Powered by Jitbit Forum free trial version.
home recent topics recent posts search faq  

TekRADIUS Forum


register | lost password   open id

Messages in this topic - RSS

Home » General » Config for rounter draytek vigor 2820n

General issues
show rated messages only |
13.07.2010 15:03:49

khcig
khcig
Posts: 11 		I config tekradius for rounter, AP zyzxel,tp link, dlink all ok
but I can't config the same for drayteck 2820n
file log display section time out
plese help me config tekradius for drayteck 2820n
Thank you

log file for draytek

RadAuth req. from : 192.168.1.5:3755 - 14/07/2010 10:06:19 SA
Size : 127 / 127
Identifier : 128
Attributes :
14/07/2010 10:06:19 SA - Starting PEAP (A).
Calling-Station-Id = 0013ced2fdfd
NAS-Port-Type = 19
Called-Station-Id = 00507f63d918
User-Name = nddnghi
NAS-IP-Address = 192.168.1.5
NAS-Identifier = 00507f63d918
NAS-Port = 29
Framed-MTU = 1396
14/07/2010 10:06:19 SA - User configured for PEAP authentication; starting PEAP session (Group : AP4).
14/07/2010 10:06:19 SA - Check items control - Start (Group : AP4).
14/07/2010 10:06:19 SA - Check items control - Stop (Group : AP4).
14/07/2010 10:06:19 SA - PEAP Challenge sent for user 'nddnghi'.
14/07/2010 10:06:58 SA - Session timer expired for the session : 6f63972bb9414f28f2b273c01aa6aa77
14/07/2010 10:06:58 SA - Session timer expired for the session : f7a5f45382b4f064e6356e2e23a7b29f


log file for zyzxel (OK with same config)
RadAuth req. from : 192.168.1.1:1027 - 14/07/2010 10:12:29 SA
Size : 136 / 136
Identifier : 1
Attributes :

