RE: FreeRadius working as a ProxyRadius using PAP protocol
> -Message d'origine- > De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de Alan DeKok > Envoyé : mercredi 12 novembre 2008 15:48 > À : FreeRadius users mailing list > Objet : Re: FreeRadius working as a ProxyRadius using PAP protocol > > NGUYEN DANG LUAN, Eric wrote: > > In my radius log file: > > < *** Incoming RADIUS packet: *** > > < radrecv: Packet from host 10.226.66.51, port=24670 > > < send_reject() > > Your main server is rejecting the request. Fix it. > > And it isn't FreeRADIUS. > > > I think the problem is the protocol I use : PAP. > > The problem is that you haven't configured the OTHER RADIUS server > properly. > > > I'm not sure that FreeRadius use PAP protocol to communicate with Radius > > Server. > > FreeRADIUS doesn't control the authentication protocol. The end user > machine controls it. > > > And is it normal that I can't see any password when I use a sniffer? > > Yes. > > Alan DeKok. > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html My radius server (which is not freeradius) rejects my authentication when i'm using a ProxyRadius (freeradius). But it's ok when I use NTRadping or a cisco ACS. I'm currently using SecureW2 software for the end user machine. Does anyone know where is the problem? NGUYEN Eric - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: FreeRadius working as a ProxyRadius using PAP protocol
> -Message d'origine-
> De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de [EMAIL
> PROTECTED]
> Envoyé : mercredi 12 novembre 2008 12:15
> À : FreeRadius users mailing list
> Objet : Re: FreeRadius working as a ProxyRadius using PAP protocol
>
> >I'm trying to use FreeRadius (server-2.1.1) as a Proxy Radius with PAP
> >protocol.
> >
>
> If you ment to proxy only pap requests, your configuration is not going
> to work.
>
> >proxy.conf:
> >
> >
> >
> >realm NULL {
> >
> >authhost= ***.***.***.***:1645
> >
> >accthost= ***.***.***.***:1646
> >
> >secret = pass
> >
> >}
> >
> >users:
> >
> >DEFAULT FreeRADIUS-Proxied-To == ***.***.***.***, Auth-Type := PAP
> >
>
> It was an eap request so that didn't match.
>
> >< Proxying request 0 to home server ***.***.***.*** port 1645
> >
> >< Sending Access-Request of id 210 to ***.***.***.*** port 1645
> >
> >< Message-Authenticator = 0x
> >
> >< Service-Type = Framed-User
> >
> >< User-Name = "enguyend"
> >
> >< Framed-MTU = 1488
> >
> >< Called-Station-Id = "00-1D-7E-5F-F7-39:SogetiNET"
> >
> >< Calling-Station-Id = "00-16-6F-AA-80-DD"
> >
> >< NAS-Port-Type = Wireless-802.11
> >
> >< Connect-Info = "CONNECT 54Mbps 802.11g"
> >
> >< EAP-Message = 0x020d01656e677579656e64
> >
> >< NAS-IP-Address = 192.168.1.1
> >
> >< NAS-Port = 1
> >
> >< NAS-Port-Id = "STA port # 1"
> >
> >< Proxy-State = 0x30
> >
> >< Going to the next request
>..
> >< Rejecting request 0 due to lack of any response from home server
> >***.***.***.*** port 1645
> >
> >< There was no response configured: rejecting request 0
> >
>
> Request was proxied but home server didn't respond. You will have to
> debug the home server and see did it recieve the request.
>
> Ivan Kalik
> Kalik Informatika ISP
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
My request are proxied : i got this the following respond :
< rad_recv: Access-Reject packet from host 205.223.235.196 port 1645, id=186,
length=23
< Proxy-State = 0x30
In my radius log file:
< *** Incoming RADIUS packet: ***
< radrecv: Packet from host 10.226.66.51, port=24670
< send_reject()
< *** Incoming RADIUS packet: ***
< radrecv: Packet from host 10.226.65.52, port=25433
< send_reject()
I think the problem is the protocol I use : PAP.
I'm not sure that FreeRadius use PAP protocol to communicate with Radius Server.
And is it normal that I can't see any password when I use a sniffer?
Regards
NGUYEN Eric
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
FreeRadius working as a ProxyRadius using PAP protocol
Hello,
I'm trying to use FreeRadius (server-2.1.1) as a Proxy Radius with PAP
protocol.
peap,eap,pap
pap
Client <--> AP <-> FreeRadius
<--> Radius server
There's what i have had in my conf files:
client.conf:
client ***.***.***.*** {
secret = pass
shortname = LinksysWRT54G
nastype = other
}
proxy.conf:
realm NULL {
authhost= ***.***.***.***:1645
accthost= ***.***.***.***:1646
secret = pass
}
users:
DEFAULT FreeRADIUS-Proxied-To == ***.***.***.***, Auth-Type := PAP
I don't think my proxy radius use the right protocol. I want it to use
PAP protocol whe it tries to contact radius server.
< radiusd: Opening IP addresses and Ports
< listen {
< type = "auth"
< ipaddr = *
< port = 1645
< }
< listen {
< type = "acct"
< ipaddr = *
< port = 1646
< }
< Listening on authentication address * port 1645
< Listening on accounting address * port 1646
< Listening on proxy address * port 1647
< Ready to process requests.
<
< rad_recv: Access-Request packet from host ***.***.***.*** port 1405,
id=0, length=180
< Message-Authenticator = 0x1ad77a29ef17ee966a8521f57795f231
< Service-Type = Framed-User
