Maybe try changing your NAS type to other?
--
AA7C EF9F 451F E4AF EB1E 7212 BA37 2882 E813 5B02
--
Jay DeSotel
Systems Administrator
InterLink L.C.
<[EMAIL PROTECTED]>
On Thu, 9 Oct 2003, Joe Antkowiak wrote:
> Ok, so I read a little more, and it looks like there is a problem with my
> shared secret, on the orinoco side.
>
> I've entered and re-entered the shared secret on the orinoco AP to no
> avail. Just to make sure it works, I tried this exact config with a cisco
> AP and it works fine.
>
> Is there something special I have to do when getting an Orinoco AP to talk
> to freeradius, ie to/for the shared key? What NAS type should I use?
> (Would that have anything to do with this?)
>
> It only authenticates because I have Auth-Type := Accept set on every mac
> address user.
>
> -Joe
>
> > Hi,
> >
> > I'm stumped.
> >
> > We have a few orinico AP-2000's that we're trying to set up mac-address
> > control through radius.
> >
> > The authentication works fine. The shared secrets are correct,
> > everything's configured right, etc...
> >
> > Accounting, however, doesn't. When freeradius 0.9.1 (and 0.9.0) receives
> > an accounting request from any AP2000, it complains that the shared secret
> > is not the same, and rejects it.
> >
> > Now, I've read all the e-mails I could find about this, and I've tried all
> > kinds of things, and I still can't get it to work, with freeradius.
> >
> > On an off chance, I tried it with cistron radius instead, with basicly the
> > same exact configuration, and wa-la, everything works!
> >
> > This is the account record that the AP sends back to radius (as recorded
> > by cistron):
> > Thu Oct 9 14:06:52 2003
> > User-Name = "00-0c-41-0c-f3-ea"
> > Acct-Session-Id = "00-0c-41-0c-f3-ea"
> > NAS-Identifier = "wolfe-ap1"
> > NAS-IP-Address = 66.92.46.190
> > NAS-Port = 2
> > NAS-Port-Type = 19
> > Acct-Authentic = RADIUS
> > Acct-Status-Type = Start
> > Client-IP-Address = 66.92.46.190
> > Timestamp = 1065722812
> > Request-Authenticator = Unverified
> >
> >
> > I did however notice the following statistics on the orinoco:
> >
> > Primary Authentication Server
> > Access Requests 1
> > Access Accepts 1
> > Access Retransmissions 3
> > Access Rejects 0
> > Access Challenges 0
> > Malformed Access Responses 0
> > Authentication Bad Authenticators 1 <<< ?
> > Timeouts 3
> >
> > Primary Accounting Server
> > Accounting Requests 1
> > Accounting Retransmissions 0
> > Accounting Responses 1
> > Accounting Bad Authenticators 1 <<< ?
> >
> >
> > And any password being passed to radius comes back in a jumbled string of
> > letters and numbers, about 50 characters long.
> >
> >
> > This is my freeradius config:
> >
> > clients:
> > 66.92.46.190 <<ss>>
> >
> > clients.conf:
> > client 66.92.46.190 {
> > secret = <<ss>>
> > nastype = portslave
> > shortname = wolfe1-ap1
> > }
> >
> > naslist:
> > 66.92.46.190 wolfe1-ap1 portslave
> >
> >
> >
> > Anyone have any ideas? I'd really like to use freeradius, I want mysql.
> >
> > Thanks in advance.
> >
> > -
> > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
> >
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
