[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Help-gnu-radius] 3Com Wireless AP7250
|
From: |
zamri |
|
Subject: |
Re: [Help-gnu-radius] 3Com Wireless AP7250 |
|
Date: |
Fri, 20 May 2005 12:42:40 +0800 |
1) FIRST, ACTUALLY I'M NEW TO RADIUS AND MY COMPANY ASKING ME TO
EVALUATING THE WIRELESS LAN WITH RADIUS AUTHENTICATION, OF COURSE THIS IS A
FIRST TIME SETUP, THE MANUAL IS VERY TECHNICAL AND LACK OF EXAMPLES,
ANYWAY I WILL CONTINUE UNTIL SUCCESSFULLY SETUP ALTHOUGH I NEED TO CHANGED THE
AP (CHANGING THE GNU RADIUS IS NOT POSSIBLE AT THIS TIME).
SO..I HOPE YOU CAN ADVICE ME WHAT IS WRONG TO THE SETUP (JUST ADVICE ME
WHERE IS IT STUCKED: AT RADIUS, AP OR MyPC), YOUR ASSISTANCE IS HIGHLY
APPRECIATED.
(MyPC Setup: AUTH -> 8021X - EAP Type : MD5)
raddb]# cat users
#Format: LABEL LHS RHS
#
#
#----------------------------------------------------------------
BEGIN Huntgroup-Name = "AFFINBANK"
Fall-Through = Yes
#----------------------------------------------------------------
# (Test1) Plain Text Passwd
zamri Auth-Type = Local,
User-Password = password,
Simultaneous-Use = 1
Service-Type = Login-User
#---------------------------------------------------------------
# (Test2) ENCRYPT Passwd
zamri2 Auth-Type = Crypt-Local,
User-Password = "3IsHW/j5uSYgE",
Simultaneous-Use = 1
Service-Type = Login-User
#----------------------------------------------------------------
# (Test3) MyPc MAC Address
0012a94e9707 Auth-Type = Local,
User-Password = 0012a94e9707
Service-Type = Login-User
#----------------------------------------------------------------
1) THIS IS WHAT I GOT WHEN I TEST USERNAME/PASSWORD UNDER REDAUTH UTILITY, THEN
I ENABLED MY WI-FI (AP SETTING: AUTH -> RADIUS MAC)
raddb]# /etc/rc.d/init.d/radius reload
raddb]# Reloading configs
raddb]#
raddb]# radauth zamri password
raddb]# Authentication passed.
raddb]# radauth zamri2 password
raddb]# Authentication passed.
raddb]# tail -f /var/log/radius.log
May 20 09:47:42 Main.info: Reloading configuration now
May 20 09:47:42 Main.info: Terminating the subprocesses
May 20 09:47:42 Main.notice: child 13326 exited with status 0
May 20 09:47:42 Main.info: Loading configuration files.
May 20 09:47:42 Main.info: reading /usr/etc/raddb/config
May 20 09:47:42 Main.info: /usr/etc/raddb/users reloaded.
May 20 09:48:22 Auth.notice: (Access-Request affin01 123 "zamri"): Login
OK [zamri/password]
May 20 09:48:32 Auth.notice: (Access-Request affin01 124 "zamri2"): Login OK
[zamri2/password]
May 20 09:51:00 Auth.notice: (Access-Request affin02 2 "0012a94e9707"):
Login OK [0012a94e9707/0012a94e9707]
raddb]# cat /var/log/radacct/affin01/detail.auth
Fri May 20 09:48:22 2005
User-Name = zamri
NAS-IP-Address = 172.17.2.112
Timestamp = 1116596902
Request-Authenticator = None
Fri May 20 09:48:32 2005
User-Name = zamri2
NAS-IP-Address = 172.17.2.112
Timestamp = 1116596912
Request-Authenticator = None
raddb]# cat /var/log/radacct/affin02/detail.auth
Fri May 20 09:51:00 2005
User-Name = 0012a94e9707
Timestamp = 1116597060
Request-Authenticator = None
3) AFTER THAT I CHANGED AP SETTING: AUTH MAC -> DISABLED
raddb]# tail -f /var/log/radius.log
May 20 11:21:50 Auth.notice: (Access-Request affin02 3 "zamri"
CLID=0012a94e9707 CSID=0012a90641a3): Login incorrect [zamri/]
May 20 11:21:55 Auth.notice: (Access-Request affin02 3 "zamri"
CLID=0012a94e9707 CSID=0012a90641a3): Login incorrect [zamri/]
May 20 11:22:13 Auth.notice: (Access-Request affin02 4 "zamri2"
CLID=0012a94e9707 CSID=0012a90641a3): Login incorrect [zamri2/]
raddb]# cat /var/log/radacct/affin02/detail.auth
Fri May 20 11:21:55 2005
User-Name = zamri
NAS-IP-Address = 130.12.3.20
NAS-Port-Type = 19
NAS-Port-Id = 1
Framed-MTU = 1400
Calling-Station-Id = 0012a94e9707
Called-Station-Id = 0012a90641a3
NAS-Identifier = affin02
EAP-Message = \002\001\000\012\001zamri
Message-Authenticator =
\322\010\342\204\170\173\044\200\254\366\014\165\307\220ah
Timestamp = 1116602515
Request-Authenticator = None
Fri May 20 11:22:13 2005
User-Name = zamri2
NAS-IP-Address = 130.12.3.20
NAS-Port-Type = 19
NAS-Port-Id = 1
Framed-MTU = 1400
Calling-Station-Id = 0012a94e9707
Called-Station-Id = 0012a90641a3
NAS-Identifier = affin02
EAP-Message = \002\001\000\013\001zamri2
Message-Authenticator =
\320\112\227\026K<è¾^\012\013\330\144\223\010\010
Timestamp = 1116602533
Request-Authenticator = None
4) BELOW ARE WHAT 3COM AP7250 SAID;
There are no special settings on the access point to distinguish between
the various RADIUS policies or authentication types (for example EAP-MD5,
EAP-TLS, EAP-TTLS). These policies are set up and controlled on the RADIUS
server.
The access point can send connection parameters to a RADIUS server, as
well as statistics for accounting purposes. The access point is compatible with
RFC2866 (the RADIUS Accounting specification).
THANKS....
Zamri Hamzah
Network Operations Support
++++++++++++++++++++++++++++++++
Affinbank Bhd
"Banking without barriers"
++++++++++++++++++++++++++++++++
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
**********************************************************************