[RADIATOR] Radiator
Heikki Vatiainen
hvn at open.com.au
Wed Mar 28 11:50:32 CDT 2012
On 03/28/2012 05:02 PM, Sudhir Harwalkar wrote:
> Sorry forgot to attach screen-shot and users file.
The error message indicates you have different shared secret in Radiator
and AP configuration.
The AP seems to send correct looking EAP identity messages, but since
the secret is not equal on both ends, Radiator will not process the
request further.
About the users file, you can create a new users file with just your own
username and password with it. There is no need to use the users files
that comes with Radiator.
Thanks!
Heikki
> -----Original Message-----
> From: Sudhir Harwalkar
> Sent: Wednesday, March 28, 2012 2:29 PM
> To: radiator at open.com.au
> Subject: FW: [RADIATOR] Radiator
>
> Hi Heikki,
>
> 1. I verified with PEAPv0, as per your comment I made change in the user file that file is not playing a role because without that also I am getting same message, please see the screenshot attached with this.
>
> 2. Received from 192.168.32.78 port 3124, is this is correct port that listing from AP?
>
> 3. I observed is Identifier is changing every time is that correct?
>
> 4. NAS port is 0, is that correct?
>
> 5. Every time I am getting message as Bad authenticator.
>
> In my code I made User Name as Sudhir and password as sudhir12, same changes made in users file also, is this will be the correct way and I am not getting which users file need to use.
>
> Thanks
> Sudhir H
>
>
>
>
>
> -----Original Message-----
> From: Sudhir Harwalkar
> Sent: Wednesday, March 28, 2012 11:15 AM
> To: 'Heikki Vatiainen'; 'radiator at open.com.au'
> Subject: RE: [RADIATOR] FW: Radiator
>
> Hi Heikki,
>
> For PEAPv0, in the users files I have see so many username and password, in that where exactly I need to modify.
>
> -----Original Message-----
> From: Sudhir Harwalkar
> Sent: Tuesday, March 27, 2012 4:25 PM
> To: 'Heikki Vatiainen'; radiator at open.com.au
> Subject: RE: [RADIATOR] FW: Radiator
>
> Hi Heikki,
>
> Also I made same in Radiator and WLAN board, this I have done for EAP-PEAPv0 MSCHAPv2.
> See the user file in this file I had given User Name and Password, see the user name as Sudhir and PW as sudhir12. Is this the right place to make changes.
>
> Thanks
> Sudhir H
>
> -----Original Message-----
> From: radiator-bounces at open.com.au [mailto:radiator-bounces at open.com.au] On Behalf Of Heikki Vatiainen
> Sent: Tuesday, March 27, 2012 3:40 PM
> To: radiator at open.com.au
> Subject: Re: [RADIATOR] FW: Radiator
>
> On 03/27/2012 11:19 AM, Sudhir Harwalkar wrote:
>
> Hello Sudhir,
>
>> I modified the file according to your changes, that works fine.
>> There are some queries:
>>
>> 1. In the config file if I mentioned Auth PORT and ACCTPORT then it's taking as 1645 and 1646, and I tried with the command line means I gave authport and acctport its taking properly.
>
> I took another look at your configuration file and noticed there is still an extra line. Remove this:
>
> <Client DEFAULT>
>
> since the real Client clause is just below. The extra lines was before AuthPort and AcctPort lines causing them to be parsed within Client context which is not corrrect.
>
>> 2. I gave UserName and Password for both WLAN Device and Radius Server, but its not able to associated with the AP and Radius server, how to verify that all three AP,WLAN Device and Radius Server are communicating with each other.
>
> When you have enabled Trace 4, you should see messages from AP in Radiator's log file. Are you seeing anything? Please reply with the log especially if there are errors or warnings in it.
>
> Thanks!
> Heikki
>
>
>> Thanks
>> Sudhir H
>>
>> -----Original Message-----
>> From: radiator-bounces at open.com.au
>> [mailto:radiator-bounces at open.com.au] On Behalf Of Heikki Vatiainen
>> Sent: Monday, March 26, 2012 1:35 PM
>> To: radiator at open.com.au list
>> Subject: Re: [RADIATOR] Radiator
>>
>> On 03/26/2012 02:54 PM, Sudhir Harwalkar wrote:
>>
>> Hello Sudhir,
>>
>>> Please find the modified EAP-PEAPv0 file, please check once whether whatever changes I made are correct or not, please see the error message attached with this peaperror.PNG.
