[Help-gnu-radius] still about proxying

help-gnu-radius

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Help-gnu-radius] still about proxying

From:	Riikka Rikkola
Subject:	[Help-gnu-radius] still about proxying
Date:	Tue, 2 Dec 2003 10:23:06 +0200 (EET)

Hi,

still problems with proxying but now I have more information to include my 
question...

I'm using Gnu Radius 1.1 as a local Radius, the remote one is based on 
Free Radius except one extension. The proxying doesn't work, this is what 
it looks like in my log-file:

Nov 26 12:53:01 Proxy.error: (CHALNGE 194.211.149.99 0 [none]): 
Unrecognized proxy reply from server 194.211.149.99, proxy ID 0

Nov 26 12:53:06 Proxy.error: (AUTHREJ 194.211.149.99 1 [none]): 
Unrecognized proxy reply from server 194.211.149.99, proxy ID 1

And here are the exact content of the messages, first one sent by local 
radius, second one by remote one:

Frame 1 (140 on wire, 140 captured)
    Arrival Time: Dec  2, 2003 09:20:49.809876000
    Time delta from previous packet: 0.000000000 seconds
    Time relative to first packet: 0.000000000 seconds
    Frame Number: 1
    Packet Length: 140 bytes
    Capture Length: 140 bytes
Linux cooked capture
    Packet type: Sent by us (4)
    Link-layer address type: 1
    Link-layer address length: 6
    Source: 00:10:5a:10:63:01 (00:10:5a:10:63:01)
    Protocol: IP (0x0800)
Internet Protocol, Src Addr: 130.234.169.106 (130.234.169.106), Dst Addr: 
194.211.149.99 (194.211.149.99)
    Version: 4
    Header length: 20 bytes
    Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
        0000 00.. = Differentiated Services Codepoint: Default (0x00)
        .... ..0. = ECN-Capable Transport (ECT): 0
        .... ...0 = ECN-CE: 0
    Total Length: 124
    Identification: 0x0000
    Flags: 0x04
        .1.. = Don't fragment: Set
        ..0. = More fragments: Not set
    Fragment offset: 0
    Time to live: 64
    Protocol: UDP (0x11)
    Header checksum: 0xb5e5 (correct)
    Source: 130.234.169.106 (130.234.169.106)
    Destination: 194.211.149.99 (194.211.149.99)
User Datagram Protocol, Src Port: radius (1812), Dst Port: radius (1812)
    Source port: radius (1812)
    Destination port: radius (1812)
    Length: 104
    Checksum: 0x52d8 (correct)
Radius Protocol
    Code: Access Request (1)
    Packet identifier: 0x32 (50)
    Length: 96
    Authenticator
    Attribute value pairs
        t:NAS IP Address(4) l:6, Value:192.168.57.1
        t:NAS Port(5) l:6, Value:3
        t:NAS Port Type(61) l:6, Value:Virtual(5)
        t:User Name(1) l:12, Value:"0405207979"
        t:Calling Station Id(31) l:13, Value:"192.168.8.2"
        t:User Password(2) l:11, Value:"°ß\022B0D\010\010\020"
        t:Proxy State(33) l:22, 
Value:0100007F320000006395D3C20139A8C00D000000


Frame 2 (161 on wire, 161 captured)
    Arrival Time: Dec  2, 2003 09:20:51.163281000
    Time delta from previous packet: 1.353405000 seconds
    Time relative to first packet: 1.353405000 seconds
    Frame Number: 2
    Packet Length: 161 bytes
    Capture Length: 161 bytes
Linux cooked capture
    Packet type: Unicast to us (0)
    Link-layer address type: 1
    Link-layer address length: 6
    Source: 00:a0:8e:30:2a:6d (00:a0:8e:30:2a:6d)
    Protocol: IP (0x0800)
Internet Protocol, Src Addr: 194.211.149.99 (194.211.149.99), Dst Addr: 
130.234.169.106 (130.234.169.106)
    Version: 4
    Header length: 20 bytes
    Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
        0000 00.. = Differentiated Services Codepoint: Default (0x00)
        .... ..0. = ECN-Capable Transport (ECT): 0
        .... ...0 = ECN-CE: 0
    Total Length: 145
    Identification: 0xba63
    Flags: 0x04
        .1.. = Don't fragment: Set
        ..0. = More fragments: Not set
    Fragment offset: 0
    Time to live: 50
    Protocol: UDP (0x11)
    Header checksum: 0x096d (correct)
    Source: 194.211.149.99 (194.211.149.99)
    Destination: 130.234.169.106 (130.234.169.106)
User Datagram Protocol, Src Port: radius (1812), Dst Port: radius (1812)
    Source port: radius (1812)
    Destination port: radius (1812)
    Length: 125
    Checksum: 0x499c (correct)
Radius Protocol
    Code: Access challenge (11)
    Packet identifier: 0x32 (50)
    Length: 117
    Authenticator
    Attribute value pairs
        t:Proxy State(33) l:3, Value:01
        t:Reply Message(18) l:89, Value:"Terve Riikka Rikkola! Ole hyva ja 
anna lyhytsanomalla (id=372)) vastaanotettu salasana:"
        t:State(24) l:5, Value:313930


So can anybode tell me where it goes wrong? Please :)

I would be very very grateful if someone could advise me on this one, I've 
been struggleing with this for a long time. What kind of corrections I 
need to make to the remote or to the local radius to get the proxying 
working properly? The remote Radius is based on Free Radius so it 
shouldn't be very different from Gnu Radius. Have I forgotten to do some 
configuration to the remote one?

Thank you!!

[Prev in Thread]

Current Thread

[Next in Thread]

[Help-gnu-radius] still about proxying, Riikka Rikkola <=
- Re: [Help-gnu-radius] still about proxying, Sergey Poznyakoff, 2003/12/02

Next by Date: Re: [Help-gnu-radius] still about proxying
Next by thread: Re: [Help-gnu-radius] still about proxying
Index(es):
- Date
- Thread