[RADIATOR] Calling-Station-Id problem

Heikki Vatiainen hvn at open.com.au
Tue Jul 12 16:59:33 CDT 2011


On 07/12/2011 06:57 PM, Fabio Ciampi wrote:

Hello Fabio,

> I attach the new configuration file that I wrote.
> As you can see my configuration file have two different handler. One for
> the outer and one for the inner authentication.
> 
> I can use radpwtst with the command:
> 
>     perl radpwtst -user fabio at test.it -password hello -chap
> 
> but, in this way , I test only the handler for the outher
> authentication. As you said it works.

Good to hear it works.

> My problem instead seems to be in the inner authentication that is
> dispatched to the handler:
> <Handler TunnelledByTTLS=1, request_src = test-src>
> and I don't know how I can test it with radpwtst.

You can not test it with radpwtst. To test TTLS, PEAP and many other
protocols, please see eapol_test

http://hostap.epitest.fi/wpa_supplicant/devel/testing_tools.html

> The Access-Request messages contain the Calling-Station-Id and
> Called-Station-Id.
> Here is what I got in the log file:

> Tue Jul 12 16:35:19 2011: DEBUG: TTLS Tunnelled Diameter Packet dump:
> Code:       UNDEF
> Identifier: UNDEF
> Authentic:  UNDEF
> Attributes:
>         User-Name = "fabio at test.it"
>         User-Password = hello<0><0><0><0><0><0><0>

As you can see the inner authentication contains only two attributes. If
you need to log Called- and Calling-Station-Id from the inner request
with AuthLog, use %{OuterRequest:Calling-Station-Id} with SuccessFormat.
With this you can reach back to the outer request and fetch the
attribute value from there.

Try this: MAC-user = "%{OuterRequest:Calling-Station-Id}" %r

See ref.pdf section "5.2 Special characters". The table has more about
%{OuterRequest:name} format

Thanks!
Heikki

-- 
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.


More information about the radiator mailing list