>>
>> Try defining your using slash '/' instead of backslash '\'. For example:
>>
>> LogDir C:/Radiator/Radiator-Locked-4.9/goodies/
>>
>> I also recommend defining LogDir and DbDir to point to where Radiator installed its configuration file. Typically this is:
>>
>> C:/Program Files/Radiator/
>>
>> The directory specified with DbDir should also have file called dictionary. If not, you need to specify DictionaryFile to point to that file.
>>
>> Other changes: You have specified files and directories with '%C:\...'.
>> You do not need to use '%' sign here. Use for example:
>>
>> Filename C:/Radiator/Radiator-Locked-4.9/users
>> instead of
>> Filename %C:\Radiator\Radiator-Locked-4.9/users
>>
>> Here I also recommend setting AuthBy FILE Filename to C:/Program Files/Radiator/users if C:/Program Files/Radiator/ already contains e.g., dictionary file.
>>
>> Related to this and your previous message. The simplest users file would have just this one line:
>>
>> username User-Password=mypassword
>>
>> This creates users file which knows about one user 'username' and where the user has password 'mypassword'.
>>
>> Thanks!
>> Heikki
>>
>>
>>> Thanks
>>> Sudhir H
>>>
>>> -----Original Message-----
>>> From: Sudhir Harwalkar
>>> Sent: Monday, March 26, 2012 10:53 AM
>>> To: 'Heikki Vatiainen'
>>> Subject: RE: [RADIATOR] Radiator
>>>
>>> Hi Heikki,
>>>
>>> How to add device username and password in our config file.is there any command for that.
>>>
>>> Thanks
>>> Sudhir H
>>>
>>> -----Original Message-----
>>> From: Sudhir Harwalkar
>>> Sent: Thursday, March 22, 2012 3:49 PM
>>> To: 'Heikki Vatiainen'
>>> Subject: RE: [RADIATOR] Radiator
>>>
>>> Thanks a lot Heikki, will try and let you know.
>>>
>>> Thanks
>>> Sudhir H
>>>
>>> -----Original Message-----
>>> From: radiator-bounces at open.com.au
>>> [mailto:radiator-bounces at open.com.au] On Behalf Of Heikki Vatiainen
>>> Sent: Thursday, March 22, 2012 3:23 PM
>>> To: radiator at open.com.au
>>> Subject: Re: [RADIATOR] Radiator
>>>
>>> On 03/22/2012 11:44 AM, Sudhir Harwalkar wrote:
>>>> I made all the changes you have mentioned, then I run the config file, in the log file I got message as follows
>>>> Thu Mar 22 15:00:17 2012: DEBUG: Finished reading configuration file 'c:\Program Files\Radiator\radiusnew.cfg'
>>>> Thu Mar 22 15:00:17 2012: DEBUG: Reading dictionary file 'C:\Program Files\Radiator/dictionary'
>>>> Thu Mar 22 15:00:17 2012: DEBUG: Creating authentication port 0.0.0.0:1812
>>>> Thu Mar 22 15:00:17 2012: DEBUG: Creating accounting port 0.0.0.0:1813
>>>> Thu Mar 22 15:00:17 2012: NOTICE: Server started:
>>>> Radiator 4.9 on EMMYS0938 (LOCKED) Is this authenticated with AP?
>>>
>>> Looks good. It is ready to receive messages from AP. There is no authentication done between RADIUS server and wireless AP. The shared secret and client IP just make sure they can communicate with each other when the WLAN users need to be authenticated by the AP.
>>>
>>>> As you mentioned I haven't got message like receives from AP.
>>>
>>> The next step is to configure AP so that it will authenticate WLAN users. How this is done depends on your AP.
>>>
>>> Thanks!
>>> Heikki
>>>
>>>
>>>> Regards
>>>> Sudhir H
>>>> -----Original Message-----
>>>> From: radiator-bounces at open.com.au
>>>> [mailto:radiator-bounces at open.com.au] On Behalf Of Heikki Vatiainen
>>>> Sent: Thursday, March 22, 2012 2:22 PM
>>>> To: radiator at open.com.au
>>>> Subject: Re: [RADIATOR] Radiator
>>>>
>>>> On 03/21/2012 03:58 PM, Sudhir Harwalkar wrote:
>>>>
>>>>> Thanks a lot for helping me out.
