[RADIATOR] Issues with WiMAX TTLS-MSCHAPV2

Peter Adkins pete at pirate-pockets.net
Tue Nov 3 16:35:57 CST 2009


Hey there,

I've been working on getting a WiMAX base station talking to Radiator, using
TTLS-MSCHAPV2 but I have run into a small problem. Everything appears to
work correctly at first, and the TTLS tunnel is getting setup correctly,
however I am running into an error during MSCHAP-V2 Authentication.

An 'Access-Accept' is generated by Radiator, after I have verified the
authenticity of the user (currently using AuthBy FILE for testing) and is
printed to the logs (with Trace level 4 enabled.) However, there is no
RADIUS packet generated to coincide with this 'Access-Accept'; an
'Access-Challenge' is being generated and sent back to the base station
instead. There is also no 'MS-CHAP2-Success' AVP in the 'Access-Accept'
which is printed the the logs (as mentioned above.)

Am I doing something wrong, in the wrong order, or is this
'Access-Challenge' expected to be sent rather than the 'Access-Accept'
(containing the 'MS-CHAP2-Success' string, which is currently absent)? As
currently, the base station is ignoring the 'Access-Challenge', so I am
trying to work out whether or not the base station is not doing something
that it should or if there is a problem with my Radiator configuration.

Also, I noticed that the Radiator change logs had the following in it, so I
have updated to Radiator 4.5, but I am still experiencing the same issue:
 'Fixed a problem with AuthBy WIMAX which would fail when TTLS-MSCHAPV2 was
used. Improved goodies/wimaxtest to support -mschapv2 flag to cause
TTLS-MSCHAPV2 authentication. Reported by "Valentin Tumarkin".'

Any help would be appreciated. I have attached the log file (Trace level
4)and the configuration, please let me know if you require any more
information.

Thank you for your time :)


-- Peter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.open.com.au/pipermail/radiator/attachments/20091104/fce11a90/attachment-0001.html 
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: EAP-TTLS_MSCHAP-V2_Radiator.txt
Url: http://www.open.com.au/pipermail/radiator/attachments/20091104/fce11a90/attachment-0001.txt 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: radius.cfg
Type: application/octet-stream
Size: 5522 bytes
Desc: not available
Url : http://www.open.com.au/pipermail/radiator/attachments/20091104/fce11a90/attachment-0001.obj 


More information about the radiator mailing list