Thanks for the response. I'm not sure how to determine that; can you give me a nudge in the right direction?
-james On Tue, Feb 28, 2012 at 12:49, Martin Bérubé <mber...@jeancoutu.com> wrote: > Hello James, > > Are you using MD5 hashing for the issuer certificate ? > Apple dropped support for MD5 hashing for all certificates, except the CA > (root) ones, starting with iOS 5. > > > Martin Bérubé > Analyste Technique > Architecture Et Sécurité > Tél. : (450) 463-1890 poste 3362 > Avant d'imprimer, pensez à l'environnement. > > > >> -----Message d'origine----- >> De : radiator-boun...@open.com.au [mailto:radiator-boun...@open.com.au] De >> la part de James >> Envoyé : 28 février 2012 12:38 >> À : radiator@open.com.au >> Objet : [RADIATOR] eap + apple products - failed auth >> >> All, >> >> I'm facing a pretty weird problem while trying to set up EAP authentication. >> Windows and Linux devices seem to work fine without issues -- the clients >> are prompted to authenticate, accept the certificate, and then they're >> successfully auth'ed and hop onto the wireless network. >> >> Apple products (OS X, iPad and iPod) seem to have a strange issue, >> however: Radiator sends an Access-Accept, the client sees that >> authentication was successful, but the client will disconnect and then >> reconnect ensuing in an authentication loop. Logs on OS X indicate that >> authentication *IS* successful, but the operating system eventually reports >> a timeout in the 4-way handshake. >> >> Here's the Radiator configuration: >> >> -->8-- >> >> DefineFormattedGlobalVar ConfigDir /opt/radiator/config >> LogDir /opt/radiator/logs >> DbDir /opt/radiator/db >> Trace 4 >> AuthPort 1645 >> AcctPort 1646 >> PidFile %L/wireless.pid >> LogFile >> <Log FILE> >> Identifier radiatorLog >> Filename %L/%d.%v.%Y/wireless.log >> Trace 4 >> LogMicroseconds >> </Log> >> <Client DEFAULT> >> Secret whatever >> DupInterval 0 >> </Client> >> <SessionDatabase NULL> >> Identifier Null >> </SessionDatabase> >> <AuthLog FILE> >> Identifier authLogger >> Filename %L/%d.%v.%Y/wireless.auth >> LogSuccess 1 >> LogFailure 1 >> SuccessFormat %q %v %e %Y @ %s (child process %O) -> AUTHORIZED %T >> request from %c (nas = %N) for user %U >> FailureFormat %q %v %e %Y @ %s (child process %O) -> DENIED %T request >> from %c (nas = %N) for user %U </AuthLog> include >> %{GlobalVar:ConfigDir}/auth.wireless >> <Handler TunnelledByPEAP=1> >> AuthBy dm-wifi >> AuthLog authLogger >> Log radiatorLog >> AcctLogFileName %L/%d.%v.%Y/wireless.log </Handler> <Handler> >> AuthBy eap-outer >> AuthLog authLogger >> Log radiatorLog >> AcctLogFileName %L/%d.%v.%Y/wireless.log </Handler> <AuthBy NTLM> >> Identifier dm-wifi >> NtlmAuthProg /usr/bin/ntlm_auth --helper-protocol=ntlm-server-1 >> DefaultDomain DHE >> EAPType MSCHAP-V2 >> </AuthBy> >> <AuthBy FILE> >> Identifier eap-outer >> Filename %D/users >> EAPType MSCHAP-V2,PEAP,FAST,TLS,TTLS >> EAPTLS_CAFile %{GlobalVar:ConfigDir}/certs/duke.ca.cert >> EAPTLS_CertificateFile %{GlobalVar:ConfigDir}/certs/wifi-radius1.cert >> EAPTLS_CertificateType PEM >> EAPTLS_PrivateKeyFile %{GlobalVar:ConfigDir}/certs/wifi-radius1.key >> EAPTLS_PrivateKeyPassword