14/07/2010 10:12:29 SA - Starting PEAP (A).
Calling-Station-Id = 00-13-ce-d2-fd-fd
NAS-Port-Type = 19
Called-Station-Id = 00-02-cf-8a-fb-15:WirelessKHTob
User-Name = nn
NAS-IP-Address = 192.168.1.1
NAS-Identifier = P-660HW-T1_v2
Framed-MTU = 1496
14/07/2010 10:12:29 SA - User configured for PEAP authentication; starting PEAP session (Group : AP1).
14/07/2010 10:12:29 SA - Check items control - Start (Group : AP1).
14/07/2010 10:12:29 SA - Check items control - Stop (Group : AP1).
14/07/2010 10:12:29 SA - PEAP Challenge sent for user 'nn'.
RadAuth req. from : 192.168.1.1:1027 - 14/07/2010 10:12:30 SA
Size : 243 / 243
Identifier : 2
Attributes :
Calling-Station-Id = 00-13-ce-d2-fd-fd
NAS-Port-Type = 19
Called-Station-Id = 00-02-cf-8a-fb-15:WirelessKHTob
User-Name = nn
NAS-IP-Address = 192.168.1.1
NAS-Identifier = P-660HW-T1_v2
Framed-MTU = 1496
State = 2a5c3b973318c1b6fbd1edd0bfa0e56d
14/07/2010 10:12:30 SA - Check items control - Start (Group : AP1).
14/07/2010 10:12:30 SA - Check items control - Stop (Group : AP1).
14/07/2010 10:12:30 SA - PEAP Challenge sent for user 'nn'.
RadAuth req. from : 192.168.1.1:1027 - 14/07/2010 10:12:30 SA
Size : 355 / 355
Identifier : 3
Attributes :
Calling-Station-Id = 00-13-ce-d2-fd-fd
NAS-Port-Type = 19
Called-Station-Id = 00-02-cf-8a-fb-15:WirelessKHTob
User-Name = nn
NAS-IP-Address = 192.168.1.1
NAS-Identifier = P-660HW-T1_v2
Framed-MTU = 1496
State = 2a5c3b973318c1b6fbd1edd0bfa0e56d
14/07/2010 10:12:30 SA - Key Block 64 byte(s)
[00] 91 A8 57 9B 04 37 8E 71 5F 4E 30 2E 48 11 ED 73 ..W..7.q _N0.H..s
[01] B5 FE 51 A4 6F 2B 36 B3 D6 54 45 FE 35 DC 86 9B ..Q.o+6. .TE.5...
[02] 0E 4C F4 48 F3 B6 E1 AB 28 B8 25 5A 38 1B 2C F3 .L.H.... (.%Z8.,.
[03] 85 4A 22 21 F8 0E AB 30 52 FC 0A 75 32 99 8D 3F .J"!...0 R..u2..?
14/07/2010 10:12:30 SA - TLS Session has been established (Group : AP1).
14/07/2010 10:12:30 SA - Check items control - Start (Group : AP1).
14/07/2010 10:12:30 SA - Check items control - Stop (Group : AP1).
14/07/2010 10:12:30 SA - PEAP Challenge sent for user 'nn'.
RadAuth req. from : 192.168.1.1:1027 - 14/07/2010 10:12:30 SA
Size : 169 / 169
Identifier : 4
Attributes :
Calling-Station-Id = 00-13-ce-d2-fd-fd
NAS-Port-Type = 19
Called-Station-Id = 00-02-cf-8a-fb-15:WirelessKHTob
User-Name = nn
NAS-IP-Address = 192.168.1.1
NAS-Identifier = P-660HW-T1_v2
Framed-MTU = 1496
State = 2a5c3b973318c1b6fbd1edd0bfa0e56d
14/07/2010 10:12:30 SA - Check items control - Start (Group : AP1).
14/07/2010 10:12:30 SA - Check items control - Stop (Group : AP1).
14/07/2010 10:12:30 SA - PEAP Challenge sent for user 'nn'.
RadAuth req. from : 192.168.1.1:1027 - 14/07/2010 10:12:30 SA
Size : 193 / 193
Identifier : 5
Attributes :
14/07/2010 10:12:30 SA - Received EAP Message : 7 byte(s)
[00] 02 05 00 07 01 6E 6E .....nn
14/07/2010 10:12:30 SA - Sending MS-CHAP-v2-Challenge.
Calling-Station-Id = 00-13-ce-d2-fd-fd
NAS-Port-Type = 19
Called-Station-Id = 00-02-cf-8a-fb-15:WirelessKHTob
User-Name = nn
NAS-IP-Address = 192.168.1.1
NAS-Identifier = P-660HW-T1_v2
Framed-MTU = 1496
State = 2a5c3b973318c1b6fbd1edd0bfa0e56d
14/07/2010 10:12:30 SA - Check items control - Start (Group : AP1).
