Cisco 1210/IAS Win2k3/EAP-TLS problem

Discussion in 'Cisco' started by Vo, Aug 15, 2003.

  1. Vo

    Vo Guest

    I'm thinking this is something on my Cisco configuration so forgive for
    the cross posting, but I'm using stuff that others have done before so I
    thought I'd take the chance.

    I've got an Aironet 1200 series AP, running 12.2(11)JA1. I've used the
    EAP-TLS Deployment Guide for Wireless LAN Networks at Cisco's site
    (http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_white_pa
    per09186a008009256b.shtml) and the Microsoft "Securing Wireless Lans"
    white paper collection as guidelines. The Cisco documentation assumes
    ACS and an older AP without IOS, so the guidelines are pretty far off.

    My PKI is working, my clients are working, but I'm missing something
    with the Cisco config (an example of a working one would be a blessing).
    I am using VLANs, one of which is standard WEP and a second which will
    be using EAP-TLS. I used the http gui to get it off the ground, then
    switched to manual configuration.

    RADIUS seems to be operating fine. My problem is getting access.
    here's the errors from the IAS Event log when I try to authent:

    Fully-Qualified-User-Name = TRIALBYFIRE\vo243
    NAS-IP-Address = 192.168.92.2
    NAS-Identifier = ap-cisco
    Called-Station-Identifier = 000c.85db.bf45
    Calling-Station-Identifier = 000a.b7bb.026f
    Client-Friendly-Name = CiscoAP1
    Client-IP-Address = 192.168.92.2
    NAS-Port-Type = Virtual
    NAS-Port = 346
    Proxy-Policy-Name = Use Windows authentication for all users
    Authentication-Provider = Windows
    Authentication-Server = <undetermined>
    Policy-Name = <undetermined>
    Authentication-Type = EAP
    EAP-Type = <undetermined>
    Reason-Code = 48
    Reason = The connection attempt did not match any remote access policy.

    My remote access policy (there is only 1) is configured as follows:

    NAS-PORT-Type Matches "Wireless - IEEE 802.11 or Wireless-Other",
    Windows Group matches "TRIALBYFIRE\Remote Access Policy- Wireless" (my
    machine and username are both members of this group).
    Profile uses EAP Methods - Smart Card or Certificate and I'm using my
    RADIUS servers' certificate--no problems there.Advanced Attributes are
    Ignore-User-Dialin-Properties = True, Service-Type = Framed, and
    Termination-Action - RADIUS-Request.

    Logic would tell me that I should be seeing a different type of NAS-
    PORT-TYPE coming in, and that's why my single remote access policy is
    not coming up as a match. What am I missing here?

    thanks in advance!

    Vo
     
    Vo, Aug 15, 2003
    #1
    1. Advertisements

  2. which OS is running on your radius machine?

    also from the event the NAS-PORT-TYPE received in the request is : virtual
    and not wireless this is why the policy was not matched.
    so if you add the virtual NAS PORT Type to your policy it will work fine
     
    Wajihy [MSFT], Aug 15, 2003
    #2
    1. Advertisements

  3. Vo

    Vo Guest

    I added Virtual to NAS Port Type on the policy and it made no difference.
    I'm running IAS on Windows Server 2003 Enterprise.

    I'm a bit bewildered why--I had tried that..I'm curious how to make it use
    the correct port type.
     
    Vo, Aug 15, 2003
    #3
  4. can you post the new event you get
    also double check that the user you are using is actually a memeber of the
    windows group
     
    Wajihy [MSFT], Aug 15, 2003
    #4
  5. Vo

    Vo Guest

    SunuvaGun! It was the membership issue AFTER the Port-type issue. I was a
    member at some point of the group but that seemed to get dropped. Adding
    my username back into that group of course gave me a match in the Remote
    Access Policy.

    Should I see my client reauthenticating every 5 seconds? That IAS log is
    going to fill up fast....
     
    Vo, Aug 15, 2003
    #5
  6. i think in the remote access policy you have set up a timeout value of 5 s
    yopu can either increase that or disable it as you wish
     
    Wajihy [MSFT], Aug 15, 2003
    #6
  7. Vo

    Vo Guest

    Nope. I have Dial-In constraints set as follows:

    Minutes server can remain idle before it is disconnected (Idle-Time) -
    unchecked-no setting

    Minutes client can be connected (Session-Timeout): 10

    Never anything measured in minutes.

    While testing this it got to the point where the client was
    authenticating every 1-2 seconds, without me affecting these values.
    The Cisco AP is saying:

    Interface Dot11Radio0, Deauthenticating Station 000a.b7bb.026f
    Reason: Previous authentication no longer valid

    Which means it is probably being told authent incorrectly by the
    RADIUS/IAS server?
     
    Vo, Aug 15, 2003
    #7
  8. do you have DHCP in your network?
    the problem might be that the clients after they authenticate they don't get
    an IP address so they disconnect

    check your DHCP configuration
     
    Wajihy [MSFT], Aug 15, 2003
    #8
  9. Vo

    Vo Guest

    DHCP = yes. The clients are indeed getting an address. Between the "every
    second" reauthentication, they are able to access the network, and through
    the magic of TCP retransmission (I assume), they can access resources. But
    it's constantly reauthenticating.
     
    Vo, Aug 18, 2003
    #9
  10. Vo

    Vo Guest

    Yes, the version is 12.2(11)JA1.

    I can see the following from the RADIUS debug on the access point, so are
    we are sending the attribute correctly?

    Is this adequate to prove/disprove? I can get a sniff on the server too of
    the RADIUS conversation if necessary:

    Here's my Cisco AP Logs (pretty long, but perhaps you'll see a pattern that
    is tell-tale):

