Getting error in radius server with dot1X and supplicant on windows

permalink · #1 (**permalink**) 02-15-2007

This is a multi-part message in MIME format.

--===============1725350203==
Content-class: urn:content-classes:message
Content-Type: multipart/alternative;
boundary="----_=_NextPart_001_01C7510F.C8DA9712"

This is a multi-part message in MIME format.

------_=_NextPart_001_01C7510F.C8DA9712
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Hi All,
=20
I am using free radius server with dot1X. and supplicant is on
windows XP. Here when I use user name <=3D 3 letters I am getting
following error...
=20
1. Received packet from 192.168.112.90 with invalid
Message-Authenticator! (Shared secret is incorrect.)
=20
and for user name <=3D3 my client is getting following error.
2. Malformed RADIUS packet from host 192.168.0.1: too short (length
17 < minimum 20).

where as radius RFC say... user name length can be >=3D 3.=20

since user name goes as part of attributes in radius packet... but
errors we are getting are totally different.=20

I mean first we are getting related to message-authenticator where as we
are passing username with length <=3D3. and second error my client getting
is related to packet length...another interesting thing is we get these
errors only for PEAP configuration.... this will work for MD5 and
others.

can any one help me in this.=20

whether we are getting different errors because both of us may be using
different versions of RADIUS server? just a guess.=20

This error may be because of RADIUS client or server?

Thanx in Advance...

---Raghu.

=20

=20

=20

=20

The information contained in this electronic message and any attachments to=
this message are intended for the exclusive use of the addressee(s) and=
may contain proprietary, confidential or privileged information. If you=
are not the intended recipient, you should not disseminate, distribute or=
copy this e-mail. Please notify the sender immediately and destroy all=
copies of this message and any attachments.=20

WARNING: Computer viruses can be transmitted via email. The recipient=
should check this email and any attachments for the presence of viruses.=
The company accepts no liability for any damage caused by any virus=
transmitted by this email.
=20
www.wipro.com
------_=_NextPart_001_01C7510F.C8DA9712
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; charset=3Dus-ascii">
<META content=3D"MSHTML 6.00.2900.3020" name=3DGENERATOR></HEAD>
<BODY>
<DIV dir=3Dltr align=3Dleft>Hi All,</DIV>
<DIV> </DIV>
<DIV>    I=20
am using free radius server with dot1X. and supplicant is on windows=
XP.=20
Here when I use user name <=3D 3 letters I am getting following=20
error...</DIV>
<DIV> </DIV>
<DIV>   1. Received=
packet from=20
192.168.112.90 with invalid Message-Authenticator! (Shared secret is=20
incorrect.)</DIV>
<DIV> </DIV>
<DIV>   =20
and for user name <=3D3 my client is getting following=20
error.</DIV>
<DIV>
<SPAN=20
class=3D783540312-15022007>   2.=20
Malformed RADIUS packet from host 192.168.0.1: too=
short=20
(length 17 < minimum 20)<SPAN=20
class=3D783540312-15022007>.
where=
as radius=20
RFC say... user name length can be >=3D 3. 
since=
user name=20
goes as part of attributes in radius packet... but errors we are=
getting=20
are totally different. 
I=20
mean first we are getting related to message-authenticator where as we=
are=20
passing username with length <=3D3. and second error my client=
getting is=20
related to packet length...another interesting thing is we get these=20
errors only for PEAP configuration.... this will work=
for=20
MD5 and others.
can=
any one help=20
me in this.<FONT=20
color=3D#0000ff> 
<FONT=20
size=3D2>whether we are getting different=
errors=20
because both of us may be using different versions of RADIUS server? just a=
=20
guess. 
<FONT=20
size=3D2>This error may be because of RADIUS client=
or=20
server?
Thanx=
in=20
Advance...
<SPAN=20
class=3D783540312-15022007>---Raghu.
<SPAN=20
class=3D783540312-15022007> 
<SPAN=20
class=3D783540312-15022007> 
<SPAN=20
class=3D783540312-15022007> 
<SPAN=20
class=
=3D783540312-15022007> </DIV>=
</BODY></HTML>

<table><tr><td bgcolor=3D#ffffff> 
The information contained in this electronic message and any attachments to=
this message are intended for the exclusive use of the addressee(s) and=
may contain proprietary, confidential or privileged information. If you=
are not the intended recipient, you should not disseminate, distribute or=
copy this e-mail. Please notify the sender immediately and destroy all=
copies of this message and any attachments. 
 
WARNING: Computer viruses can be transmitted via email. The recipient=
should check this email and any attachments for the presence of viruses.=
The company accepts no liability for any damage caused by any virus=
transmitted by this email. 
 
www.wipro.com 
</td></tr></table>
------_=_NextPart_001_01C7510F.C8DA9712--

--===============1725350203==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--===============1725350203==--

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode