Hello Terry -
Have you double checked the shared secrets? regards Hugh On Tue, 25 Jun 2002 02:13, [EMAIL PROTECTED] wrote: > I've just gotten this running with an old ascend radius, but still no luck > with radiator. Version radiator is 2.19, and TAOS is 9.1.2 > I also tried Scott's suggestion (changing allow-unencrypted-tunnel-password > = yes), no diff.. > > > > > > "Nicholas N. > Sten" To: <[EMAIL PROTECTED]> > <[EMAIL PROTECTED]> cc: > Subject: RE: Follow-up: > (RADIATOR) TNT 06/24/2002 Authentication problem Lucent can't > figure out 10:46 AM > > > > > > > Two questions. What RADIUS server (and version) are you using? What > revision of TAOS is on your TNTs? > > -Nick > > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Monday, June 24, 2002 7:16 AM > To: [EMAIL PROTECTED] > Subject: Follow-up: (RADIATOR) TNT Authentication problem Lucent can't > figure out > > > > This dump shows auth-radius-compat = vendor-specific; I've also tried > old-ascend. > > > > > [EMAIL PROTECTED] > Sent by: To: [EMAIL PROTECTED] > owner-radiator@o cc: > pen.com.au Subject: (RADIATOR) TNT > Authentication problem > Lucent can't figure out > > 06/24/2002 09:11 > AM > > > > > > > I'm having a problem getting my first Max TNT up and authenticating. > Looking at the debug (below) it appears the secrets aren't matching - the > password string being sent is garbage. Lucent is stumped, and I HAVE to > have this server up by this time tomorrow. Anybody have a suggestion? > > From clients: > 209.195.207.174 123 > > From the TNT: > admin> list rad-auth-client > [in EXTERNAL-AUTH:rad-auth-client] > auth-server-1 = 209.195.224.6 > auth-server-2 = 0.0.0.0 > auth-server-3 = 0.0.0.0 > auth-port = 1645 > auth-src-port = 0 > auth-key = 123 > auth-pool = no > auth-timeout = 5 > auth-rsp-required = no > auth-id-fail-return-busy = no > auth-id-timeout-return-busy = no > auth-sess-interval = 0 > auth-TS-secure = yes > auth-Send67 = yes > auth-frm-adr-start = no > auth-boot-host = 0.0.0.0 > auth-boot-host-2 = 0.0.0.0 > auth-boot-port = 0 > auth-reset-time = 0 > auth-id-max-retry-time = 0 > auth-radius-compat = vendor-specific > auth-keep-user-name = change-name > auth-realm-delimiters = /\@% > id-auth-prefix = "" > allow-auth-config-rqsts = no > auth-req-delim-count = 0 > auth-req-strip-side = none > auth-network-route-server = yes > id-auth-prefix-x25 = "" > allow-unencrypted-tunnel-password = no > > From my reject file: > Mon Jun 24 08:55:05 2002 > User-Name = pfischer > CallerId = 6108738491 > Typed-Password = �'1"<�b�h�4�!�& > Reason = Bad Encrypted password > > Dump: > > Mon Jun 24 08:54:55 2002: DEBUG: Packet dump: > *** Received from 209.195.207.174 port 7022 .... > > Packet length = 197 > 01 08 00 c5 2d 61 80 4c 87 b7 44 c0 12 30 48 89 > fa b2 32 55 01 0a 70 66 69 73 63 68 65 72 02 12 > c7 d5 67 5b 0b eb cd 2d 77 87 8f 29 ab c6 7c 3d > 04 06 d1 c3 cf aa 05 06 00 00 04 00 1a 0c 00 00 > 02 11 0d 06 00 00 00 02 3d 06 00 00 00 00 06 06 > 00 00 00 02 07 06 00 00 00 01 1f 0c 36 31 30 38 > 37 33 38 34 39 31 1a 0c 00 00 02 11 42 06 00 00 > 00 02 1a 0c 00 00 02 11 43 06 00 