17.07.2011 23:18:45
Ivaldo Leão Ferreira
Posts: 6
|
Dear Mr. Kaplan,
I tried to configure Windows 7 Clients to authenticate against TekRadius. I made tests with Radius Test program, all tests were succeed.
Unfortunately all attempts to authenticate wpa2-Enterprise has failed. I am trying to use EAP-MSCHAP V2 as authentication method, with a
certificate generated by myself. I need to demonstrate this for the administration in order to buy TekRadius for Uni Campi. I saw a presentation
on youtube about errors with TekRadius, but it doesn´t help me at all. Where i should configure on Tekradius server to use my
own generated cetificate. Important, we waiting for this test to buy it. The AP used in this test was TPLINK WR841N,
Thank you for now,
Best wishes,
ileao
--
Professor at Mechanical Engineering Department
High Speed Network Admin
Federal Fluminense University
|
|
|
0
• permalink
|
18.07.2011 09:02:46
Admin
Administrator
Posts: 1833
|
Hi,
Can you send TekRADIUS log entries (Accessible through File menu) after setting log level to debug at Settings / Service Parameters?
Best regards,
Yasin KAPLAN
|
|
|
0
• permalink
|
18.07.2011 16:57:10
Ivaldo Leão Ferreira
Posts: 6
|
Dear Mr. Kaplan,
Attached are the requested log files,
Never Mind,
ileao
--
Professor at Mechanical Engineering Department
High Speed Network Admin
Federal Fluminense University
|
|
|
0
• permalink
|
18.07.2011 16:58:39
Ivaldo Leão Ferreira
Posts: 6
|
Dear Mr Kaplan,
Herewith is found the requested debug log file,
Best wihes,
ileao
--
Professor at Mechanical Engineering Department
High Speed Network Admin
Federal Fluminense University
|
|
|
0
• permalink
|
18.07.2011 17:00:32
Ivaldo Leão Ferreira
Posts: 6
|
Mr. Kaplan,
I can´t upload files, then herewith is found the resquest debug log,
Best wihes,
ileao
18/07/2011 10:42:49 - TekRADIUS LT Service 4.3.0.0 is being started (Microsoft Windows NT 6.1.7600.0).
18/07/2011 10:44:21 - TekRADIUS LT Service 4.3.0.0 is being started (Microsoft Windows NT 6.1.7600.0).
18/07/2011 10:44:24 - TekRADIUS LT Service is listening on : 192.168.1.104 (3 client(s))
18/07/2011 10:46:25 - Listened IP Address is being changed from 192.168.1.104 to 127.0.0.1
18/07/2011 10:46:25 - IP address configuration has been changed.
18/07/2011 10:46:25 - IP address configuration change has been detected
18/07/2011 10:46:25 - IP address configuration change has been detected
18/07/2011 10:46:32 - Listened IP Address is being changed from 127.0.0.1 to 192.168.1.104
18/07/2011 10:46:32 - IP address configuration has been changed.
18/07/2011 10:46:34 - IP address configuration change has been detected
18/07/2011 10:46:37 - Listened IP Address is being changed from 192.168.1.104 to 127.0.0.1
18/07/2011 10:46:37 - IP address configuration has been changed.
18/07/2011 10:46:37 - IP address configuration change has been detected
18/07/2011 10:46:40 - Listened IP Address is being changed from 127.0.0.1 to 192.168.1.104
18/07/2011 10:46:40 - IP address configuration has been changed.
18/07/2011 10:46:42 - IP address configuration change has been detected
18/07/2011 10:47:53 - IP address configuration change has been detected
18/07/2011 10:47:54 - IP address configuration change has been detected
18/07/2011 10:48:01 - Listened IP Address is being changed from 192.168.1.104 to 127.0.0.1
18/07/2011 10:48:01 - IP address configuration has been changed.
18/07/2011 10:48:01 - IP address configuration change has been detected
18/07/2011 10:48:02 - IP address configuration change has been detected
18/07/2011 10:48:02 - IP address configuration change has been detected
18/07/2011 10:48:09 - Listened IP Address is being changed from 127.0.0.1 to 192.168.1.104
18/07/2011 10:48:09 - IP address configuration has been changed.
18/07/2011 10:48:11 - IP address configuration change has been detected
18/07/2011 10:48:14 - Listened IP Address is being changed from 192.168.1.104 to 127.0.0.1
18/07/2011 10:48:14 - IP address configuration has been changed.
