[RADIATOR] FW: RADIATOR: EAP-FAST-MSCHAPv2

Sudhir Harwalkar Sudhir.Harwalkar at lnties.com
Fri Apr 6 07:55:20 CDT 2012


Hi Heikki,

Please find the attached new log file, users file and config file, because with same username and password EAP-FAST GTC has worked fine, but for MSCHAPv2 it shows an error.

Regards
Sudhir H

-----Original Message-----
From: radiator-bounces at open.com.au [mailto:radiator-bounces at open.com.au] On Behalf Of Heikki Vatiainen
Sent: Friday, April 06, 2012 4:55 PM
To: radiator at open.com.au
Subject: Re: [RADIATOR] FW: RADIATOR: EAP-FAST-MSCHAPv2

On 04/06/2012 10:07 AM, Sudhir Harwalkar wrote:

> I tried EAP-FAST with GTC as an inner authentication its working fine, but for MSCHAPv2 I saw message in log file that rejected.

The log file you sent previously shows that the user (sudhir) was found from the users file. MSCHAPv2 then failed which indicates the password was incorrect or your client calculated EAP-MSCHAPv2 credentials incorrectly. I would check the password first to see it was correctly entered.

Heikki


> Regards
> Sudhir H
>
> -----Original Message-----
> From: radiator-bounces at open.com.au
> [mailto:radiator-bounces at open.com.au] On Behalf Of Sudhir Harwalkar
> Sent: Friday, April 06, 2012 11:20 AM
> To: radiator at open.com.au
> Subject: [RADIATOR] FW: RADIATOR: EAP-FAST-MSCHAPv2
>
>
> Hi Heikki,
>
> When I run the EAP-FAST I seen rejected message in the  log file  is it due do log file config.
> Please find the attached log file.
>
> Thanks
> Sudhir H
>
> -----Original Message-----
> From: radiator-bounces at open.com.au
> [mailto:radiator-bounces at open.com.au] On Behalf Of Heikki Vatiainen
> Sent: Thursday, April 05, 2012 4:50 PM
> To: radiator at open.com.au
> Subject: Re: [RADIATOR] RADIATOR: EAP-FAST-MSCHAPv2
>
> On 04/05/2012 10:15 AM, Sudhir Harwalkar wrote:
>
> Hello Sudhir,
>
>> As I am verifying EAP-FAST which uses inner authentication as
>> MSCHAPv2, for this our device requires any certificates like client certificates?
>>
>> I red that it requires PAC  means pac key should match from both
>> sides like radius sever and our device?
>
> If the client does not send its PAC, Radiator will try to allocate one to it. Then client is then disconnected. Next time when the client tries to authenticate, it will have a PAC and the authentication should then proceed. By default Radiator keeps the PACs in memory with the other option being SQL. So do not restart Radiator unless you want to clear the PAC.
>
> Thanks!
> Heikki
>
>
> --
> Heikki Vatiainen <hvn at open.com.au>
>
> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
>
>
> Larsen & Toubro Limited
>
> www.larsentoubro.com
>
> This Email may contain confidential or privileged information for the intended recipient (s) If you are not the intended recipient, please do not use or disseminate the information, notify the sender and delete it from your system.
>
>
> Larsen & Toubro Limited
>
> www.larsentoubro.com
>
> This Email may contain confidential or privileged information for the intended recipient (s) If you are not the intended recipient, please do not use or disseminate the information, notify the sender and delete it from your system.
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator


--
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.
_______________________________________________
radiator mailing list
radiator at open.com.au
http://www.open.com.au/mailman/listinfo/radiator


Larsen & Toubro Limited

www.larsentoubro.com

This Email may contain confidential or privileged information for the intended recipient (s) If you are not the intended recipient, please do not use or disseminate the information, notify the sender and delete it from your system.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: eap_fast.cfg
Type: application/octet-stream
Size: 3198 bytes
Desc: eap_fast.cfg
Url : http://www.open.com.au/pipermail/radiator/attachments/20120406/482c4c03/attachment-0003.obj 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: users
Type: application/octet-stream
Size: 13527 bytes
Desc: users
Url : http://www.open.com.au/pipermail/radiator/attachments/20120406/482c4c03/attachment-0004.obj 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: logfile
Type: application/octet-stream
Size: 624183 bytes
Desc: logfile
Url : http://www.open.com.au/pipermail/radiator/attachments/20120406/482c4c03/attachment-0005.obj 


More information about the radiator mailing list