[RADIATOR] AuthBy FILE

Heikki Vatiainen hvn at open.com.au
Wed Aug 7 01:33:57 CDT 2013 

On 08/07/2013 12:11 AM, Dan Prill wrote:

> I'm trying to get authentication set up against eDirectory via LDAP, but
> wanted to start by seeing if I could get AuthBy FILE to work first. When
> I attempt to connect with a Windows 7 laptop, I see the following in the
> logfile. I'm using the eap_peap.cfg file and a Trapeze MX-200 as the
> authenticator. Any suggestions appreciated.

Looks like Radiator thinks you are using LEAP, EAP method 17.

Radiator has successfully read the file, found the entry for the user
and thinks the password is good. Now it's sending a challenge back to
the client and waits the client to respond.

Since you mentioned PEAP and Radiator responds with LEAP, maybe there's
a configuration mismatch somewhere?

Thanks,
Heikki

> Tue Aug  6 15:39:07 2013: DEBUG: Packet dump:
> *** Received from 172.16.240.2 port 20009 ....
> Code:       Access-Request
> Identifier: 214
> Authentic:  an<4><249>@J<4>Zd<229>e1Z#<0>Y
> Attributes:
>  NAS-Port-Id = "AP10/1"
>  Calling-Station-Id = "64-80-99-1E-3F-FC"
>  Called-Station-Id = "00-0B-0E-B5-8A-44:NWHSU-Test"
>  Service-Type = Framed-User
>  User-Name = "dprill"
>  NAS-Port = 23410
>  EAP-Message =
> <2><6><0>&<17><1><0><24><232><209><188>2<242><218><148>`H<213><193><174><224><244><193><251><12>5<130><200><179>'<170><190>dprill
>  NAS-Port-Type = Wireless-IEEE-802-11
>  NAS-IP-Address = 172.16.240.2
>  NAS-Identifier = "Trapeze"
>  Message-Authenticator =
> 3<243><30><188>j<159><166><232><9><151><157>>2<170><194><237>
>  
> Tue Aug  6 15:39:07 2013: DEBUG: Handling request with Handler '',
> Identifier ''
> Tue Aug  6 15:39:07 2013: DEBUG:  Deleting session for dprill,
> 172.16.240.2, 23410
> Tue Aug  6 15:39:07 2013: DEBUG: Handling with Radius::AuthFILE:
> Tue Aug  6 15:39:07 2013: DEBUG: Handling with EAP: code 2, 6, 38, 17
> Tue Aug  6 15:39:07 2013: DEBUG: Response type 17
> Tue Aug  6 15:39:07 2013: DEBUG: Radius::AuthFILE looks for match with
> dprill [dprill]
> Tue Aug  6 15:39:07 2013: DEBUG: Radius::AuthFILE ACCEPT: : dprill [dprill]
> Tue Aug  6 15:39:07 2013: DEBUG: EAP result: 3, Wait for peer challenge
> Tue Aug  6 15:39:07 2013: DEBUG: AuthBy FILE result: CHALLENGE, Wait for
> peer challenge
> Tue Aug  6 15:39:07 2013: DEBUG: Access challenged for dprill: Wait for
> peer challenge
> Tue Aug  6 15:39:07 2013: DEBUG: Packet dump:
> *** Sending to 172.16.240.2 port 20009 ....
> Code:       Access-Challenge
> Identifier: 214
> Authentic:  b<28>8<12><25><31><137>D<141><130><150>%g<10>h<185>
> Attributes:
>  EAP-Message = <3><6><0><4>
>  Message-Authenticator = <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>


-- 
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.

More information about the radiator mailing list