|
Dear
Sirs,
We are using
Radiator as a Radius Proxy server with CiscoSecure ACS Radius. It works fine
with our Cisco NASs with both PAP and CHAP authentication.
We are also using
Radiator for gprs connection authentication. The NAS that accepts gprs
connections does not belong to us and is controlled by our gprs provider. When
we connect to the gprs NAS with PAP we have no problem. We can easily
authenticate through the Radiator and then CiscoSecure with
PAP.
When we try to
connect with CHAP we can not get authenticated.
Below is the sample
"trace 5" log with CHAP authentication from the GPRS NAS :
Mon Oct 21 16:48:43
2002: DEBUG: Packet dump:
*** Received from 195.87.246.1 port 1812 .... Packet length =
114
01 b9 00 72 75 b8 7d 1f fa 24 2a 24 13 98 46 c9 70 08 77 da 01 0d 69 6c 6b 65 72 61 40 67 70 72 73 03 13 01 54 0a 79 0b e2 52 d2 cf 9d 82 e9 40 23 24 83 af 04 06 c3 57 f6 01 06 06 00 00 00 02 07 06 00 00 00 01 1f 0e 39 30 35 33 33 37 31 34 31 34 32 32 20 08 6b 6f 63 6e 65 74 3c 16 ea 76 43 69 01 22 e3 5f ab e0 17 67 e8 b2 dd 82 b8 96 37 b0 Code: Access-Request Identifier: 185 Authentic: u<184>}<31><250>$*$<19><152>F<201>p<8>w<218> Attributes: User-Name = "ilkera@gprs" CHAP-Password = <1>T<10>y<11><226>R<210><207><157><130><233>@#$<131><175> NAS-IP-Address = 195.87.246.1 Service-Type = Framed-User Framed-Protocol = PPP Calling-Station-Id = "905337141422" NAS-Identifier = "kocnet" CHAP-Challenge = <234>vCi<1>"<227>_<171><224><23>g<232><178><221><130><184><150>7<176> Mon Oct 21 16:48:43
2002: DEBUG: Handling request with Handler 'Realm=gprs'
Mon Oct 21 16:48:43 2002: DEBUG: Deleting session for ilkera@gprs, 195.87.246.1, Mon Oct 21 16:48:43 2002: DEBUG: Handling with Radius::AuthRADIUS Mon Oct 21 16:48:43 2002: DEBUG: Packet dump: *** Sending to 195.87.1.231 port 1645 .... Packet length =
114
01 08 00 72 75 b8 7d 1f fa 24 2a 24 13 98 46 c9 70 08 77 da 01 0d 69 6c 6b 65 72 61 40 67 70 72 73 03 13 01 54 0a 79 0b e2 52 d2 cf 9d 82 e9 40 23 24 83 af 04 06 c3 57 f6 01 06 06 00 00 00 02 07 06 00 00 00 01 1f 0e 39 30 35 33 33 37 31 34 31 34 32 32 20 08 6b 6f 63 6e 65 74 3c 16 ea 76 43 69 01 22 e3 5f ab e0 17 67 e8 b2 dd 82 b8 96 37 b0 Code: Access-Request Identifier: 8 Authentic: u<184>}<31><250>$*$<19><152>F<201>p<8>w<218> Attributes: User-Name = "ilkera@gprs" CHAP-Password = <1>T<10>y<11><226>R<210><207> NAS-IP-Address =
195.87.246.1
Service-Type = Framed-User Framed-Protocol = PPP Calling-Station-Id = "905337141422" NAS-Identifier = "kocnet" CHAP-Challenge = <234>vCi<1>"<227>_<171><224><23>g<232><178><221><130><184><150>7<176> Mon Oct 21 16:48:44
2002: DEBUG: Packet dump:
*** Received from 195.87.1.231 port 1645 .... Packet length =
20
03 08 00 14 23 d5 f3 db 42 bf 18 20 2b 00 bc 8c 32 72 03 3a Code: Access-Reject Identifier: 8 Authentic: #<213><243><219>B<191><24> +<0><188><140>2r<3>: Attributes: Mon Oct 21 16:48:44
2002: DEBUG: Received reply in AuthRADIUS for req 8 from
195.87.1.231:1645
Mon Oct 21 16:48:44 2002: INFO: Access rejected for ilkera@gprs: Mon Oct 21 16:48:44 2002: DEBUG: Packet dump: *** Sending to 195.87.246.1 port 1812 .... Packet length =
36
03 b9 00 24 e3 82 7d f9 70 31 ae 08 84 90 c9 e1 c6 fe c2 ed 12 10 52 65 71 75 65 73 74 20 44 65 6e 69 65 64 Code: Access-Reject Identifier: 185 Authentic: u<184>}<31><250>$*$<19><152>F<201>p<8>w<218> Attributes: Reply-Message = "Request Denied" Can you help
us to find where the problem is and solve it ?
Best
Regards,
ilker
Aktuna
Koc.net Network
Services
|