whatever >> EAPTLS_MaxFragmentSize 1000 >> AutoMPPEKeys >> EAPTLS_PEAPVersion 1 >> </AuthBy> >> >> --8<-- >> >> Tue Feb 28 12:27:59 2012 737876: DEBUG: Packet dump: >> *** Received from 10.11.55.232 port 32768 .... >> Code: Access-Request >> Identifier: 145 >> Authentic: ES<<16><147>F<136><228>l<229>#z<234><212><182><128> >> Attributes: >> User-Name = "testUser" >> Calling-Station-Id = "b3-dd-ae-87-22-b3" >> Called-Station-Id = "bb-3d-b3-ae-00-b0:test" >> NAS-Port = 29 >> cisco-avpair = "audit-session-id=0abff816000000f84f4d0bcd" >> NAS-IP-Address = 10.11.55.232 >> NAS-Identifier = "cisco-wism" >> Airespace-WLAN-Id = 7 >> Service-Type = Framed-User >> Framed-MTU = 1300 >> NAS-Port-Type = Wireless-IEEE-802-11 >> Tunnel-Type = 0:VLAN >> Tunnel-Medium-Type = 0:802 >> Tunnel-Private-Group-ID = 924 >> EAP-Message = <2><9><0>+<25><1><23><3><1><0> >> |<195><27><180>;<16>F<128>"K<158><253>3<141><243>+<216><11><159><183><22 >> |7><2>6rs<166>f<144><141><244><3><150> >> Message-Authenticator = >> <196><237><143><215><203><146>/v<170><219><21><233><214><29>"<193> >> >> Tue Feb 28 12:27:59 2012 738099: DEBUG: Handling request with Handler '', >> Identifier '' >> Tue Feb 28 12:27:59 2012 738216: DEBUG: Handling request with Handler '', >> Identifier '' >> Tue Feb 28 12:27:59 2012 738406: DEBUG: Handling with >> Radius::AuthFILE: eap-outer >> Tue Feb 28 12:27:59 2012 738611: DEBUG: Handling with EAP: code 2, 9, 43, 25 >> Tue Feb 28 12:27:59 2012 738738: DEBUG: Response type 25 Tue Feb 28 12:27:59 >> 2012 739078: DEBUG: EAP PEAP inner authentication request for anonymous Tue >> Feb 28 12:27:59 2012 739300: DEBUG: PEAP Tunnelled request Packet dump: >> Code: Access-Request >> Identifier: UNDEF >> Authentic: <199><244><220><211><14><18>.<159><18>B}<30><209><202>kr >> Attributes: >> EAP-Message = <2><0><0><10><1>testUser >> Message-Authenticator = >> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> >> NAS-IP-Address = 10.11.55.232 >> NAS-Identifier = "cisco-wism" >> NAS-Port = 29 >> Calling-Station-Id = "b3-dd-ae-87-22-b3" >> User-Name = "anonymous" >> >> Tue Feb 28 12:27:59 2012 739446: DEBUG: Handling request with Handler >> 'TunnelledByPEAP=1', Identifier '' >> Tue Feb 28 12:27:59 2012 739556: DEBUG: Handling request with Handler >> 'TunnelledByPEAP=1', Identifier '' >> Tue Feb 28 12:27:59 2012 739737: DEBUG: Handling with Radius::AuthNTLM: dm- >> wifi Tue Feb 28 12:27:59 2012 739910: DEBUG: Handling with EAP: code 2, 0, >> 10, 1 Tue Feb 28 12:27:59 2012 740035: DEBUG: Response type 1 Tue Feb 28 >> 12:27:59 2012 740206: DEBUG: EAP result: 3, EAP MSCHAP-V2 Challenge Tue Feb >> 28 12:27:59 2012 740326: DEBUG: AuthBy NTLM result: CHALLENGE, EAP MSCHAP-V2 >> Challenge Tue Feb 28 12:27:59 2012 740434: DEBUG: AuthBy NTLM result: >> CHALLENGE, EAP MSCHAP-V2 Challenge Tue Feb 28 12:27:59 2012 740560: DEBUG: >> Access challenged for >> anonymous: EAP MSCHAP-V2 Challenge >> Tue Feb 28 12:27:59 2012 740680: DEBUG: Access challenged for >> anonymous: EAP MSCHAP-V2 Challenge >> Tue Feb 28 12:27:59 2012 740931: DEBUG: Returned PEAP tunnelled packet dump: >> Code: Access-Challenge >> Identifier: UNDEF >> Authentic: <199><244><220><211><14><18>.<159><18>B}<30><209><202>kr >> Attributes: >> EAP-Message = >> <1><1><0>*<26><1><1><0>%<16><214><185><12><255>~v<196><242>]<176>QX<162><12> >> <128>ywifi-radius-temp >> Message-Authenticator = >> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> >> >> Tue Feb 28 12:27:59 2012 741140: DEBUG: EAP result: 3, EAP PEAP inner >> authentication redispatched to a Handler Tue Feb 28 12:27:59 2012 741267: >> DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP inner authentication >> redispatched to a Handler Tue Feb 28 12:27:59 2012 741377: DEBUG: AuthBy >> FILE result: CHALLENGE, EAP PEAP inner authentication redispatched to a >> Handler Tue Feb 28 12:27:59 2012 741504: DEBUG: Access challenged for >> testUser: EAP PEAP inner authentication redispatched to a Handler Tue Feb 28 >> 12:27:59 2012 741619: DEBUG: Access challenged for >> testUser: EAP PEAP inner authentication redispatched to a Handler Tue Feb 28 >> 12:27:59 2012 741984: DEBUG: Packet dump: >> *** Sending to 10.11.55.232 port 32768 .... >> Code: Access-Challenge >> Identifier: 145 >> Authentic: +r<221>"<169>)<140><154>0<188><185><183><167><220>[<23> >> Attributes: >> EAP-Message = >> <1><10><0>K<25><1><23><3><1><0>@5<212>O<151>\,I<180><210>>7<185>|<18><188>[< >> 218>Y<148><144><231><173>w<180><138><218>c<225><160>=C]n<233><13><196>"o<242 >> ><11><165><198><18>&<215>]<242>M<151><159><145><140>'6D<163>a<177><183>W<170 >> >)<129>T >> Message-Authenticator = >> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> >> >> Tue Feb 28 12:27:59 2012 746317: DEBUG: Packet dump: >> *** Received from 10.11.55.232 port 32768 .... >> Code: Access-Request >> Identifier: 146 >> Authentic: >> <28>2<198><208><212>(<13><254><13><162><148><227><134><229><246><201> >> Attributes: >> User-Name = "testUser" >> Calling-Station-Id = "b3-dd-ae-87-22-b3" >> Called-Station-Id = "bb-3d-b3-ae-00-b0:test" >> NAS-Port = 29 >> cisco-avpair = "audit-session-id=0abff816000000f84f4d0bcd" >> NAS-IP-Address = 10.11.55.232 >> NAS-Identifier = "cisco-wism" >> Airespace-WLAN-Id = 7 >> Service-Type = Framed-User >> Framed-MTU = 1300 >> NAS-Port-Type = Wireless-IEEE-802-11 >> Tunnel-Type = 0:VLAN >> Tunnel-Medium-Type = 0:802 >> Tunnel-Private-Group-ID = 924 >> EAP-Message = >> <2><10><0>k<25><1><23><3><1><0>`<229><182>~U<231>LL<224><11><25><145><2>v<14 >> 0>y?y4<170><224>Q<24>8<169><158>f<184>&<165><166><147>%<253><143>/<224>D<160 >> ><202><131> >> <229><203>4<237><2><145>Z@<129><137>$<200><229><218><181><10><235><210><161> >> <133>H!<28>F<205>?<173>:[<184>`<210>)<19><184><21><<187>A4<139><169>t<237>5< >> 7><f<189>QY<195><209>D<141> >> Message-Authenticator = <30><<150><197>JcR<14><223>lY<161><24>w/<250> >> >> Tue Feb 28 12:27:59 2012 746562: DEBUG: Handling request with Handler '', >> Identifier '' >> Tue Feb 28 12:27:59 2012 746682: DEBUG: Handling request with Handler '', >> Identifier '' >> Tue Feb 28 12:27:59 2012 746872: DEBUG: Handling with >> Radius::AuthFILE: eap-outer >> Tue Feb 28 12:27:59 2012 747078: DEBUG: Handling with EAP: code 2, 10, 107, >> 25 Tue Feb 28 12:27:59 2012 747210: DEBUG: Response type 25 Tue Feb 28 >> 12:27:59 2012 747489: DEBUG: EAP PEAP inner authentication request for >> anonymous Tue Feb 28 12:27:59 2012 747762: DEBUG: PEAP Tunnelled request >> Packet dump: >> Code: Access-Request >> Identifier: UNDEF >> Authentic: <30>7<160><153><167><133>'<151>KG<136><213>u<30><242><3> >> Attributes: >> EAP-Message = >> <2><1><0>@<26><2><1><0>;1<190>b<188><197>3Q<236><201><196><174><137>l<16><22 >> 3><224>h<0><0><0><0><0><0><0><0><232><133><210><161>Jr[<249><233><7><227>7<1 >> 32><241>x<145>HE<217>=vu<21><233><0>testUser >> Message-Authenticator = >> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> >> NAS-IP-Address = 10.11.55.232 >> NAS-Identifier = "cisco-wism" >> NAS-Port = 29 >> Calling-Station-Id = "b3-dd-ae-87-22-b3" >> User-Name = "anonymous" >> >> Tue Feb 28 12:27:59 2012 747906: DEBUG: Handling request with Handler >> 'TunnelledByPEAP=1', Identifier '' >> Tue Feb 28 12:27:59 2012 748018: DEBUG: Handling request with Handler >> 'TunnelledByPEAP=1', Identifier '' >> Tue Feb 28 12:27:59 2012 748192: DEBUG: Handling with Radius::AuthNTLM: dm- >> wifi Tue Feb 28 12:27:59 2012 748362: DEBUG: Handling with EAP: code 2, 1, >> 64, 26 Tue Feb 28 12:27:59 2012 748490: DEBUG: Response type 26 Tue Feb 28 >> 12:27:59 2012 748661: DEBUG: Radius::AuthNTLM looks for match with testUser >> [anonymous] Tue Feb 28 12:27:59 2012 748801: DEBUG: Radius::AuthNTLM ACCEPT: >> : >> testUser [anonymous] >> Tue Feb 28 12:27:59 2012 749086: DEBUG: Passing attribute >> Request-User-Session-Key: Yes >> Tue Feb 28 12:27:59 2012 749251: DEBUG: Passing attribute >> Request-LanMan-Session-Key: Yes >> Tue Feb 28 12:27:59 2012 749395: DEBUG: Passing attribute >> LANMAN-Challenge: some-challenge >> Tue Feb 28 12:27:59 2012 749542: DEBUG: Passing attribute NT-Response: >> some-response >> Tue Feb 28 12:27:59 2012 749687: DEBUG: Passing attribute NT-Domain:: >> some-domain >> Tue Feb 28 12:27:59 2012 749832: DEBUG: Passing attribute Username:: >> some-username >> Tue Feb 28 12:27:59 2012 754539: DEBUG: Received attribute: Authenticated: >> Yes Tue Feb 28 12:27:59 2012 754685: DEBUG: Received attribute: >> User-Session-Key: session-key >> Tue Feb 28 12:27:59 2012 754809: DEBUG: Received attribute: . >> Tue Feb 28 12:27:59 2012 755114: DEBUG: EAP result: 3, EAP MSCHAP V2 >> Challenge: Success >> Tue Feb 28 12:27:59 2012 755241: DEBUG: AuthBy NTLM result: CHALLENGE, EAP >> MSCHAP V2 Challenge: Success Tue Feb 28 12:27:59 2012 755351: DEBUG: AuthBy >> NTLM result: CHALLENGE, EAP MSCHAP V2 Challenge: Success Tue Feb 28 12:27:59 >> 2012 755478: DEBUG: Access challenged for >> anonymous: EAP MSCHAP V2 Challenge: Success Tue Feb 28 12:27:59 2012 755588: >> DEBUG: Access challenged for >> anonymous: EAP MSCHAP V2 Challenge: Success Tue Feb 28 12:27:59 2012 755815: >> DEBUG: Returned PEAP tunnelled packet dump: >> Code: Access-Challenge >> Identifier: UNDEF >> Authentic: <30>7<160><153><167><133>'<151>KG<136><213>u<30><242><3> >> Attributes: >> EAP-Message = >> <1><2><0>=<26><3><1><0>8S=537886D34156194318425B12CE9ED8969124063C >> M=success >> Message-Authenticator = >> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> >> >> Tue Feb 28 12:27:59 2012 756011: DEBUG: EAP result: 3, EAP PEAP inner >> authentication redispatched to a Handler Tue Feb 28 12:27:59 2012 756137: >> DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP inner authentication >> redispatched to a Handler Tue Feb 28 12:27:59 2012 756247: DEBUG: AuthBy >> FILE result: CHALLENGE, EAP PEAP inner authentication redispatched to a >> Handler Tue Feb 28 12:27:59 2012 756374: DEBUG: Access challenged for >> testUser: EAP PEAP inner authentication redispatched to a Handler Tue Feb 28 >> 12:27:59 2012 756485: DEBUG: Access challenged for >> testUser: EAP PEAP inner authentication redispatched to a Handler Tue Feb 28 >> 12:27:59 2012 756882: DEBUG: Packet dump: >> *** Sending to 10.11.55.232 port 32768 .... >> Code: Access-Challenge >> Identifier: 146 >> Authentic: .<152>4<150><245><134>JV<14><147><241><182><18>}$<26> >> Attributes: >> EAP-Message = >> <1><11><0>k<25><1><23><3><1><0>`<215>8]<183>m<197>N<250>kl<10><179>y><178><1 >> 37><183>v<233><<255>{<177>r<207><186><1><9>*<142><207>Rl<31><173><25><237>%* >> <151><219>ts<16>H<218><169><10><252>eY<245>+<245><213><157>b<202><207><147>< >> 237><156>i<15><253><175><204><16><167><239>e<198><175><228>X<175><180><150>< >> 184>s<179>4<146>&w<20><203><175><16><155>*<162><133><224><129>- >> Message-Authenticator = >> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> >> >> Tue Feb 28 12:27:59 2012 760841: DEBUG: Packet dump: >> *** Received from 10.11.55.232 port 32768 .... >> Code: Access-Request >> Identifier: 147 >> Authentic: <219><222>T<233><179><159><5>S<22><172><227><160><206>l<162>G >> Attributes: >> User-Name = "testUser" >> Calling-Station-Id = "b3-dd-ae-87-22-b3" >> Called-Station-Id = "bb-3d-b3-ae-00-b0:test" >> NAS-Port = 29 >> cisco-avpair = "audit-session-id=0abff816000000f84f4d0bcd" >> NAS-IP-Address = 10.11.55.232 >> NAS-Identifier = "cisco-wism" >> Airespace-WLAN-Id = 7 >> Service-Type = Framed-User >> Framed-MTU = 1300 >> NAS-Port-Type = Wireless-IEEE-802-11 >> Tunnel-Type = 0:VLAN >> Tunnel-Medium-Type = 0:802 >> Tunnel-Private-Group-ID = 924 >> EAP-Message = <2><11><0>+<25><1><23><3><1><0> >> <12><177><248><244><30><235>n_<205><245>@/<3><224>$Ov$<237><138>+R<245><167> >> >/<27><134><201>v1<128> >> Message-Authenticator = >> <249>=<217><165><5><31>|<7><149>]<201><180><209><187><234><175> >> >> Tue Feb 28 12:27:59 2012 761081: DEBUG: Handling request with Handler '', >> Identifier '' >> Tue Feb 28 12:27:59 2012 761204: DEBUG: Handling request with Handler '', >> Identifier '' >> Tue Feb 28 12:27:59 2012 761434: DEBUG: Handling with >> Radius::AuthFILE: eap-outer >> Tue Feb 28 12:27:59 2012 761631: DEBUG: Handling with EAP: code 2, 11, 43, >> 25 Tue Feb 28 12:27:59 2012 761761: DEBUG: Response type 25 Tue Feb 28 >> 12:27:59 2012 762048: DEBUG: EAP PEAP inner authentication request for >> anonymous Tue Feb 28 12:27:59 2012 762274: DEBUG: PEAP Tunnelled request >> Packet dump: >> Code: Access-Request >> Identifier: UNDEF >> Authentic: <162><242><137><247><165><197>\<<169><158>L<188>5<1>f<246> >> Attributes: >> EAP-Message = <2><2><0><6><26><3> >> Message-Authenticator = >> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> >> NAS-IP-Address = 10.11.55.232 >> NAS-Identifier = "cisco-wism" >> NAS-Port = 29 >> Calling-Station-Id = "b3-dd-ae-87-22-b3" >> User-Name = "anonymous" >> >> Tue Feb 28 12:27:59 2012 762416: DEBUG: Handling request with Handler >> 'TunnelledByPEAP=1', Identifier '' >> Tue Feb 28 12:27:59 2012 762614: DEBUG: Handling request with Handler >> 'TunnelledByPEAP=1', Identifier '' >> Tue Feb 28 12:27:59 2012 762809: DEBUG: Handling with Radius::AuthNTLM: dm- >> wifi Tue Feb 28 12:27:59 2012 762984: DEBUG: Handling with EAP: code 2, 2, >> 6, 26 Tue Feb 28 12:27:59 2012 763143: DEBUG: Response type 26 Tue Feb 28 >> 12:27:59 2012 763319: DEBUG: EAP result: 0, Tue Feb 28 12:27:59 2012 763440: >> DEBUG: AuthBy NTLM result: ACCEPT, Tue Feb 28 12:27:59 2012 763548: DEBUG: >> AuthBy NTLM result: ACCEPT, Tue Feb 28 12:27:59 2012 763677: DEBUG: Access >> accepted for anonymous Tue Feb 28 12:27:59 2012 763788: DEBUG: Access >> accepted for anonymous Tue Feb 28 12:27:59 2012 764183: DEBUG: Returned PEAP >> tunnelled packet dump: >> Code: Access-Accept >> Identifier: UNDEF >> Authentic: <162><242><137><247><165><197>\<<169><158>L<188>5<1>f<246> >> Attributes: >> EAP-Message = <3><2><0><4> >> Message-Authenticator = >> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> >> >> Tue Feb 28 12:27:59 2012 764406: DEBUG: EAP result: 3, EAP PEAP inner >> authentication redispatched to a Handler Tue Feb 28 12:27:59 2012 764535: >> DEBUG: AuthBy FILE result: CHALLENGE, EAP PEAP inner authentication >> redispatched to a Handler Tue Feb 28 12:27:59 2012 764659: DEBUG: AuthBy >> FILE result: CHALLENGE, EAP PEAP inner authentication redispatched to a >> Handler Tue Feb 28 12:27:59 2012 764791: DEBUG: Access challenged for >> testUser: EAP PEAP inner authentication redispatched to a Handler Tue Feb 28 >> 12:27:59 2012 764905: DEBUG: Access challenged for >> testUser: EAP PEAP inner authentication redispatched to a Handler Tue Feb 28 >> 12:27:59 2012 765255: DEBUG: Packet dump: >> *** Sending to 10.11.55.232 port 32768 .... >> Code: Access-Challenge >> Identifier: 147 >> Authentic: <241>:\<176><204><154>`O<196><183><201><153><173><8><247><136> >> Attributes: >> EAP-Message = <1><12><0>+<25><1><23><3><1><0> >> @l<31><147>[<223><1>`<236><233>~<226><189><208><215>@X<248>a<210><160><213>- >> <8>].s<148><226><245><217><26> >> Message-Authenticator = >> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> >> >> Tue Feb 28 12:27:59 2012 769812: DEBUG: Packet dump: >> *** Received from 10.11.55.232 port 32768 .... >> Code: Access-Request >> Identifier: 148 >> Authentic: <191><247><200>F<176>Q<229>!<235>P<254>g<187><229><228>t >> Attributes: >> User-Name = "testUser" >> Calling-Station-Id = "b3-dd-ae-87-22-b3" >> Called-Station-Id = "bb-3d-b3-ae-00-b0:test" >> NAS-Port = 29 >> cisco-avpair = "audit-session-id=0abff816000000f84f4d0bcd" >> NAS-IP-Address = 10.11.55.232 >> NAS-Identifier = "cisco-wism" >> Airespace-WLAN-Id = 7 >> Service-Type = Framed-User >> Framed-MTU = 1300 >> NAS-Port-Type = Wireless-IEEE-802-11 >> Tunnel-Type = 0:VLAN >> Tunnel-Medium-Type = 0:802 >> Tunnel-Private-Group-ID = 924 >> EAP-Message = <2><12><0>+<25><1><23><3><1><0> >> c<231><169>g(<173><133><225><149>{<193><185><201><139>2<160><20><169>I<253>< >> 