    Aug 18 17:14:01 192.168.92.2 141602: 1w6d: RADIUS: AAA Unsupported
    [136] 3
    Aug 18 17:14:01 192.168.92.2 141603: 1w6d: RADIUS: 35
    [5]
    Aug 18 17:14:01 192.168.92.2 141604: 1w6d: RADIUS(000008A3): Storing
    nasport 506 in rad_db
    Aug 18 17:14:01 192.168.92.2 141605: 1w6d: RADIUS/ENCODE(000008A3):
    dropping service type, "radius-server attribute 6 on-for-login-auth" is off
    Aug 18 17:14:01 192.168.92.2 141606: 1w6d: RADIUS/ENCODE(000008A3):
    acct_session_id: 2211
    Aug 18 17:14:01 192.168.92.2 141607: 1w6d: RADIUS(000008A3): sending
    Aug 18 17:14:01 192.168.92.2 141608: 1w6d: RADIUS: Send to unknown id 85
    192.168.88.23:1812, Access-Request, len 157
    Aug 18 17:14:01 192.168.92.2 141609: 1w6d: RADIUS: authenticator 18 8E 45
    49 CB 1B E8 B2 - A3 57 0E CE 46 92 77 EB
    Aug 18 17:14:01 192.168.92.2 141610: 1w6d: RADIUS: User-Name [1]
    29 ""
    Aug 18 17:14:01 192.168.92.2 141611: 1w6d: RADIUS: Framed-MTU
    [12] 6 1400
    Aug 18 17:14:01 192.168.92.2 141612: 1w6d: RADIUS: Called-Station-Id
    [30] 16 "000c.85db.bf45"
    Aug 18 17:14:01 192.168.92.2 141613: 1w6d: RADIUS: Calling-Station-Id
    [31] 16 "000a.b7bb.026f"
    Aug 18 17:14:01 192.168.92.2 141614: 1w6d: RADIUS: Message-Authenticato
    [80] 18 *
    Aug 18 17:14:01 192.168.92.2 141615: 1w6d: RADIUS: EAP-Message
    [79] 34
    Aug 18 17:14:01 192.168.92.2 141616: 1w6d: RADIUS: 02 02 00 20 01 73 74
    65 76 65 2E 66 72 61 6E 6B [??? ?steve.frank]
    Aug 18 17:14:01 192.168.92.2 141617: 1w6d: RADIUS: 40 6E 65 77 63 6F 73
    70 61 72 65 73 2E 63 6F 6D [@trialbyfire.int]
    Aug 18 17:14:01 192.168.92.2 141618: 1w6d: RADIUS: NAS-Port-Type
    [61] 6 Virtual [5]
    Aug 18 17:14:01 192.168.92.2 141619: 1w6d: RADIUS: NAS-Port [5]
    6 506
    Aug 18 17:14:01 192.168.92.2 141620: 1w6d: RADIUS: NAS-IP-Address [4]
    6 192.168.92.2
    Aug 18 17:14:01 192.168.92.2 141621: 1w6d: RADIUS: Received from id 85
    192.168.88.23:1812, Access-Challenge, len 76
    Aug 18 17:14:01 192.168.92.2 141622: 1w6d: RADIUS: authenticator DC 16 89
    B7 13 88 09 93 - 8D 56 8A B2 D9 A0 78 F3
    Aug 18 17:14:01 192.168.92.2 141623: 1w6d: RADIUS: Session-Timeout
    [27] 6 30
    Aug 18 17:14:01 192.168.92.2 141624: 1w6d: RADIUS: EAP-Message
    [79] 8
    Aug 18 17:14:01 192.168.92.2 141625: 1w6d: RADIUS: 01 03 00 06 0D 20
    [????? ]
    Aug 18 17:14:01 192.168.92.2 141626: 1w6d: RADIUS: State
    [24] 24
    Aug 18 17:14:01 192.168.92.2 141627: 1w6d: RADIUS: 1C D1 04 72 00 00 01
    37 00 01 C0 A8 58 17 00 00 [???r???7????X???]
    Aug 18 17:14:01 192.168.92.2 141628: 1w6d: RADIUS: 00 02 11 D5 AC CD
    [??????]
    Aug 18 17:14:01 192.168.92.2 141629: 1w6d: RADIUS: Message-Authenticato
    [80] 18 *
    Aug 18 17:14:01 192.168.92.2 141630: 1w6d: RADIUS: Received from id 8A3
    Aug 18 17:14:01 192.168.92.2 141631: 1w6d: RADIUS/DECODE: EAP-Message
    fragments, 6, total 6 bytes
    Aug 18 17:14:01 192.168.92.2 141632: 1w6d: RADIUS: AAA Unsupported
    [136] 3
    Aug 18 17:14:01 192.168.92.2 141633: 1w6d: RADIUS: 35
    [5]
    Aug 18 17:14:01 192.168.92.2 141634: 1w6d: RADIUS(000008A3): Using existing
    nas_port 506
    Aug 18 17:14:01 192.168.92.2 141635: 1w6d: RADIUS/ENCODE(000008A3):
    dropping service type, "radius-server attribute 6 on-for-login-auth" is off
    Aug 18 17:14:01 192.168.92.2 141636: 1w6d: RADIUS/ENCODE(000008A3):
    acct_session_id: 2211
    Aug 18 17:14:01 192.168.92.2 141637: 1w6d: RADIUS(000008A3): sending
    Aug 18 17:14:01 192.168.92.2 141638: 1w6d: RADIUS: Send to unknown id 86
    192.168.88.23:1812, Access-Request, len 261
    Aug 18 17:14:01 192.168.92.2 141639: 1w6d: RADIUS: authenticator 89 BA 92
    28 97 3E 2D 0C - 2A F3 6D 55 2A B3 3C 1D
    Aug 18 17:14:01 192.168.92.2 141640: 1w6d: RADIUS: User-Name [1]
    29 ""
    Aug 18 17:14:01 192.168.92.2 141641: 1w6d: RADIUS: Framed-MTU
    [12] 6 1400
    Aug 18 17:14:01 192.168.92.2 141642: 1w6d: RADIUS: Called-Station-Id
    [30] 16 "000c.85db.bf45"
    Aug 18 17:14:01 192.168.92.2 141643: 1w6d: RADIUS: Calling-Station-Id
    [31] 16 "000a.b7bb.026f"
    Aug 18 17:14:01 192.168.92.2 141644: 1w6d: RADIUS: Message-Authenticato
    [80] 18 *
    Aug 18 17:14:01 192.168.92.2 141645: 1w6d: RADIUS: EAP-Message
    [79] 114
    Aug 18 17:14:01 192.168.92.2 141646: 1w6d: RADIUS: 02 03 00 70 0D 80 00
    00 00 66 16 03 01 00 61 01 [???p?????f????a?]
    Aug 18 17:14:01 192.168.92.2 141647: 1w6d: RADIUS: 00 00 5D 03 01 3F 41
    4F A9 25 29 CB EF FE 42 EE [??]???AO??)???B?]
    Aug 18 17:14:01 192.168.92.2 141648: 1w6d: RADIUS: 90 7B 06 BD FF AB E7
    FD 4E 93 B4 5F 4B AA B4 66 [?{??????N??_K??f]
    Aug 18 17:14:01 192.168.92.2 141649: 1w6d: RADIUS: CB DD 2F 4B 68 20 E9
    0E 00 00 1B 1A 53 93 33 A2 [??/Kh ??????S?3?]
    Aug 18 17:14:01 192.168.92.2 141650: 1w6d: RADIUS: E2 02 C8 91 60 5F 1F
    A3 BF 97 BF 04 73 E3 15 B0 [????`_??????s???]
    Aug 18 17:14:01 192.168.92.2 141651: 1w6d: RADIUS: 7F DD 7C EC 2E B1 00
    16 00 04 00 05 00 0A 00 09 [??|?.???????????]
    Aug 18 17:14:01 192.168.92.2 141652: 1w6d: RADIUS: 00 64 00 62 00 03 00
    06 00 13 00 12 00 63 01 00 [?d?b?????????c??]
    Aug 18 17:14:01 192.168.92.2 141653: 1w6d: RADIUS: NAS-Port-Type
    [61] 6 Virtual [5]
    Aug 18 17:14:01 192.168.92.2 141654: 1w6d: RADIUS: NAS-Port [5]
    6 506
    Aug 18 17:14:01 192.168.92.2 141655: 1w6d: RADIUS: State
    [24] 24
    Aug 18 17:14:01 192.168.92.2 141656: 1w6d: RADIUS: 1C D1 04 72 00 00 01
    37 00 01 C0 A8 58 17 00 00 [???r???7????X???]
    Aug 18 17:14:01 192.168.92.2 141657: 1w6d: RADIUS: 00 02 11 D5 AC CD
    [??????]
    Aug 18 17:14:01 192.168.92.2 141658: 1w6d: RADIUS: NAS-IP-Address [4]
    6 192.168.92.2
    Aug 18 17:14:01 192.168.92.2 141659: 1w6d: RADIUS: Received from id 86
    192.168.88.23:1812, Access-Challenge, len 202
    Aug 18 17:14:01 192.168.92.2 141660: 1w6d: RADIUS: authenticator 0B 93 D5
    6F 67 44 2B B3 - 51 1D FE AC D4 04 61 88
    Aug 18 17:14:01 192.168.92.2 141661: 1w6d: RADIUS: Session-Timeout
    [27] 6 30
    Aug 18 17:14:01 192.168.92.2 141662: 1w6d: RADIUS: EAP-Message
    [79] 134
    Aug 18 17:14:01 192.168.92.2 141663: 1w6d: RADIUS: 01 04 00 84 0D 80 00
    00 00 7A 16 03 01 00 4A 02 [?????????z????J?]
    Aug 18 17:14:01 192.168.92.2 141664: 1w6d: RADIUS: 00 00 46 03 01 3F 41
    4F A9 07 28 44 C8 93 F3 1F [??F???AO??(D????]
    Aug 18 17:14:01 192.168.92.2 141665: 1w6d: RADIUS: 62 10 25 04 FA FB CC
    23 2B E3 BB 04 EC AC FE 15 [b??????#+???????]
    Aug 18 17:14:01 192.168.92.2 141666: 1w6d: RADIUS: F8 06 D7 92 CA 20 E9
    0E 00 00 1B 1A 53 93 33 A2 [????? ??????S?3?]
    Aug 18 17:14:01 192.168.92.2 141667: 1w6d: RADIUS: E2 02 C8 91 60 5F 1F
    A3 BF 97 BF 04 73 E3 15 B0 [????`_??????s???]
    Aug 18 17:14:01 192.168.92.2 141668: 1w6d: RADIUS: 7F DD 7C EC 2E B1 00
    04 00 14 03 01 00 01 01 16 [??|?.???????????]
    Aug 18 17:14:01 192.168.92.2 141669: 1w6d: RADIUS: 03 01 00 20 82 93 9A
    0F 89 50 A5 50 DD EE 6B 49 [??? ?????P?P??kI]
    Aug 18 17:14:01 192.168.92.2 141670: 1w6d: RADIUS: EC B3 0D 6A A4 D6 67
    1F 8B 5A 35 8E 70 13 89 54 [???j??g??Z5?p??T]
    Aug 18 17:14:01 192.168.92.2 141671: 1w6d: RADIUS: CE 2B B4 47
    [?+?G]
    Aug 18 17:14:01 192.168.92.2 141672: 1w6d: RADIUS: State
    [24] 24
    Aug 18 17:14:01 192.168.92.2 141673: 1w6d: RADIUS: 1C D1 04 72 00 00 01
    37 00 01 C0 A8 58 17 00 00 [???r???7????X???]
    Aug 18 17:14:01 192.168.92.2 141674: 1w6d: RADIUS: 00 02 11 D5 AC CD
    [??????]
    Aug 18 17:14:01 192.168.92.2 141675: 1w6d: RADIUS: Message-Authenticato
    [80] 18 *
    Aug 18 17:14:01 192.168.92.2 141676: 1w6d: RADIUS: Received from id 8A3
    Aug 18 17:14:01 192.168.92.2 141677: 1w6d: RADIUS/DECODE: EAP-Message
    fragments, 132, total 132 bytes
    Aug 18 17:14:01 192.168.92.2 141678: 1w6d: RADIUS: AAA Unsupported
    [136] 3
    Aug 18 17:14:01 192.168.92.2 141679: 1w6d: RADIUS: 35
    [5]
    Aug 18 17:14:01 192.168.92.2 141680: 1w6d: RADIUS(000008A3): Using existing
    nas_port 506
    Aug 18 17:14:01 192.168.92.2 141681: 1w6d: RADIUS/ENCODE(000008A3):
    dropping service type, "radius-server attribute 6 on-for-login-auth" is off
    Aug 18 17:14:01 192.168.92.2 141682: 1w6d: RADIUS/ENCODE(000008A3):
    acct_session_id: 2211
    Aug 18 17:14:01 192.168.92.2 141683: 1w6d: RADIUS(000008A3): sending
    Aug 18 17:14:01 192.168.92.2 141684: 1w6d: RADIUS: Send to unknown id 87
    192.168.88.23:1812, Access-Request, len 202
    Aug 18 17:14:01 192.168.92.2 141685: 1w6d: RADIUS: authenticator F1 82 05
    11 8F A4 82 46 - 5A 9D 7C B4 27 55 D7 E4
    Aug 18 17:14:01 192.168.92.2 141686: 1w6d: RADIUS: User-Name [1]
    29 ""
    Aug 18 17:14:01 192.168.92.2 141687: 1w6d: RADIUS: Framed-MTU
    [12] 6 1400
    Aug 18 17:14:01 192.168.92.2 141688: 1w6d: RADIUS: Called-Station-Id
    [30] 16 "000c.85db.bf45"
    Aug 18 17:14:01 192.168.92.2 141689: 1w6d: RADIUS: Calling-Station-Id
    [31] 16 "000a.b7bb.026f"
    Aug 18 17:14:01 192.168.92.2 141690: 1w6d: RADIUS: Message-Authenticato
    [80] 18 *
    Aug 18 17:14:01 192.168.92.2 141691: 1w6d: RADIUS: EAP-Message
    [79] 55
    Aug 18 17:14:01 192.168.92.2 141692: 1w6d: RADIUS: 02 04 00 35 0D 80 00
    00 00 2B 14 03 01 00 01 01 [???5?????+??????]
    Aug 18 17:14:01 192.168.92.2 141693: 1w6d: RADIUS: 16 03 01 00 20 30 61
    27 AF 23 22 E6 33 38 45 A9 [???? 0a'?#"?38E?]
    Aug 18 17:14:01 192.168.92.2 141694: 1w6d: RADIUS: 7C 4A 8B 89 8A 5A 26
    CF 50 B5 69 C6 DE E9 EE A0 [|J???Z&?P?i?????]
    Aug 18 17:14:01 192.168.92.2 141695: 1w6d: RADIUS: 0B 80 FD 80 2A
    [????*]
    Aug 18 17:14:01 192.168.92.2 141696: 1w6d: RADIUS: NAS-Port-Type
    [61] 6 Virtual [5]
    Aug 18 17:14:01 192.168.92.2 141697: 1w6d: RADIUS: NAS-Port [5]
    6 506
    Aug 18 17:14:01 192.168.92.2 141698: 1w6d: RADIUS: State
    [24] 24
    Aug 18 17:14:01 192.168.92.2 141699: 1w6d: RADIUS: 1C D1 04 72 00 00 01
    37 00 01 C0 A8 58 17 00 00 [???r???7????X???]
    Aug 18 17:14:01 192.168.92.2 141700: 1w6d: RADIUS: 00 02 11 D5 AC CD
    [??????]
    Aug 18 17:14:01 192.168.92.2 141701: 1w6d: RADIUS: NAS-IP-Address [4]
    6 192.168.92.2
    Aug 18 17:14:01 192.168.92.2 141702: 1w6d: RADIUS: Received from id 87
    192.168.88.23:1812, Access-Accept, len 210
    Aug 18 17:14:01 192.168.92.2 141703: 1w6d: RADIUS: authenticator FE 35 FB
    61 2D 3E 78 AF - E0 2D 4B 82 B0 35 8C 63
    Aug 18 17:14:01 192.168.92.2 141704: 1w6d: RADIUS: EAP-Message
    [79] 6
    Aug 18 17:14:01 192.168.92.2 141705: 1w6d: RADIUS: 03 05 00 04
    [????]
    Aug 18 17:14:01 192.168.92.2 141706: 1w6d: RADIUS: Service-Type [6]
    6 Framed [2]
    Aug 18 17:14:01 192.168.92.2 141707: 1w6d: RADIUS: Session-Timeout
    [27] 6 600
    Aug 18 17:14:01 192.168.92.2 141708: 1w6d: RADIUS: Termination-Action
    [29] 6 1
    Aug 18 17:14:01 192.168.92.2 141709: 1w6d: RADIUS: Vendor, Microsoft
    [26] 58
    Aug 18 17:14:01 192.168.92.2 141710: 1w6d: RADIUS: MS-MPPE-Send-Key
    [16] 52
    Aug 18 17:14:01 192.168.92.2 141711: 1w6d: RADIUS: 8D D9 88 1D 65 2F CF
    F1 C4 80 F7 11 24 94 24 CB [????e/??????$?$?]
    Aug 18 17:14:01 192.168.92.2 141712: 1w6d: RADIUS: EA 87 53 40 22 92 0D
    60 3C C9 76 3A 24 4E 8F 18 [[email protected]"??`<?v:$N??]
    Aug 18 17:14:01 192.168.92.2 141713: 1w6d: RADIUS: E1 D1 C0 DD 8B 5A 9A
    A7 54 B8 0E 84 17 AE 39 19 [?????Z??T?????9?]
    Aug 18 17:14:01 192.168.92.2 141714: 1w6d: RADIUS: EA A5
    [??]
    Aug 18 17:14:01 192.168.92.2 141715: 1w6d: RADIUS: Vendor, Microsoft
    [26] 58
    Aug 18 17:14:01 192.168.92.2 141716: 1w6d: RADIUS: MS-MPPE-Recv-Key
    [17] 52
    Aug 18 17:14:01 192.168.92.2 141717: 1w6d: RADIUS: 8D DA 7F 82 80 5D AB
    CA 0D C1 48 81 FD 59 2F 3A [?????]????H??Y/:]
    Aug 18 17:14:01 192.168.92.2 141718: 1w6d: RADIUS: FF AB 16 A6 55 90 09
    A5 E8 36 98 45 6A E4 E7 C7 [????U????6?Ej???]
    Aug 18 17:14:01 192.168.92.2 141719: 1w6d: RADIUS: F3 06 34 57 D5 4F 59
    EC 65 CC 3B 61 4D C8 14 B1 [??4W?OY?e?;aM???]
    Aug 18 17:14:01 192.168.92.2 141720: 1w6d: RADIUS: 0F 2F
    [?/]
    Aug 18 17:14:01 192.168.92.2 141721: 1w6d: RADIUS: Class
    [25] 32
    Aug 18 17:14:01 192.168.92.2 141722: 1w6d: RADIUS: 44 8F 04 96 00 00 01
    37 00 01 C0 A8 58 17 01 C3 [D??????7????X???]
    Aug 18 17:14:01 192.168.92.2 141723: 1w6d: RADIUS: 60 4C 4E 1D 01 3C 00
    00 00 00 00 00 15 58 [`LN??<???????X]
    Aug 18 17:14:01 192.168.92.2 141724: 1w6d: RADIUS: Message-Authenticato
    [80] 18 *
    Aug 18 17:14:01 192.168.92.2 141725: 1w6d: RADIUS: Received from id 8A3
    Aug 18 17:14:01 192.168.92.2 141726: 1w6d: RADIUS/DECODE: EAP-Message
    fragments, 4, total 4 bytes
    Aug 18 17:14:01 192.168.92.2 141727: 1w6d: found MS AAA_AT_MS_MPPE_SEND_KEY
    Aug 18 17:14:01 192.168.92.2 141728: 1w6d: found MS AAA_AT_MS_MPPE_RECV_KEY
    Aug 18 17:14:02 192.168.92.2 141729: .Aug 18 17:18:45.463 S: %DOT11-6-
    ASSOC: Interface Dot11Radio0, Station 000a.b7bb.026f Associated KEY_MGMT
    [NONE]
    Aug 18 17:14:02 192.168.92.2 141730: 1w6d: RADIUS: AAA Unsupported
    [136] 3
    Aug 18 17:14:02 192.168.92.2 141731: 1w6d: RADIUS: 35
    [5]
    Aug 18 17:14:02 192.168.92.2 141732: 1w6d: RADIUS(000008A3): Using existing
    nas_port 506
    Aug 18 17:14:02 192.168.92.2 141733: 1w6d: RADIUS/ENCODE(000008A3):
    dropping service type, "radius-server attribute 6 on-for-login-auth" is off
    Aug 18 17:14:02 192.168.92.2 141734: 1w6d: RADIUS/ENCODE(000008A3):
    acct_session_id: 2211
    Aug 18 17:14:02 192.168.92.2 141735: 1w6d: RADIUS(000008A3): sending
    Aug 18 17:14:02 192.168.92.2 141736: 1w6d: RADIUS: Send to unknown id 88
    192.168.88.23:1812, Access-Request, len 157
    Aug 18 17:14:02 192.168.92.2 141737: 1w6d: RADIUS: authenticator 0B 5A 9C
    CA 5D 3B 71 78 - 53 95 6E 8B 86 FB 46 C5
    Aug 18 17:14:02 192.168.92.2 141738: 1w6d: RADIUS: User-Name [1]
    29 ""
    Aug 18 17:14:02 192.168.92.2 141739: 1w6d: RADIUS: Framed-MTU
    [12] 6 1400
    Aug 18 17:14:02 192.168.92.2 141740: 1w6d: RADIUS: Called-Station-Id
    [30] 16 "000c.85db.bf45"
    Aug 18 17:14:02 192.168.92.2 141741: 1w6d: RADIUS: Calling-Station-Id
    [31] 16 "000a.b7bb.026f"
    Aug 18 17:14:02 192.168.92.2 141742: 1w6d: RADIUS: Message-Authenticato
    [80] 18 *
    Aug 18 17:14:02 192.168.92.2 141743: 1w6d: RADIUS: EAP-Message
    [79] 34
    Aug 18 17:14:02 192.168.92.2 141744: 1w6d: RADIUS: 02 03 00 20 01 73 74
    65 76 65 2E 66 72 61 6E 6B [??? ?steve.frank]
    Aug 18 17:14:02 192.168.92.2 141745: 1w6d: RADIUS: 40 6E 65 77 63 6F 73
    70 61 72 65 73 2E 63 6F 6D [@trialbyfire.int]
    Aug 18 17:14:02 192.168.92.2 141746: 1w6d: RADIUS: NAS-Port-Type
    [61] 6 Virtual [5]
    Aug 18 17:14:02 192.168.92.2 141747: 1w6d: RADIUS: NAS-Port [5]
    6 506
    Aug 18 17:14:02 192.168.92.2 141748: 1w6d: RADIUS: NAS-IP-Address [4]
    6 192.168.92.2
    Aug 18 17:14:02 192.168.92.2 141749: 1w6d: RADIUS: Received from id 88
    192.168.88.23:1812, Access-Challenge, len 76
    Aug 18 17:14:02 192.168.92.2 141750: 1w6d: RADIUS: authenticator 22 77 B3
    B0 E7 4E 3E 7E - 82 29 9D BE 89 5D 0A 50
    Aug 18 17:14:02 192.168.92.2 141751: 1w6d: RADIUS: Session-Timeout
    [27] 6 30
    Aug 18 17:14:02 192.168.92.2 141752: 1w6d: RADIUS: EAP-Message
    [79] 8
    Aug 18 17:14:02 192.168.92.2 141753: 1w6d: RADIUS: 01 04 00 06 0D 20
    [????? ]
    Aug 18 17:14:02 192.168.92.2 141754: 1w6d: RADIUS: State
    [24] 24
    Aug 18 17:14:02 192.168.92.2 141755: 1w6d: RADIUS: 1C D2 04 73 00 00 01
    37 00 01 C0 A8 58 17 00 00 [???s???7????X???]
    Aug 18 17:14:02 192.168.92.2 141756: 1w6d: RADIUS: 00 02 11 D5 AC CE
    [??????]
    Aug 18 17:14:02 192.168.92.2 141757: 1w6d: RADIUS: Message-Authenticato
    [80] 18 *
    Aug 18 17:14:02 192.168.92.2 141758: 1w6d: RADIUS: Received from id 8A3
    Aug 18 17:14:02 192.168.92.2 141759: 1w6d: RADIUS/DECODE: EAP-Message
    fragments, 6, total 6 bytes
    Aug 18 17:14:02 192.168.92.2 141760: 1w6d: RADIUS: AAA Unsupported
    [136] 3
    Aug 18 17:14:02 192.168.92.2 141761: 1w6d: RADIUS: 35
    [5]
    Aug 18 17:14:02 192.168.92.2 141762: 1w6d: RADIUS(000008A3): Using existing
    nas_port 506
    Aug 18 17:14:02 192.168.92.2 141763: 1w6d: RADIUS/ENCODE(000008A3):
    dropping service type, "radius-server attribute 6 on-for-login-auth" is off
    Aug 18 17:14:02 192.168.92.2 141764: 1w6d: RADIUS/ENCODE(000008A3):
    acct_session_id: 2211
    Aug 18 17:14:02 192.168.92.2 141765: 1w6d: RADIUS(000008A3): sending
    Aug 18 17:14:02 192.168.92.2 141766: 1w6d: RADIUS: Send to unknown id 89
    192.168.88.23:1812, Access-Request, len 261
    Aug 18 17:14:02 192.168.92.2 141767: 1w6d: RADIUS: authenticator 70 F1 1E
    BC A4 99 85 0F - 8F 68 62 A4 99 9E AC 96
    Aug 18 17:14:02 192.168.92.2 141768: 1w6d: RADIUS: User-Name [1]
    29 ""
    Aug 18 17:14:02 192.168.92.2 141769: 1w6d: RADIUS: Framed-MTU
    [12] 6 1400
    Aug 18 17:14:02 192.168.92.2 141770: 1w6d: RADIUS: Called-Station-Id
    [30] 16 "000c.85db.bf45"
    Aug 18 17:14:02 192.168.92.2 141771: 1w6d: RADIUS: Calling-Station-Id
    [31] 16 "000a.b7bb.026f"
    Aug 18 17:14:02 192.168.92.2 141772: 1w6d: RADIUS: Message-Authenticato
    [80] 18 *
    Aug 18 17:14:02 192.168.92.2 141773: 1w6d: RADIUS: EAP-Message
    [79] 114
    Aug 18 17:14:02 192.168.92.2 141774: 1w6d: RADIUS: 02 04 00 70 0D 80 00
    00 00 66 16 03 01 00 61 01 [???p?????f????a?]
    Aug 18 17:14:02 192.168.92.2 141775: 1w6d: RADIUS: 00 00 5D 03 01 3F 41
    4F AA 99 7C C2 DE FC F1 56 [??]???AO??|????V]
    Aug 18 17:14:02 192.168.92.2 141776: 1w6d: RADIUS: 76 AB 55 AB CE EC 17
    9A 87 5A 9F B6 6E A3 3C 1F [v?U??????Z??n?<?]
    Aug 18 17:14:02 192.168.92.2 141777: 1w6d: RADIUS: 72 5B D2 BC 15 20 E9
    0E 00 00 1B 1A 53 93 33 A2 [r[??? ??????S?3?]
    Aug 18 17:14:02 192.168.92.2 141778: 1w6d: RADIUS: E2 02 C8 91 60 5F 1F
    A3 BF 97 BF 04 73 E3 15 B0 [????`_??????s???]
    Aug 18 17:14:02 192.168.92.2 141779: 1w6d: RADIUS: 7F DD 7C EC 2E B1 00
    16 00 04 00 05 00 0A 00 09 [??|?.???????????]
    Aug 18 17:14:02 192.168.92.2 141780: 1w6d: RADIUS: 00 64 00 62 00 03 00
    06 00 13 00 12 00 63 01 00 [?d?b?????????c??]
    Aug 18 17:14:02 192.168.92.2 141781: 1w6d: RADIUS: NAS-Port-Type
    [61] 6 Virtual [5]
    Aug 18 17:14:02 192.168.92.2 141782: 1w6d: RADIUS: NAS-Port [5]
    6 506
    Aug 18 17:14:02 192.168.92.2 141783: 1w6d: RADIUS: State
    [24] 24
    Aug 18 17:14:02 192.168.92.2 141784: 1w6d: RADIUS: 1C D2 04 73 00 00 01
    37 00 01 C0 A8 58 17 00 00 [???s???7????X???]
    Aug 18 17:14:02 192.168.92.2 141785: 1w6d: RADIUS: 00 02 11 D5 AC CE
    [??????]
    Aug 18 17:14:02 192.168.92.2 141786: 1w6d: RADIUS: NAS-IP-Address [4]
    6 192.168.92.2
    Aug 18 17:14:02 192.168.92.2 141787: 1w6d: RADIUS: Received from id 89
    192.168.88.23:1812, Access-Challenge, len 202
    Aug 18 17:14:02 192.168.92.2 141788: 1w6d: RADIUS: authenticator A3 25 01
    E2 C2 F1 BA 0E - E4 19 EF 1C 8A 21 B4 C0
    Aug 18 17:14:02 192.168.92.2 141789: 1w6d: RADIUS: Session-Timeout
    [27] 6 30
    Aug 18 17:14:02 192.168.92.2 141790: 1w6d: RADIUS: EAP-Message
    [79] 134
    Aug 18 17:14:02 192.168.92.2 141791: 1w6d: RADIUS: 01 05 00 84 0D 80 00
    00 00 7A 16 03 01 00 4A 02 [?????????z????J?]
    Aug 18 17:14:02 192.168.92.2 141792: 1w6d: RADIUS: 00 00 46 03 01 3F 41
    4F AA 2F 07 2C 82 89 F2 E8 [??F???AO?/?,????]
    Aug 18 17:14:02 192.168.92.2 141793: 1w6d: RADIUS: 73 70 F3 AA 12 E9 9B
    5F F5 86 EE 23 80 04 53 EC [sp?????_???#??S?]
    Aug 18 17:14:02 192.168.92.2 141794: 1w6d: RADIUS: 9D F6 19 26 CB 20 E9
    0E 00 00 1B 1A 53 93 33 A2 [???&? ??????S?3?]
    Aug 18 17:14:02 192.168.92.2 141795: 1w6d: RADIUS: E2 02 C8 91 60 5F 1F
    A3 BF 97 BF 04 73 E3 15 B0 [????`_??????s???]
    Aug 18 17:14:02 192.168.92.2 141796: 1w6d: RADIUS: 7F DD 7C EC 2E B1 00
    04 00 14 03 01 00 01 01 16 [??|?.???????????]
    Aug 18 17:14:02 192.168.92.2 141797: 1w6d: RADIUS: 03 01 00 20 68 CC D5
    55 7D 9D 67 BF 2A FA B4 C1 [??? h??U}?g?*???]
    Aug 18 17:14:02 192.168.92.2 141798: 1w6d: RADIUS: 21 67 8F A5 86 75 04
    37 B3 DC 95 BD 33 B2 19 B6 [!g???u?7????3???]
    Aug 18 17:14:02 192.168.92.2 141799: 1w6d: RADIUS: A1 74 BC 31
    [?t?1]
    Aug 18 17:14:02 192.168.92.2 141800: 1w6d: RADIUS: State
    [24] 24
    Aug 18 17:14:02 192.168.92.2 141801: 1w6d: RADIUS: 1C D2 04 73 00 00 01
    37 00 01 C0 A8 58 17 00 00 [???s???7????X???]
    Aug 18 17:14:02 192.168.92.2 141802: 1w6d: RADIUS: 00 02 11 D5 AC CE
    [??????]
    Aug 18 17:14:02 192.168.92.2 141803: 1w6d: RADIUS: Message-Authenticato
    [80] 18 *
    Aug 18 17:14:02 192.168.92.2 141804: 1w6d: RADIUS: Received from id 8A3
    Aug 18 17:14:02 192.168.92.2 141805: 1w6d: RADIUS/DECODE: EAP-Message
    fragments, 132, total 132 bytes



