Srinu Bandari wrote:
> Alan,
>
> Thanks a lot for the fix..
>
> Authenticator is now able to start MKA session now. We will get back to you.
> If any other implementations are required.
Thanks. It's good to get *positive* feedback that it works.
Alan DeKok.
-
List info/subscribe/unsubscri
-users-bounces+sbandari=vitesse@lists.freeradius.org] On
Behalf Of Alan DeKok
Sent: 20 February 2013 19:11
To: FreeRadius users mailing list
Subject: Re: AVP EAP-KEY name support in FR
Srinu Bandari wrote:
> Alan,
>
> We had tried with latest build, now it sends Access-Challenge and t
Srinu Bandari wrote:
> Alan,
>
> We had tried with latest build, now it sends Access-Challenge and there is a
> segmentation fault.
>
> Please find debug log for the latest ones as below.
Whoops. Please do a "git pull". It should work now.
Alan DeKok.
-
List info/subscribe/unsubscribe? S
ACK
Sun Aug 19 02:26:21 2012 : Info: [tls] ACK handshake is finished
Sun Aug 19 02:26:21 2012 : Info: [tls] eaptls_verify returned 3
Sun Aug 19 02:26:21 2012 : Info: [tls] eaptls_process returned 3
Sun Aug 19 02:26:21 2012 : Info: [tls] Adding user data to cached session
Segmentation Fault
Thanks,
Sr
Srinu Bandari wrote:
> And New one: Here the tls state machine goes from Access-Request to
> Access-Rejected and then ends with segmentation fault
The debug log doesn't show a SEGV...
But there was an unrelated issue. Please do "git pull" for the
v2.x.x. branch, and try again. I've fixed th
Alan,
We have tried with patch provided.
Here is the Debug log form old (master 2.2.0) and new (latest 2.x.x branch
18/2/2013)
Old one: Here the tls state machine goes from Access-Request to
Access-Challenge and then to Access-Accepted
And New one: Here the tls state machine goes from Acc
Srinu Bandari wrote:
> EAP key identifier must be sent as a part of Access-Accept message in EAP
> Key-Name AVP (Radius Attribute Type 102).
OK. Please try the v2.x.x branch from git. Read
raddb/sites-available/default. Look for "EAP-Key-Name".
The key is generated by default. For securi
Phil Mayers wrote:
> Does anyone know if there's known-good test data we can compare against,
> or a client/application that validates it? Does eapol_test
> implement/check it?
It doesn't seem to.
If someone has a packet trace from ACS, that should be enough.
Alan DeKok.
-
List info/subscr
On 14/02/13 14:01, Alan DeKok wrote:
Srinu Bandari wrote:
EAP key identifier must be sent as a part of Access-Accept message in EAP
Key-Name AVP (Radius Attribute Type 102).
Sure. But it's been hard to find out what is put *into* it. That
link has been missing.
This what Cisco Document
Srinu Bandari wrote:
> EAP key identifier must be sent as a part of Access-Accept message in EAP
> Key-Name AVP (Radius Attribute Type 102).
Sure. But it's been hard to find out what is put *into* it. That
link has been missing.
> This what Cisco Documentation states:
>
> "The switch has no
eradius-users-bounces+sbandari=vitesse@lists.freeradius.org] On
Behalf Of Alan DeKok
Sent: 13 February 2013 19:27
To: FreeRadius users mailing list
Subject: Re: AVP EAP-KEY name support in FR
Srinu Bandari wrote:
> We are trying to bring up MACsec with Cisco and FR, and we are stuck
> because
Srinu Bandari wrote:
> We are trying to bring up MACsec with Cisco and FR, and we are stuck
> because of Radius unable to send EAP-Key-Name AVP. Below is what is
> expected as per RFC4072
Which, as you'll note, is a Diameter spec. FreeRADIUS doesn't
implement Diameter.
If you can get us a sp
On 02/13/2013 09:59 AM, Srinu Bandari wrote:
Hi,
We are trying to bring up MACsec with Cisco and FR, and we are stuck
because of Radius unable to send EAP-Key-Name AVP.
That's not supported in FreeRADIUS, I believe. It's been a while since I
looked at it, but the whole extended EAP key manage
Hi,
We are trying to bring up MACsec with Cisco and FR, and we are stuck because of
Radius unable to send EAP-Key-Name AVP. Below is what is expected as per RFC4072
RFC4072 says "A home Diameter server receiving a
Diameter-EAP-Request with a Key-Name AVP with non-empty data MUST
silently d
14 matches
Mail list logo
