Cisco 1210/IAS Win2k3/EAP-TLS problem

I'm thinking this is something on my Cisco configuration so forgive for
the cross posting, but I'm using stuff that others have done before so I
thought I'd take the chance.

I've got an Aironet 1200 series AP, running 12.2(11)JA1. I've used the
EAP-TLS Deployment Guide for Wireless LAN Networks at Cisco's site
(http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_white_pa
per09186a008009256b.shtml) and the Microsoft "Securing Wireless Lans"
white paper collection as guidelines. The Cisco documentation assumes
ACS and an older AP without IOS, so the guidelines are pretty far off.

My PKI is working, my clients are working, but I'm missing something
with the Cisco config (an example of a working one would be a blessing).
I am using VLANs, one of which is standard WEP and a second which will
be using EAP-TLS. I used the http gui to get it off the ground, then
switched to manual configuration.

RADIUS seems to be operating fine. My problem is getting access.
here's the errors from the IAS Event log when I try to authent:

Fully-Qualified-User-Name = TRIALBYFIRE\vo243
NAS-IP-Address = 192.168.92.2
NAS-Identifier = ap-cisco
Called-Station-Identifier = 000c.85db.bf45
Calling-Station-Identifier = 000a.b7bb.026f
Client-Friendly-Name = CiscoAP1
Client-IP-Address = 192.168.92.2
NAS-Port-Type = Virtual
NAS-Port = 346
Proxy-Policy-Name = Use Windows authentication for all users
Authentication-Provider = Windows
Authentication-Server = <undetermined>
Policy-Name = <undetermined>
Authentication-Type = EAP
EAP-Type = <undetermined>
Reason-Code = 48
Reason = The connection attempt did not match any remote access policy.

My remote access policy (there is only 1) is configured as follows:

NAS-PORT-Type Matches "Wireless - IEEE 802.11 or Wireless-Other",
Windows Group matches "TRIALBYFIRE\Remote Access Policy- Wireless" (my
machine and username are both members of this group).
Profile uses EAP Methods - Smart Card or Certificate and I'm using my
RADIUS servers' certificate--no problems there.Advanced Attributes are
Ignore-User-Dialin-Properties = True, Service-Type = Framed, and
Termination-Action - RADIUS-Request.

Logic would tell me that I should be seeing a different type of NAS-
PORT-TYPE coming in, and that's why my single remote access policy is
not coming up as a match. What am I missing here?

thanks in advance!

Vo

 

which OS is running on your radius machine?

also from the event the NAS-PORT-TYPE received in the request is : virtual
and not wireless this is why the policy was not matched.
so if you add the virtual NAS PORT Type to your policy it will work fine

 

I added Virtual to NAS Port Type on the policy and it made no difference.
I'm running IAS on Windows Server 2003 Enterprise.

I'm a bit bewildered why--I had tried that..I'm curious how to make it use
the correct port type.

 

can you post the new event you get
also double check that the user you are using is actually a memeber of the
windows group

 

SunuvaGun! It was the membership issue AFTER the Port-type issue. I was a
member at some point of the group but that seemed to get dropped. Adding
my username back into that group of course gave me a match in the Remote
Access Policy.

Should I see my client reauthenticating every 5 seconds? That IAS log is
going to fill up fast....

 

i think in the remote access policy you have set up a timeout value of 5 s
yopu can either increase that or disable it as you wish

 

Nope. I have Dial-In constraints set as follows:

Minutes server can remain idle before it is disconnected (Idle-Time) -
unchecked-no setting

Minutes client can be connected (Session-Timeout): 10

Never anything measured in minutes.

While testing this it got to the point where the client was
authenticating every 1-2 seconds, without me affecting these values.
The Cisco AP is saying:

Interface Dot11Radio0, Deauthenticating Station 000a.b7bb.026f
Reason: Previous authentication no longer valid

Which means it is probably being told authent incorrectly by the
RADIUS/IAS server?

 

do you have DHCP in your network?
the problem might be that the clients after they authenticate they don't get
an IP address so they disconnect

check your DHCP configuration

 

DHCP = yes. The clients are indeed getting an address. Between the "every
second" reauthentication, they are able to access the network, and through
the magic of TCP retransmission (I assume), they can access resources. But
it's constantly reauthenticating.