    thanks again!
     
    Vo, Aug 18, 2003
    #10
  11. the AP is getting the session timout attribute:

    Session-Timeout [27] 6 30

    but I don't know if it is set properly becaause you said it is set to 10 mn
    so can we get the sniff from the ias server side?


    --

    This posting is provided "AS IS", with NO warranties and confers NO rights
     
    Wajihy [MSFT], Aug 18, 2003
    #11
  12. Vo

    Vo Guest

    Will do. I'll pop this up here tomorrow for sure.
     
    Vo, Aug 19, 2003
    #12
  13. Vo

    Vo Guest

    I have no idea where to find this specifically. There is a timeout for
    reauthentication if the RADIUS server is unreachable (radius-server
    timeout), which is waiting for it's reply, but this doesn't affect
    client authentication.

    This is quite strange. I ran a sniff using Network Monitor on the 2k3
    RADIUS/IAS server. Here's a text output of a printout with the protocol
    decoded on the RADIUS conversation (quite long). I must stress, I do
    have the server set to give out a 10 minute timeout!



    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    ************************************************************************
    **********************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr
    1 15.233498 000103E84BA3 LOCAL RADIUS Message Type: Access Request
    (1) CiscoAP IASSERVER IP

    + FRAME: Base frame properties
    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 35530; Total IP Length
    = 185; Options = No Options
    + UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 165
    (0xA5)
    RADIUS: Message Type: Access Request(1)
    RADIUS: Message Type = Access Request
    RADIUS: Identifier = 114 (0x72)
    RADIUS: Length = 157 (0x9D)
    RADIUS: Authenticator = 65 50 E4 4A FC 60 7A 74 85 4C CA 9C 1B 65
    32 A3
    RADIUS: Attribute Type: User Name(1)
    RADIUS: Attribute type = User Name
    RADIUS: Attribute length = 29 (0x1D)
    RADIUS: User name =
    RADIUS: Attribute Type: Framed MTU(12)
    RADIUS: Attribute type = Framed MTU
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Framed MTU = 1400 (0x578)
    RADIUS: Attribute Type: Called Station ID(30)
    RADIUS: Attribute type = Called Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Called station ID =000c.85db.bf45
    RADIUS: Attribute Type: Calling Station ID(31)
    RADIUS: Attribute type = Calling Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Calling station ID =000a.b7bb.026f
    RADIUS: Attribute Type: ARAP Signature(80)
    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)
    RADIUS: Signature =Xém+kJ¦na<¯+-y[(
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 34 (0x22)
    RADIUS: EAP code = Response
    RADIUS: EAP identifier = 2 (0x2)
    RADIUS: EAP length = 32 (0x20)
    RADIUS: EAP data = 01 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E
    65 77 63 6F 73 70 61 72 65 73 2E 63 6F 6D
    RADIUS: Attribute Type: NAS Port Type(61)
    RADIUS: Attribute type = NAS Port Type
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS port type = Virtual
    RADIUS: Attribute Type: NAS Port(5)
    RADIUS: Attribute type = NAS Port
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS port = 264 (0x108)
    RADIUS: Attribute Type: NAS IP Address(4)
    RADIUS: Attribute type = NAS IP Address
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS IP address = 192.168.92.2



    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
    £..E.
    00010: 00 B9 8A CA 00 00 FE 11 FB FE C0 A8 5C 02 C0 A8 .¹?Ê..þ.ûþÀ¨
    \.ˬ
    00020: 58 17 06 6D 07 14 00 A5 7F 40 01 72 00 9D 65 50 X..m...
    ¥@.r.eP
    00030: E4 4A FC 60 7A 74 85 4C CA 9C 1B 65 32 A3 01 1D äJü`zt?LÊ?.e2
    £..
    00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

    ************************************************************************
    *************************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr
    2 15.249123 LOCAL 000103E84BA3 RADIUS Message Type: Access
    Challenge(11) IASSERVER CiscoAP IP

    + FRAME: Base frame properties
    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 35163; Total IP Length
    = 104; Options = No Options
    + UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 84
    (0x54)
    RADIUS: Message Type: Access Challenge(11)
    RADIUS: Message Type = Access Challenge
    RADIUS: Identifier = 114 (0x72)
    RADIUS: Length = 76 (0x4C)
    RADIUS: Authenticator = 70 81 6C 48 B8 52 AC A6 2A 5B ED BA 93 B7
    6E 54
    RADIUS: Attribute Type: Session Timeout(27)
    RADIUS: Attribute type = Session Timeout
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Session timeout(seconds) = 30 (0x1E)
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 8 (0x8)
    RADIUS: EAP code = Request
    RADIUS: EAP identifier = 3 (0x3)
    RADIUS: EAP length = 6 (0x6)
    RADIUS: EAP data = 0D 20
    RADIUS: Attribute Type: State(24)
    RADIUS: Attribute type = State
    RADIUS: Attribute length = 24 (0x18)
    RADIUS: State =+y
    RADIUS: Attribute Type: ARAP Signature(80)
    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)
    RADIUS: Signature =-¦»U°+ k}Ä Cî¦

    00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
    «g...E.
    00010: 00 68 89 5B 00 00 80 11 7B BF C0 A8 58 17 C0 A8 .h?[..?.{¿
    ˬX.ˬ
    00020: 5C 02 07 14 06 6D 00 54 73 82 0B 72 00 4C 70 81
    \....m.Ts?.r.Lp
    00030: 6C 48 B8 52 AC A6 2A 5B ED BA 93 B7 6E 54 1B 06 lH¸R¬¦*[íº?·
    nT..
    00040: 00 00 00 1E 4F 08 01 03 00 06 0D 20 18 18 1C D8 ....O......
    ....Ø

    ************************************************************************
    **********************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr
    3 15.264748 000103E84BA3 LOCAL RADIUS Message Type: Access Request
    (1) CiscoAP IASSERVER IP

    + FRAME: Base frame properties
    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 35560; Total IP Length
    = 289; Options = No Options
    + UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 269
    (0x10D)


    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    RADIUS: Message Type: Access Request(1)
    RADIUS: Message Type = Access Request
    RADIUS: Identifier = 115 (0x73)
    RADIUS: Length = 261 (0x105)
    RADIUS: Authenticator = 04 DB 73 AA BD 37 EB 97 3F F0 50 C6 0B EB
    E3 AB
    RADIUS: Attribute Type: User Name(1)
    RADIUS: Attribute type = User Name
    RADIUS: Attribute length = 29 (0x1D)
    RADIUS: User name =
    RADIUS: Attribute Type: Framed MTU(12)
    RADIUS: Attribute type = Framed MTU
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Framed MTU = 1400 (0x578)
    RADIUS: Attribute Type: Called Station ID(30)
    RADIUS: Attribute type = Called Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Called station ID =000c.85db.bf45
    RADIUS: Attribute Type: Calling Station ID(31)
    RADIUS: Attribute type = Calling Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Calling station ID =000a.b7bb.026f
    RADIUS: Attribute Type: ARAP Signature(80)
    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)
    RADIUS: Signature =·¦\ߦs_p++8Vt8
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 114 (0x72)
    RADIUS: EAP code = Response
    RADIUS: EAP identifier = 3 (0x3)
    RADIUS: EAP length = 112 (0x70)
    RADIUS: EAP data = 0D 80 00 00 00 66 16 03 01 00 61 01 00 00
    5D 03 01 3F 42 78 E2 76 9E F1 85 A9 58 04 58 43 A7 6F 08 0D 09 9C 49 1A
    17...
    RADIUS: Attribute Type: NAS Port Type(61)
    RADIUS: Attribute type = NAS Port Type
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS port type = Virtual
    RADIUS: Attribute Type: NAS Port(5)
    RADIUS: Attribute type = NAS Port
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS port = 264 (0x108)
    RADIUS: Attribute Type: State(24)
    RADIUS: Attribute type = State
    RADIUS: Attribute length = 24 (0x18)
    RADIUS: State =+y
    RADIUS: Attribute Type: NAS IP Address(4)
    RADIUS: Attribute type = NAS IP Address
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS IP address = 192.168.92.2