14/07/2010 10:12:30 SA - Check items control - Stop (Group : AP1).
14/07/2010 10:12:30 SA - PEAP Challenge sent for user 'nn'.
RadAuth req. from : 192.168.1.1:1027 - 14/07/2010 10:12:30 SA
Size : 247 / 247
Identifier : 6
Attributes :
14/07/2010 10:12:30 SA - Received EAP Message : 61 byte(s)
[00] 02 06 00 3D 1A 02 06 00 38 31 E4 94 AA 3E F5 A1 ...=.... 81...>..
[01] F4 7E E8 84 36 9C EC B4 09 BB 00 00 00 00 00 00 .~..6... ........
[02] 00 00 C4 B1 45 EF FE 84 92 C0 78 EB 4B 8A B5 F3 ....E... ..x.K...
[03] B7 AA 67 DC 29 58 DA 0B 3E 7B 00 6E 6E ..g.)X.. >{.nn
14/07/2010 10:12:30 SA - MS-CHAP-v2-Challenge-Response received.
Calling-Station-Id = 00-13-ce-d2-fd-fd
NAS-Port-Type = 19
Called-Station-Id = 00-02-cf-8a-fb-15:WirelessKHTob
User-Name = nn
NAS-IP-Address = 192.168.1.1
NAS-Identifier = P-660HW-T1_v2
Framed-MTU = 1496
State = 2a5c3b973318c1b6fbd1edd0bfa0e56d
14/07/2010 10:12:30 SA - Check items control - Start (Group : AP1).
14/07/2010 10:12:30 SA - Check items control - Stop (Group : AP1).
14/07/2010 10:12:30 SA - PEAP Challenge sent for user 'nn'.
RadAuth req. from : 192.168.1.1:1027 - 14/07/2010 10:12:30 SA
Size : 192 / 192
Identifier : 7
Attributes :
14/07/2010 10:12:30 SA - Received EAP Message : 6 byte(s)
[00] 02 07 00 06 1A 03 ......
14/07/2010 10:12:30 SA - MS-CHAP-v2-Challenge-Response received.
Calling-Station-Id = 00-13-ce-d2-fd-fd
NAS-Port-Type = 19
Called-Station-Id = 00-02-cf-8a-fb-15:WirelessKHTob
User-Name = nn
NAS-IP-Address = 192.168.1.1
NAS-Identifier = P-660HW-T1_v2
Framed-MTU = 1496
State = 2a5c3b973318c1b6fbd1edd0bfa0e56d
14/07/2010 10:12:30 SA - Check items control - Start (Group : AP1).
14/07/2010 10:12:30 SA - Check items control - Stop (Group : AP1).
14/07/2010 10:12:30 SA - PEAP Challenge sent for user 'nn'.
RadAuth req. from : 192.168.1.1:1027 - 14/07/2010 10:12:30 SA
Size : 201 / 201
Identifier : 8
Attributes :
14/07/2010 10:12:30 SA - Received EAP Message : 11 byte(s)
[00] 02 08 00 0B 21 80 03 00 02 00 01 ....!... ...
14/07/2010 10:12:30 SA - PEAP Authentication successful
Calling-Station-Id = 00-13-ce-d2-fd-fd
NAS-Port-Type = 19
Called-Station-Id = 00-02-cf-8a-fb-15:WirelessKHTob
User-Name = nn
NAS-IP-Address = 192.168.1.1
NAS-Identifier = P-660HW-T1_v2
Framed-MTU = 1496
State = 2a5c3b973318c1b6fbd1edd0bfa0e56d
14/07/2010 10:12:30 SA - Check items control - Start (Group : AP1).
14/07/2010 10:12:30 SA - Check items control - Stop (Group : AP1).
14/07/2010 10:12:30 SA - Authentication successfull for user 'nn'
14/07/2010 10:12:30 SA - Fetching Success-Reply items - Start.
14/07/2010 10:12:30 SA - Fetching Success-Reply items - Stop.
14/07/2010 10:12:30 SA - Generation of WPA Session Keys - Start.
14/07/2010 10:12:30 SA - Generation of WPA Session Keys - Stop.
14/07/2010 10:12:30 SA - Generating Reply Packet - Start.
14/07/2010 10:12:30 SA - Generating Reply Packet - Stop.
RadAuth reply to : 192.168.1.1 - 14/07/2010 10:12:30 SA
Size : 164
Identifier : 8
Attributes :
MS-MPPE-Send-Key = 8042BCBFB53F3BAC695A001D49B17F2B
MS-MPPE-Recv-Key = 80434A4CB5E6D00C8DFE1D65CD987DE8
User-Name = nn
edited by khcig on 14.07.2010
0 permalink
14.07.2010 12:52:04

