[RADIATOR] Microsoft AV (Was Re: EAP PEAP Authentication Failing)

Johnson, Neil M neil-johnson at uiowa.edu
Mon Jul 29 16:24:01 CDT 2013


It's kind of hard get a trace 4 log as the server is processing a lot of
accounting requests at the same time.

I did do additional packet captures and on the RADIUS server I see
requests going in and responses going out, but capturing packets on the
client side shows only 1 initial response getting back to the client.

I suspect a network/Firewall issue now and am pursuing that, but why it is
only affecting one RADIUS server, I don't know.

-Neil


Thanks.
-Neil

-- 
Neil Johnson
Network Engineer
The University of Iowa
Phone: 319 384-0938
Fax: 319 335-2951
Mobile: 319 540-2081
E-Mail: neil-johnson at uiowa.edu






On 7/29/13 6:37 AM, "Sami Keski-Kasari" <samikk at open.com.au> wrote:

>Hello Neil,
>
>Can you reply with Trace 4 logfile so that we can see what happens?
>
>Best Regards,
>  Sami
>
>On 07/26/2013 10:39 PM, Johnson, Neil M wrote:
>>
>> I had our server folks completely re-install windows on the server and
>> I'm still getting the same problem (Accounting requests are processing
>> fine. EAP Authentication id failing).
>>
>> I'm using the same version of RADIATOR, Perl, Perl modules,
>> certificates, and configuration as 8 other servers that are working, but
>> something about this server is different.
>>
>> Trace logs, output from eapol_test, and packet captures show that there
>> is an initial request to RADIATOR and RADIATOR responds, but when the
>> client makes it's next request RADIATOR never responds. No error
>> messages in the the RADIATOR trace log.
>>
>> Ideas?
>>
>> -Neil
>>
>> --
>> Neil Johnson
>> Network Engineer
>> The University of Iowa
>> Phone: 319 384-0938
>> Fax: 319 335-2951
>> Mobile: 319 540-2081
>> E-Mail: neil-johnson at uiowa.edu
>>
>>
>> From: <Johnson>, Neil Johnson <neil-johnson at uiowa.edu
>> <mailto:neil-johnson at uiowa.edu>>
>> Date: Thursday, June 27, 2013 2:47 PM
>> To: Alan Buxey <A.L.M.Buxey at lboro.ac.uk
>><mailto:A.L.M.Buxey at lboro.ac.uk>>
>> Cc: "radiator at open.com.au <mailto:radiator at open.com.au>"
>> <radiator at open.com.au <mailto:radiator at open.com.au>>
>> Subject: Re: [RADIATOR] Microsoft AV (Was Re: EAP PEAP Authentication
>> Failing)
>>
>> Well, according to our server support folks, they performed this same
>> procedure on our other 8 RADIUS servers and didn't have any issues.
>>
>> They were using SCCM (Microsoft's System Center Configuration Manager)
>> to automate the uninstall and re-install of the software rather than a
>> manual process. I wonder if performing the actions by hand would make a
>> difference.
>>
>> Since it appears to be one box, I'm assuming there was something wrong
>> with it before the upgrade and it should be wiped and reinstalled from
>> scratch.
>>
>> -Neil
>> --
>> Neil Johnson
>> Network Engineer
>> The University of Iowa
>> Phone: 319 384-0938
>> Fax: 319 335-2951
>> Mobile: 319 540-2081
>> E-Mail: neil-johnson at uiowa.edu <mailto:neil-johnson at uiowa.edu>
>>
>>
>> From: Alan Buxey <A.L.M.Buxey at lboro.ac.uk
>><mailto:A.L.M.Buxey at lboro.ac.uk>>
>> Reply-To: Alan Buxey <A.L.M.Buxey at lboro.ac.uk
>> <mailto:A.L.M.Buxey at lboro.ac.uk>>
>> Date: Thursday, June 27, 2013 1:35 PM
>> To: Neil Johnson <neil-johnson at uiowa.edu
>><mailto:neil-johnson at uiowa.edu>>
>> Cc: Heikki Vatiainen <hvn at open.com.au <mailto:hvn at open.com.au>>,
>> "radiator at open.com.au <mailto:radiator at open.com.au>"
>> <radiator at open.com.au <mailto:radiator at open.com.au>>
>> Subject: Re: Microsoft AV (Was Re: [RADIATOR] EAP PEAP Authentication
>> Failing)
>>
>> What would be interesting is whether a clean install of Windows and just
>> the installation of the Microsoft SEP kills it
>>
>> alan
>>
>>
>>
>> _______________________________________________
>> radiator mailing list
>> radiator at open.com.au
>> http://www.open.com.au/mailman/listinfo/radiator
>>
>
>
>-- 
>Sami Keski-Kasari <samikk at open.com.au>
>
>Radiator: the most portable, flexible and configurable RADIUS server
>anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
>TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
>DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
>NetWare etc.
>_______________________________________________
>radiator mailing list
>radiator at open.com.au
>http://www.open.com.au/mailman/listinfo/radiator



More information about the radiator mailing list