 

Yes, the version is 12.2(11)JA1.

I can see the following from the RADIUS debug on the access point, so are
we are sending the attribute correctly?

Is this adequate to prove/disprove? I can get a sniff on the server too of
the RADIUS conversation if necessary:

Here's my Cisco AP Logs (pretty long, but perhaps you'll see a pattern that
is tell-tale):

Aug 18 17:14:01 192.168.92.2 141602: 1w6d: RADIUS: AAA Unsupported
[136] 3
Aug 18 17:14:01 192.168.92.2 141603: 1w6d: RADIUS: 35
[5]
Aug 18 17:14:01 192.168.92.2 141604: 1w6d: RADIUS(000008A3): Storing
nasport 506 in rad_db
Aug 18 17:14:01 192.168.92.2 141605: 1w6d: RADIUS/ENCODE(000008A3):
dropping service type, "radius-server attribute 6 on-for-login-auth" is off
Aug 18 17:14:01 192.168.92.2 141606: 1w6d: RADIUS/ENCODE(000008A3):
acct_session_id: 2211
Aug 18 17:14:01 192.168.92.2 141607: 1w6d: RADIUS(000008A3): sending
Aug 18 17:14:01 192.168.92.2 141608: 1w6d: RADIUS: Send to unknown id 85
192.168.88.23:1812, Access-Request, len 157
Aug 18 17:14:01 192.168.92.2 141609: 1w6d: RADIUS: authenticator 18 8E 45
49 CB 1B E8 B2 - A3 57 0E CE 46 92 77 EB
Aug 18 17:14:01 192.168.92.2 141610: 1w6d: RADIUS: User-Name [1]
29 ""
Aug 18 17:14:01 192.168.92.2 141611: 1w6d: RADIUS: Framed-MTU
[12] 6 1400
Aug 18 17:14:01 192.168.92.2 141612: 1w6d: RADIUS: Called-Station-Id
[30] 16 "000c.85db.bf45"
Aug 18 17:14:01 192.168.92.2 141613: 1w6d: RADIUS: Calling-Station-Id
[31] 16 "000a.b7bb.026f"
Aug 18 17:14:01 192.168.92.2 141614: 1w6d: RADIUS: Message-Authenticato
[80] 18 *
Aug 18 17:14:01 192.168.92.2 141615: 1w6d: RADIUS: EAP-Message
[79] 34
Aug 18 17:14:01 192.168.92.2 141616: 1w6d: RADIUS: 02 02 00 20 01 73 74
65 76 65 2E 66 72 61 6E 6B [??? ?steve.frank]
Aug 18 17:14:01 192.168.92.2 141617: 1w6d: RADIUS: 40 6E 65 77 63 6F 73
70 61 72 65 73 2E 63 6F 6D [@trialbyfire.int]
Aug 18 17:14:01 192.168.92.2 141618: 1w6d: RADIUS: NAS-Port-Type
[61] 6 Virtual [5]
Aug 18 17:14:01 192.168.92.2 141619: 1w6d: RADIUS: NAS-Port [5]
6 506
Aug 18 17:14:01 192.168.92.2 141620: 1w6d: RADIUS: NAS-IP-Address [4]
6 192.168.92.2
Aug 18 17:14:01 192.168.92.2 141621: 1w6d: RADIUS: Received from id 85
192.168.88.23:1812, Access-Challenge, len 76
Aug 18 17:14:01 192.168.92.2 141622: 1w6d: RADIUS: authenticator DC 16 89
B7 13 88 09 93 - 8D 56 8A B2 D9 A0 78 F3
Aug 18 17:14:01 192.168.92.2 141623: 1w6d: RADIUS: Session-Timeout
[27] 6 30
Aug 18 17:14:01 192.168.92.2 141624: 1w6d: RADIUS: EAP-Message
[79] 8
Aug 18 17:14:01 192.168.92.2 141625: 1w6d: RADIUS: 01 03 00 06 0D 20
[????? ]
Aug 18 17:14:01 192.168.92.2 141626: 1w6d: RADIUS: State
[24] 24
Aug 18 17:14:01 192.168.92.2 141627: 1w6d: RADIUS: 1C D1 04 72 00 00 01
37 00 01 C0 A8 58 17 00 00 [???r???7????X???]
Aug 18 17:14:01 192.168.92.2 141628: 1w6d: RADIUS: 00 02 11 D5 AC CD
[??????]
Aug 18 17:14:01 192.168.92.2 141629: 1w6d: RADIUS: Message-Authenticato
[80] 18 *
Aug 18 17:14:01 192.168.92.2 141630: 1w6d: RADIUS: Received from id 8A3
Aug 18 17:14:01 192.168.92.2 141631: 1w6d: RADIUS/DECODE: EAP-Message
fragments, 6, total 6 bytes
Aug 18 17:14:01 192.168.92.2 141632: 1w6d: RADIUS: AAA Unsupported
[136] 3
Aug 18 17:14:01 192.168.92.2 141633: 1w6d: RADIUS: 35
[5]
Aug 18 17:14:01 192.168.92.2 141634: 1w6d: RADIUS(000008A3): Using existing
nas_port 506
Aug 18 17:14:01 192.168.92.2 141635: 1w6d: RADIUS/ENCODE(000008A3):
dropping service type, "radius-server attribute 6 on-for-login-auth" is off
Aug 18 17:14:01 192.168.92.2 141636: 1w6d: RADIUS/ENCODE(000008A3):
acct_session_id: 2211
Aug 18 17:14:01 192.168.92.2 141637: 1w6d: RADIUS(000008A3): sending
Aug 18 17:14:01 192.168.92.2 141638: 1w6d: RADIUS: Send to unknown id 86
192.168.88.23:1812, Access-Request, len 261
Aug 18 17:14:01 192.168.92.2 141639: 1w6d: RADIUS: authenticator 89 BA 92
28 97 3E 2D 0C - 2A F3 6D 55 2A B3 3C 1D
Aug 18 17:14:01 192.168.92.2 141640: 1w6d: RADIUS: User-Name [1]
29 ""
Aug 18 17:14:01 192.168.92.2 141641: 1w6d: RADIUS: Framed-MTU
[12] 6 1400
Aug 18 17:14:01 192.168.92.2 141642: 1w6d: RADIUS: Called-Station-Id
[30] 16 "000c.85db.bf45"
Aug 18 17:14:01 192.168.92.2 141643: 1w6d: RADIUS: Calling-Station-Id
[31] 16 "000a.b7bb.026f"
Aug 18 17:14:01 192.168.92.2 141644: 1w6d: RADIUS: Message-Authenticato
[80] 18 *
Aug 18 17:14:01 192.168.92.2 141645: 1w6d: RADIUS: EAP-Message
[79] 114
Aug 18 17:14:01 192.168.92.2 141646: 1w6d: RADIUS: 02 03 00 70 0D 80 00
00 00 66 16 03 01 00 61 01 [???p?????f????a?]
Aug 18 17:14:01 192.168.92.2 141647: 1w6d: RADIUS: 00 00 5D 03 01 3F 41
4F A9 25 29 CB EF FE 42 EE [??]???AO??)???B?]
Aug 18 17:14:01 192.168.92.2 141648: 1w6d: RADIUS: 90 7B 06 BD FF AB E7
FD 4E 93 B4 5F 4B AA B4 66 [?{??????N??_K??f]
Aug 18 17:14:01 192.168.92.2 141649: 1w6d: RADIUS: CB DD 2F 4B 68 20 E9
0E 00 00 1B 1A 53 93 33 A2 [??/Kh ??????S?3?]
Aug 18 17:14:01 192.168.92.2 141650: 1w6d: RADIUS: E2 02 C8 91 60 5F 1F
A3 BF 97 BF 04 73 E3 15 B0 [????`_??????s???]
Aug 18 17:14:01 192.168.92.2 141651: 1w6d: RADIUS: 7F DD 7C EC 2E B1 00
16 00 04 00 05 00 0A 00 09 [??|?.???????????]
Aug 18 17:14:01 192.168.92.2 141652: 1w6d: RADIUS: 00 64 00 62 00 03 00
06 00 13 00 12 00 63 01 00 [?d?b?????????c??]
Aug 18 17:14:01 192.168.92.2 141653: 1w6d: RADIUS: NAS-Port-Type
[61] 6 Virtual [5]
Aug 18 17:14:01 192.168.92.2 141654: 1w6d: RADIUS: NAS-Port [5]
6 506
Aug 18 17:14:01 192.168.92.2 141655: 1w6d: RADIUS: State
[24] 24
Aug 18 17:14:01 192.168.92.2 141656: 1w6d: RADIUS: 1C D1 04 72 00 00 01
37 00 01 C0 A8 58 17 00 00 [???r???7????X???]
Aug 18 17:14:01 192.168.92.2 141657: 1w6d: RADIUS: 00 02 11 D5 AC CD
[??????]
Aug 18 17:14:01 192.168.92.2 141658: 1w6d: RADIUS: NAS-IP-Address [4]
6 192.168.92.2
Aug 18 17:14:01 192.168.92.2 141659: 1w6d: RADIUS: Received from id 86
192.168.88.23:1812, Access-Challenge, len 202
Aug 18 17:14:01 192.168.92.2 141660: 1w6d: RADIUS: authenticator 0B 93 D5
6F 67 44 2B B3 - 51 1D FE AC D4 04 61 88
Aug 18 17:14:01 192.168.92.2 141661: 1w6d: RADIUS: Session-Timeout
[27] 6 30
Aug 18 17:14:01 192.168.92.2 141662: 1w6d: RADIUS: EAP-Message
[79] 134
Aug 18 17:14:01 192.168.92.2 141663: 1w6d: RADIUS: 01 04 00 84 0D 80 00
00 00 7A 16 03 01 00 4A 02 [?????????z????J?]
Aug 18 17:14:01 192.168.92.2 141664: 1w6d: RADIUS: 00 00 46 03 01 3F 41
4F A9 07 28 44 C8 93 F3 1F [??F???AO??(D????]
Aug 18 17:14:01 192.168.92.2 141665: 1w6d: RADIUS: 62 10 25 04 FA FB CC
23 2B E3 BB 04 EC AC FE 15 [b??????#+???????]
Aug 18 17:14:01 192.168.92.2 141666: 1w6d: RADIUS: F8 06 D7 92 CA 20 E9
0E 00 00 1B 1A 53 93 33 A2 [????? ??????S?3?]
Aug 18 17:14:01 192.168.92.2 141667: 1w6d: RADIUS: E2 02 C8 91 60 5F 1F
A3 BF 97 BF 04 73 E3 15 B0 [????`_??????s???]
Aug 18 17:14:01 192.168.92.2 141668: 1w6d: RADIUS: 7F DD 7C EC 2E B1 00
04 00 14 03 01 00 01 01 16 [??|?.???????????]
Aug 18 17:14:01 192.168.92.2 141669: 1w6d: RADIUS: 03 01 00 20 82 93 9A
0F 89 50 A5 50 DD EE 6B 49 [??? ?????P?P??kI]
Aug 18 17:14:01 192.168.92.2 141670: 1w6d: RADIUS: EC B3 0D 6A A4 D6 67
1F 8B 5A 35 8E 70 13 89 54 [???j??g??Z5?p??T]
Aug 18 17:14:01 192.168.92.2 141671: 1w6d: RADIUS: CE 2B B4 47
[?+?G]
Aug 18 17:14:01 192.168.92.2 141672: 1w6d: RADIUS: State
[24] 24
Aug 18 17:14:01 192.168.92.2 141673: 1w6d: RADIUS: 1C D1 04 72 00 00 01
37 00 01 C0 A8 58 17 00 00 [???r???7????X???]
Aug 18 17:14:01 192.168.92.2 141674: 1w6d: RADIUS: 00 02 11 D5 AC CD
[??????]
Aug 18 17:14:01 192.168.92.2 141675: 1w6d: RADIUS: Message-Authenticato
[80] 18 *
Aug 18 17:14:01 192.168.92.2 141676: 1w6d: RADIUS: Received from id 8A3
Aug 18 17:14:01 192.168.92.2 141677: 1w6d: RADIUS/DECODE: EAP-Message
fragments, 132, total 132 bytes
Aug 18 17:14:01 192.168.92.2 141678: 1w6d: RADIUS: AAA Unsupported
[136] 3
Aug 18 17:14:01 192.168.92.2 141679: 1w6d: RADIUS: 35
[5]
Aug 18 17:14:01 192.168.92.2 141680: 1w6d: RADIUS(000008A3): Using existing
nas_port 506
Aug 18 17:14:01 192.168.92.2 141681: 1w6d: RADIUS/ENCODE(000008A3):
dropping service type, "radius-server attribute 6 on-for-login-auth" is off
Aug 18 17:14:01 192.168.92.2 141682: 1w6d: RADIUS/ENCODE(000008A3):
acct_session_id: 2211
Aug 18 17:14:01 192.168.92.2 141683: 1w6d: RADIUS(000008A3): sending
Aug 18 17:14:01 192.168.92.2 141684: 1w6d: RADIUS: Send to unknown id 87
192.168.88.23:1812, Access-Request, len 202
Aug 18 17:14:01 192.168.92.2 141685: 1w6d: RADIUS: authenticator F1 82 05
11 8F A4 82 46 - 5A 9D 7C B4 27 55 D7 E4
Aug 18 17:14:01 192.168.92.2 141686: 1w6d: RADIUS: User-Name [1]
29 ""
Aug 18 17:14:01 192.168.92.2 141687: 1w6d: RADIUS: Framed-MTU
[12] 6 1400
Aug 18 17:14:01 192.168.92.2 141688: 1w6d: RADIUS: Called-Station-Id
[30] 16 "000c.85db.bf45"
Aug 18 17:14:01 192.168.92.2 141689: 1w6d: RADIUS: Calling-Station-Id
[31] 16 "000a.b7bb.026f"
Aug 18 17:14:01 192.168.92.2 141690: 1w6d: RADIUS: Message-Authenticato
[80] 18 *
Aug 18 17:14:01 192.168.92.2 141691: 1w6d: RADIUS: EAP-Message
[79] 55
Aug 18 17:14:01 192.168.92.2 141692: 1w6d: RADIUS: 02 04 00 35 0D 80 00
00 00 2B 14 03 01 00 01 01 [???5?????+??????]
Aug 18 17:14:01 192.168.92.2 141693: 1w6d: RADIUS: 16 03 01 00 20 30 61
27 AF 23 22 E6 33 38 45 A9 [???? 0a'?#"?38E?]
Aug 18 17:14:01 192.168.92.2 141694: 1w6d: RADIUS: 7C 4A 8B 89 8A 5A 26
CF 50 B5 69 C6 DE E9 EE A0 [|J???Z&?P?i?????]
Aug 18 17:14:01 192.168.92.2 141695: 1w6d: RADIUS: 0B 80 FD 80 2A
[????*]
Aug 18 17:14:01 192.168.92.2 141696: 1w6d: RADIUS: NAS-Port-Type
[61] 6 Virtual [5]
Aug 18 17:14:01 192.168.92.2 141697: 1w6d: RADIUS: NAS-Port [5]
6 506
Aug 18 17:14:01 192.168.92.2 141698: 1w6d: RADIUS: State
[24] 24
Aug 18 17:14:01 192.168.92.2 141699: 1w6d: RADIUS: 1C D1 04 72 00 00 01
37 00 01 C0 A8 58 17 00 00 [???r???7????X???]
Aug 18 17:14:01 192.168.92.2 141700: 1w6d: RADIUS: 00 02 11 D5 AC CD
[??????]
Aug 18 17:14:01 192.168.92.2 141701: 1w6d: RADIUS: NAS-IP-Address [4]
6 192.168.92.2
Aug 18 17:14:01 192.168.92.2 141702: 1w6d: RADIUS: Received from id 87
192.168.88.23:1812, Access-Accept, len 210
Aug 18 17:14:01 192.168.92.2 141703: 1w6d: RADIUS: authenticator FE 35 FB