Admin
Admin
Administrator
Posts: 1684 		Hi,

Have you set Mode = WPA/802.1x Only in Wireless Lan >> Security Settings page?

Best regards,

Yasin KAPLAN
0 permalink
18.07.2010 06:43:09

khcig
khcig
Posts: 11 		I already try with WPA/802.1x Only and mix WPA2 & WPA/802.1x Only
In server config I check pass,nas ip,CA,tls method
Please show me any wrong, thankyou
0 permalink
19.07.2010 10:44:47

Admin
Admin
Administrator
Posts: 1684 		Hi,

As far as I see TekRADIUS successfully authenticates the client. Is it possible to get a debug log from draytek 2820n?

Best regards,

Yasin KAPLAN
0 permalink
20.07.2010 10:11:40

khcig
khcig
Posts: 11 		here the draytek sys log file:


1502010-07-20 14:00:24Jan 1 00:30:49KHWireless4WLAN_DBG - MLME Associate MAC 00:13:ce:d2:fd:fd
1502010-07-20 14:00:24Jan 1 00:30:49KHWireless4WLAN_DBG - EAPoL_handler, from 0:13:ce:d2:fd:fd
1502010-07-20 14:00:24Jan 1 00:30:49KHWireless4WLAN_DBG - Dot1x_EAPOL_handler: EAP_Start
1502010-07-20 14:00:24Jan 1 00:30:49KHWireless4WLAN_DBG - Dot1x_session_start
1502010-07-20 14:00:24Jan 1 00:30:49KHWireless4WLAN_DBG - send_EAPOL
1502010-07-20 14:00:27Jan 1 00:30:52KHWireless4WLAN_DBG - send_EAPOL
1502010-07-20 14:00:30Jan 1 00:30:55KHWireless4WLAN_DBG - send_EAPOL
1502010-07-20 14:00:33Jan 1 00:30:58KHWireless4WLAN_DBG - send_EAPOL
1502010-07-20 14:00:36Jan 1 00:31:01KHWireless4WLAN_DBG - EAPoL_handler, from 0:13:ce:d2:fd:fd
1502010-07-20 14:00:36Jan 1 00:31:01KHWireless4WLAN_DBG - Dot1x_EAPOL_handler: EAP_Packet
1502010-07-20 14:00:36Jan 1 00:31:01KHWireless4WLAN_DBG - send_RADIUS
1502010-07-20 14:00:36Jan 1 00:31:01KHWireless4WLAN_DBG - ACCESS CHALLENGE
1502010-07-20 14:00:36Jan 1 00:31:01KHWireless4WLAN_DBG - send_EAPOL
1502010-07-20 14:00:36Jan 1 00:31:01KHWireless4WLAN_DBG - EAPoL_handler, from 0:13:ce:d2:fd:fd
1502010-07-20 14:00:36Jan 1 00:31:01KHWireless4WLAN_DBG - Dot1x_EAPOL_handler: EAP_Packet
1502010-07-20 14:00:36Jan 1 00:31:01KHWireless4WLAN_DBG - Wrong EAP data type
1502010-07-20 14:00:36Jan 1 00:31:01KHWireless4WLAN_DBG - 802.1x frame error from 0:13:ce:d2:fd:fd
1502010-07-20 14:00:39Jan 1 00:31:04KHWireless4WLAN_DBG - send_EAPOL
1502010-07-20 14:00:39Jan 1 00:31:04KHWireless4WLAN_DBG - EAPoL_handler, from 0:13:ce:d2:fd:fd
1502010-07-20 14:00:39Jan 1 00:31:04KHWireless4WLAN_DBG - Dot1x_EAPOL_handler: EAP_Packet
1502010-07-20 14:00:39Jan 1 00:31:04KHWireless4WLAN_DBG - Wrong EAP data type
1502010-07-20 14:00:39Jan 1 00:31:04KHWireless4WLAN_DBG - 802.1x frame error from 0:13:ce:d2:fd:fd
1502010-07-20 14:00:42Jan 1 00:31:07KHWireless4WLAN_DBG - send_EAPOL
1502010-07-20 14:00:42Jan 1 00:31:07KHWireless4WLAN_DBG - EAPoL_handler, from 0:13:ce:d2:fd:fd
1502010-07-20 14:00:42Jan 1 00:31:07KHWireless4WLAN_DBG - Dot1x_EAPOL_handler: EAP_Packet
1502010-07-20 14:00:42Jan 1 00:31:07KHWireless4WLAN_DBG - Wrong EAP data type
1502010-07-20 14:00:42Jan 1 00:31:07KHWireless4WLAN_DBG - 802.1x frame error from 0:13:ce:d2:fd:fd
1502010-07-20 14:00:45Jan 1 00:31:10KHWireless4WLAN_DBG - send_EAPOL
1502010-07-20 14:00:45Jan 1 00:31:10KHWireless4WLAN_DBG - EAPoL_handler, from 0:13:ce:d2:fd:fd
1502010-07-20 14:00:45Jan 1 00:31:10KHWireless4WLAN_DBG - Dot1x_EAPOL_handler: EAP_Packet
1502010-07-20 14:00:45Jan 1 00:31:10KHWireless4WLAN_DBG - Wrong EAP data type