    00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
    £..E.
    00010: 01 21 8A E8 00 00 FE 11 FB 78 C0 A8 5C 02 C0 A8 .!?è..þ.ûxÀ¨
    \.ˬ
    00020: 58 17 06 6D 07 14 01 0D 2A E7 01 73 01 05 04 DB X..m....
    *ç.s...Û
    00030: 73 AA BD 37 EB 97 3F F0 50 C6 0B EB E3 AB 01 1D sª½7ë??ðPÆ.ëã
    «..

    page 3


    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

    ************************************************************************
    *************************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr
    4 15.264748 LOCAL 000103E84BA3 RADIUS Message Type: Access
    Challenge(11) IASSERVER CiscoAP IP

    + FRAME: Base frame properties
    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 35164; Total IP Length
    = 230; Options = No Options
    + UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 210
    (0xD2)
    RADIUS: Message Type: Access Challenge(11)
    RADIUS: Message Type = Access Challenge
    RADIUS: Identifier = 115 (0x73)
    RADIUS: Length = 202 (0xCA)
    RADIUS: Authenticator = C6 6C 9A EF CF CB E8 05 AF 6F 17 66 01 A9
    06 B1
    RADIUS: Attribute Type: Session Timeout(27)
    RADIUS: Attribute type = Session Timeout
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Session timeout(seconds) = 30 (0x1E)
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 134 (0x86)
    RADIUS: EAP code = Request
    RADIUS: EAP identifier = 4 (0x4)
    RADIUS: EAP length = 132 (0x84)
    RADIUS: EAP data = 0D 80 00 00 00 7A 16 03 01 00 4A 02 00 00
    46 03 01 3F 42 78 E1 0F 1A 61 BD FD 1D 77 A3 EB 55 A1 8F 7E E5 AA 37 B1
    F9...
    RADIUS: Attribute Type: State(24)
    RADIUS: Attribute type = State
    RADIUS: Attribute length = 24 (0x18)
    RADIUS: State =+y
    RADIUS: Attribute Type: ARAP Signature(80)
    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)
    RADIUS: Signature =qfOú"ä·Ä=XEÅ-+¦v

    00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
    «g...E.
    00010: 00 E6 89 5C 00 00 80 11 7B 40 C0 A8 58 17 C0 A8 .æ?\..?.
    {@ˬX.ˬ
    00020: 5C 02 07 14 06 6D 00 D2 B6 43 0B 73 00 CA C6 6C
    \....m.Ò¶C.s.ÊÆl
    00030: 9A EF CF CB E8 05 AF 6F 17 66 01 A9 06 B1 1B 06 ?ïÏËè.¯o.f.©.
    ±..
    00040: 00 00 00 1E 4F 86 01 04 00 84 0D 80 00 00 00 7A
    .....O?...?.?...z

    ************************************************************************
    **********************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr
    5 15.342873 000103E84BA3 LOCAL RADIUS Message Type: Access Request
    (1) CiscoAP IASSERVER IP

    + FRAME: Base frame properties
    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 35606; Total IP Length
    = 230; Options = No Options
    + UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 210
    (0xD2)
    RADIUS: Message Type: Access Request(1)
    RADIUS: Message Type = Access Request
    RADIUS: Identifier = 116 (0x74)
    RADIUS: Length = 202 (0xCA)

    page 4


    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    RADIUS: Authenticator = 91 42 42 4C EE 8F BF 5D 3F 66 43 53 95 A7
    F1 73
    RADIUS: Attribute Type: User Name(1)
    RADIUS: Attribute type = User Name
    RADIUS: Attribute length = 29 (0x1D)
    RADIUS: User name =
    RADIUS: Attribute Type: Framed MTU(12)
    RADIUS: Attribute type = Framed MTU
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Framed MTU = 1400 (0x578)
    RADIUS: Attribute Type: Called Station ID(30)
    RADIUS: Attribute type = Called Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Called station ID =000c.85db.bf45
    RADIUS: Attribute Type: Calling Station ID(31)
    RADIUS: Attribute type = Calling Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Calling station ID =000a.b7bb.026f
    RADIUS: Attribute Type: ARAP Signature(80)
    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)
    RADIUS: Signature =¦í+d¦d
    -w_{h+Uuî
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 55 (0x37)
    RADIUS: EAP code = Response
    RADIUS: EAP identifier = 4 (0x4)
    RADIUS: EAP length = 53 (0x35)
    RADIUS: EAP data = 0D 80 00 00 00 2B 14 03 01 00 01 01 16 03
    01 00 20 63 E0 58 30 7C 78 A1 9C B2 65 FA 88 10 90 0B 17 E3 FB 3C 36 27
    89...
    RADIUS: Attribute Type: NAS Port Type(61)
    RADIUS: Attribute type = NAS Port Type
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS port type = Virtual
    RADIUS: Attribute Type: NAS Port(5)
    RADIUS: Attribute type = NAS Port
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS port = 264 (0x108)
    RADIUS: Attribute Type: State(24)
    RADIUS: Attribute type = State
    RADIUS: Attribute length = 24 (0x18)
    RADIUS: State =+y
    RADIUS: Attribute Type: NAS IP Address(4)
    RADIUS: Attribute type = NAS IP Address
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS IP address = 192.168.92.2

    00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
    £..E.
    00010: 00 E6 8B 16 00 00 FE 11 FB 85 C0 A8 5C 02 C0 A8 .æ?...þ.û?À¨
    \.ˬ
    00020: 58 17 06 6D 07 14 00 D2 62 DE 01 74 00 CA 91 42
    X..m...ÒbÞ.t.Ê?B
    00030: 42 4C EE 8F BF 5D 3F 66 43 53 95 A7 F1 73 01 1D BLî¿]?fCS?
    §ñs..
    00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

    ************************************************************************
    *********************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr

    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    6 15.358498 LOCAL 000103E84BA3 RADIUS Message Type: Access Accept
    (2) IASSERVER CiscoAP IP

    + FRAME: Base frame properties
    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 35166; Total IP Length
    = 238; Options = No Options
    + UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 218
    (0xDA)
    RADIUS: Message Type: Access Accept(2)
    RADIUS: Message Type = Access Accept
    RADIUS: Identifier = 116 (0x74)
    RADIUS: Length = 210 (0xD2)
    RADIUS: Authenticator = 68 2F F8 BF 06 93 43 82 17 3E EC D3 C0 D4
    81 AD
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: EAP code = Success
    RADIUS: EAP identifier = 5 (0x5)
    RADIUS: EAP length = 4 (0x4)
    RADIUS: EAP data =
    RADIUS: Attribute Type: Service Type(6)
    RADIUS: Attribute type = Service Type
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Service type = Framed
    RADIUS: Attribute Type: Session Timeout(27)
    RADIUS: Attribute type = Session Timeout
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Session timeout(seconds) = 600 (0x258)
    RADIUS: Attribute Type: Termination Action(29)
    RADIUS: Attribute type = Termination Action
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Termination action = RADIUS Request
    RADIUS: Attribute Type: Vendor Specific(26)
    RADIUS: Attribute type = Vendor Specific
    RADIUS: Attribute length = 58 (0x3A)
    RADIUS: Vendor ID = 311 (0x137)
    RADIUS: Vendor string =4ìtRE¦¦tbnn-mnsy9ó½+m[w[--¶05+ ¬JqO
    <«E-ï:s+Sx¡:fw
    RADIUS: Attribute Type: Vendor Specific(26)
    RADIUS: Attribute type = Vendor Specific
    RADIUS: Attribute length = 58 (0x3A)
    RADIUS: Vendor ID = 311 (0x137)
    RADIUS: Vendor string =4ìFZòï+-wà:ó¦{¦(G9¬+ -¢¦
    è=¥w¿
    RADIUS: )ë+e/+#\½h
    RADIUS: Attribute Type: Class(25)
    RADIUS: Attribute type = Class
    RADIUS: Attribute length = 32 (0x20)
    RADIUS: Class =D¼¦
    RADIUS: Attribute Type: ARAP Signature(80)
    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)
    RADIUS: Signature =s0îgdÑ ƒ-¦"Ç*)

    00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
    «g...E.
    00010: 00 EE 89 5E 00 00 80 11 7B 36 C0 A8 58 17 C0 A8 .î?^..?.
    {6ˬX.ˬ
    00020: 5C 02 07 14 06 6D 00 DA 88 CD 02 74 00 D2 68 2F \....m.Ú?
    Í.t.Òh/


    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    00030: F8 BF 06 93 43 82 17 3E EC D3 C0 D4 81 AD 4F 06 ø¿.?C?.>ìÓÀÔ­
    O.
    00040: 03 05 00 04 06 06 00 00 00 02 1B 06 00 00 02 58
    ................X

    ************************************************************************
    **********************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr
    7 16.374123 000103E84BA3 LOCAL RADIUS Message Type: Access Request
    (1) CiscoAP IASSERVER IP

    + FRAME: Base frame properties
    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 35663; Total IP Length
    = 185; Options = No Options
    + UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 165
    (0xA5)
    RADIUS: Message Type: Access Request(1)
    RADIUS: Message Type = Access Request
    RADIUS: Identifier = 117 (0x75)
    RADIUS: Length = 157 (0x9D)
    RADIUS: Authenticator = 5B 3D 1F DB 26 2C 6A 8B 12 E0 CE E3 E9 FE
    53 C2
    RADIUS: Attribute Type: User Name(1)
    RADIUS: Attribute type = User Name
    RADIUS: Attribute length = 29 (0x1D)
    RADIUS: User name =
    RADIUS: Attribute Type: Framed MTU(12)
    RADIUS: Attribute type = Framed MTU
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Framed MTU = 1400 (0x578)
    RADIUS: Attribute Type: Called Station ID(30)
    RADIUS: Attribute type = Called Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Called station ID =000c.85db.bf45
    RADIUS: Attribute Type: Calling Station ID(31)
    RADIUS: Attribute type = Calling Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Calling station ID =000a.b7bb.026f
    RADIUS: Attribute Type: ARAP Signature(80)
    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)
    RADIUS: Signature =IK-T+ü0ÿªc(T¦.¦
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 34 (0x22)
    RADIUS: EAP code = Response
    RADIUS: EAP identifier = 3 (0x3)
    RADIUS: EAP length = 32 (0x20)
    RADIUS: EAP data = 01 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E
    65 77 63 6F 73 70 61 72 65 73 2E 63 6F 6D
    RADIUS: Attribute Type: NAS Port Type(61)
    RADIUS: Attribute type = NAS Port Type
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS port type = Virtual
    RADIUS: Attribute Type: NAS Port(5)
    RADIUS: Attribute type = NAS Port
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS port = 264 (0x108)
    RADIUS: Attribute Type: NAS IP Address(4)
    RADIUS: Attribute type = NAS IP Address


    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS IP address = 192.168.92.2

    00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
    £..E.
    00010: 00 B9 8B 4F 00 00 FE 11 FB 79 C0 A8 5C 02 C0 A8 .¹?O..þ.ûyÀ¨
    \.ˬ
    00020: 58 17 06 6D 07 14 00 A5 7D 42 01 75 00 9D 5B 3D X..m...¥}B.u.
    [=
    00030: 1F DB 26 2C 6A 8B 12 E0 CE E3 E9 FE 53 C2 01 1D
    ..Û&,j?.àÎãéþSÂ..
    00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

    ************************************************************************
    *************************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr
    8 16.374123 LOCAL 000103E84BA3 RADIUS Message Type: Access
    Challenge(11) IASSERVER CiscoAP IP

    + FRAME: Base frame properties
    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 35186; Total IP Length
    = 104; Options = No Options
    + UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 84
    (0x54)
    RADIUS: Message Type: Access Challenge(11)
    RADIUS: Message Type = Access Challenge
    RADIUS: Identifier = 117 (0x75)
    RADIUS: Length = 76 (0x4C)
    RADIUS: Authenticator = FF 59 C5 FD CC 80 21 DC 8A 50 EC 4D C3 77
    43 70
    RADIUS: Attribute Type: Session Timeout(27)
    RADIUS: Attribute type = Session Timeout
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Session timeout(seconds) = 30 (0x1E)
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 8 (0x8)
    RADIUS: EAP code = Request
    RADIUS: EAP identifier = 4 (0x4)
    RADIUS: EAP length = 6 (0x6)
    RADIUS: EAP data = 0D 20
    RADIUS: Attribute Type: State(24)
    RADIUS: Attribute type = State
    RADIUS: Attribute length = 24 (0x18)
    RADIUS: State =+z
    RADIUS: Attribute Type: ARAP Signature(80)
    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)
    RADIUS: Signature =(5èîg6BôHW·,)-½

    00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
    «g...E.
    00010: 00 68 89 72 00 00 80 11 7B A8 C0 A8 58 17 C0 A8 .h?r..?.
    {¨À¨X.À¨
    00020: 5C 02 07 14 06 6D 00 54 20 C8 0B 75 00 4C FF 59 \....m.T
    È.u.LÿY
    00030: C5 FD CC 80 21 DC 8A 50 EC 4D C3 77 43 70 1B 06 ÅýÌ?!Ü?
    PìMÃwCp..
    00040: 00 00 00 1E 4F 08 01 04 00 06 0D 20 18 18 1C D9 ....O......
    ....Ù

    ************************************************************************
    **********************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr
    9 16.405373 000103E84BA3 LOCAL RADIUS Message Type: Access Request
    (1) CiscoAP IASSERVER IP

    + FRAME: Base frame properties


    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 35693; Total IP Length
    = 289; Options = No Options
    + UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 269
    (0x10D)
    RADIUS: Message Type: Access Request(1)
    RADIUS: Message Type = Access Request
    RADIUS: Identifier = 118 (0x76)
    RADIUS: Length = 261 (0x105)
    RADIUS: Authenticator = B1 7E 88 6B 5B 5A A0 5F 9E 08 72 53 9B 32
    62 A2
    RADIUS: Attribute Type: User Name(1)
    RADIUS: Attribute type = User Name
    RADIUS: Attribute length = 29 (0x1D)
    RADIUS: User name =
    RADIUS: Attribute Type: Framed MTU(12)
    RADIUS: Attribute type = Framed MTU
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Framed MTU = 1400 (0x578)
    RADIUS: Attribute Type: Called Station ID(30)
    RADIUS: Attribute type = Called Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Called station ID =000c.85db.bf45
    RADIUS: Attribute Type: Calling Station ID(31)
    RADIUS: Attribute type = Calling Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Calling station ID =000a.b7bb.026f
    RADIUS: Attribute Type: ARAP Signature(80)
    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)
    RADIUS: Signature =÷ ñl+)Ææ9e++¦'¦
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 114 (0x72)
    RADIUS: EAP code = Response
    RADIUS: EAP identifier = 4 (0x4)
    RADIUS: EAP length = 112 (0x70)
    RADIUS: EAP data = 0D 80 00 00 00 66 16 03 01 00 61 01 00 00
    5D 03 01 3F 42 78 E3 DE 6E 40 A1 AB 70 14 35 0B 96 9E AB 81 81 8C 71 8B
    49...
    RADIUS: Attribute Type: NAS Port Type(61)
    RADIUS: Attribute type = NAS Port Type
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS port type = Virtual
    RADIUS: Attribute Type: NAS Port(5)
    RADIUS: Attribute type = NAS Port
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS port = 264 (0x108)
    RADIUS: Attribute Type: State(24)
    RADIUS: Attribute type = State
    RADIUS: Attribute length = 24 (0x18)
    RADIUS: State =+z
    RADIUS: Attribute Type: NAS IP Address(4)
    RADIUS: Attribute type = NAS IP Address
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS IP address = 192.168.92.2

    00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
    £..E.

