Salut Denis -
Did you see my previous mail?
Your problem below is almost certainly your dictionary alterations.
You should remove what you added to the dictionary, and just use the "Colubris-AVPAIR" attribute that is already in the dictionary.
If you send us a trace 5 debug from Radiator, we will be able to see the encoded attributes.
You could also run a packet sniffer on the ethernet interface to see what is actually on the wire.
regards
Hugh
On Saturday, Jan 18, 2003, at 03:31 Australia/Melbourne, Denis Beauchemin wrote:
Hello,
Here is my trace 4 debug:
Thu Jan 16 16:04:47 2003: DEBUG: Packet dump:
*** Received from 132.210.X.Y port 1024 ....
Code: Access-Request
Identifier: 164
Authentic: 9kD<23>N<177>M<14><153><131><248><216><139>MH<163>
Attributes:
Acct-Session-Id = "306f8d83"
NAS-Port = 0
NAS-Port-Type = 19
User-Name = "CN3000"
Calling-Station-Id = "00-02-2D-66-XX-YY"
MS-CHAP2-Response = "<164><0><227>T[<229><162><180><2>p(0c"<239>o<149><240><0><0><0><0><0>< 0><0><0><239>i<222>_<194><183><213>"<169>^<248><139>W<180>n<225>Z<21><2 7><207><164> :P"
MS-CHAP-Challenge = "9kD<23>N<177>M<14><153><131><248><216><139>MH<163>"
NAS-Identifier = "J004-00025"
NAS-IP-Address = 132.210.X.Y
Framed-MTU = 1496
Connect-Info = "HTTPS"
Service-Type = Administrative-User
Message-Authenticator = <28><207><132>uK<191><209><170>~<130><11>X^<245><143><197>
Thu Jan 16 16:04:47 2003: DEBUG: Handling request with Handler 'Client-Identifier=colubris'
Thu Jan 16 16:04:47 2003: DEBUG: Deleting session for CN3000, 132.210.X.Y, 0
Thu Jan 16 16:04:47 2003: DEBUG: Handling with Radius::AuthDBFILE:
Thu Jan 16 16:04:47 2003: DEBUG: Radius::AuthDBFILE looks for match with CN3000
Thu Jan 16 16:04:47 2003: DEBUG: Radius::AuthDBFILE ACCEPT:
Thu Jan 16 16:04:47 2003: DEBUG: Access accepted for CN3000
Thu Jan 16 16:04:47 2003: DEBUG: Packet dump:
*** Sending to 132.210.X.Y port 1024 ....
Code: Access-Accept
Identifier: 164
Authentic: 9kD<23>N<177>M<14><153><131><248><216><139>MH<163>
Attributes:
MS-CHAP2-Success = "<164>S=35449DBE5D956D58F6C3AC6715A03026FD650291"
MS-MPPE-Send-Key = "<250>EK<129><138><185><165>}Z<166>7<188><239><152><196><193>y<29>R<218 ><237>[-=<206><177><11>=b<4><20><168><136><252>"
MS-MPPE-Recv-Key = "<186>g<197><159><223>u<26><151>sC<214><170>@<162>('<193>ZGCpx<189><237 ><26>D<246>n<27><226>c5<131><205>"
Service-Type = Framed-User
MS-MPPE-Encryption-Policy = Encryption-Allowed
MS-MPPE-Encryption-Types = Encryption-Any
Framed-Protocol = PPP
Framed-IP-Netmask = 255.255.255.255
Framed-Routing = None
Framed-MTU = 1500
Colubris-AVPair = "login-url=https://somewhere.USherbrooke.ca:8443/java/colubris/ login.jsp?loginurl=Thu Jan 16 16:04:47 2003"
Colubris-AVPair = "session-page=https://somewhere.USherbrooke.ca:8443/java/colubris/ session.html"
Colubris-AVPair = "transport-page=https://somewhere.USherbrooke.ca:8443/java/colubris/ transport.html"
Colubris-AVPair = "fail-page=https://somewhere.USherbrooke.ca:8443/java/colubris/ fail.html"
Colubris-AVPair = "logo=https://somewhere.USherbrooke.ca:8443/java/colubris/logo.gif";
Colubris-AVPair = "access-list=carrefour,ACCEPT,tcp,132.210.Y.Z,8443"
Colubris-AVPair = "access-list=carrefour,ACCEPT,tcp,132.210.Y.Z,80"
Thanks!
Denis
Le jeu 16/01/2003 � 12:42, Frank Danielson a �crit :
Hi-
As Hugh has said in the past, please send a trace 4 debug showing what's
happening during an acess-request so we can see what the problem is.
-----Original Message-----
From: Denis Beauchemin [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 16, 2003 12:02 PM
To: Radiator
Subject: (RADIATOR) Problems with Colubris CN3000
Hello,
We are testing a Colubris CN3000 802.1x wireless access point and are
having some problems with it. (see
http://www.colubris.com/en/products/public_access/CN3000/ for more
info).
The biggest one is the HTTP URLs that don't seem to be sent to (or
accepted by) the unit.
Here is what I have in radius.cfg (I am using Radiator 3.5):
<Client 132.210.X.Y>
Secret oursecret
Identifier colubris
</Client>
<Handler Client-Identifier=colubris>
MaxSessions 1
WtmpFileName %L/wtmp
AcctLogFileName %L/accounting
# PasswordLogFileName %L/password.log
<AuthBy DBFILE>
AutoMPPEKeys Yes
AddToReply Service-Type = Framed-User,\
MS-MPPE-Encryption-Policy = Encryption-Allowed,\
MS-MPPE-Encryption-Types = Encryption-Any,\
Framed-Protocol = PPP,\
Framed-IP-Netmask = 255.255.255.255,\
Framed-Routing = None,\
Framed-MTU = 1500,\
Colubris-AVPair =
"login-url=https://somewhere.USherbrooke.ca:8443/java/colubris/ login.jsp?log
inurl=%l",\
Colubris-AVPair =
"session-page=https://somewhere.USherbrooke.ca:8443/java/colubris/ session.ht
ml",\
Colubris-AVPair =
"transport-page=https://somewhere.USherbrooke.ca:8443/java/colubris/ transpor
t.html",\
Colubris-AVPair =
"fail-page=https://somewhere.USherbrooke.ca:8443/java/colubris/ fail.html",\
Colubris-AVPair =
"logo=https://somewhere.USherbrooke.ca:8443/java/colubris/logo.gif",\
Colubris-AVPair =
"access-list=carrefour,ACCEPT,tcp,132.210.X.Y,8443",\
Colubris-AVPair = "access-list=carrefour,ACCEPT,tcp,132.210.X.Y,80"
Filename %D/usersdb
RcryptKey our key
</AuthBy>
AuthLog Defaut
</Handler>
This is what I added to dictionary:
VENDOR Colubris 8744
VENDORATTR 8744 Colubris-AVPair 0 string
ATTRIBUTE Colubris-AVPair 0 string
The Colubris-AVPair don't seem to get to the CN3000 when it logs on.
Any ideas? I'm pretty sure I made a mistake in one of Radiator's conf
files.
Thanks!
-- Denis Beauchemin, analyste Universit� de Sherbrooke, S.T.I. T: 819.821.8000x2252 F: 819.821.8045=== Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
-- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
![https://somewhere.USherbrooke.ca:8443/java/colubris/logo.gif"](https://somewhere.USherbrooke.ca:8443/java/colubris/logo.gif"){kind=link}
![https://somewhere.USherbrooke.ca:8443/java/colubris/logo.gif",\](https://somewhere.USherbrooke.ca:8443/java/colubris/logo.gif",\){kind=link}