Re: [RADIATOR] problem connecting with EAP-TLS
On 8.1.2015 8.53, Sharma, Venkatesh IN BLR STS wrote: After I fixed it, I faced another problem (this time it is a Win 8 client). I noticed that the client was sending the wrong certificate (another certificate from the personal store) and authentication was failing due to that. It started working when I deleted all certificates and kept only the Radiator's sample client certificate. Am I missing something in my configuration? Why is the client system not able to select the right certificate when there are multiple certificates in the store? I think the behaviour depends on the client configuration. Certificate request the server sends does include the DN (expected name) for the CA. You may want to check the Microsoft information about how the certificate selection is done by the client and see if and how the user interface options, for example Use simple certificate selection, affect the certificate selection. Thanks, Heikki -- Heikki Vatiainen h...@open.com.au Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. ___ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
Re: [RADIATOR] problem connecting with EAP-TLS
Thanks Heikki! That was silly of me to omit such a basic configuration. After I fixed it, I faced another problem (this time it is a Win 8 client). I noticed that the client was sending the wrong certificate (another certificate from the personal store) and authentication was failing due to that. It started working when I deleted all certificates and kept only the Radiator's sample client certificate. Am I missing something in my configuration? Why is the client system not able to select the right certificate when there are multiple certificates in the store? Thanks, Venkatesh -Original Message- From: radiator-boun...@open.com.au [mailto:radiator-boun...@open.com.au] On Behalf Of Heikki Vatiainen Sent: Tuesday, January 06, 2015 6:06 PM To: radiator@open.com.au Subject: Re: [RADIATOR] problem connecting with EAP-TLS On 01/06/2015 05:56 AM, Sharma, Venkatesh IN BLR STS wrote: I am currently evaluating Radiator for making a purchase decision. I'm facing an issue when connecting using EAP-TLS authentication. The errors below indicate there was a problem loading the dictionary file (RADIUS attribute definitions). Mon Jan 5 17:52:08 2015: ERR: Attribute number 1 is not defined in your dictionary Mon Jan 5 17:52:08 2015: ERR: Attribute number 30 is not defined in your dictionary See that your configuration file has DbDir correctly set. It should point to the directory where your dictionary file is. On Unix systems this is usually /etc/radiator/ There should be a file called dictionary in this directory, or if you have defined DictionaryFile in your configuration file, check that the file is present. See DbDir and DictionaryFile in the reference manual for more about these options and the default values on different systems: http://open.com.au/radiator/ref.pdf If the problem persists, please reply with your configuration file. Thanks, Heikki -- Heikki Vatiainen h...@open.com.au Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. ___ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator ___ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
Re: [RADIATOR] problem connecting with EAP-TLS
On 01/06/2015 05:56 AM, Sharma, Venkatesh IN BLR STS wrote: I am currently evaluating Radiator for making a purchase decision. I’m facing an issue when connecting using EAP-TLS authentication. The errors below indicate there was a problem loading the dictionary file (RADIUS attribute definitions). Mon Jan 5 17:52:08 2015: ERR: Attribute number 1 is not defined in your dictionary Mon Jan 5 17:52:08 2015: ERR: Attribute number 30 is not defined in your dictionary See that your configuration file has DbDir correctly set. It should point to the directory where your dictionary file is. On Unix systems this is usually /etc/radiator/ There should be a file called dictionary in this directory, or if you have defined DictionaryFile in your configuration file, check that the file is present. See DbDir and DictionaryFile in the reference manual for more about these options and the default values on different systems: http://open.com.au/radiator/ref.pdf If the problem persists, please reply with your configuration file. Thanks, Heikki -- Heikki Vatiainen h...@open.com.au Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. ___ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
