Hello Richard -
This was posted to the list a couple of weeks ago.
cheers
Hugh
---------- Forwarded Message ----------
Subject: (RADIATOR) Vendor 311/Attribute 1 and 11
Date: Sat, 30 Oct 1999 23:25:36 -0400
From: [EMAIL PROTECTED] (Scott Adkins)
I just scanned the archive and noticed that there were 5 previous mailings
on this subject, with no real resolution. Here are the log entries that
are in question:
ERR: Attribute number 11 (vendor 311) is not defined in your dictionary
ERR: Attribute number 1 (vendor 311) is not defined in your dictionary
I will attach a more detailed log at the end of this message that contains
a packet dump of the Access-Request.
These messages occur when the user is using the Dial-Up Adapter from Win98.
Select a dialup icon and do properties on it. Select the Server Types tab.
Here, you are presented with a couple options, including "Require Encrypted
Password". I have been trying to identify what exactly that option does
and really haven't figured it out.
If authentication occurs via CHAP, that option doesn't seem to do anything
if it is checked or not. However, if authentication occurs via PAP and that
option is checked, authentication fails and the above two log entries are
entered. Also, the Access-Request packet includes no password information
of any kind that I can tell.
Is vendor 311 Microsoft? It would seem so. Attribute's 1 and 11 could be
a encryption key and password, if I had to guess.
The following is a more detailed log entry of the attempted connection. Keep
in mind that I am using my own authentication module, so I had to force the
packet dump myself. I deleted the dates and some other information in the
packet that didn't need to go out on the net.
ERR: Attribute number 11 (vendor 311) is not defined in your dictionary
ERR: Attribute number 1 (vendor 311) is not defined in your dictionary
DEBUG: Handling request with Handler 'Realm=SCOTT'
DEBUG: Called AuthSCOTT::handle_request
DEBUG: Packet Dump:
Code: Access-Request
Identifier: 117
Authentic: <deleted>
Attributes:
User-Name = "sadkins@SCOTT"
Client-Id = <deleted>
NAS-Port = 276
Acct-Session-Id = "18022425"
USR-Interface-Index = 1532
Service-Type = Framed-User
Framed-Protocol = PPP
Chassis-Call-Slot = 2
Chassis-Call-Span = 1
Chassis-Call-Channel = 20
Calling-Station-Id = <deleted>
Called-Station-Id = <deleted>
NAS-Port-Type = Async
DEBUG: Called AuthSCOTT::findUser = sadkins
WARNING: No CHAP-Password or User-Password in request: does your dictionary
DEBUG: findUser: FAILURE! REASON=Invalid password
INFO: Access rejected for sadkins@SCOTT: Invalid password
Any thoughts on the subject will be quite welcome!
Scott
--
+-=-=-=-=-=-=-=-=-=+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=+=-=-=-=-=-=-=-=-+
Scott W. Adkins http://www.cns.ohiou.edu/~sadkins/
UNIX Systems Engineer mailto:[EMAIL PROTECTED]
ICQ 7626282 Work (740)593-9478 Fax (740)593-1944
+-=-=-=-=-=-=-=-=-=+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=+=-=-=-=-=-=-=-=-+
CNS, HDL Center, Suite 301, Ohio University, Athens, OH 45701-2979
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