145><173>)<226>B<22><29>G<222>`6<183> >> Message-Authenticator = >> (<217><144>3I<171><10><194><28><15><8><18><242><139><198>W >> >> Tue Feb 28 12:27:59 2012 770148: DEBUG: Handling request with Handler '', >> Identifier '' >> Tue Feb 28 12:27:59 2012 770331: DEBUG: Handling request with Handler '', >> Identifier '' >> Tue Feb 28 12:27:59 2012 770707: DEBUG: Handling with >> Radius::AuthFILE: eap-outer >> Tue Feb 28 12:27:59 2012 770989: DEBUG: Handling with EAP: code 2, 12, 43, >> 25 Tue Feb 28 12:27:59 2012 771224: DEBUG: Response type 25 Tue Feb 28 >> 12:27:59 2012 771782: DEBUG: EAP result: 0, Tue Feb 28 12:27:59 2012 771975: >> DEBUG: AuthBy FILE result: ACCEPT, Tue Feb 28 12:27:59 2012 772145: DEBUG: >> AuthBy FILE result: ACCEPT, Tue Feb 28 12:27:59 2012 772338: DEBUG: Access >> accepted for testUser Tue Feb 28 12:27:59 2012 772508: DEBUG: Access >> accepted for testUser Tue Feb 28 12:27:59 2012 773368: DEBUG: Packet dump: >> *** Sending to 10.11.55.232 port 32768 .... >> Code: Access-Accept >> Identifier: 148 >> Authentic: C<196><31><206><169>bF<220>j<237>K<1><183>+c<4> >> Attributes: >> EAP-Message = <3><12><0><4> >> Message-Authenticator = >> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> >> MS-MPPE-Send-Key = >> <131>9<217>1<158><174><131>q><23>)<182><132>*<175><161>><26>I<187><143>t<217 >> ><26><245><14>;<167>%;W<200> >> MS-MPPE-Recv-Key = >> <193>$B<0>sn"<10><190>_U<221>1<173>#<153><7><198>+5<188>}<200>F<251>|^<230>< >> 218>G)<175> >> >> -->8-- >> >> Thoughts on what may be happening? I can't seem to find anything on the web >> about this, but I'm also hard-pressed to believe we're the only folks that >> have run into this. The client simply refuses to connect. It's worth noting >> that OS X indicates the client is "connected" with a self-assigned 169.x.x.x >> IP address, but the logs really indicate that en1 (the wireless interface) >> continues to go up/down and re-attempt authentication. >> >> Any help would be greatly appreciated. >> >> -james >> _______________________________________________ >> radiator mailing list >> radiator@open.com.au >> http://www.open.com.au/mailman/listinfo/radiator > AVERTISSEMENT CONCERNANT LA CONFIDENTIALITE > > Ce message, incluant ses pieces jointes, est strictement reserve a l'usage de > l'individu ou de l'entite a qui il est > adresse et contient de l'information privilegiee et confidentielle. La > dissemination, distribution ou copie de cette > communication est strictement prohibee. Si vous n'etes pas le destinataire > projete veuillez retourner > immediatement un courrier electronique a l'expediteur et effacez toutes les > copies. > > > CONFIDENTIALITY WARNING > > This message, including its attachments, is strictly intended for the use of > the individual or the entity to which it is addressed > and contains privileged and confidential information. Disclosure, > distribution or copy of this communication is strictly > prohibited. If you are not the intended recipient please notify us > immediately by returning the e-mail to the originator and > deleting all copies. > _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator