You shouldn't mix handlers and realms. Just change the <Realm DEFAULT> to <Handler> to get consistency.
/Ingvar > -----Original Message----- > From: Mark Verwoerd [mailto:[EMAIL PROTECTED] > Sent: den 14 oktober 2003 12:33 > To: [EMAIL PROTECTED] > Subject: (RADIATOR) Radiator hangs with EAP (PEAP) > > > Hello Hugh, > > On work we want to setup a wireless network with 802.1x that > authenticates users to our LDAP server with Radiator 3.7.1. > The LDAP and Wireless parts work fine, but the EAP PEAP part in > radiator doesn't. > > The AccessPoints are propperly configured, the shared secret > is correct > and 802.1x is enabled. > For testing i'm using the eap_peap.cfg from the goodies, only changed > the log en pid stuff. So it Auths by File (%D/users) > > CFG: > LogDir /var/log/radiator > LogFile %L/%Y/%m%d.log > PidFile /var/log/radiator/radiator.pid > DbDir /usr/local/radiator > Trace 4 > > AuthPort 1645 > AcctPort 1646 > > #Accesspoints: > <Client 145.48.64.5> > Secret testing123 > IgnoreAcctSignature > </Client> > > <Client DEFAULT> > Secret mysecret > DupInterval 0 > </Client> > > <Handler TunnelledByPEAP=1> > <AuthBy FILE> > Filename %D/users > EAPType PEAP,MSCHAP-V2 > </AuthBy> > </Handler> > > <Realm DEFAULT> > <AuthBy FILE> > Filename %D/users > EAPType PEAP > EAPTLS_CAFile %D/certificates/demoCA/cacert.pem > EAPTLS_CertificateFile %D/certificates/cert-srv.pem > EAPTLS_CertificateType PEM > EAPTLS_PrivateKeyFile %D/certificates/cert-srv.pem > EAPTLS_PrivateKeyPassword whatever > EAPTLS_MaxFragmentSize 1000 > AutoMPPEKeys > SSLeayTrace 4 > </AuthBy> > </Realm> > > > On a laptop with WinxP Pro the 'WEP key will be provided for > me' option > is checked. And EAP-Type = EAP (PEAP) > When my laptop finds the AccessPoint (Avaya AP-1000) it asks for a > username & password, i fill in fred with password fred and it hangs > .... > > LOG: > > Tue Oct 14 12:06:39 2003: DEBUG: Packet dump: > *** Received from 145.48.64.5 port 192 .... > Code: Access-Request > Identifier: 11 > Authentic: > T=r<246><229><9><196><246>9<187><196><239><3><189><192><153> > Attributes: > User-Name = "fred" > NAS-IP-Address = 145.48.64.5 > Called-Station-Id = "00022d75a1ac" > Calling-Station-Id = "00601df7f7d0" > NAS-Identifier = "AP-1000-HSB-05" > NAS-Port-Type = Wireless-IEEE-802-11 > Framed-MTU = 1400 > EAP-Message = <2><1><0><9><1>fred > Message-Authenticator = > <166><197><<21><15><208>oT|<128><206><193><255><232>+<234> > > Tue Oct 14 12:06:39 2003: DEBUG: Handling request with Handler > 'Realm=DEFAULT' > Tue Oct 14 12:06:39 2003: DEBUG: Deleting session for fred, > 145.48.64.5, > Tue Oct 14 12:06:39 2003: DEBUG: Handling with Radius::AuthFILE: > Tue Oct 14 12:06:39 2003: DEBUG: Handling with EAP: code 2, 1, 9 > Tue Oct 14 12:06:39 2003: DEBUG: Response type 1 > Tue Oct 14 12:06:39 2003: DEBUG: EAP result: 3, EAP PEAP Challenge > Tue Oct 14 12:06:39 2003: DEBUG: Access challenged for fred: EAP PEAP > Challenge > Tue Oct 14 12:06:39 2003: DEBUG: Packet dump: > *** Sending to 145.48.64.5 port 192 .... > Code: Access-Challenge > Identifier: 11 > Authentic: > T=r<246><229><9><196><246>9<187><196><239><3><189><192><153> > Attributes: > EAP-Message = <1><2><0><6><25>! > Message-Authenticator = > <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> > > Where is it waiting on ? or .. what is wrong with the cfg ? or .. what > do i miss here :x > > > Thanks for your time, > > Mark > === > Archive at http://www.open.com.au/archives/radiator/ > Announcements on [EMAIL PROTECTED] > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. > === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
