21.07.2010 05:47:45
jaaron64
Posts: 9
|
I've made my radius public and have configured users but cannot authenticate. using default group with created users... do you have sample configs?
|
|
0
• permalink
|
21.07.2010 08:38:22
Admin
Administrator
Posts: 1684
|
Hi,
Can you send me TekRADIUS log entries after log level to debug at settings / service parameters?
Best regards,
Yasin KAPLAN
|
|
0
• permalink
|
21.07.2010 16:39:59
jaaron64
Posts: 9
|
I turned on debug logging and will test. I'll send logs once I've have some data.
Thanks for your help!
-Aaron
|
|
0
• permalink
|
22.07.2010 03:30:35
jaaron64
Posts: 9
|
Here's the log. now remember I'm a noob. However, my purpose is to be able to have this setup so that I can have people point their AP's to me and then authenticate their wireless users.
7/21/2010 6:35:58 AM - TekRADIUS Service is listening on : 192.168.0.91 (5 client(s))
RadAuth req. from : 184.96.227.143:17102 - 7/21/2010 5:19:10 PM
Size : 83 / 83
7.143:17102 - 7/21/2010 5:19:10 PM
RadAuth req. from : 184.96.227.143:17102 - 7/21/2010 5:19:10 PM
RadAuth req. from : 184.96.227.143:17102 - 7/21/2010 5:19:10 PM
Size : 83 / 83
Identifier : 1
/ 83
Identifier : 0
Attributes :
Attributes :
Attributes :
7/21/2010 5:19:10 PM - Invalid Auth. packet received from : 184.96.227.143 (Invalid Message-Authenticator).
7/21/2010 5:19:10 PM - Invalid Auth. packet received from : 184.96.227.143 (Invalid Message-Authenticator).
RadAuth req. from : 184.96.227.143:17102 - 7/21/2010 5:19:28 PM
Size : 83 / 83
Identifier : 2
Attributes :
7/21/2010 5:19:28 PM - Invalid Auth. packet received from : 184.96.227.143 (Invalid Message-Authenticator).
RadAuth req. from : 184.96.227.143:17102 - 7/21/2010 5:20:44 PM
Size : 83 / 83
Identifier : 3
Attributes :
7/21/2010 5:20:44 PM - Invalid Auth. packet received from : 184.96.227.143 (Invalid Message-Authenticator).
RadAuth req. from : 184.96.227.143:17102 - 7/21/2010 5:20:44 PM
Size : 83 / 83
Identifier : 4
Attributes :
7/21/2010 5:20:44 PM - Invalid Auth. packet received from : 184.96.227.143 (Invalid Message-Authenticator).
RadAuth req. from : 184.96.227.143:17102 - 7/21/2010 5:21:02 PM
Size : 83 / 83
Identifier : 5
Attributes :
7/21/2010 5:21:02 PM - Invalid Auth. packet received from : 184.96.227.143 (Invalid Message-Authenticator).
RadAuth req. from : 184.96.227.143:17102 - 7/21/2010 5:21:22 PM
Size : 83 / 83
Identifier : 6
Attributes :
7/21/2010 5:21:22 PM - Invalid Auth. packet received from : 184.96.227.143 (Invalid Message-Authenticator).
RadAuth req. from : 184.96.227.143:17102 - 7/21/2010 5:21:22 PM
Size : 83 / 83
Identifier : 7
Attributes :
7/21/2010 5:21:22 PM - Invalid Auth. packet received from : 184.96.227.143 (Invalid Message-Authenticator).
RadAuth req. from : 184.96.227.143:17102 - 7/21/2010 5:21:40 PM
Size : 83 / 83
Identifier : 8
Attributes :
7/21/2010 5:21:40 PM - Invalid Auth. packet received from : 184.96.227.143 (Invalid Message-Authenticator).
RadAuth req. from : 184.96.227.143:17102 - 7/21/2010 5:22:42 PM
Size : 85 / 85
Identifier : 9
Attributes :
7/21/2010 5:22:42 PM - Invalid Auth. packet received from : 184.96.227.143 (Invalid Message-Authenticator).
RadAuth req. from : 184.96.227.143:17102 - 7/21/2010 5:22:42 PM
Size : 85 / 85
Identifier : 10
Attributes :
7/21/2010 5:22:42 PM - Invalid Auth. packet received from : 184.96.227.143 (Invalid Message-Authenticator).
RadAuth req. from : 184.96.227.143:17102 - 7/21/2010 5:22:50 PM
Size : 75 / 75
Identifier : 11
Attributes :
7/21/2010 5:22:50 PM - Invalid Auth. packet received from : 184.96.227.143 (Invalid Message-Authenticator).
RadAuth req. from : 184.96.227.143:17102 - 7/21/2010 5:23:00 PM
Size : 85 / 85
Identifier : 12
Attributes :
7/21/2010 5:23:00 PM - Invalid Auth. packet received from : 184.96.227.143 (Invalid Message-Authenticator).
|
|
0
• permalink
|
22.07.2010 09:56:02
Admin
Administrator
Posts: 1684
|
Hi,
You need to have an entry for your access server in Clients tab of TekRADIUS Manager.
Best regards,
Yasin KAPLAN
|
|
0
• permalink
|
23.07.2010 03:31:20
jaaron64
Posts: 9
|
Actually I do. Several and I tried three of the client id's that i had created.
|
|
0
• permalink
|
23.07.2010 10:15:18
Admin
Administrator
Posts: 1684
|
What type of access server do you use?
|
|
0
• permalink
|
23.07.2010 16:13:42
jaaron64
Posts: 9
|
I'm not sure I understand your question....
|
|
0
• permalink
|
23.07.2010 16:52:25
Admin
Administrator
Posts: 1684
|
What is vendor and model of your access server?
|
|
0
• permalink
|
23.07.2010 17:09:41
jaaron64
Posts: 9
|
Sorry for the misunderstanding. The one that I'm testing against currently is the DLink DIR-655.
|
|
0
• permalink
|
23.07.2010 17:58:50
Admin
Administrator
Posts: 1684
|
Hi,
Please make sure that shared secret configured for D-Link matches the one in TekRADIUS.
Best regards,
Yasin KAPLAN
|
|
0
• permalink
|
09.08.2010 19:05:55
jaaron64
Posts: 9
|
I made sure the secret was that same...
Can you tell me all the attributes that are required for a public radius server that will authenticate users no matter what their AP might be?
-Aaron
|
|
0
• permalink
|
10.08.2010 09:45:34
Admin
Administrator
Posts: 1684
|
Hi,
You ned to have minumum following attributes in a TekRADIUS user profile for PEAP authentication;
User-Password (Check)
TLS-Certificate (Check)
Best regards,
Yasin KAPLAN
|
|
0
• permalink
|
17.08.2010 21:08:06
jaaron64
Posts: 9
|
Is that per user or per group? If I create a group with those elements and assign the user to a specific group, does the the user need specific attributes or are they all inherited from the group, (which would mean that group attributes take priority over user attributes)?
|
|
0
• permalink
|
18.08.2010 09:15:51
Admin
Administrator
Posts: 1684
|
Hi,
You can have TLS-Certificate attribute in group profile. But you should have a unique password for each user profile.
User attributes override group attributes.
|
|
0
• permalink
|