18/07/2011 10:48:14 - IP address configuration change has been detected
18/07/2011 10:48:18 - Listened IP Address is being changed from 127.0.0.1 to 192.168.1.104
18/07/2011 10:48:18 - IP address configuration has been changed.
18/07/2011 10:48:20 - IP address configuration change has been detected
18/07/2011 10:49:21 - Invalid Auth. packet received from : 192.168.1.1:2048
18/07/2011 10:49:24 - Invalid Auth. packet received from : 192.168.1.1:2048
18/07/2011 10:49:30 - Invalid Auth. packet received from : 192.168.1.1:2048
18/07/2011 10:49:32 - IP address configuration change has been detected
18/07/2011 10:49:33 - IP address configuration change has been detected
18/07/2011 10:49:39 - Invalid Auth. packet received from : 192.168.1.1:2048
18/07/2011 10:49:42 - Invalid Auth. packet received from : 192.168.1.1:2048
18/07/2011 10:49:42 - Invalid Auth. packet received from : 192.168.1.1:2048
18/07/2011 10:49:48 - Invalid Auth. packet received from : 192.168.1.1:2048
18/07/2011 10:50:09 - Invalid Auth. packet received from : 192.168.1.1:2048
18/07/2011 10:50:12 - Invalid Auth. packet received from : 192.168.1.1:2048
18/07/2011 10:50:18 - Invalid Auth. packet received from : 192.168.1.1:2048
18/07/2011 10:50:30 - Invalid Auth. packet received from : 192.168.1.1:2048
18/07/2011 10:50:35 - Invalid Auth. packet received from : 192.168.1.1:2048
18/07/2011 10:50:38 - Invalid Auth. packet received from : 192.168.1.1:2048
18/07/2011 10:50:44 - Invalid Auth. packet received from : 192.168.1.1:2048
18/07/2011 10:51:37 - Invalid Auth. packet received from : 192.168.1.1:2048
18/07/2011 10:51:40 - Invalid Auth. packet received from : 192.168.1.1:2048
18/07/2011 10:51:46 - Invalid Auth. packet received from : 192.168.1.1:2048
18/07/2011 10:51:58 - Invalid Auth. packet received from : 192.168.1.1:2048
18/07/2011 10:52:05 - Invalid Auth. packet received from : 192.168.1.1:2048
18/07/2011 10:52:08 - Invalid Auth. packet received from : 192.168.1.1:2048
18/07/2011 10:52:14 - Invalid Auth. packet received from : 192.168.1.1:2048
18/07/2011 10:52:22 - Invalid Auth. packet received from : 192.168.1.1:2048
--
Professor at Mechanical Engineering Department
High Speed Network Admin
Federal Fluminense University
|
|
|
0
• permalink
|
18.07.2011 17:19:02
Admin
Administrator
Posts: 1833
|
Hi,
Please check if 192.168.1.1 has a client entry in Clients tab of TekRADIUS Manager and configured shared secret matches with the one configured in 192.168.1.1.
Best regards,
Yasin KAPLAN
|
|
|
0
• permalink
|
18.07.2011 17:45:23
Ivaldo Leão Ferreira
Posts: 6
|
Dear Mr. Kaplan,
Now it seems it isn´t find our certificate as shown bellow,
18/07/2011 11:28:30 - TekRADIUS LT Service is listening on : 192.168.1.104 (4 client(s))
RadAuth req. from : 192.168.1.1:2048 - 18/07/2011 11:29:04
Size : 154 / 154
Identifier : 6
Attributes :
18/07/2011 11:29:04 - Starting PEAP (A).
Framed-MTU = 1400
NAS-Port-Type = 19
Called-Station-Id = 00-1D-0F-BC-21-D5:ilvr
Connect-Info = CONNECT 11Mbps 802.11b
Calling-Station-Id = 00-1C-BF-D4-B1-6E
NAS-IP-Address = 192.168.1.1
NAS-Port = 0
User-Name = .weil95.
18/07/2011 11:29:04 - EAP Authentication commencing for user '.weil95.'
18/07/2011 11:29:04 - Check items control - Start (Group : Default).
18/07/2011 11:29:04 - Check items control - Stop (Group : Default).
18/07/2011 11:29:04 - PEAP Challenge sent for user '.weil95.'.
RadAuth req. from : 192.168.1.1:2048 - 18/07/2011 11:29:04
Size : 280 / 280
Identifier : 7
Attributes :
Framed-MTU = 1400
NAS-Port-Type = 19
Called-Station-Id = 00-1D-0F-BC-21-D5:ilvr
Connect-Info = CONNECT 11Mbps 802.11b
State = 1a2930fa46d22612a056b02e7dc9090e
Calling-Station-Id = 00-1C-BF-D4-B1-6E
NAS-IP-Address = 192.168.1.1
NAS-Port = 0
User-Name = .weil95.
