Hello, > On 30 Oct 2018, at 21.53, Eric W. Bates <[email protected]> wrote: > > I can't quite figure out how to log the outer tunnel failures for PEAP > and TTLS. We're getting "EAP PEAP TLS read failed" and I'd like to try > and suss it out. > > I've created an AuthLog, but I don't quite know where to use it. >
the error is available in a reject reason which can be logged in AuthLog. Ref: http://www.open.com.au/radiator/ref/FailureFormat_AuthLogFILE.html#Filename_AuthLogFILE-3 A config example where reason is logged with AuthLog FILE. ##################################################################### # RADIUS request logging ##################################################################### # This auth logger logs both success and failure to a file. Ignored # attempts are also logged. <AuthLog FILE> Identifier authlog-file Filename %L/authentication.log LogSuccess LogFailure LogIgnore SuccessFormat %l trace_id='%2' user='%u' client='%c/%{Client:Identifier}' nas='%N/%{NAS-Identifier}' \ handler='%{Handler:Identifier}' calling-station='%{Request:Calling-Station-Id}' \ called-station='%{Called-Station-Id}' result='OK' FailureFormat %l trace_id='%2' user='%u' client='%c/%{Client:Identifier}' nas='%N/%{NAS-Identifier}' \ handler='%{Handler:Identifier}' calling-station='%{Request:Calling-Station-Id}' \ called-station='%{Called-Station-Id}' reason='%1' result='FAIL' IgnoreFormat %l trace_id='%2' user='%u' client='%c/%{Client:Identifier}' nas='%N/%{NAS-Identifier}' \ handler='%{Handler:Identifier}' calling-station='%{Request:Calling-Station-Id}' \ called-station='%{Called-Station-Id}' reason='%1' result='IGNORE' </AuthLog> <Handler ...> Identifier Some-Handler AuthBy ... AuthLog authlog-file </Handler> BR -- Tuure Vartiainen <[email protected]> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list [email protected] https://lists.open.com.au/mailman/listinfo/radiator
