(RADIATOR) AuthBy FILE result: IGNORE, TLS not initialised

Peter Havekes p.havekes at avans.nl
Fri Jun 20 03:06:53 CDT 2008 

LS,

I've copied my radius config from one debian-server to another. On the original server EAP-TTLS worked fine, but on the new server I get the error mentioned in the subject. I've used a fresh radiator install and then copied /etc/radiator/ (including subdirs) to the new server.

I guess I need to install some perl-lib, but the logfile (trace 5) doesn't give any clues what is going wrong. The " TLS not initialised" error is the only one I see.

Relevant config:



<Handler Called-Station-Id=/.*eduroam.*/,Realm=avans.nl,User-Name=/@/>
        <AuthBy FILE>
                Filename %D/users
                EAPType TTLS
                EAPTLS_CAFile /etc/radiator/wificert/root.pem
                EAPTLS_CertificateFile /etc/radiator/wificert/server.crt
                EAPTLS_CertificateType PEM
                EAPTLS_PrivateKeyFile /etc/radiator/wificert/server.key
                EAPTLS_PrivateKeyPassword XXXXXXXXXXXXXXXXXXX
                EAPTLS_MaxFragmentSize 512
                AutoMPPEKeys
        </AuthBy>
        PostProcessingHook file:"/etc/radiator/eap_acct_username.pl"
</Handler>





Relevant logging


Code:       Access-Request
Identifier: 196
Authentic:  <0><139><196><135>X<19>{Xg<6><251><148>{n<230>c
Attributes:
        NAS-Port-Id = "AP81/1"
        Calling-Station-Id = "00-09-2D-89-65-98"
        Called-Station-Id = "00-0B-0E-33-4C-80:eduroam"
        Service-Type = Framed-User
        User-Name = "anonymous at avans.nl"
        NAS-Port = 9829
        EAP-Message = <2><2><0><<21><128><0><0><0>2<22><3><1><0>-<1><0><0>)<3><1><233><146><213><31>9<201><136><159><212><134>I6<186><199><228><201>F<17><246
        NAS-Port-Type = 19
        NAS-Identifier = "Trapeze"
        NAS-IP-Address = x.x.x.x
        Message-Authenticator = <146><142>i<18>0 w{&<5>2<161>_<217>u_

Fri Jun 20 09:41:14 2008: DEBUG: Handling request with Handler 'Called-Station-Id=/.*eduroam.*/,Realm=avans.nl,User-Name=/@/'
Fri Jun 20 09:41:14 2008: DEBUG:  Deleting session for anonymous at avans.nl, x.x.x.x, 9829
Fri Jun 20 09:41:14 2008: DEBUG: Handling with Radius::AuthFILE:
Fri Jun 20 09:41:14 2008: DEBUG: Handling with EAP: code 2, 2, 60, 21
Fri Jun 20 09:41:14 2008: DEBUG: Response type 21
Fri Jun 20 09:41:14 2008: DEBUG: EAP result: 2, TLS not initialised
Fri Jun 20 09:41:14 2008: DEBUG: AuthBy FILE result: IGNORE, TLS not initialised
Fri Jun 20 09:41:24 2008: DEBUG: Packet dump:







Any clues/hints/tips?






-- 

Peter Havekes
DIF-ICT 
Systeem- en Netwerkbeheerder
Avans Hogeschool
Onderwijsboulevard 215
5223 DE 's-Hertogenbosch
Telefoon 0736295592
Mobiel 0612917383
Fax 0736295405
email / msn p.havekes at avans.nl 
 
"Dit is mijn uitspraak en daar zult u het mee moeten doen!"
 
 


--------------------------------------------------------------------------- 
Op deze e-mail zijn de volgende voorwaarden van toepassing: 
The following conditions apply to this e-mail: 
http://emaildisclaimer.avans.nl 
--------------------------------------------------------------------------- 

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list