    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    00010: 01 21 8B 6D 00 00 FE 11 FA F3 C0 A8 5C 02 C0 A8 .!?m..þ.úóÀ¨
    \.ˬ
    00020: 58 17 06 6D 07 14 01 0D 0F 7C 01 76 01 05 B1 7E X..m.....|.v..
    ±~
    00030: 88 6B 5B 5A A0 5F 9E 08 72 53 9B 32 62 A2 01 1D ?k[Z _?.rS?
    2b¢..
    00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

    ************************************************************************
    **************************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr
    10 16.405373 LOCAL 000103E84BA3 RADIUS Message Type: Access
    Challenge(11) IASSERVER CiscoAP IP

    + FRAME: Base frame properties
    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 35188; Total IP Length
    = 230; Options = No Options
    + UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 210
    (0xD2)
    RADIUS: Message Type: Access Challenge(11)
    RADIUS: Message Type = Access Challenge
    RADIUS: Identifier = 118 (0x76)
    RADIUS: Length = 202 (0xCA)
    RADIUS: Authenticator = 99 31 C9 0D 09 01 40 23 A1 CE 95 43 FA 48
    D2 C9
    RADIUS: Attribute Type: Session Timeout(27)
    RADIUS: Attribute type = Session Timeout
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Session timeout(seconds) = 30 (0x1E)
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 134 (0x86)
    RADIUS: EAP code = Request
    RADIUS: EAP identifier = 5 (0x5)
    RADIUS: EAP length = 132 (0x84)
    RADIUS: EAP data = 0D 80 00 00 00 7A 16 03 01 00 4A 02 00 00
    46 03 01 3F 42 78 E2 44 59 4D E0 BF E0 B3 67 D6 46 31 7C 7D D3 4A 89 9F
    56...
    RADIUS: Attribute Type: State(24)
    RADIUS: Attribute type = State
    RADIUS: Attribute length = 24 (0x18)
    RADIUS: State =+z
    RADIUS: Attribute Type: ARAP Signature(80)
    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)
    RADIUS: Signature =
    f¦=¯yÇj·²ë#µ=<

    00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
    «g...E.
    00010: 00 E6 89 74 00 00 80 11 7B 28 C0 A8 58 17 C0 A8 .æ?t..?.
    {(ˬX.ˬ
    00020: 5C 02 07 14 06 6D 00 D2 C5 E2 0B 76 00 CA 99 31
    \....m.ÒÅâ.v.Ê?1
    00030: C9 0D 09 01 40 23 A1 CE 95 43 FA 48 D2 C9 1B 06 É[email protected]#¡Î?
    CúHÒÉ..
    00040: 00 00 00 1E 4F 86 01 05 00 84 0D 80 00 00 00 7A
    .....O?...?.?...z

    ************************************************************************
    ***********************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr
    11 16.483498 000103E84BA3 LOCAL RADIUS Message Type: Access Request
    (1) CiscoAP IASSERVER IP

    + FRAME: Base frame properties
    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 35739; Total IP Length
    = 230; Options = No Options
    + UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 210
    (0xD2)
    RADIUS: Message Type: Access Request(1)

    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    RADIUS: Message Type = Access Request
    RADIUS: Identifier = 119 (0x77)
    RADIUS: Length = 202 (0xCA)
    RADIUS: Authenticator = E6 9D 5B BA 2D CA 75 CA DD 46 2B EB F4 CE
    ED 94
    RADIUS: Attribute Type: User Name(1)
    RADIUS: Attribute type = User Name
    RADIUS: Attribute length = 29 (0x1D)
    RADIUS: User name =
    RADIUS: Attribute Type: Framed MTU(12)
    RADIUS: Attribute type = Framed MTU
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Framed MTU = 1400 (0x578)
    RADIUS: Attribute Type: Called Station ID(30)
    RADIUS: Attribute type = Called Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Called station ID =000c.85db.bf45
    RADIUS: Attribute Type: Calling Station ID(31)
    RADIUS: Attribute type = Calling Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Calling station ID =000a.b7bb.026f
    RADIUS: Attribute Type: ARAP Signature(80)
    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)
    RADIUS: Signature =-òÆ
    RADIUS: A¦ a+?ï<+
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 55 (0x37)
    RADIUS: EAP code = Response
    RADIUS: EAP identifier = 5 (0x5)
    RADIUS: EAP length = 53 (0x35)
    RADIUS: EAP data = 0D 80 00 00 00 2B 14 03 01 00 01 01 16 03
    01 00 20 C1 27 22 48 12 7E CB 06 41 22 05 2D 70 04 2E 01 D8 17 16 C7 91
    5C...
    RADIUS: Attribute Type: NAS Port Type(61)
    RADIUS: Attribute type = NAS Port Type
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS port type = Virtual
    RADIUS: Attribute Type: NAS Port(5)
    RADIUS: Attribute type = NAS Port
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS port = 264 (0x108)
    RADIUS: Attribute Type: State(24)
    RADIUS: Attribute type = State
    RADIUS: Attribute length = 24 (0x18)
    RADIUS: State =+z
    RADIUS: Attribute Type: NAS IP Address(4)
    RADIUS: Attribute type = NAS IP Address
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS IP address = 192.168.92.2

    00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
    £..E.
    00010: 00 E6 8B 9B 00 00 FE 11 FB 00 C0 A8 5C 02 C0 A8 .æ??..þ.û.À¨
    \.ˬ
    00020: 58 17 06 6D 07 14 00 D2 5B DC 01 77 00 CA E6 9D X..m...Ò
    [Ü.w.Êæ
    00030: 5B BA 2D CA 75 CA DD 46 2B EB F4 CE ED 94 01 1D [º-
    ÊuÊÝF+ëôÎí?..

    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

    ************************************************************************
    **********************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr
    12 16.483498 LOCAL 000103E84BA3 RADIUS Message Type: Access Accept
    (2) IASSERVER CiscoAP IP

    + FRAME: Base frame properties
    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 35189; Total IP Length
    = 238; Options = No Options
    + UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 218
    (0xDA)
    RADIUS: Message Type: Access Accept(2)
    RADIUS: Message Type = Access Accept
    RADIUS: Identifier = 119 (0x77)
    RADIUS: Length = 210 (0xD2)
    RADIUS: Authenticator = 9E DF 84 8F 5A D1 8C 21 51 6D A5 E7 5F 84
    82 2E
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: EAP code = Success
    RADIUS: EAP identifier = 6 (0x6)
    RADIUS: EAP length = 4 (0x4)
    RADIUS: EAP data =
    RADIUS: Attribute Type: Service Type(6)
    RADIUS: Attribute type = Service Type
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Service type = Framed
    RADIUS: Attribute Type: Session Timeout(27)
    RADIUS: Attribute type = Session Timeout
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Session timeout(seconds) = 600 (0x258)
    RADIUS: Attribute Type: Termination Action(29)
    RADIUS: Attribute type = Termination Action
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Termination action = RADIUS Request
    RADIUS: Attribute Type: Vendor Specific(26)
    RADIUS: Attribute type = Vendor Specific
    RADIUS: Attribute length = 58 (0x3A)
    RADIUS: Vendor ID = 311 (0x137)
    RADIUS: Vendor string =4ìT+:-+-ƒ+:ê+
    RADIUS: $aGÄ/ l/}ü _ 'n :$¦t4\ç[@dÑP=8
    RADIUS: 
    RADIUS: Attribute Type: Vendor Specific(26)
    RADIUS: Attribute type = Vendor Specific
    RADIUS: Attribute length = 58 (0x3A)
    RADIUS: Vendor ID = 311 (0x137)
    RADIUS: Vendor string =4ìOs,º)1nÅ0(`Zêxk8ìæ='JE¦û|7
    +'$áqOƒpÉ 
    g˜¦h+¦
    RADIUS: Attribute Type: Class(25)
    RADIUS: Attribute type = Class
    RADIUS: Attribute length = 32 (0x20)
    RADIUS: Class =D»¦
    RADIUS: Attribute Type: ARAP Signature(80)
    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)


    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    RADIUS: Signature =7÷&>§{+F,+¦ñë/âô

    00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
    «g...E.
    00010: 00 EE 89 75 00 00 80 11 7B 1F C0 A8 58 17 C0 A8 .î?u..?.
    {.ˬX.ˬ
    00020: 5C 02 07 14 06 6D 00 DA DA C3 02 77 00 D2 9E DF
    \....m.ÚÚÃ.w.Ò?ß
    00030: 84 8F 5A D1 8C 21 51 6D A5 E7 5F 84 82 2E 4F 06 ?ZÑ?!Qm
    ¥ç_??.O.
    00040: 03 06 00 04 06 06 00 00 00 02 1B 06 00 00 02 58
    ................X

    ************************************************************************
    ***********************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr
    13 17.499123 000103E84BA3 LOCAL RADIUS Message Type: Access Request
    (1) CiscoAP IASSERVER IP

    + FRAME: Base frame properties
    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 35794; Total IP Length
    = 185; Options = No Options
    + UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 165
    (0xA5)
    RADIUS: Message Type: Access Request(1)
    RADIUS: Message Type = Access Request
    RADIUS: Identifier = 120 (0x78)
    RADIUS: Length = 157 (0x9D)
    RADIUS: Authenticator = B3 12 CE C7 20 D8 04 F7 9A 28 2C 40 75 E3
    D8 61
    RADIUS: Attribute Type: User Name(1)
    RADIUS: Attribute type = User Name
    RADIUS: Attribute length = 29 (0x1D)
    RADIUS: User name =
    RADIUS: Attribute Type: Framed MTU(12)
    RADIUS: Attribute type = Framed MTU
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Framed MTU = 1400 (0x578)
    RADIUS: Attribute Type: Called Station ID(30)
    RADIUS: Attribute type = Called Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Called station ID =000c.85db.bf45
    RADIUS: Attribute Type: Calling Station ID(31)
    RADIUS: Attribute type = Calling Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Calling station ID =000a.b7bb.026f
    RADIUS: Attribute Type: ARAP Signature(80)
    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)
    RADIUS: Signature =û,ÅG+=èmÄê-¦*+v'
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 34 (0x22)
    RADIUS: EAP code = Response
    RADIUS: EAP identifier = 4 (0x4)
    RADIUS: EAP length = 32 (0x20)
    RADIUS: EAP data = 01 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E
    65 77 63 6F 73 70 61 72 65 73 2E 63 6F 6D
    RADIUS: Attribute Type: NAS Port Type(61)
    RADIUS: Attribute type = NAS Port Type
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS port type = Virtual
    RADIUS: Attribute Type: NAS Port(5)


    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    RADIUS: Attribute type = NAS Port
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS port = 264 (0x108)
    RADIUS: Attribute Type: NAS IP Address(4)
    RADIUS: Attribute type = NAS IP Address
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS IP address = 192.168.92.2

    00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
    £..E.
    00010: 00 B9 8B D2 00 00 FE 11 FA F6 C0 A8 5C 02 C0 A8 .¹?Ò..þ.úöÀ¨
    \.ˬ
    00020: 58 17 06 6D 07 14 00 A5 BB 54 01 78 00 9D B3 12 X..m...¥»
    T.x.³.
    00030: CE C7 20 D8 04 F7 9A 28 2C 40 75 E3 D8 61 01 1D ÎÇ Ø.÷?(,
    @uãØa..
    00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

    ************************************************************************
    **************************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr
    14 17.514748 LOCAL 000103E84BA3 RADIUS Message Type: Access
    Challenge(11) IASSERVER CiscoAP IP

    + FRAME: Base frame properties
    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 35210; Total IP Length
    = 104; Options = No Options
    + UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 84
    (0x54)
    RADIUS: Message Type: Access Challenge(11)
    RADIUS: Message Type = Access Challenge
    RADIUS: Identifier = 120 (0x78)
    RADIUS: Length = 76 (0x4C)
    RADIUS: Authenticator = CC 8B 42 C1 83 4C 8C B2 32 42 74 FC F8 0F
    2C C0
    RADIUS: Attribute Type: Session Timeout(27)
    RADIUS: Attribute type = Session Timeout
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Session timeout(seconds) = 30 (0x1E)
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 8 (0x8)
    RADIUS: EAP code = Request
    RADIUS: EAP identifier = 5 (0x5)
    RADIUS: EAP length = 6 (0x6)
    RADIUS: EAP data = 0D 20
    RADIUS: Attribute Type: State(24)
    RADIUS: Attribute type = State
    RADIUS: Attribute length = 24 (0x18)
    RADIUS: State =+{
    RADIUS: Attribute Type: ARAP Signature(80)
    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)
    RADIUS: Signature =w+6˜pêWɲq*û¦+

    00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
    «g...E.
    00010: 00 68 89 8A 00 00 80 11 7B 90 C0 A8 58 17 C0 A8 .h??..?.
    {ˬX.ˬ
    00020: 5C 02 07 14 06 6D 00 54 6D AF 0B 78 00 4C CC 8B
    \....m.Tm¯.x.LÌ?
    00030: 42 C1 83 4C 8C B2 32 42 74 FC F8 0F 2C C0 1B 06 BÁ?L?
    ²2Btüø.,À..
    00040: 00 00 00 1E 4F 08 01 05 00 06 0D 20 18 18 1C DA ....O......
    ....Ú


    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    ************************************************************************
    ***********************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr
    15 17.561623 000103E84BA3 LOCAL RADIUS Message Type: Access Request
    (1) CiscoAP IASSERVER IP

    + FRAME: Base frame properties
    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 35824; Total IP Length
    = 289; Options = No Options
    + UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 269
    (0x10D)
    RADIUS: Message Type: Access Request(1)
    RADIUS: Message Type = Access Request
    RADIUS: Identifier = 121 (0x79)
    RADIUS: Length = 261 (0x105)
    RADIUS: Authenticator = 13 05 E3 7E 48 8E ED 1A 9E C8 BB 5D E0 6D
    6E 32
    RADIUS: Attribute Type: User Name(1)
    RADIUS: Attribute type = User Name
    RADIUS: Attribute length = 29 (0x1D)
    RADIUS: User name =
    RADIUS: Attribute Type: Framed MTU(12)
    RADIUS: Attribute type = Framed MTU
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Framed MTU = 1400 (0x578)
    RADIUS: Attribute Type: Called Station ID(30)
    RADIUS: Attribute type = Called Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Called station ID =000c.85db.bf45
    RADIUS: Attribute Type: Calling Station ID(31)
    RADIUS: Attribute type = Calling Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Calling station ID =000a.b7bb.026f
    RADIUS: Attribute Type: ARAP Signature(80)
    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)
    RADIUS: Signature =\<8+ñ¦ësaÜn
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 114 (0x72)
    RADIUS: EAP code = Response
    RADIUS: EAP identifier = 5 (0x5)
    RADIUS: EAP length = 112 (0x70)
    RADIUS: EAP data = 0D 80 00 00 00 66 16 03 01 00 61 01 00 00
    5D 03 01 3F 42 78 E4 95 37 0D 5A 2F E0 F4 71 BA A6 EB C5 76 01 50 DA B3
    E1...
    RADIUS: Attribute Type: NAS Port Type(61)
    RADIUS: Attribute type = NAS Port Type
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS port type = Virtual
    RADIUS: Attribute Type: NAS Port(5)
    RADIUS: Attribute type = NAS Port
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS port = 264 (0x108)
    RADIUS: Attribute Type: State(24)
    RADIUS: Attribute type = State
    RADIUS: Attribute length = 24 (0x18)
    RADIUS: State =+{
    RADIUS: Attribute Type: NAS IP Address(4)