00 00 01 1a 0c > 00 00 02 11 44 06 00 00 00 00 1a 0c 00 00 02 11 > 45 06 00 00 00 03 1e 0c 38 35 36 38 37 33 37 32 > 30 30 2c 0b 33 39 33 35 30 37 31 30 39 1a 0c 00 > 00 02 11 c5 06 00 00 79 e0 1a 0c 00 00 02 11 ff > 06 00 00 d5 8b > Code: Access-Request > Identifier: 8 > Authentic: -a<128>L<135><183>D<192><18>0H<137><250><178>2U > Attributes: > User-Name = "pfischer" > User-Password = "<199><213>g[<11><235><205>-w<135><143>)<171><198> > > |=" > > NAS-IP-Address = 209.195.207.170 > NAS-Port = 1024 > Framed-Compression = 2 > NAS-Port-Type = Async > Service-Type = Framed-User > Framed-Protocol = PPP > Calling-Station-Id = "6108738491" > Tunnel-Client-Endpoint = "<0><0><0><2>" > Tunnel-Server-Endpoint = "<0><0><0><1>" > Tunnel-ID = "" > Tunnel-Password = "<0><0><0><3>" > Called-Station-Id = "8568737200" > Acct-Session-Id = "393507109" > Ascend-Data-Rate = 31200 > Ascend-Xmit-Rate = 54667 > > Mon Jun 24 08:54:55 2002: DEBUG: Check if Handler NAS-Identifier > = "PHLAPAKKR11" should be used to handle this request > Mon Jun 24 08:54:55 2002: DEBUG: Check if Handler NAS-Port-Type = ISDN > should be used to handle this request > Mon Jun 24 08:54:55 2002: DEBUG: Check if Handler should be used to handle > this request > Mon Jun 24 08:54:55 2002: DEBUG: Handling request with Handler '' > Mon Jun 24 08:54:55 2002: DEBUG: Rewrote user name to pfischer > Mon Jun 24 08:54:55 2002: DEBUG: Rewrote user name to pfischer > Mon Jun 24 08:54:55 2002: DEBUG: Deleting session for pfischer, > 209.195.207.170, 1024 > Mon Jun 24 08:54:55 2002: DEBUG: Handling with Radius::AuthSQL > Mon Jun 24 08:54:55 2002: DEBUG: Handling with Radius::AuthFILE: > Mon Jun 24 08:54:55 2002: DEBUG: Radius::AuthFILE looks for match with > pfischer > Mon Jun 24 08:54:55 2002: DEBUG: Radius::AuthFILE looks for match with > DEFAULT > Mon Jun 24 08:54:55 2002: DEBUG: Handling with Radius::AuthUNIX: UNIX > Mon Jun 24 08:54:55 2002: DEBUG: Radius::AuthUNIX looks for match with > pfischer > Mon Jun 24 08:54:55 2002: DEBUG: Radius::AuthUNIX REJECT: Bad Encrypted > password > Mon Jun 24 08:54:55 2002: DEBUG: Radius::AuthFILE REJECT: Bad Encrypted > password > Mon Jun 24 08:54:55 2002: INFO: Access rejected for pfischer: Bad Encrypted > password > Mon Jun 24 08:54:55 2002: DEBUG: Packet dump: > *** Sending to 209.195.207.174 port 7022 .... > > Packet length = 36 > 03 08 00 24 88 f0 27 b7 0d e4 dd 20 7f 6b d5 cd > 87 16 d1 3f 12 10 52 65 71 75 65 73 74 20 44 65 > 6e 69 65 64 > Code: Access-Reject > Identifier: 8 > Authentic: -a<128>L<135><183>D<192><18>0H<137><250><178>2U > Attributes: > Reply-Message = "Request Denied" > > === > Archive at http://www.open.com.au/archives/radiator/ > Announcements on [EMAIL PROTECTED] > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. > > > > > === > Archive at http://www.open.com.au/archives/radiator/ > Announcements on [EMAIL PROTECTED] > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. > > > > > === > Archive at http://www.open.com.au/archives/radiator/ > Announcements on [EMAIL PROTECTED] > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