>>>>> I have one query :
>>>>> Steps that I followed for EAP-PEAPv0 Testing:
>>>>> 1. Copied eap_peap.cfg file to c:\program file
>>>>
>>>> Add a Client clause with your AP's address in the configuration. Also set DbDir and LogDir as I just mentioned in my other message:
>>>>
>>>> LogDir c:/Program Files/Radiator
>>>> DbDir c:/Program Files/Radiator
>>>>
>>>>> 2. in the command line I typed the command "perl radiusd
>>>>> -bind_address 192. . . . -auth_port 1812 -log_file filename
>>>>> -config_file c:\program files\eap_peap.cfg When I run this command
>>>>> I am getting an error, the error details are shown in the
>>>>> screenshot named as eap_peap.PNG
>>>>
>>>> You do not need to set BindAddress. If set, it should be address belonging to your computer, not to the AP. You usually do not need to set this at all.
>>>>
>>>>> - Is there anything that I need to make change?
>>>>
>>>> Please see above.
>>>>
>>>>> -How does we know that communication happening between AP and Radius Server?
>>>>
>>>> The log will messages Radiator receives from AP.
>>>>
>>>>> -Port address that I have given in AP is 1812 is that right?
>>>>
>>>> Please see above. About auth_port, it should match the setting in AP. By default Radiator uses 1645 so you need to check both AP and Radiator use same port number.
>>>>
>>>>> -please see the config file that I have used is attached with this mail.
>>>>
>>>> I suggest you try seeing simple authentication without PEAP works before moving to PEAP configuration. If your AP provides a method to authenticate users with plain username and password (no PEAP involved), this would be the best method to see the basic communication between AP and Radiator works.
>>>>
>>>> Thanks!
>>>> Heikki
>>>>
>>>>
>>>>>
>>>>> Thanks
>>>>> Sudhir H
>>>>>
>>>>>
>>>>> Larsen & Toubro Limited
>>>>>
>>>>> www.larsentoubro.com
>>>>>
>>>>> This Email may contain confidential or privileged information for the intended recipient (s) If you are not the intended recipient, please do not use or disseminate the information, notify the sender and delete it from your system.
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> radiator mailing list
>>>>> radiator at open.com.au
>>>>> http://www.open.com.au/mailman/listinfo/radiator
>>>>
>>>>
>>>> --
>>>> Heikki Vatiainen <hvn at open.com.au>
>>>>
>>>> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.
>>>> _______________________________________________
>>>> radiator mailing list
>>>> radiator at open.com.au
>>>> http://www.open.com.au/mailman/listinfo/radiator
>>>>
>>>>
>>>> Larsen & Toubro Limited
>>>>
>>>> www.larsentoubro.com
>>>>
>>>> This Email may contain confidential or privileged information for the intended recipient (s) If you are not the intended recipient, please do not use or disseminate the information, notify the sender and delete it from your system.
>>>> _______________________________________________
>>>> radiator mailing list
>>>> radiator at open.com.au
>>>> http://www.open.com.au/mailman/listinfo/radiator
>>>
>>>
>>> --
>>> Heikki Vatiainen <hvn at open.com.au>
>>>
>>> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.
>>> _______________________________________________
>>> radiator mailing list
>>> radiator at open.com.au
>>> http://www.open.com.au/mailman/listinfo/radiator
>>>
>>>
>>> Larsen & Toubro Limited
>>>
>>> www.larsentoubro.com
>>>
>>> This Email may contain confidential or privileged information for the intended recipient (s) If you are not the intended recipient, please do not use or disseminate the information, notify the sender and delete it from your system.
>>>
>>>
>>>
>>> _______________________________________________
>>> radiator mailing list
>>> radiator at open.com.au
>>> http://www.open.com.au/mailman/listinfo/radiator
>>
>>
>> --
>> Heikki Vatiainen <hvn at open.com.au>
>>
>> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.
>> _______________________________________________
>> radiator mailing list
>> radiator at open.com.au
>> http://www.open.com.au/mailman/listinfo/radiator
>>
>>
>> Larsen & Toubro Limited
>>
>> www.larsentoubro.com
>>
>> This Email may contain confidential or privileged information for the intended recipient (s) If you are not the intended recipient, please do not use or disseminate the information, notify the sender and delete it from your system.
>> _______________________________________________
>> radiator mailing list
>> radiator at open.com.au
>> http://www.open.com.au/mailman/listinfo/radiator
>
>
> --
> Heikki Vatiainen <hvn at open.com.au>
>
> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
>
>
> Larsen & Toubro Limited
>
> www.larsentoubro.com
>
> This Email may contain confidential or privileged information for the intended recipient (s) If you are not the intended recipient, please do not use or disseminate the information, notify the sender and delete it from your system.
>
>
>
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
--
Heikki Vatiainen <hvn at open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.
More information about the radiator
mailing list