    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    RADIUS: Attribute type = NAS IP Address
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS IP address = 192.168.92.2

    00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
    £..E.
    00010: 01 21 8B F0 00 00 FE 11 FA 70 C0 A8 5C 02 C0 A8 .!?ð..þ.úpÀ¨
    \.ˬ
    00020: 58 17 06 6D 07 14 01 0D BF F0 01 79 01 05 13 05 X..m....¿
    ð.y....
    00030: E3 7E 48 8E ED 1A 9E C8 BB 5D E0 6D 6E 32 01 1D ã~H?í.?È»]
    àmn2..
    00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

    ************************************************************************
    **************************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr
    16 17.561623 LOCAL 000103E84BA3 RADIUS Message Type: Access
    Challenge(11) IASSERVER CiscoAP IP

    + FRAME: Base frame properties
    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 35211; Total IP Length
    = 230; Options = No Options
    + UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 210
    (0xD2)
    RADIUS: Message Type: Access Challenge(11)
    RADIUS: Message Type = Access Challenge
    RADIUS: Identifier = 121 (0x79)
    RADIUS: Length = 202 (0xCA)
    RADIUS: Authenticator = C6 C0 47 5A 6D 0C 66 59 5C 9A FF 7A B1 1A
    4F 6B
    RADIUS: Attribute Type: Session Timeout(27)
    RADIUS: Attribute type = Session Timeout
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Session timeout(seconds) = 30 (0x1E)
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 134 (0x86)
    RADIUS: EAP code = Request
    RADIUS: EAP identifier = 6 (0x6)
    RADIUS: EAP length = 132 (0x84)
    RADIUS: EAP data = 0D 80 00 00 00 7A 16 03 01 00 4A 02 00 00
    46 03 01 3F 42 78 E3 FB 93 C7 13 E4 5C A3 94 31 E8 AD 55 AF BE 28 E7 C5
    CF...
    RADIUS: Attribute Type: State(24)
    RADIUS: Attribute type = State
    RADIUS: Attribute length = 24 (0x18)
    RADIUS: State =+{
    RADIUS: Attribute Type: ARAP Signature(80)
    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)
    RADIUS: Signature =+NL¦¬+ó¦¥Ç;s¦è

    00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
    «g...E.
    00010: 00 E6 89 8B 00 00 80 11 7B 11 C0 A8 58 17 C0 A8 .æ??..?.
    {.ˬX.ˬ
    00020: 5C 02 07 14 06 6D 00 D2 BC 1F 0B 79 00 CA C6 C0
    \....m.Ò¼..y.ÊÆÀ
    00030: 47 5A 6D 0C 66 59 5C 9A FF 7A B1 1A 4F 6B 1B 06 GZm.fY\?
    ÿz±.Ok..
    00040: 00 00 00 1E 4F 86 01 06 00 84 0D 80 00 00 00 7A
    .....O?...?.?...z

    ************************************************************************
    ***********************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr
    17 17.639748 000103E84BA3 LOCAL RADIUS Message Type: Access Request
    (1) CiscoAP IASSERVER IP


    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    + FRAME: Base frame properties
    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 35870; Total IP Length
    = 230; Options = No Options
    + UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 210
    (0xD2)
    RADIUS: Message Type: Access Request(1)
    RADIUS: Message Type = Access Request
    RADIUS: Identifier = 122 (0x7A)
    RADIUS: Length = 202 (0xCA)
    RADIUS: Authenticator = B8 DC 2B 48 D8 D2 FD 59 7F 95 84 11 51 FE
    70 2D
    RADIUS: Attribute Type: User Name(1)
    RADIUS: Attribute type = User Name
    RADIUS: Attribute length = 29 (0x1D)
    RADIUS: User name =
    RADIUS: Attribute Type: Framed MTU(12)
    RADIUS: Attribute type = Framed MTU
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Framed MTU = 1400 (0x578)
    RADIUS: Attribute Type: Called Station ID(30)
    RADIUS: Attribute type = Called Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Called station ID =000c.85db.bf45
    RADIUS: Attribute Type: Calling Station ID(31)
    RADIUS: Attribute type = Calling Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Calling station ID =000a.b7bb.026f
    RADIUS: Attribute Type: ARAP Signature(80)
    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)
    RADIUS: Signature =¦æßôä§táv-!Ö<£Çv
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 55 (0x37)
    RADIUS: EAP code = Response
    RADIUS: EAP identifier = 6 (0x6)
    RADIUS: EAP length = 53 (0x35)
    RADIUS: EAP data = 0D 80 00 00 00 2B 14 03 01 00 01 01 16 03
    01 00 20 C4 37 20 3E A9 6F 20 B0 2A D0 D3 46 9A B6 05 7B 74 61 44 AA C2
    7F...
    RADIUS: Attribute Type: NAS Port Type(61)
    RADIUS: Attribute type = NAS Port Type
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS port type = Virtual
    RADIUS: Attribute Type: NAS Port(5)
    RADIUS: Attribute type = NAS Port
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS port = 264 (0x108)
    RADIUS: Attribute Type: State(24)
    RADIUS: Attribute type = State
    RADIUS: Attribute length = 24 (0x18)
    RADIUS: State =+{
    RADIUS: Attribute Type: NAS IP Address(4)
    RADIUS: Attribute type = NAS IP Address
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS IP address = 192.168.92.2


    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
    £..E.
    00010: 00 E6 8C 1E 00 00 FE 11 FA 7D C0 A8 5C 02 C0 A8 .æ?...þ.ú}À¨
    \.ˬ
    00020: 58 17 06 6D 07 14 00 D2 FB 7D 01 7A 00 CA B8 DC
    X..m...Òû}.z.ʸÜ
    00030: 2B 48 D8 D2 FD 59 7F 95 84 11 51 FE 70 2D 01 1D
    +HØÒýY??.Qþp-..
    00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

    ************************************************************************
    **********************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr
    18 17.639748 LOCAL 000103E84BA3 RADIUS Message Type: Access Accept
    (2) IASSERVER CiscoAP IP

    + FRAME: Base frame properties
    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 35213; Total IP Length
    = 238; Options = No Options
    + UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 218
    (0xDA)
    RADIUS: Message Type: Access Accept(2)
    RADIUS: Message Type = Access Accept
    RADIUS: Identifier = 122 (0x7A)
    RADIUS: Length = 210 (0xD2)
    RADIUS: Authenticator = 89 C6 27 F3 9A 49 4F 5D 3C 0C 30 DC 99 37
    E5 B2
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: EAP code = Success
    RADIUS: EAP identifier = 7 (0x7)
    RADIUS: EAP length = 4 (0x4)
    RADIUS: EAP data =
    RADIUS: Attribute Type: Service Type(6)
    RADIUS: Attribute type = Service Type
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Service type = Framed
    RADIUS: Attribute Type: Session Timeout(27)
    RADIUS: Attribute type = Session Timeout
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Session timeout(seconds) = 600 (0x258)
    RADIUS: Attribute Type: Termination Action(29)
    RADIUS: Attribute type = Termination Action
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Termination action = RADIUS Request
    RADIUS: Attribute Type: Vendor Specific(26)
    RADIUS: Attribute type = Vendor Specific
    RADIUS: Attribute length = 58 (0x3A)
    RADIUS: Vendor ID = 311 (0x137)
    RADIUS: Vendor string =4ìd½eG¦T«->m:}KT¦kè)-t;<ó+2u÷+JF
    LL:˜¥|¢¦µGr¦J
    RADIUS: Attribute Type: Vendor Specific(26)
    RADIUS: Attribute type = Vendor Specific
    RADIUS: Attribute length = 58 (0x3A)
    RADIUS: Vendor ID = 311 (0x137)
    RADIUS: Vendor string =4ì8¦ú¦¦+.eZPëq¿ -
    ¬Æ`f¦T~§ g8ÅñnvÄ=ùdòj-+h¤¡;g
    RADIUS: Attribute Type: Class(25)
    RADIUS: Attribute type = Class
    RADIUS: Attribute length = 32 (0x20)
    RADIUS: Class =D¦¦
    RADIUS: Attribute Type: ARAP Signature(80)

    page 18


    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)
    RADIUS: Signature =m¦-P$à^-d+)ç.D

    00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
    «g...E.
    00010: 00 EE 89 8D 00 00 80 11 7B 07 C0 A8 58 17 C0 A8 .î?..?.
    {.ˬX.ˬ
    00020: 5C 02 07 14 06 6D 00 DA 56 39 02 7A 00 D2 89 C6
    \....m.ÚV9.z.Ò?Æ
    00030: 27 F3 9A 49 4F 5D 3C 0C 30 DC 99 37 E5 B2 4F 06 'ó?IO]<.0Ü?
    7å²O.
    00040: 03 07 00 04 06 06 00 00 00 02 1B 06 00 00 02 58
    ................X

    ************************************************************************
    ***********************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr
    19 18.655373 000103E84BA3 LOCAL RADIUS Message Type: Access Request
    (1) CiscoAP IASSERVER IP

    + FRAME: Base frame properties
    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 35925; Total IP Length
    = 185; Options = No Options
    + UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 165
    (0xA5)
    RADIUS: Message Type: Access Request(1)
    RADIUS: Message Type = Access Request
    RADIUS: Identifier = 123 (0x7B)
    RADIUS: Length = 157 (0x9D)
    RADIUS: Authenticator = 47 6A 04 C8 D5 9E 3C 72 16 21 14 AC 5E 64
    FC 6A
    RADIUS: Attribute Type: User Name(1)
    RADIUS: Attribute type = User Name
    RADIUS: Attribute length = 29 (0x1D)
    RADIUS: User name =
    RADIUS: Attribute Type: Framed MTU(12)
    RADIUS: Attribute type = Framed MTU
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Framed MTU = 1400 (0x578)
    RADIUS: Attribute Type: Called Station ID(30)
    RADIUS: Attribute type = Called Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Called station ID =000c.85db.bf45
    RADIUS: Attribute Type: Calling Station ID(31)
    RADIUS: Attribute type = Calling Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Calling station ID =000a.b7bb.026f
    RADIUS: Attribute Type: ARAP Signature(80)
    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)
    RADIUS: Signature =m-+ƦxB,R`"-ä-ea
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 34 (0x22)
    RADIUS: EAP code = Response
    RADIUS: EAP identifier = 5 (0x5)
    RADIUS: EAP length = 32 (0x20)
    RADIUS: EAP data = 01 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E
    65 77 63 6F 73 70 61 72 65 73 2E 63 6F 6D
    RADIUS: Attribute Type: NAS Port Type(61)
    RADIUS: Attribute type = NAS Port Type
    RADIUS: Attribute length = 6 (0x6)

    page 19


    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    RADIUS: NAS port type = Virtual
    RADIUS: Attribute Type: NAS Port(5)
    RADIUS: Attribute type = NAS Port
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS port = 264 (0x108)
    RADIUS: Attribute Type: NAS IP Address(4)
    RADIUS: Attribute type = NAS IP Address
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS IP address = 192.168.92.2

    00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
    £..E.
    00010: 00 B9 8C 55 00 00 FE 11 FA 73 C0 A8 5C 02 C0 A8 .¹?U..þ.úsÀ¨
    \.ˬ
    00020: 58 17 06 6D 07 14 00 A5 52 C1 01 7B 00 9D 47 6A X..m...¥RÁ.
    {.Gj
    00030: 04 C8 D5 9E 3C 72 16 21 14 AC 5E 64 FC 6A 01 1D .ÈÕ?<r.!.
    ¬^düj..
    00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

    ************************************************************************
    **************************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr
    20 18.670998 LOCAL 000103E84BA3 RADIUS Message Type: Access
    Challenge(11) IASSERVER CiscoAP IP

    + FRAME: Base frame properties
    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 35235; Total IP Length
    = 104; Options = No Options
    + UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 84
    (0x54)
    RADIUS: Message Type: Access Challenge(11)
    RADIUS: Message Type = Access Challenge
    RADIUS: Identifier = 123 (0x7B)
    RADIUS: Length = 76 (0x4C)
    RADIUS: Authenticator = 8D 00 F5 BB 80 37 44 B4 9A FC 4B A1 12 4C
    45 43
    RADIUS: Attribute Type: Session Timeout(27)
    RADIUS: Attribute type = Session Timeout
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Session timeout(seconds) = 30 (0x1E)
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 8 (0x8)
    RADIUS: EAP code = Request
    RADIUS: EAP identifier = 6 (0x6)
    RADIUS: EAP length = 6 (0x6)
    RADIUS: EAP data = 0D 20
    RADIUS: Attribute Type: State(24)
    RADIUS: Attribute type = State
    RADIUS: Attribute length = 24 (0x18)
    RADIUS: State =¦|
    RADIUS: Attribute Type: ARAP Signature(80)
    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)
    RADIUS: Signature =+xs·H%_FC~fn¿

    00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
    «g...E.
    00010: 00 68 89 A3 00 00 80 11 7B 77 C0 A8 58 17 C0 A8 .h?£..?.
    {wˬX.ˬ
    00020: 5C 02 07 14 06 6D 00 54 57 7B 0B 7B 00 4C 8D 00 \....m.TW{.
    {.L.
    00030: F5 BB 80 37 44 B4 9A FC 4B A1 12 4C 45 43 1B 06 õ»?7D´?
    üK¡.LEC..

    page 20


    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    00040: 00 00 00 1E 4F 08 01 06 00 06 0D 20 18 18 1C DB ....O......
    ....Û

    ************************************************************************
    ***********************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr
    21 18.702248 000103E84BA3 LOCAL RADIUS Message Type: Access Request
    (1) CiscoAP IASSERVER IP

    + FRAME: Base frame properties
    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 35955; Total IP Length
    = 289; Options = No Options
    + UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 269
    (0x10D)
    RADIUS: Message Type: Access Request(1)
    RADIUS: Message Type = Access Request
    RADIUS: Identifier = 124 (0x7C)
    RADIUS: Length = 261 (0x105)
    RADIUS: Authenticator = 6E BD BC 4F A6 FE 89 32 52 87 BA A6 AB 0E
    07 CC
    RADIUS: Attribute Type: User Name(1)
    RADIUS: Attribute type = User Name
    RADIUS: Attribute length = 29 (0x1D)
    RADIUS: User name =
    RADIUS: Attribute Type: Framed MTU(12)
    RADIUS: Attribute type = Framed MTU
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Framed MTU = 1400 (0x578)
    RADIUS: Attribute Type: Called Station ID(30)
    RADIUS: Attribute type = Called Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Called station ID =000c.85db.bf45
    RADIUS: Attribute Type: Calling Station ID(31)
    RADIUS: Attribute type = Calling Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Calling station ID =000a.b7bb.026f
    RADIUS: Attribute Type: ARAP Signature(80)
    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)
    RADIUS: Signature =D§û$V'¦GM¬¦C+ó
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 114 (0x72)
    RADIUS: EAP code = Response
    RADIUS: EAP identifier = 6 (0x6)
    RADIUS: EAP length = 112 (0x70)
    RADIUS: EAP data = 0D 80 00 00 00 66 16 03 01 00 61 01 00 00
    5D 03 01 3F 42 78 E5 D1 2A 3A EE 5F 67 D4 A1 89 AE 17 58 B2 5F DA 05 E9
    02...
    RADIUS: Attribute Type: NAS Port Type(61)
    RADIUS: Attribute type = NAS Port Type
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS port type = Virtual
    RADIUS: Attribute Type: NAS Port(5)
    RADIUS: Attribute type = NAS Port
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS port = 264 (0x108)
    RADIUS: Attribute Type: State(24)
    RADIUS: Attribute type = State
    RADIUS: Attribute length = 24 (0x18)

    page 21


    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    RADIUS: State =¦|
    RADIUS: Attribute Type: NAS IP Address(4)
    RADIUS: Attribute type = NAS IP Address
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS IP address = 192.168.92.2

    00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
    £..E.
    00010: 01 21 8C 73 00 00 FE 11 F9 ED C0 A8 5C 02 C0 A8 .!?s..þ.ùíÀ¨
    \.ˬ
    00020: 58 17 06 6D 07 14 01 0D A1 7D 01 7C 01 05 6E BD X..m....¡}.
    |..n½
    00030: BC 4F A6 FE 89 32 52 87 BA A6 AB 0E 07 CC 01 1D ¼O¦þ?2R?º¦
    «..Ì..
    00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

    ************************************************************************
    **************************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr
    22 18.702248 LOCAL 000103E84BA3 RADIUS Message Type: Access
    Challenge(11) IASSERVER CiscoAP IP

    + FRAME: Base frame properties
    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 35237; Total IP Length
    = 230; Options = No Options
    + UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 210
    (0xD2)
    RADIUS: Message Type: Access Challenge(11)
    RADIUS: Message Type = Access Challenge
    RADIUS: Identifier = 124 (0x7C)
    RADIUS: Length = 202 (0xCA)
    RADIUS: Authenticator = AD D5 0B A8 46 51 18 A5 1A 1C 54 5D AB 98
    82 0A
    RADIUS: Attribute Type: Session Timeout(27)
    RADIUS: Attribute type = Session Timeout
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Session timeout(seconds) = 30 (0x1E)
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 134 (0x86)
    RADIUS: EAP code = Request
    RADIUS: EAP identifier = 7 (0x7)
    RADIUS: EAP length = 132 (0x84)
    RADIUS: EAP data = 0D 80 00 00 00 7A 16 03 01 00 4A 02 00 00
    46 03 01 3F 42 78 E5 42 6D 2F 75 0A 7D C3 EC AD E5 F0 3F 2F 42 E0 0A 6F
    D4...
    RADIUS: Attribute Type: State(24)
    RADIUS: Attribute type = State
    RADIUS: Attribute length = 24 (0x18)
    RADIUS: State =¦|
    RADIUS: Attribute Type: ARAP Signature(80)
    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)
    RADIUS: Signature =¦+t!Y;Y+hIQnY

    00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
    «g...E.
    00010: 00 E6 89 A5 00 00 80 11 7A F7 C0 A8 58 17 C0 A8 .æ?
    ¥..?.z÷À¨X.À¨
    00020: 5C 02 07 14 06 6D 00 D2 EF EC 0B 7C 00 CA AD D5 \....m.Òïì.
    |.Ê­Õ
    00030: 0B A8 46 51 18 A5 1A 1C 54 5D AB 98 82 0A 1B 06 .¨FQ.¥..T]
    «??...
    00040: 00 00 00 1E 4F 86 01 07 00 84 0D 80 00 00 00 7A
    .....O?...?.?...z

    ************************************************************************
    ***********************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr

    page 22


    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    23 18.780373 000103E84BA3 LOCAL RADIUS Message Type: Access Request
    (1) CiscoAP IASSERVER IP

    + FRAME: Base frame properties
    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 36001; Total IP Length
    = 230; Options = No Options
    + UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 210
    (0xD2)
    RADIUS: Message Type: Access Request(1)
    RADIUS: Message Type = Access Request
    RADIUS: Identifier = 125 (0x7D)
    RADIUS: Length = 202 (0xCA)
    RADIUS: Authenticator = BA A4 A6 21 27 9F D4 16 D5 FC 9B C8 C3 4A
    86 07
    RADIUS: Attribute Type: User Name(1)
    RADIUS: Attribute type = User Name
    RADIUS: Attribute length = 29 (0x1D)
    RADIUS: User name =
    RADIUS: Attribute Type: Framed MTU(12)
    RADIUS: Attribute type = Framed MTU
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Framed MTU = 1400 (0x578)
    RADIUS: Attribute Type: Called Station ID(30)
    RADIUS: Attribute type = Called Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Called station ID =000c.85db.bf45
    RADIUS: Attribute Type: Calling Station ID(31)
    RADIUS: Attribute type = Calling Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Calling station ID =000a.b7bb.026f
    RADIUS: Attribute Type: ARAP Signature(80)
    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)
    RADIUS: Signature =8+6`C*¼+"n:ü<H
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 55 (0x37)
    RADIUS: EAP code = Response
    RADIUS: EAP identifier = 7 (0x7)
    RADIUS: EAP length = 53 (0x35)
    RADIUS: EAP data = 0D 80 00 00 00 2B 14 03 01 00 01 01 16 03
    01 00 20 5B F6 6F 17 25 F5 87 EA 0C 94 27 6E B9 05 5B 5A 9E 43 21 9E 63
    4A...
    RADIUS: Attribute Type: NAS Port Type(61)
    RADIUS: Attribute type = NAS Port Type
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS port type = Virtual
    RADIUS: Attribute Type: NAS Port(5)
    RADIUS: Attribute type = NAS Port
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS port = 264 (0x108)
    RADIUS: Attribute Type: State(24)
    RADIUS: Attribute type = State
    RADIUS: Attribute length = 24 (0x18)
    RADIUS: State =¦|
    RADIUS: Attribute Type: NAS IP Address(4)
    RADIUS: Attribute type = NAS IP Address
    RADIUS: Attribute length = 6 (0x6)

    page 23


    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    RADIUS: NAS IP address = 192.168.92.2

    00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
    £..E.
    00010: 00 E6 8C A1 00 00 FE 11 F9 FA C0 A8 5C 02 C0 A8 .æ?¡..þ.ùúÀ¨
    \.ˬ
    00020: 58 17 06 6D 07 14 00 D2 28 A7 01 7D 00 CA BA A4 X..m...Ò
    (§.}.ʺ¤
    00030: A6 21 27 9F D4 16 D5 FC 9B C8 C3 4A 86 07 01 1D ¦!'?Ô.Õü?
    ÈÃJ?...
    00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

    ************************************************************************
    **********************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr
    24 18.795998 LOCAL 000103E84BA3 RADIUS Message Type: Access Accept
    (2) IASSERVER CiscoAP IP

    + FRAME: Base frame properties
    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 35238; Total IP Length
    = 238; Options = No Options
    + UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 218
    (0xDA)
    RADIUS: Message Type: Access Accept(2)
    RADIUS: Message Type = Access Accept
    RADIUS: Identifier = 125 (0x7D)
    RADIUS: Length = 210 (0xD2)
    RADIUS: Authenticator = FB 6C B8 BD 97 02 1B 69 57 F6 A9 E7 B1 28
    A1 B4
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: EAP code = Success
    RADIUS: EAP identifier = 8 (0x8)
    RADIUS: EAP length = 4 (0x4)
    RADIUS: EAP data =
    RADIUS: Attribute Type: Service Type(6)
    RADIUS: Attribute type = Service Type
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Service type = Framed
    RADIUS: Attribute Type: Session Timeout(27)
    RADIUS: Attribute type = Session Timeout
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Session timeout(seconds) = 600 (0x258)
    RADIUS: Attribute Type: Termination Action(29)
    RADIUS: Attribute type = Termination Action
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Termination action = RADIUS Request
    RADIUS: Attribute Type: Vendor Specific(26)
    RADIUS: Attribute type = Vendor Specific
    RADIUS: Attribute length = 58 (0x3A)
    RADIUS: Vendor ID = 311 (0x137)
    RADIUS: Vendor string =4ìfV#·(4-àn [email protected]`ljÿÇÿê-+)
    +_=¦¬r=¶& W~¦{¦<+`T~ ¡iè
    RADIUS: Attribute Type: Vendor Specific(26)
    RADIUS: Attribute type = Vendor Specific
    RADIUS: Attribute length = 58 (0x3A)
    RADIUS: Vendor ID = 311 (0x137)
    RADIUS: Vendor string =4ìeA-*¦<D=¦+e-g[ëö;=-R-£*¦¤!¡:5}}
    stS_»+- -~(--e
    RADIUS: Attribute Type: Class(25)
    RADIUS: Attribute type = Class
    RADIUS: Attribute length = 32 (0x20)

    page 24


    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    RADIUS: Class =D¦+
    RADIUS: Attribute Type: ARAP Signature(80)
    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)
    RADIUS: Signature =cóç¦î·)+=¯Y«8

    00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
    «g...E.
    00010: 00 EE 89 A6 00 00 80 11 7A EE C0 A8 58 17 C0 A8 .î?
    ¦..?.zîÀ¨X.À¨
    00020: 5C 02 07 14 06 6D 00 DA 88 D6 02 7D 00 D2 FB 6C \....m.Ú?
    Ö.}.Òûl
    00030: B8 BD 97 02 1B 69 57 F6 A9 E7 B1 28 A1 B4 4F 06 ¸½?..iWö©ç±(¡
    ´O.
    00040: 03 08 00 04 06 06 00 00 00 02 1B 06 00 00 02 58
    ................X

    ************************************************************************
    ***********************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr
    25 20.311623 000103E84BA3 LOCAL RADIUS Message Type: Access Request
    (1) CiscoAP IASSERVER IP

    + FRAME: Base frame properties
    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 36056; Total IP Length
    = 185; Options = No Options
    + UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 165
    (0xA5)
    RADIUS: Message Type: Access Request(1)
    RADIUS: Message Type = Access Request
    RADIUS: Identifier = 126 (0x7E)
    RADIUS: Length = 157 (0x9D)
    RADIUS: Authenticator = 9A 6F E5 4C FE B8 D6 47 B7 14 05 D6 2D 3E
    53 62
    RADIUS: Attribute Type: User Name(1)
    RADIUS: Attribute type = User Name
    RADIUS: Attribute length = 29 (0x1D)
    RADIUS: User name =
    RADIUS: Attribute Type: Framed MTU(12)
    RADIUS: Attribute type = Framed MTU
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Framed MTU = 1400 (0x578)
    RADIUS: Attribute Type: Called Station ID(30)
    RADIUS: Attribute type = Called Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Called station ID =000c.85db.bf45
    RADIUS: Attribute Type: Calling Station ID(31)
    RADIUS: Attribute type = Calling Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Calling station ID =000a.b7bb.026f
    RADIUS: Attribute Type: ARAP Signature(80)
    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)
    RADIUS: Signature =p2GP&+ì=Y¦µ¦¥à
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 34 (0x22)
    RADIUS: EAP code = Response
    RADIUS: EAP identifier = 6 (0x6)
    RADIUS: EAP length = 32 (0x20)
    RADIUS: EAP data = 01 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E
    65 77 63 6F 73 70 61 72 65 73 2E 63 6F 6D
    RADIUS: Attribute Type: NAS Port Type(61)

    page 25


    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    RADIUS: Attribute type = NAS Port Type
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS port type = Virtual
    RADIUS: Attribute Type: NAS Port(5)
    RADIUS: Attribute type = NAS Port
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS port = 264 (0x108)
    RADIUS: Attribute Type: NAS IP Address(4)
    RADIUS: Attribute type = NAS IP Address
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS IP address = 192.168.92.2

    00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
    £..E.
    00010: 00 B9 8C D8 00 00 FE 11 F9 F0 C0 A8 5C 02 C0 A8 .¹?Ø..þ.ùðÀ¨
    \.ˬ
    00020: 58 17 06 6D 07 14 00 A5 2D 70 01 7E 00 9D 9A 6F X..m...¥-p.
    ~.?o
    00030: E5 4C FE B8 D6 47 B7 14 05 D6 2D 3E 53 62 01 1D åLþ¸ÖG·..Ö->
    Sb..
    00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

    ************************************************************************
    **************************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr
    26 20.327248 LOCAL 000103E84BA3 RADIUS Message Type: Access
    Challenge(11) IASSERVER CiscoAP IP

    + FRAME: Base frame properties
    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 35269; Total IP Length
    = 104; Options = No Options
    + UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 84
    (0x54)
    RADIUS: Message Type: Access Challenge(11)
    RADIUS: Message Type = Access Challenge
    RADIUS: Identifier = 126 (0x7E)
    RADIUS: Length = 76 (0x4C)
    RADIUS: Authenticator = 48 CA E1 F4 94 6F 15 72 24 DA 0A CC 63 DD
    5D 56
    RADIUS: Attribute Type: Session Timeout(27)
    RADIUS: Attribute type = Session Timeout
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Session timeout(seconds) = 30 (0x1E)
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 8 (0x8)
    RADIUS: EAP code = Request
    RADIUS: EAP identifier = 7 (0x7)
    RADIUS: EAP length = 6 (0x6)
    RADIUS: EAP data = 0D 20
    RADIUS: Attribute Type: State(24)
    RADIUS: Attribute type = State
    RADIUS: Attribute length = 24 (0x18)
    RADIUS: State =_}
    RADIUS: Attribute Type: ARAP Signature(80)
    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)
    RADIUS: Signature =ÇçÆÖ¦˜+-å_¬Ñÿi

    00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
    «g...E.
    00010: 00 68 89 C5 00 00 80 11 7B 55 C0 A8 58 17 C0 A8 .h?Å..?.
    {UˬX.ˬ

    page 26


    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    00020: 5C 02 07 14 06 6D 00 54 C9 7B 0B 7E 00 4C 48 CA \....m.TÉ{.
    ~.LHÊ
    00030: E1 F4 94 6F 15 72 24 DA 0A CC 63 DD 5D 56 1B 06 áô?o.r$Ú.ÌcÝ]
    V..
    00040: 00 00 00 1E 4F 08 01 07 00 06 0D 20 18 18 1C DC ....O......
    ....Ü

    ************************************************************************
    ***********************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr
    27 21.545998 000103E84BA3 LOCAL RADIUS Message Type: Access Request
    (1) CiscoAP IASSERVER IP

    + FRAME: Base frame properties
    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 36086; Total IP Length
    = 289; Options = No Options
    + UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 269
    (0x10D)
    RADIUS: Message Type: Access Request(1)
    RADIUS: Message Type = Access Request
    RADIUS: Identifier = 127 (0x7F)
    RADIUS: Length = 261 (0x105)
    RADIUS: Authenticator = CB 60 D8 3B FD 15 8A CE 5B 93 35 F5 F2 A8
    77 1C
    RADIUS: Attribute Type: User Name(1)
    RADIUS: Attribute type = User Name
    RADIUS: Attribute length = 29 (0x1D)
    RADIUS: User name =
    RADIUS: Attribute Type: Framed MTU(12)
    RADIUS: Attribute type = Framed MTU
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Framed MTU = 1400 (0x578)
    RADIUS: Attribute Type: Called Station ID(30)
    RADIUS: Attribute type = Called Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Called station ID =000c.85db.bf45
    RADIUS: Attribute Type: Calling Station ID(31)
    RADIUS: Attribute type = Calling Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Calling station ID =000a.b7bb.026f
    RADIUS: Attribute Type: ARAP Signature(80)
    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)
    RADIUS: Signature =é/-`%~e¦8|¦É((-
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 114 (0x72)
    RADIUS: EAP code = Response
    RADIUS: EAP identifier = 7 (0x7)
    RADIUS: EAP length = 112 (0x70)
    RADIUS: EAP data = 0D 80 00 00 00 66 16 03 01 00 61 01 00 00
    5D 03 01 3F 42 78 E7 71 31 B0 2F 01 0C A5 E5 23 FF 75 21 E7 E7 7D 66 8F
    32...
    RADIUS: Attribute Type: NAS Port Type(61)
    RADIUS: Attribute type = NAS Port Type
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS port type = Virtual
    RADIUS: Attribute Type: NAS Port(5)
    RADIUS: Attribute type = NAS Port
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS port = 264 (0x108)
    RADIUS: Attribute Type: State(24)

    page 27


    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    RADIUS: Attribute type = State
    RADIUS: Attribute length = 24 (0x18)
    RADIUS: State =_}
    RADIUS: Attribute Type: NAS IP Address(4)
    RADIUS: Attribute type = NAS IP Address
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS IP address = 192.168.92.2

    00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
    £..E.
    00010: 01 21 8C F6 00 00 FE 11 F9 6A C0 A8 5C 02 C0 A8 .!?ö..þ.ùjÀ¨
    \.ˬ
    00020: 58 17 06 6D 07 14 01 0D 80 C3 01 7F 01 05 CB 60 X..m....?
    Ã...Ë`
    00030: D8 3B FD 15 8A CE 5B 93 35 F5 F2 A8 77 1C 01 1D Ø;ý.?Î[?
    5õò¨w...
    00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

    ************************************************************************
    **************************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr
    28 21.545998 LOCAL 000103E84BA3 RADIUS Message Type: Access
    Challenge(11) IASSERVER CiscoAP IP

    + FRAME: Base frame properties
    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 35288; Total IP Length
    = 230; Options = No Options
    + UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 210
    (0xD2)
    RADIUS: Message Type: Access Challenge(11)
    RADIUS: Message Type = Access Challenge
    RADIUS: Identifier = 127 (0x7F)
    RADIUS: Length = 202 (0xCA)
    RADIUS: Authenticator = 98 71 CB 94 5C D1 88 C0 BA A8 11 15 DE 1C
    B4 2F
    RADIUS: Attribute Type: Session Timeout(27)
    RADIUS: Attribute type = Session Timeout
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Session timeout(seconds) = 30 (0x1E)
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 134 (0x86)
    RADIUS: EAP code = Request
    RADIUS: EAP identifier = 8 (0x8)
    RADIUS: EAP length = 132 (0x84)
    RADIUS: EAP data = 0D 80 00 00 00 7A 16 03 01 00 4A 02 00 00
    46 03 01 3F 42 78 E7 D2 93 73 A7 1A 78 09 B9 5E BC 3C 4E 49 B3 9C 06 35
    6C...
    RADIUS: Attribute Type: State(24)
    RADIUS: Attribute type = State
    RADIUS: Attribute length = 24 (0x18)
    RADIUS: State =_}
    RADIUS: Attribute Type: ARAP Signature(80)
    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)
    RADIUS: Signature =¦^M.úKÑ-¢á
    RADIUS: ¯v


    00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
    «g...E.
    00010: 00 E6 89 D8 00 00 80 11 7A C4 C0 A8 58 17 C0 A8 .æ?
    Ø..?.zÄÀ¨X.À¨
    00020: 5C 02 07 14 06 6D 00 D2 45 D7 0B 7F 00 CA 98 71
    \....m.ÒE×..Ê?q
    00030: CB 94 5C D1 88 C0 BA A8 11 15 DE 1C B4 2F 1B 06 Ë?\Ñ?Àº¨..Þ.
    ´/..
    00040: 00 00 00 1E 4F 86 01 08 00 84 0D 80 00 00 00 7A
    .....O?...?.?...z

    page 28


    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt


    ************************************************************************
    ***********************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr
    29 23.139748 000103E84BA3 LOCAL RADIUS Message Type: Access Request
    (1) CiscoAP IASSERVER IP

    + FRAME: Base frame properties
    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 36132; Total IP Length
    = 230; Options = No Options
    + UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 210
    (0xD2)
    RADIUS: Message Type: Access Request(1)
    RADIUS: Message Type = Access Request
    RADIUS: Identifier = 128 (0x80)
    RADIUS: Length = 202 (0xCA)
    RADIUS: Authenticator = 56 49 BB A0 DB 6A D6 F5 08 4D 47 C2 BC 57
    33 28
    RADIUS: Attribute Type: User Name(1)
    RADIUS: Attribute type = User Name
    RADIUS: Attribute length = 29 (0x1D)
    RADIUS: User name =
    RADIUS: Attribute Type: Framed MTU(12)
    RADIUS: Attribute type = Framed MTU
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Framed MTU = 1400 (0x578)
    RADIUS: Attribute Type: Called Station ID(30)
    RADIUS: Attribute type = Called Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Called station ID =000c.85db.bf45
    RADIUS: Attribute Type: Calling Station ID(31)
    RADIUS: Attribute type = Calling Station ID
    RADIUS: Attribute length = 16 (0x10)
    RADIUS: Calling station ID =000a.b7bb.026f
    RADIUS: Attribute Type: ARAP Signature(80)
    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)
    RADIUS: Signature =+»Ff42¦+Y 2j
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 55 (0x37)
    RADIUS: EAP code = Response
    RADIUS: EAP identifier = 8 (0x8)
    RADIUS: EAP length = 53 (0x35)
    RADIUS: EAP data = 0D 80 00 00 00 2B 14 03 01 00 01 01 16 03
    01 00 20 EF 8D 18 77 D9 FE 12 42 13 9B 95 9D 02 AB 87 D1 2E 5A 8F 04 EB
    4B...
    RADIUS: Attribute Type: NAS Port Type(61)
    RADIUS: Attribute type = NAS Port Type
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS port type = Virtual
    RADIUS: Attribute Type: NAS Port(5)
    RADIUS: Attribute type = NAS Port
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS port = 264 (0x108)
    RADIUS: Attribute Type: State(24)
    RADIUS: Attribute type = State
    RADIUS: Attribute length = 24 (0x18)
    RADIUS: State =_}

    page 29


    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    RADIUS: Attribute Type: NAS IP Address(4)
    RADIUS: Attribute type = NAS IP Address
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: NAS IP address = 192.168.92.2

    00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
    £..E.
    00010: 00 E6 8D 24 00 00 FE 11 F9 77 C0 A8 5C 02 C0 A8 .æ$..þ.ùwÀ¨
    \.ˬ
    00020: 58 17 06 6D 07 14 00 D2 45 53 01 80 00 CA 56 49
    X..m...ÒES.?.ÊVI
    00030: BB A0 DB 6A D6 F5 08 4D 47 C2 BC 57 33 28 01 1D » ÛjÖõ.MG¼W3
    (..
    00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

    ************************************************************************
    **********************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr
    30 23.155373 LOCAL 000103E84BA3 RADIUS Message Type: Access Accept
    (2) IASSERVER CiscoAP IP

    + FRAME: Base frame properties
    + ETHERNET: EType = Internet IP (IPv4)
    + IP: Protocol = UDP - User Datagram; Packet ID = 35315; Total IP Length
    = 238; Options = No Options
    + UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 218
    (0xDA)
    RADIUS: Message Type: Access Accept(2)
    RADIUS: Message Type = Access Accept
    RADIUS: Identifier = 128 (0x80)
    RADIUS: Length = 210 (0xD2)
    RADIUS: Authenticator = 28 E1 2A E5 B8 22 F1 B1 C5 42 C6 AF A8 A0
    C2 36
    RADIUS: Attribute Type: ARAP EAP Message(79)
    RADIUS: Attribute type = ARAP EAP Message
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: EAP code = Success
    RADIUS: EAP identifier = 9 (0x9)
    RADIUS: EAP length = 4 (0x4)
    RADIUS: EAP data =
    RADIUS: Attribute Type: Service Type(6)
    RADIUS: Attribute type = Service Type
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Service type = Framed
    RADIUS: Attribute Type: Session Timeout(27)
    RADIUS: Attribute type = Session Timeout
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Session timeout(seconds) = 600 (0x258)
    RADIUS: Attribute Type: Termination Action(29)
    RADIUS: Attribute type = Termination Action
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Termination action = RADIUS Request
    RADIUS: Attribute Type: Vendor Specific(26)
    RADIUS: Attribute type = Vendor Specific
    RADIUS: Attribute length = 58 (0x3A)
    RADIUS: Vendor ID = 311 (0x137)
    RADIUS: Vendor string =4ìnµ_ᘧR+4˜-x+&¦f0§F.
    +á+ÅDÅ+ íúüaP>+
    ·âA+W+ä_
    RADIUS: Attribute Type: Vendor Specific(26)
    RADIUS: Attribute type = Vendor Specific
    RADIUS: Attribute length = 58 (0x3A)
    RADIUS: Vendor ID = 311 (0x137)
    RADIUS: Vendor string =4ì=[R¯[BY£o¶±_¬¦8
    }ï¦öJ½+
    í+)8*

    Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

    RADIUS: [email protected]héEêG-¥
    RADIUS: Attribute Type: Class(25)
    RADIUS: Attribute type = Class
    RADIUS: Attribute length = 32 (0x20)
    RADIUS: Class =D++
    RADIUS: Attribute Type: ARAP Signature(80)
    RADIUS: Attribute type = ARAP Signature
    RADIUS: Attribute length = 18 (0x12)
    RADIUS: Signature =± ¦mN\++ sz¦àj0

    00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
    «g...E.
    00010: 00 EE 89 F3 00 00 80 11 7A A1 C0 A8 58 17 C0 A8 .î?ó..?.z¡
    ˬX.ˬ
    00020: 5C 02 07 14 06 6D 00 DA 16 EE 02 80 00 D2 28 E1 \....m.Ú.î.?.Ò

    00030: 2A E5 B8 22 F1 B1 C5 42 C6 AF A8 A0 C2 36 4F 06
    *å¸"ñ±ÅBƯ¨ Â6O.
    00040: 03 09 00 04 06 06 00 00 00 02 1B 06 00 00 02 58
    ................X

    ************************************************************************
    ****************
    Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
    Other Addr Dst Other Addr Type Other Addr
    31 0.000000 XEROX 000000 XEROX 000000 STATS Number of Frames
    Captured = 30

    + FRAME: Base frame properties
    + ETHERNET: 802.3, DataLength = 130
    + LLC: Unnumbered (U) Frame, Command Frame, DSAP = Sub-Network Access
    Protocol (SNAP), SSAP = Sub-Network Access Protocol (SNAP)
    + SNAP: Etype = 0x1984; Organization Code = 0x000000
    + TRAIL: FRAME TYPE = Capture Statistics
    + STATS: Number of Frames Captured = 30

    00000: 00 00 00 00 00 00 00 00 00 00 00 00 00 82 AA AA .............?
    ªª
    00010: 03 00 00 00 19 84 24 4D 53 54 00 00 00 00 67 00 .....?
    $MST....g.
    00020: 00 00 5C 00 20 00 00 00 6B 6B C2 01 00 00 00 00 ..\.
    ....kkÂ.....
    00030: 1E 00 00 00 90 1A 00 00 1E 00 00 00 90 1A 00 00
    ...............
    00040: 00 00 00 00 00 00 00 00 83 02 00 00 EB 59 01 00
    .........?...ëY..
     
    Vo, Aug 19, 2003
    #13
  14. Vo

    Vo Guest

    One other thing, if I set the IAS Profile to have no timeout (unlimited),
    my client is still reauthenticating as fast as it can. It's almost as if
    the AP is saying "I didn't get a value from the RADIUS server, so it's
    zero".
     
    Vo, Aug 19, 2003
    #14
  15. the radius server is sending the right value from
    the sniff:
    RADIUS: Attribute Type: Session Timeout(27)
    RADIUS: Attribute type = Session Timeout
    RADIUS: Attribute length = 6 (0x6)
    RADIUS: Session timeout(seconds) = 600 (0x258)

    the value sent is 600 seconds which corresponds to 10 mn as you configured

    so this is for sure the AP who is not honoring the session timeout and
    setting it ( not to 0, if it was 0 you will not reauth, but setting it to
    something like 6 seconds)
    the AP is misbehaving: either you need to update the BIOS or this is a bug
     
    Wajihy [MSFT], Aug 19, 2003
    #15
  16. Vo

    Vo Guest

    Hmm...I'm not convinced totally. I'm going to try some more things and
    report back here. I'm not the first person to try this combination as
    well. I'll work with Cisco directly and post back to hopefully save
    someone some headaches in the future. Thanks for your help thus far.
     
    Vo, Aug 19, 2003
    #16
  17. Vo

    Vo Guest

    I'll keep posting. I tried downgrading the AP to IOS 12.2(8)JA, and didn't
    see it improve. In fact, the client seemed to be re-authenticating even
    faster than before! :)
     
    Vo, Aug 20, 2003
    #17
  18. Vo

    Vo Guest

    I found it!

    I've made so many rudimentary errors in doing this that I'm almost
    embarrased to admit it in public.

    During all my attempts to get the EAP stuff working in the first place,
    I tried way too many things and should have started over from scratch
    before I pursued this problem.

    The reason my client was reauthenticating every second is because I,
    stupid as can be, told it to. On the Cisco AP under Security>Advanced
    Security>EAP Authentication, I had set the 802.11b radio to ignore the
    reauthentication interval sent by the RADIUS server, and I had set the
    interval to 1. At one point, I thought this had something to do with
    reaching the RADIUS server and wanted to lower what I, at the time,
    thought was a timeout value. Ignorance is not blissful in this case.
    As my boss says, ignorance is curable, stupid is for life. I'd have to
    say it appeared this was nearly for life.

    I am having another issue using a computer certificate to get access,
    but I'm going to experiment before I cry for help on that one. Suffice
    it to say I'm thrilled to be past this.

    Vo
     
    Vo, Aug 27, 2003
    #18
  19. great to here this
    let me know if you need help with the cert issue

    by the way there a tech chat about IAS PEAP, and wireless you might be
    interested information below



    --

    This posting is provided "AS IS", with NO warranties and confers NO rights

    Upcoming Event: Tech Chat about "Secure Wireless authentication using IAS,
    PEAP and EAP"
    on September 25th at 10AM PT
    http://communities2.microsoft.com/home/chatroom.aspx?siteid=34000081
     
    Wajihy [MSFT], Aug 27, 2003
    #19
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.