Tried that too... is there another one I need to use maybe? orinoco uses
lucent gear... But would that cause this kind of problem? What exactly
does the NAS-type make radius do differently?
> Maybe try changing your NAS type to other?
>
> --
> AA7C EF9F 451F E4AF EB1E 7212 BA37 2882 E813 5B02
> --
> Jay DeSotel
> Systems Administrator
> InterLink L.C.
> <[EMAIL PROTECTED]>
>
> On Thu, 9 Oct 2003, Joe Antkowiak wrote:
>
>> Ok, so I read a little more, and it looks like there is a problem with
>> my
>> shared secret, on the orinoco side.
>>
>> I've entered and re-entered the shared secret on the orinoco AP to no
>> avail. Just to make sure it works, I tried this exact config with a
>> cisco
>> AP and it works fine.
>>
>> Is there something special I have to do when getting an Orinoco AP to
>> talk
>> to freeradius, ie to/for the shared key? What NAS type should I use?
>> (Would that have anything to do with this?)
>>
>> It only authenticates because I have Auth-Type := Accept set on every
>> mac
>> address user.
>>
>> -Joe
>>
>> > Hi,
>> >
>> > I'm stumped.
>> >
>> > We have a few orinico AP-2000's that we're trying to set up
>> mac-address
>> > control through radius.
>> >
>> > The authentication works fine. The shared secrets are correct,
>> > everything's configured right, etc...
>> >
>> > Accounting, however, doesn't. When freeradius 0.9.1 (and 0.9.0)
>> receives
>> > an accounting request from any AP2000, it complains that the shared
>> secret
>> > is not the same, and rejects it.
>> >
>> > Now, I've read all the e-mails I could find about this, and I've tried
>> all
>> > kinds of things, and I still can't get it to work, with freeradius.
>> >
>> > On an off chance, I tried it with cistron radius instead, with basicly
>> the
>> > same exact configuration, and wa-la, everything works!
>> >
>> > This is the account record that the AP sends back to radius (as
>> recorded
>> > by cistron):
>> > Thu Oct 9 14:06:52 2003
>> > User-Name = "00-0c-41-0c-f3-ea"
>> > Acct-Session-Id = "00-0c-41-0c-f3-ea"
>> > NAS-Identifier = "wolfe-ap1"
>> > NAS-IP-Address = 66.92.46.190
>> > NAS-Port = 2
>> > NAS-Port-Type = 19
>> > Acct-Authentic = RADIUS
>> > Acct-Status-Type = Start
>> > Client-IP-Address = 66.92.46.190
>> > Timestamp = 1065722812
>> > Request-Authenticator = Unverified
>> >
>> >
>> > I did however notice the following statistics on the orinoco:
>> >
>> > Primary Authentication Server
>> > Access Requests 1
>> > Access Accepts 1
>> > Access Retransmissions 3
>> > Access Rejects 0
>> > Access Challenges 0
>> > Malformed Access Responses 0
>> > Authentication Bad Authenticators 1 <<< ?
>> > Timeouts 3
>> >
>> > Primary Accounting Server
>> > Accounting Requests 1
>> > Accounting Retransmissions 0
>> > Accounting Responses 1
>> > Accounting Bad Authenticators 1 <<< ?
>> >
>> >
>> > And any password being passed to radius comes back in a jumbled string
>> of
>> > letters and numbers, about 50 characters long.
>> >
>> >
>> > This is my freeradius config:
>> >
>> > clients:
>> > 66.92.46.190 <<ss>>
>> >
>> > clients.conf:
>> > client 66.92.46.190 {
>> > secret = <<ss>>
>> > nastype = portslave
>> > shortname = wolfe1-ap1
>> > }
>> >
>> > naslist:
>> > 66.92.46.190 wolfe1-ap1 portslave
>> >
>> >
>> >
>> > Anyone have any ideas? I'd really like to use freeradius, I want
>> mysql.
>> >
>> > Thanks in advance.
>> >
>> > -
>> > List info/subscribe/unsubscribe? See
>> > http://www.freeradius.org/list/users.html
>> >
>>
>>
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