1502010-07-20 14:00:45Jan 1 00:31:10KHWireless4WLAN_DBG - 802.1x frame error from 0:13:ce:d2:fd:fd
1502010-07-20 14:00:48Jan 1 00:31:13KHWireless4WLAN_DBG - send_EAPOL
1502010-07-20 14:00:48Jan 1 00:31:13KHWireless4WLAN_DBG - EAPoL_handler, from 0:13:ce:d2:fd:fd
1502010-07-20 14:00:48Jan 1 00:31:13KHWireless4WLAN_DBG - Dot1x_EAPOL_handler: EAP_Packet
1502010-07-20 14:00:48Jan 1 00:31:13KHWireless4WLAN_DBG - Wrong EAP data type
1502010-07-20 14:00:48Jan 1 00:31:13KHWireless4WLAN_DBG - 802.1x frame error from 0:13:ce:d2:fd:fd
1502010-07-20 14:00:51Jan 1 00:31:16KHWireless4WLAN_DBG - send_EAPOL
1502010-07-20 14:00:51Jan 1 00:31:16KHWireless4WLAN_DBG - EAPoL_handler, from 0:13:ce:d2:fd:fd
1502010-07-20 14:00:51Jan 1 00:31:16KHWireless4WLAN_DBG - Dot1x_EAPOL_handler: EAP_Packet
1502010-07-20 14:00:51Jan 1 00:31:16KHWireless4WLAN_DBG - Wrong EAP data type
1502010-07-20 14:00:51Jan 1 00:31:16KHWireless4WLAN_DBG - 802.1x frame error from 0:13:ce:d2:fd:fd
1502010-07-20 14:00:54Jan 1 00:31:19KHWireless4WLAN_DBG - send_EAPOL
1502010-07-20 14:00:54Jan 1 00:31:19KHWireless4WLAN_DBG - EAPoL_handler, from 0:13:ce:d2:fd:fd
1502010-07-20 14:00:54Jan 1 00:31:19KHWireless4WLAN_DBG - Dot1x_EAPOL_handler: EAP_Packet
1502010-07-20 14:00:54Jan 1 00:31:19KHWireless4WLAN_DBG - Wrong EAP data type
1502010-07-20 14:00:54Jan 1 00:31:19KHWireless4WLAN_DBG - 802.1x frame error from 0:13:ce:d2:fd:fd
1502010-07-20 14:00:57Jan 1 00:31:22KHWireless4WLAN_DBG - 802.1x handshake timeout, disconnect 0:13:ce:d2:fd:fd
1502010-07-20 14:01:00Jan 1 00:31:25KHWireless4WLAN_DBG - MLME Disassoc MAC 0:13:ce:d2:fd:fd
1502010-07-20 14:01:00Jan 1 00:31:25KHWireless4WLAN_DBG - WEP_session_stop
1502010-07-20 14:01:00Jan 1 00:31:25KHWireless4WLAN_DBG - MLME Associate MAC 00:13:ce:d2:fd:fd
1502010-07-20 14:01:00Jan 1 00:31:25KHWireless4WLAN_DBG - Dot1x_session_start
1502010-07-20 14:01:00Jan 1 00:31:25KHWireless4WLAN_DBG - send_EAPOL
1502010-07-20 14:01:00Jan 1 00:31:25KHWireless4WLAN_DBG - 802.1x handshake start for 0:13:ce:d2:fd:fd
1502010-07-20 14:01:01Jan 1 00:31:25KHWireless4WLAN_DBG - EAPoL_handler, from 0:13:ce:d2:fd:fd
1502010-07-20 14:01:01Jan 1 00:31:25KHWireless4WLAN_DBG - Dot1x_EAPOL_handler: EAP_Start
1502010-07-20 14:01:03Jan 1 00:31:28KHWireless4WLAN_DBG - MLME Disassoc MAC 0:13:ce:d2:fd:fd
1502010-07-20 14:01:03Jan 1 00:31:28KHWireless4WLAN_DBG - Dot1x_session_stop
1662010-07-20 14:01:09Jan 1 00:31:34KHWireless4DSL: DSL Rebooting...
0 permalink
21.07.2010 06:47:14

khcig
khcig
Posts: 11 		Please help me, I don't know why it display " Wrong EAP data type"
0 permalink
21.07.2010 08:41:17

Admin
Admin
Administrator
Posts: 1684 		It seems that EAP types configured for the client and RADIUS server does not match.
Can you confirm that client is configured for PEAP authentication?
0 permalink
21.07.2010 10:52:20

khcig
khcig
Posts: 11 		In client (use winXP) I use EAP type is Protect EAP (PEAP), Autho EAP-MSChap V2 , uncheck auto use my windows logon,CA made from tekcir ( same with config run good for TPlink and Dlink)
0 permalink
21.07.2010 17:04:52

Admin
Admin
Administrator
Posts: 1684 		Have you tested with another RADIUS server like Microsoft IAS?
0 permalink
show rated messages only |


Home » General » Config for rounter draytek vigor 2820n




Powered by Jitbit Forum 7.2.3.0 © 2006-2011 Jitbit Software