[RADIATOR] Trying to get Radiator to work with EAP-TTLS auth

Heikki Vatiainen hvn at open.com.au
Thu Jun 5 14:54:40 CDT 2014


On 06/05/2014 09:57 PM, Christopher Chance wrote:
> I upped everything to trace 5, startup is clean no perl errors or anything missing 

Startup lookus fine. The 'EAP authentication is not ...' indicates the
request hits a Handler with an AuthBy that has no EAPType defined.

Also, looking back your previous message, I suggest you change the inner
handler to just this for now:
  <Handler TunnelledByTTLS=1>

This will make sure that once the inner authentication starts, the inner
requests will hit the right Handler.

If it still does not work, please reply with a full log. The
configuration file would be needed too.

> Thu Jun  5 14:44:14 2014: DEBUG: ServerHTTP Connection GET /reset
> Thu Jun  5 14:44:15 2014: DEBUG: ServerHTTP Connection GET /reset&action=reset
> Thu Jun  5 14:44:15 2014: INFO: ServerHTTP: Server Reset by admin at 127.0.0.1
> Thu Jun  5 14:44:15 2014: DEBUG: Creating StreamServer tcp port 0.0.0.0:9048
> Thu Jun  5 14:44:15 2014: DEBUG: Finished reading configuration file 'C:\Program Files\Radiator\radius.cfg'
> Thu Jun  5 14:44:15 2014: DEBUG: Reading dictionary file 'C:/Program Files/Radiator/dictionary'
> Thu Jun  5 14:44:15 2014: DEBUG: Creating accounting port 0.0.0.0:1813
> Thu Jun  5 14:44:15 2014: NOTICE: Server started: Radiator 4.9 on RADSRVR2
> 
> An eap connection nets me the following in trace 5
> 
> Thu Jun  5 14:54:48 2014: INFO: Access rejected for testuser: EAP authentication is not permitted.

The AuthBy that catches the request has not EAPType. Would need the log
and config to tell more.

> No packet or anything just that oddly

There should be more in the logs, at least the full packet dump and
trail that shows which handler was chosen. Maybe the log file in the
file system has more?


Thanks,
Heikki


-- 
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.


More information about the radiator mailing list