[RADIATOR] WG: Radiator evaluation software downloaded

El Abbadi, Ossama Ossama.Elabbadi at hs-ruhrwest.de
Fri Apr 29 06:43:17 CDT 2011


Hi List,

so I have installed needed modules and I get following problem. 

-------------

Fri Apr 29 11:39:24 2011: DEBUG: EAP result: 1, No Handler for PEAP inner
authentication
Fri Apr 29 11:39:24 2011: DEBUG: AuthBy NTLM result: REJECT, No Handler for
PEAP inner authentication
Fri Apr 29 11:39:24 2011: INFO: Access rejected for
elabbadi.ossama at vwa.hs-rw.local: No Handler for PEAP inner authentication
Fri Apr 29 11:39:24 2011: DEBUG: Packet dump:
*** Sending to 10.1.2.86 port 1645 ....


Have anyone an Idea where I can define an Handler for PEAP ?

Thanks for Help

--------------

# /etc/radiator/radius.cfg
#
# Radiator configuration file
# Automatically generated by ServerHTTP
# logged in as admin
# from client 192.168.105.210:1220
# on Thu Apr 28 07:56:04 2011
#

AcctPort 1646
AuthPort 1645
BindAddress 0.0.0.0
DbDir /etc/radiator
DictionaryFile %D/dictionary
Foreground 0
LicenseExpires 2012-03-01
LicenseKey cefb3bd23790809524597cb15633b0e4
LicenseMaxRequests 1000
LicenseOwner Evaluation
LivingstonHole 2
LivingstonMIB .iso.org.dod.internet.private.enterprises.307
LivingstonOffs 29
LogDir /var/log/radius
LogFile %L/logfile
MaxChildren 0
PidFile %L/radiusd.pid
PmwhoProg /usr/local/sbin/pmwho
SnmpNASErrorTimeout 60
SnmpgetProg /usr/bin/snmpget
SnmpsetProg /usr/bin/snmpset
SnmpwalkProg /usr/bin/snmpwalk
Trace 6

<AuthBy NTLM>
        CachePasswordExpiry 86400
        DomainFormat %R
        EAPAnonymous anonymous
        EAPContextTimeout 1000
        EAPFAST_PAC_Lifetime 7776000
        EAPFAST_PAC_Reprovision 2592000
        EAPTLS_CertificateType PEM
        EAPTLS_MaxFragmentSize 2048
        EAPTLS_PEAPVersion 1
        EAPTLS_SessionResumption 1
        EAPTLS_SessionResumptionLimit 43200
        EAPTLS_VerifyDepth 1
        EAPType MSCHAP-V2
        Identifier Auth4Tunneled
        NoDefault 1
        NtlmAuthProg /usr/bin/ntlm_auth --helper-protocol=ntlm-server-1
        PasswordPrompt password
        SIPDigestRealm DefaultSipRealm
        UsernameFormat %U
        UsernameMatchesWithoutRealm 1
</AuthBy>

<Client DEFAULT>
        DupInterval 0
        FramedGroupMaxPortsPerClassC 255
        LivingstonHole 2
        LivingstonOffs 29
        NasType unknown
        NoIgnoreDuplicates
        SNMPCommunity public
        Secret mysecret
</Client>

<Client mh-ap17>
        DupInterval 10
        FramedGroupMaxPortsPerClassC 255
        LivingstonHole 2
        LivingstonOffs 29
        NasType unknown
        NoIgnoreDuplicates
        SNMPCommunity public
        Secret testing123
</Client>

<Handler TunnelledByPEAP=1, Client-Identifier=wism >
        AuthByPolicy ContinueWhileIgnore
        AuthBy Auth4Tunneled
</Handler>

<Handler TunnelledByTTLS=1, Client-Identifier=wism >
        AuthByPolicy ContinueWhileIgnore
        AuthBy Auth4Tunneled
</Handler>

<Handler Realm = /hs-rw\.local$/i>
        AcctLogFileName %L/%R-%m-%Y.detail
        AuthByPolicy ContinueWhileIgnore

        <AuthBy NTLM>
                AutoMPPEKeys 1
                CachePasswordExpiry 86400
                DomainFormat %0
                EAPAnonymous %0
                EAPContextTimeout 1000
                EAPFAST_PAC_Lifetime 7776000
                EAPFAST_PAC_Reprovision 2592000
                EAPTLS_CAFile /root/ca/cacert.pem
                EAPTLS_CertificateFile /root/ca/servercert.pem
                EAPTLS_CertificateType PEM
                EAPTLS_MaxFragmentSize 1000
                EAPTLS_PEAPVersion 0
                EAPTLS_PrivateKeyFile /root/ca/serverkey.pem
                EAPTLS_SessionResumption 1
                EAPTLS_SessionResumptionLimit 43200
                EAPTLS_VerifyDepth 1
                EAPType PEAP
                EAPType TTLS
                NoDefault 1
                NtlmAuthProg /usr/bin/ntlm_auth
--helper-protocol=ntlm-server-1
                PasswordPrompt password
                SIPDigestRealm DefaultSipRealm
                SSLeayTrace 2
                UsernameFormat %0
        </AuthBy>
</Handler>

<Handler User-Name = /^vwa\\/i >

<ServerHTTP >
        BindAddress 0.0.0.0
        DefaultPrivilegeLevel 15
        LogMaxLines 500
        MaxBufferSize 100000
        Password password
        Port 1111
        Protocol tcp
        SessionTimeout 3600
        TLS_ExpectedPeerName .+
        Trace 6
        Username admin
</ServerHTTP>



> -----Ursprüngliche Nachricht-----
> Von: Heikki Vatiainen [mailto:hvn at open.com.au]
> Gesendet: Donnerstag, 28. April 2011 14:35
> An: El Abbadi, Ossama
> Cc: radiator at open.com.au
> Betreff: Re: [RADIATOR] WG: Radiator evaluation software downloaded
> 
> On 04/28/2011 02:21 PM, El Abbadi, Ossama wrote:
> 
> > Here the output from my last log file. And I found this entry:
> >
> > Thu Apr 28 13:08:08 2011: ERR: Could not load EAP module Radius::EAP_25:
> > Can't locate Net/SSLeay.pm in @INC (@INC contains: . /etc/perl
> > /usr/local/lib/perl/5.10.1 /usr/local/share/perl/5.10.1 /usr/lib/perl5
> > /usr/share/perl5 /usr/lib/perl/5.10 /usr/share/perl/5.10
> > /usr/local/lib/site_perl .) at /usr/lib/perl5/Radius/TLS.pm line 15.
> > BEGIN failed--compilation aborted at /usr/lib/perl5/Radius/TLS.pm line
15.
> > Compilation failed in require at /usr/lib/perl5/Radius/EAP_25.pm line
24.
> > BEGIN failed--compilation aborted at /usr/lib/perl5/Radius/EAP_25.pm
> > line 24.
> > Compilation failed in require at (eval 57) line 3.
> >
> > Had any one an idea, why the compilation failed ?
> 
> You need Net_SSLeay module. Please see
> http://www.open.com.au/radiator/install.html
> 
> The installation instructions and the reference manual ref.pdf tell more
> about which modules are needed for which features. For example, if you
> check AuthBy LDAP2 in ref.pdf, it will tell which LDAP modules are needed.
> 
> Best regards,
> Heikki
> 
> --
> Heikki Vatiainen <hvn at open.com.au>
> 
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS,
> PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc.
> Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6036 bytes
Desc: not available
Url : http://www.open.com.au/pipermail/radiator/attachments/20110429/bca7d4d6/attachment-0001.bin 


More information about the radiator mailing list