[RADIATOR] ERROR: invalid byte sequence for encoding "UTF8"

Hi List Recently, I've begun seeing the following error message in my radius logs at the point where radius accounting packet data is inserted to the postgresql database I'm using with radiator 4.9: --- ERROR: invalid byte sequence for encoding "UTF8": 0x9e HINT: This error can also happen if the

[RADIATOR] eap + apple products - failed auth

All, I'm facing a pretty weird problem while trying to set up EAP authentication. Windows and Linux devices seem to work fine without issues -- the clients are prompted to authenticate, accept the certificate, and then they're successfully auth'ed and hop onto the wireless network. Apple products

Re: [RADIATOR] eap + apple products - failed auth

Hi, Try setting EAPTLS_PEAPVersion as 0 instead of 1 - been a while since I wrote my configuration but I think that was the value that made OS X and iOS clients work for me. Regards, Adam Bishop On 28 Feb 2012, at 17:38, James wrote: > All, > > I'm facing a pretty weird problem while trying

Re: [RADIATOR] eap + apple products - failed auth

Hello James, Are you using MD5 hashing for the issuer certificate ? Apple dropped support for MD5 hashing for all certificates, except the CA (root) ones, starting with iOS 5. Martin Bérubé Analyste Technique Architecture Et Sécurité Tél. : (450) 463-1890 poste 3362 Avant d'imprimer, pensez à l

Re: [RADIATOR] eap + apple products - failed auth

Thanks for the response. I'm not sure how to determine that; can you give me a nudge in the right direction? -james On Tue, Feb 28, 2012 at 12:49, Martin Bérubé wrote: > Hello James, > > Are you using MD5 hashing for the issuer certificate ? > Apple dropped support for MD5 hashing for all cert

Re: [RADIATOR] eap + apple products - failed auth

Adam, Thanks for the response. I'll give that a whirl and get back. Thanks! -james On Tue, Feb 28, 2012 at 12:48, Adam Bishop wrote: > Hi, > > Try setting EAPTLS_PEAPVersion as 0 instead of 1 - been a while since I wrote > my configuration but I think that was the value that made OS X and iOS

Re: [RADIATOR] eap + apple products - failed auth

Hi, Sometime ago, we had the same problem, and our solution was making this change (EAPTLS_PEAPVersion to 0). We had no previous problems using PAP/TTLS. Hope you can solve this. Regards On Tue, 28 Feb 2012 17:48:53 +, Adam Bishop wrote: > Hi, > > Try setting EAPTLS_PEAPVersion as 0 i

Re: [RADIATOR] eap + apple products - failed auth

Yes, setting the EAPTLS_PEAPVersion set to '0' seems to work. Does this result in any sort of "less secure" communications? What is the difference between the two PEAP draft versions? -james On Tue, Feb 28, 2012 at 13:06, chema wrote: >  Hi, > >  Sometime ago, we had the same problem, and our

Re: [RADIATOR] eap + apple products - failed auth

Well, The problem we had was for TLS. Our PKI infrastructure had a hashed signature whit MD5. The hashing used should be at least SHA-1 for iOS 5 devices. In Microsoft Windows, if you start certmgr.msc, and look at a Root CA certificate, in Details, you can find the hashing algorythm used for t

Re: [RADIATOR] eap + apple products - failed auth

Hi, now i can´t remember exactly the differences between the two types. Among others, it relates to the inner capabilities of the authentication protocol. Keep in mind that is only used for authentication, which is protected also by the wireless methods on the air (WPA, WPA2, etc). I don't

Re: [RADIATOR] eap + apple products - failed auth

Hi, PEAPv0 is the standard method that everyone uses that was created by RSA/Microsoft/Cisco (I think Intel had some say as well...but cant recall) its the usual one in almost all clients when you choose 'PEAP' Cisco went ahead to 'fix' things and, using GTC as the inner method helped push for

Re: [RADIATOR] eap + apple products - failed auth

Hi, > Thanks for the response. > > I'm not sure how to determine that; can you give me a nudge in the > right direction? you can use the 'openssl' tool to view your certificates details eg openssl x509 -in yourcert.der -text -noout (or such...) alan ___

[RADIATOR] Eap ttls/mschapv2 & MySQL

Hi, I currently have an evaluation license of Radiator RADIUS server. And I would like to use it on Wimax 16e, EAP-TTLS/MSCHAPv2 and MySQL. Don't understand where to begin a configuration. All I have is old RADIUS server's DB and configuration. (aradial aaa) In my opinion I should have sele

Re: [RADIATOR] Eap ttls/mschapv2 & MySQL

Hi, Forgot to mention I’ve followed http://www.open.com.au/radiator/install-demo.html Section “Windows installation with XAMPP“ all went good up to step 11. Now need more configuration J BR, Puje From: radiator-boun...@open.com.au [m

Re: [RADIATOR] Eap ttls/mschapv2 & MySQL

Hi, Forgot to mention I’ve followed http://www.open.com.au/radiator/install-demo.html Section “Windows installation with XAMPP“ all went good up to step 11. Now need more configuration J, Reading Goodies. BR, Puje From: radiator-b