[RADIATOR] does OpenSSL 0.9.8n need patched for use with EAP-FAST?

Jim Veneskey jvene at cisco.com
Wed Mar 30 07:38:37 CDT 2011 

Hi,
I am attempting to setup Radiator v4.7 for authenticating clients that 
are using EAP-FAST.
I have installed the evaluation version, verified that the basic tests 
work - and am using the
goodies/eap_fast.cfg as my radius.cfg starting point.
I am using a Slackware 13.1 box.

I believe I have all of the required perl modules installed.
I did install Net_SSLeay.pm-1.30


Slackware 13.1 ships with:
> openssl version
> OpenSSL 0.9.8n 24 Mar 2010
> root at catt1:/home/jvene/Rad
I saw there are patches included for older versions of OpenSSL  - 0.9.8d 
,e ,i
and version 0.9.9

Does 0.9.8n contain the patches already that are required for EAP-FAST?
If not - is it recommended to downgrade to 0.9.8.e and attempt to 
patch/install that version - or 0.9.9 ?

I am guessing that the "Compilation failed in require..."  shown below 
is a result of my current OpenSSL setup - or is it because of something 
else?

Appreciate any advice,

Jim




Wed Mar 30 08:13:07 2011: DEBUG: Packet dump:
*** Received from 194.1.0.18 port 32770 ....
Code:       Access-Request
Identifier: 166
Authentic: <165><156>W<254><12>w<239><139><155><143>A<20>j<9><201>+
Attributes:
     User-Name = "anonymous"
     Calling-Station-Id = "00:40:96:a6:e9:4b"
     Called-Station-Id = "00:22:90:96:77:50:eapfast"
     NAS-Port = 1
     cisco-avpair = "audit-session-id=c2010012000002044d931e52"
     NAS-IP-Address = 194.1.0.18
     NAS-Identifier = "catt4-talwar"
     Airespace-WLAN-Id = 20
     Service-Type = Framed-User
     Framed-MTU = 1300
     NAS-Port-Type = Wireless-IEEE-802-11
     Tunnel-Type = 0:VLAN
     Tunnel-Medium-Type = 0:802
     Tunnel-Private-Group-ID = 410
     EAP-Message = <2><1><0><14><1>anonymous
     Message-Authenticator = 
.<186><147>S.<21><150>V<23><160>x<132><179><225><233><205>

Wed Mar 30 08:13:07 2011: DEBUG: Handling request with Handler '', 
Identifier ''
Wed Mar 30 08:13:07 2011: DEBUG:  Deleting session for anonymous, 
194.1.0.18, 1
Wed Mar 30 08:13:07 2011: DEBUG: Handling with Radius::AuthFILE:
Wed Mar 30 08:13:07 2011: DEBUG: Handling with EAP: code 2, 1, 14, 1
Wed Mar 30 08:13:07 2011: DEBUG: Response type 1
Wed Mar 30 08:13:07 2011: ERR: Could not load EAP module Radius::EAP_43: 
Attempt to reload Radius/EAP_43.pm aborted.
Compilation failed in require at (eval 47) line 3.

Wed Mar 30 08:13:07 2011: DEBUG: EAP result: 1, Unsupported default EAP 
Response/Identity FAST
Wed Mar 30 08:13:07 2011: DEBUG: AuthBy FILE result: REJECT, Unsupported 
default EAP Response/Identity FAST
Wed Mar 30 08:13:07 2011: INFO: Access rejected for anonymous: 
Unsupported default EAP Response/Identity FAST
Wed Mar 30 08:13:07 2011: DEBUG: Packet dump:
*** Sending to 194.1.0.18 port 32770 ....
Code:       Access-Reject
Identifier: 166
Authentic: <224><141><163><159><13><161><16>Pmq<25><11><150>5<159><169>
Attributes:
     Reply-Message = "Request Denied"

More information about the radiator mailing list