18/07/2011 11:29:04 - PEAP Authentication commencing for user '.weil95.'
18/07/2011 11:29:04 - Check items control - Start (Group : Default).
18/07/2011 11:29:04 - Check items control - Stop (Group : Default).
18/07/2011 11:29:04 - PEAP Authentication failed. User '.weil95.' is uknown.
RadAuth req. from : 192.168.1.1:2048 - 18/07/2011 11:30:25
Size : 154 / 154
Identifier : 8
Attributes :
18/07/2011 11:30:25 - Starting PEAP (A).
Framed-MTU = 1400
NAS-Port-Type = 19
Called-Station-Id = 00-1D-0F-BC-21-D5:ilvr
Connect-Info = CONNECT 11Mbps 802.11b
Calling-Station-Id = 00-1C-BF-D4-B1-6E
NAS-IP-Address = 192.168.1.1
NAS-Port = 0
User-Name = .weil95.
18/07/2011 11:30:25 - EAP Authentication commencing for user '.weil95.'
18/07/2011 11:30:25 - Check items control - Start (Group : Default).
18/07/2011 11:30:25 - Check items control - Stop (Group : Default).
18/07/2011 11:30:25 - PEAP Challenge sent for user '.weil95.'.
RadAuth req. from : 192.168.1.1:2048 - 18/07/2011 11:30:25
Size : 280 / 280
Identifier : 9
Attributes :
Framed-MTU = 1400
NAS-Port-Type = 19
Called-Station-Id = 00-1D-0F-BC-21-D5:ilvr
Connect-Info = CONNECT 11Mbps 802.11b
State = bb809bd43e58c1f7db9837c9db7dc38f
Calling-Station-Id = 00-1C-BF-D4-B1-6E
NAS-IP-Address = 192.168.1.1
NAS-Port = 0
User-Name = .weil95.
18/07/2011 11:30:25 - PEAP Authentication commencing for user '.weil95.'
18/07/2011 11:30:25 - Check items control - Start (Group : Default).
18/07/2011 11:30:25 - Check items control - Stop (Group : Default).
18/07/2011 11:30:25 - PEAP Authentication failed. User '.weil95.' is uknown.
RadAuth req. from : 192.168.1.1:2048 - 18/07/2011 11:34:35
Size : 154 / 154
Identifier : 10
Attributes :
18/07/2011 11:34:35 - Starting PEAP (A).
Framed-MTU = 1400
NAS-Port-Type = 19
Called-Station-Id = 00-1D-0F-BC-21-D5:ilvr
Connect-Info = CONNECT 11Mbps 802.11b
Calling-Station-Id = 00-1C-BF-D4-B1-6E
NAS-IP-Address = 192.168.1.1
NAS-Port = 0
User-Name = .weil95.
18/07/2011 11:34:35 - EAP Authentication commencing for user '.weil95.'
18/07/2011 11:34:35 - Check items control - Start (Group : Default).
18/07/2011 11:34:35 - Check items control - Stop (Group : Default).
18/07/2011 11:34:35 - PEAP Challenge sent for user '.weil95.'.
RadAuth req. from : 192.168.1.1:2048 - 18/07/2011 11:34:35
Size : 280 / 280
Identifier : 11
Attributes :
Framed-MTU = 1400
NAS-Port-Type = 19
Called-Station-Id = 00-1D-0F-BC-21-D5:ilvr
Connect-Info = CONNECT 11Mbps 802.11b
State = b7beaadaf6dcaf3bd92c0c3ff6b8f664
Calling-Station-Id = 00-1C-BF-D4-B1-6E
NAS-IP-Address = 192.168.1.1
NAS-Port = 0
User-Name = .weil95.
18/07/2011 11:34:35 - PEAP Authentication commencing for user '.weil95.'
18/07/2011 11:34:35 - Check items control - Start (Group : Default).
18/07/2011 11:34:35 - Check items control - Stop (Group : Default).
18/07/2011 11:34:35 - PEAP Authentication failed. User '.weil95.' is uknown.
RadAuth req. from : 192.168.1.1:2048 - 18/07/2011 11:35:39
Size : 154 / 154
Identifier : 12
Attributes :
18/07/2011 11:35:39 - Starting PEAP (A).
