.  The Silex bridge will not connect via
>> any method, and appears to have certificate issues.  However, it
>> has no troubleshooting capabilities from the device side.
>>
>>
>>
>> The questions we have are:
>>
>>
>>
>> 1.       Has anyone worked with any of these devices?  If so, are
>> they configured for WPA2 Enterprise?   What version of firmware?
>>
>> 2.       If you tried to work with any of these devices and failed,
>> what device did you move to that was reliable?
>>
>> 3.       For the Radiator crew specifically, have you worked with
>> clients on any of these devices and have you had success in
>> assisting with enterprise authentication?
>>
>> 4.       A copy of our radius.cfg file is attached.  Can you give
>> it a look and see if there are any issues that would prevent these
>> wireless devices from authenticating?
>>
>>
>>
>> We do have some other wireless bridges that work fine from these
>> manufacturers (except Silex), but they are different models.
>>
>>
>>
>> Charles P. Cottrell
>>
>> Network Engineer
>>
>> Medical University of South Carolina
>>
>> 843.792.9938
>>
>>
>>
>> <cleaned_radius.cfg>
>> _______________________________________________
>> radiator mailing list
>> radiator at open.com.au
>> http://www.open.com.au/mailman/listinfo/radiator
>
>
>
> NB:
>
> Have you read the reference manual ("doc/ref.html")?
> Have you searched the mailing list archive (www.open.com.au/archives/
> radiator)?
> Have you had a quick look on Google (www.google.com)?
> Have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
> Have you checked the RadiusExpert wiki:
> http://www.open.com.au/wiki/index.php/Main_Page
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> Includes support for reliable RADIUS transport (RadSec),
> and DIAMETER translation agent.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> -
> CATool: Private Certificate Authority for Unix and Unix-like systems.
>
>
> <trace4.txt>



NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/ 
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
Have you checked the RadiusExpert wiki:
http://www.open.com.au/wiki/index.php/Main_Page

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

More information about the radiator mailing list