RE: FreeRadius working as a ProxyRadius using PAP protocol
> -Message d'origine- > De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de Alan DeKok > Envoyé : mercredi 12 novembre 2008 15:48 > À : FreeRadius users mailing list > Objet : Re: FreeRadius working as a ProxyRadius using PAP protocol > > NGUYEN DANG LUAN, Eric wrote: > > In my radius log file: > > < *** Incoming RADIUS packet: *** > > < radrecv: Packet from host 10.226.66.51, port=24670 > > < send_reject() > > Your main server is rejecting the request. Fix it. > > And it isn't FreeRADIUS. > > > I think the problem is the protocol I use : PAP. > > The problem is that you haven't configured the OTHER RADIUS server > properly. > > > I'm not sure that FreeRadius use PAP protocol to communicate with Radius > > Server. > > FreeRADIUS doesn't control the authentication protocol. The end user > machine controls it. > > > And is it normal that I can't see any password when I use a sniffer? > > Yes. > > Alan DeKok. > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html My radius server (which is not freeradius) rejects my authentication when i'm using a ProxyRadius (freeradius). But it's ok when I use NTRadping or a cisco ACS. I'm currently using SecureW2 software for the end user machine. Does anyone know where is the problem? NGUYEN Eric - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: FreeRadius working as a ProxyRadius using PAP protocol
> -Message d'origine- > De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de [EMAIL > PROTECTED] > Envoyé : mercredi 12 novembre 2008 12:15 > À : FreeRadius users mailing list > Objet : Re: FreeRadius working as a ProxyRadius using PAP protocol > > >I'm trying to use FreeRadius (server-2.1.1) as a Proxy Radius with PAP > >protocol. > > > > If you ment to proxy only pap requests, your configuration is not going > to work. > > >proxy.conf: > > > > > > > >realm NULL { > > > >authhost= ***.***.***.***:1645 > > > >accthost= ***.***.***.***:1646 > > > >secret = pass > > > >} > > > >users: > > > >DEFAULT FreeRADIUS-Proxied-To == ***.***.***.***, Auth-Type := PAP > > > > It was an eap request so that didn't match. > > >< Proxying request 0 to home server ***.***.***.*** port 1645 > > > >< Sending Access-Request of id 210 to ***.***.***.*** port 1645 > > > >< Message-Authenticator = 0x > > > >< Service-Type = Framed-User > > > >< User-Name = "enguyend" > > > >< Framed-MTU = 1488 > > > >< Called-Station-Id = "00-1D-7E-5F-F7-39:SogetiNET" > > > >< Calling-Station-Id = "00-16-6F-AA-80-DD" > > > >< NAS-Port-Type = Wireless-802.11 > > > >< Connect-Info = "CONNECT 54Mbps 802.11g" > > > >< EAP-Message = 0x020d01656e677579656e64 > > > >< NAS-IP-Address = 192.168.1.1 > > > >< NAS-Port = 1 > > > >< NAS-Port-Id = "STA port # 1" > > > >< Proxy-State = 0x30 > > > >< Going to the next request >.. > >< Rejecting request 0 due to lack of any response from home server > >***.***.***.*** port 1645 > > > >< There was no response configured: rejecting request 0 > > > > Request was proxied but home server didn't respond. You will have to > debug the home server and see did it recieve the request. > > Ivan Kalik > Kalik Informatika ISP > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html My request are proxied : i got this the following respond : < rad_recv: Access-Reject packet from host 205.223.235.196 port 1645, id=186, length=23 < Proxy-State = 0x30 In my radius log file: < *** Incoming RADIUS packet: *** < radrecv: Packet from host 10.226.66.51, port=24670 < send_reject() < *** Incoming RADIUS packet: *** < radrecv: Packet from host 10.226.65.52, port=25433 < send_reject() I think the problem is the protocol I use : PAP. I'm not sure that FreeRadius use PAP protocol to communicate with Radius Server. And is it normal that I can't see any password when I use a sniffer? Regards NGUYEN Eric - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
FreeRadius working as a ProxyRadius using PAP protocol
Hello, I'm trying to use FreeRadius (server-2.1.1) as a Proxy Radius with PAP protocol. peap,eap,pap pap Client <--> AP <-> FreeRadius <--> Radius server There's what i have had in my conf files: client.conf: client ***.***.***.*** { secret = pass shortname = LinksysWRT54G nastype = other } proxy.conf: realm NULL { authhost= ***.***.***.***:1645 accthost= ***.***.***.***:1646 secret = pass } users: DEFAULT FreeRADIUS-Proxied-To == ***.***.***.***, Auth-Type := PAP I don't think my proxy radius use the right protocol. I want it to use PAP protocol whe it tries to contact radius server. < radiusd: Opening IP addresses and Ports < listen { < type = "auth" < ipaddr = * < port = 1645 < } < listen { < type = "acct" < ipaddr = * < port = 1646 < } < Listening on authentication address * port 1645 < Listening on accounting address * port 1646 < Listening on proxy address * port 1647 < Ready to process requests. < < rad_recv: Access-Request packet from host ***.***.***.*** port 1405, id=0, length=180 < Message-Authenticator = 0x1ad77a29ef17ee966a8521f57795f231 < Service-Type = Framed-User