Framed-MTU = 1400
NAS-Port-Type = 19
Called-Station-Id = 00-1D-0F-BC-21-D5:ilvr
Connect-Info = CONNECT 11Mbps 802.11b
Calling-Station-Id = 00-1C-BF-D4-B1-6E
NAS-IP-Address = 192.168.1.1
NAS-Port = 0
User-Name = .weil95.
18/07/2011 11:35:39 - EAP Authentication commencing for user '.weil95.'
18/07/2011 11:35:39 - Check items control - Start (Group : Default).
18/07/2011 11:35:39 - Check items control - Stop (Group : Default).
18/07/2011 11:35:39 - PEAP Challenge sent for user '.weil95.'.
RadAuth req. from : 192.168.1.1:2048 - 18/07/2011 11:35:39
Size : 280 / 280
Identifier : 13
Attributes :
Framed-MTU = 1400
NAS-Port-Type = 19
Called-Station-Id = 00-1D-0F-BC-21-D5:ilvr
Connect-Info = CONNECT 11Mbps 802.11b
State = 6d2a1f86a0a4ad956a0284e2aaddc700
Calling-Station-Id = 00-1C-BF-D4-B1-6E
NAS-IP-Address = 192.168.1.1
NAS-Port = 0
User-Name = .weil95.
18/07/2011 11:35:39 - PEAP Authentication commencing for user '.weil95.'
18/07/2011 11:35:39 - Check items control - Start (Group : Default).
18/07/2011 11:35:39 - Check items control - Stop (Group : Default).
18/07/2011 11:35:39 - PEAP Authentication failed. User '.weil95.' is uknown.
RadAuth req. from : 192.168.1.1:2048 - 18/07/2011 11:37:37
Size : 148 / 148
Identifier : 14
Attributes :
18/07/2011 11:37:37 - Starting PEAP (A).
Framed-MTU = 1400
NAS-Port-Type = 19
Called-Station-Id = 00-1D-0F-BC-21-D5:ilvr
Connect-Info = CONNECT 11Mbps 802.11b
Calling-Station-Id = 00-1C-BF-D4-B1-6E
NAS-IP-Address = 192.168.1.1
NAS-Port = 0
User-Name = ileao
18/07/2011 11:37:37 - EAP Authentication commencing for user 'ileao'
18/07/2011 11:37:37 - Check items control - Start (Group : Default).
18/07/2011 11:37:37 - Check items control - Stop (Group : Default).
18/07/2011 11:37:37 - PEAP Challenge sent for user 'ileao'.
RadAuth req. from : 192.168.1.1:2048 - 18/07/2011 11:37:37
Size : 277 / 277
Identifier : 15
Attributes :
Framed-MTU = 1400
NAS-Port-Type = 19
Called-Station-Id = 00-1D-0F-BC-21-D5:ilvr
Connect-Info = CONNECT 11Mbps 802.11b
State = add74a82efc22ba472fa1ae916485824
Calling-Station-Id = 00-1C-BF-D4-B1-6E
NAS-IP-Address = 192.168.1.1
NAS-Port = 0
User-Name = ileao
18/07/2011 11:37:37 - PEAP Authentication commencing for user 'ileao'
18/07/2011 11:37:37 - Check items control - Start (Group : Default).
18/07/2011 11:37:37 - Check items control - Stop (Group : Default).
18/07/2011 11:37:37 - PEAP Authentication failed. A valid certificate could not be found for user 'ileao'
--
Professor at Mechanical Engineering Department
High Speed Network Admin
Federal Fluminense University
|
|
|
0
• permalink
|
18.07.2011 17:57:08
Ivaldo Leão Ferreira
Posts: 6
|
Mr. Kaplen,
It works nicely. Well, first i will buy for the faculty by myself. It means pay with my own credicard through paypal. But i think you´ll have to provide us an Invoice, please send me a email where i could reply with the invoice data for the uni. My Uni is a governmental one, so it is free for students, i think we only need radius server, which version you recommend. The number of licenses i still don´t know. For my Faculty i´ll buy one, but for the rest i have to check it out.
Best wishes,
Prof. Ivaldo L Ferreira
--
Professor at Mechanical Engineering Department
High Speed Network Admin
Federal Fluminense University
|
|
|
0
• permalink
|
18.07.2011 21:29:13
Admin
Administrator
Posts: 1833
|
Dear Prof. Ivaldo Ferreira,
You can send invoicing details to info at tekradius.com. Enterprise edition is suitable for you.
Best regards,
Yasin KAPLAN
|
|
|
0
• permalink
|