Hello Francisco -
Could you send me a copy of the user record? I suspect a problem therein.
regards
Hugh
On Wednesday, Jul 2, 2003, at 04:03 Australia/Melbourne, Francisco Contreiras wrote:
I have Radiator configured and working for PEAP-MSCHAP e EAP-TTLS. I can establish the connection for both EAP types.
Using a 3 level trace I allways get this error: "Tue Jul 1 19:43:08 2003: ERR: Bad attribute=value pair: 1234567890" where the 1234567890 is the user password. I'm using a text based DB with clear text passwords.
Why this happens?
Thank you
Francisco Contreiras
######## LOG #################
"
[EMAIL PROTECTED] Radiator-Demo-3.6]# perl radiusd -foreground -log_stdout -trace 3 -config_file /etc/radius/radius.cfg
Tue Jul 1 19:42:47 2003: DEBUG: Reading users file /etc/radius/users
Tue Jul 1 19:42:47 2003: DEBUG: Reading users file /etc/radius/users
Tue Jul 1 19:42:47 2003: DEBUG: Reading users file /etc/radius/users
Tue Jul 1 19:42:47 2003: DEBUG: Finished reading configuration file '/etc/radius/radius.cfg'
This Radiator license will expire on 2003-10-01
This Radiator license will stop operating after 1000 requests
To purchase an unlimited full source version of Radiator, see
http://www.open.com.au/ordering.html
To extend your evaluation period, contact [EMAIL PROTECTED]
Tue Jul 1 19:42:48 2003: NOTICE: Server started: Radiator 3.6 on cuco.lx.it.pt (EVALUATION)
Tue Jul 1 19:43:02 2003: INFO: EAP Nak desires type 21
Tue Jul 1 19:43:08 2003: ERR: Bad attribute=value pair: 1234567890
"
########## Config file ########## AuthPort 1812 AcctPort 1813 LogDir /var/log/radius DbDir /etc/radius DictionaryFile %D/dictionary,%D/dictionary.ascend PidFile /var/run/radiusd.pid Trace 4
<Client 192.168.0.253>
Secret ######
</Client>
#Pedidos "internos", vindos de um tu'nel PEAP
<Handler TunnelledByPEAP=1>
<AuthBy FILE>
Filename /etc/radius/users
EAPType MSCHAP-V2
</AuthBy>
</Handler>
#Pedidos internos enviados por tu'nel TTLS
<Handler TunnelledByTTLS=1>
<AuthBy FILE>
Filename /etc/radius/users
EAPType PAP
# TLS requere a config abaixo
EAPTLS_CAFile /root/Radiator-Demo-3.6/certificates/demoCA/cacert.pem
EAPTLS_CertificateFile /root/Radiator-Demo-3.6/certificates/cert-srv.pem
EAPTLS_CertificateType PEM
EAPTLS_PrivateKeyFile /root/Radiator-Demo-3.6/certificates/cert-srv.pem
EAPTLS_PrivateKeyPassword whatever
</AuthBy>
</Handler>
<Handler Realm = pt>
<AuthBy FILE>
Filename /etc/radius/users
#Para ja' permite PEAP, TTLS
# adicionar outras variantes de EAP aqui
EAPType PEAP, TTLS
#Caso se use TLS:
#certificados sao gerados atrave's do sc
#mkcertificate.sh, em goodies/
EAPTLS_CAFile /root/Radiator-Demo-3.6/certificates/demoCA/cacert.pem
EAPTLS_CertificateFile /root/Radiator-Demo-3.6/certificates/cert-srv.pem
EAPTLS_CertificateType PEM
EAPTLS_PrivateKeyFile /root/Radiator-Demo-3.6/certificates/cert-srv.pem
EAPTLS_PrivateKeyPassword whatever
EAPTLS_MaxFragmentSize 1024
AutoMPPEKeys
SSLeayTrace 4
</AuthBy>
</Handler>
=== Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
NB: have you included a copy of your configuration file (no secrets), together with a trace 4 debug showing what is happening?
-- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence.
=== Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
