Hello James - The problem is here:
• Mon Oct 15 01:20:47 2012 564812: DEBUG: Packet dump: • *** Received from 10.136.235.240 port 32768 .... • Code: Access-Request • Identifier: 47 • Authentic: %wa<14><212>v<209>S<143>a<132>z<21><194>5` • Attributes: • User-Name = "/DLAR-PBBZNB8.some.tld" The User-Name attribute does not have "host" at the beginning, so you never use the host-specific Handler. What is happening in the debug is this inner authentication is being converted and only the MS-CHAP is being proxied, leading to the problem I have described previously with NPS thinking this is a user not a machine. regards Hugh On 18 Oct 2012, at 05:05, James Zee <jamesze...@gmail.com> wrote: > Hugh, > > I had previously responded to the thread with the requested information, but > the email response was too large and seems to have gotten lost in the mailing > list approval process. > > I've pasted the requested information here: > > http://pastebin.com/rbXq2Y5Y > > It's worth noting I've made some progress. The link below has the requested > information (new configuration file) where a username beginning with "host" > is immediately proxied to NPS. > > http://pastebin.com/059A7Zk7 > > I feel I'm getting closer. > > Two questions: > > (a) is anything wrong with this machine authentication handler or does it > look like the correct way to proxy these sorts of requests? > > (b) is there a way to force Radiator to log information about the RADIUS > request even though we're proxying it via RADIUS to NPS? > > I'm still not having luck with machine-based authentication, but I believe > this may be a configuration issue on NPS. > > Thoughts appreciated. > > Thanks! > -james > _______________________________________________ > radiator mailing list > radiator@open.com.au > http://www.open.com.au/mailman/listinfo/radiator -- Hugh Irvine h...@open.com.au Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator