Hello Terry,
On Fri, 26 Sep 2003 03:44 pm, Terry Simons wrote:
> Howdy,
>
> After upgrading to Radiator 3.7 I'm getting the following error:
>
> Reply-Message = "EAP TTLS inner authentication redespatched to a
> Handler"
>
> Things worked just fine in 3.6... :)
>
> I took a look in eap_ttls.cfg, but it looks like there is a typo...
>
> There is a starting <Realm DEFAULT> declaration, but it ends with a
> </Handler> tag.
This is incorrect, but innocuous, and would not explain what you are seeing.
I think we will need to see your Radiator log file at trace level 4 showing
what happens during authentication.
What type of TTLS authentication are you using?
What does AuthBy ACCT-TEST in your config file refer to? I think we
will need to see your entore config file (no secrets)
Cheers.
>
> That doesn't quite look right...
>
> I guess I'll give the eap_ttls_proxy.cfg handler method a try...
>
> Should this work the way I have it configured, or did I do something
> wrong?
>
> Here's the offending realm definition:
>
> <Realm DEFAULT>
> RewriteUsername s/^([EMAIL PROTECTED]).*/$1/
> AcctLogFileName %L/accounting/accounting.acct
>
> RejectHasReason
>
> AuthByPolicy ContinueAlways
>
> AuthBy ACCT-TEST
>
> <AuthLog FILE>
> Filename %L/authlog/authlog.log
> LogSuccess 1
> LogFailure 1
> SuccessFormat %l,%u,%{NAS-Identifier},%N,%h,OK
> FailureFormat %l,%u,%{NAS-Identifier},%N,%h,FAIL
> </AuthLog>
> RewriteUsername s/^([EMAIL PROTECTED]).*/$1/
>
> <AuthBy FILE>
> Filename /usr/local/etc/users
> EAPType TTLS TLS MD5-Challenge MSCHAP-V2
> EAPTLS_MaxFragmentSize 1024
> EAPTLS_CAFile /etc/radiator/CA.pem
> EAPTLS_CertificateType PEM
> EAPTLS_CertificateFile /etc/radiator/Server.pem
> EAPTLS_PrivateKeyFile /etc/radiator/Server.pem
> EAPTLS_PrivateKeyPassword PrivateKey
>
> EAPTLS_SessionResumption 0
> AutoMPPEKeys
>
> </AuthBy>
> </Realm>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on [EMAIL PROTECTED]
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
--
Mike McCauley [EMAIL PROTECTED]
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP etc on Unix, Windows, MacOS etc.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
