[RADIATOR] Problems with NTLM Auth

Corey Gray corey at tsa.com.au
Thu Jan 28 22:56:26 CST 2010 

<http://caab.net>

I have been trying to authenticate our wireless network against AD with radius. When I try to log on to the network it responds with incorrect username or password for "network1" ywt when running

Ntlm_auth -username user -domain tsa -password password

It returns a status of OK. I was wondering if there is anything I am missing from my configuration file.



My router is set to use Radius authentication on port 1645



Shared secret = one in config file

Encryption 40/64-bit

Passphrase = same as shared secret for testing

Key 1 as TX key



Now for the radiator settings.



LogDir  /var/log/radius

BindAddress 10.0.0.1 ßradius server ip

DbDir   /etc/radiator

DictionaryFile %D/dictionary

LogFile /var/log/radius/%y%m-radius.log

Trace   5

#Trace  3

<Client DEFAULT>

        Secret shh...itssecret

        DupInterval 0

</Client>

#Log Success and failed login attempts

<AuthLog FILE>

        Filename /var/log/radius/%y%m-authlog.log

        LogSuccess 0

        LogFailure 0

        SuccessFormat %l:Client-ip=%c:%U:OK

        FailureFormat %l:Client-ip=%c:%U:FAIL

</AuthLog>

# requests will be processed here

# define Realm(s) or Handler(s)

      # use AuthBy NTLM for AD

        <Handler Realm=tsa.com.au>

                <AuthBy NTLM>

                   NtlmAuthProg /usr/bin/ntlm_auth --helper-protocol=ntlm-server-1

                   DefaultDomain tsa.com.au

                   UsernameMatchesWithoutRealm

                </AuthBy>

        </Handler>



Here is my trace 5



Fri Jan 29 14:43:49 2010: DEBUG: Finished reading configuration file '/etc/radiator/radius.cfg'

Fri Jan 29 14:43:49 2010: DEBUG: Reading dictionary file '/etc/radiator/dictionary'

Fri Jan 29 14:43:49 2010: DEBUG: Creating authentication port 192.168.201.165:1645

Fri Jan 29 14:43:49 2010: DEBUG: Creating accounting port 192.168.201.165:1646

Fri Jan 29 14:43:49 2010: NOTICE: Server started: Radiator 4.5.1 on Radiator (LOCKED)

Fri Jan 29 14:47:53 2010: DEBUG: Packet dump:

*** Received from 192.168.201.74 port 1032 ....

Packet length = 123

01 00 00 7b d6 dc 0e bb 98 ff 55 2e 83 29 ab fd *** Received from 192.168.201.74 port 1032 ....

NAS-Identifier = "00226b5c4bc8"

        NAS-Port = 59

        Framed-MTU = 1400

        NAS-Port-Type = Wireless-IEEE-802-11

        EAP-Message = <2><0><0><10><1>corey

        Message-Authenticator = <246><234><131><156><207><243><139><156><246><14><16><183><144><167><243>\



Fri Jan 29 14:47:53 2010: WARNING: Could not find a handler for corey: request is ignored

Fri Jan 29 14:48:23 2010: DEBUG: Packet dump:

*** Received from 192.168.201.74 port 1032 ....



Packet length = 123

01 00 00 7b 12 dc 22 68 9b 0b 85 1f 6c 4d 2c 2d

09 43 22 8e 01 07 63 6f 72 65 79 04 06 c0 a8 c9

4a 1e 0e 30 30 32 32 36 62 35 63 34 62 63 38 1f

0e 30 30 32 35 62 63 63 33 32 32 39 61 20 0e 30

30 32 32 36 62 35 63 34 62 63 38 05 06 00 00 00

3b 0c 06 00 00 05 78 3d 06 00 00 00 13 4f 0c 02

01 00 0a 01 63 6f 72 65 79 50 12 3a d8 d8 34 85

3b 0c 06 00 00 05 78 3d 06 00 00 00 13 4f 0c 02

01 00 0a 01 63 6f 72 65 79 50 12 3a d8 d8 34 85

b6 3d 3e cc 6f c9 31 6c 42 05 26

Code:       Access-Request

Identifier: 0

Authentic:  <18><220>"h<155><11><133><31>lM,-<9>C"<142>

Attributes:

        User-Name = "corey"

        NAS-IP-Address = 192.168.201.74

        Called-Station-Id = "00226b5c4bc8"

        Calling-Station-Id = "0025bcc3229a"

        NAS-Identifier = "00226b5c4bc8"

        NAS-Port = 59

        Framed-MTU = 1400

        NAS-Port-Type = Wireless-IEEE-802-11

        EAP-Message = <2><1><0><10><1>corey

        Message-Authenticator = :<216><216>4<133><182>=><204>o<201>1lB<5>&



Fri Jan 29 14:48:23 2010: WARNING: Could not find a handler for corey: request is ignored



So it keeps trying and radius is getting my attempts... But im not sure why it cant handle the request



Any help would be greatly appreciated

Regards



Corey Gray
Support Engineer

http://caab.net/images/Cert_Partner_rgb.png

Ph.

1300 88 95 88

Fax.

07 3858 6318

http://www.caab.net



This message contains privileged and confidential information. If you are not the intended recipient you must not disseminate, copy or take any action in reliance on it, and we request that you notify TSA Software Solutions immediately. Any views expressed in this message are those of the individual sender, except where they are specifically stated to be the views of TSA Software Solutions Pty Ltd or its Subsidiaries. Your privacy is important to us. To view our privacy policy visit http://www.tsa.com.au/privacy



-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.open.com.au/pipermail/radiator/attachments/20100129/13a45b0d/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 8397 bytes
Desc: image001.png
Url : http://www.open.com.au/pipermail/radiator/attachments/20100129/13a45b0d/attachment-0002.png 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 4696 bytes
Desc: image003.png
Url : http://www.open.com.au/pipermail/radiator/attachments/20100129/13a45b0d/attachment-0003.png

More information about the radiator mailing list