61 2D 3E 78 AF - E0 2D 4B 82 B0 35 8C 63
Aug 18 17:14:01 192.168.92.2 141704: 1w6d: RADIUS: EAP-Message
[79] 6
Aug 18 17:14:01 192.168.92.2 141705: 1w6d: RADIUS: 03 05 00 04
[????]
Aug 18 17:14:01 192.168.92.2 141706: 1w6d: RADIUS: Service-Type [6]
6 Framed [2]
Aug 18 17:14:01 192.168.92.2 141707: 1w6d: RADIUS: Session-Timeout
[27] 6 600
Aug 18 17:14:01 192.168.92.2 141708: 1w6d: RADIUS: Termination-Action
[29] 6 1
Aug 18 17:14:01 192.168.92.2 141709: 1w6d: RADIUS: Vendor, Microsoft
[26] 58
Aug 18 17:14:01 192.168.92.2 141710: 1w6d: RADIUS: MS-MPPE-Send-Key
[16] 52
Aug 18 17:14:01 192.168.92.2 141711: 1w6d: RADIUS: 8D D9 88 1D 65 2F CF
F1 C4 80 F7 11 24 94 24 CB [????e/??????$?$?]
Aug 18 17:14:01 192.168.92.2 141712: 1w6d: RADIUS: EA 87 53 40 22 92 0D
60 3C C9 76 3A 24 4E 8F 18 [[email protected]"??`<?v:$N??]
Aug 18 17:14:01 192.168.92.2 141713: 1w6d: RADIUS: E1 D1 C0 DD 8B 5A 9A
A7 54 B8 0E 84 17 AE 39 19 [?????Z??T?????9?]
Aug 18 17:14:01 192.168.92.2 141714: 1w6d: RADIUS: EA A5
[??]
Aug 18 17:14:01 192.168.92.2 141715: 1w6d: RADIUS: Vendor, Microsoft
[26] 58
Aug 18 17:14:01 192.168.92.2 141716: 1w6d: RADIUS: MS-MPPE-Recv-Key
[17] 52
Aug 18 17:14:01 192.168.92.2 141717: 1w6d: RADIUS: 8D DA 7F 82 80 5D AB
CA 0D C1 48 81 FD 59 2F 3A [?????]????H??Y/:]
Aug 18 17:14:01 192.168.92.2 141718: 1w6d: RADIUS: FF AB 16 A6 55 90 09
A5 E8 36 98 45 6A E4 E7 C7 [????U????6?Ej???]
Aug 18 17:14:01 192.168.92.2 141719: 1w6d: RADIUS: F3 06 34 57 D5 4F 59
EC 65 CC 3B 61 4D C8 14 B1 [??4W?OY?e?;aM???]
Aug 18 17:14:01 192.168.92.2 141720: 1w6d: RADIUS: 0F 2F
[?/]
Aug 18 17:14:01 192.168.92.2 141721: 1w6d: RADIUS: Class
[25] 32
Aug 18 17:14:01 192.168.92.2 141722: 1w6d: RADIUS: 44 8F 04 96 00 00 01
37 00 01 C0 A8 58 17 01 C3 [D??????7????X???]
Aug 18 17:14:01 192.168.92.2 141723: 1w6d: RADIUS: 60 4C 4E 1D 01 3C 00
00 00 00 00 00 15 58 [`LN??<???????X]
Aug 18 17:14:01 192.168.92.2 141724: 1w6d: RADIUS: Message-Authenticato
[80] 18 *
Aug 18 17:14:01 192.168.92.2 141725: 1w6d: RADIUS: Received from id 8A3
Aug 18 17:14:01 192.168.92.2 141726: 1w6d: RADIUS/DECODE: EAP-Message
fragments, 4, total 4 bytes
Aug 18 17:14:01 192.168.92.2 141727: 1w6d: found MS AAA_AT_MS_MPPE_SEND_KEY
Aug 18 17:14:01 192.168.92.2 141728: 1w6d: found MS AAA_AT_MS_MPPE_RECV_KEY
Aug 18 17:14:02 192.168.92.2 141729: .Aug 18 17:18:45.463 S: %DOT11-6-
ASSOC: Interface Dot11Radio0, Station 000a.b7bb.026f Associated KEY_MGMT
[NONE]
Aug 18 17:14:02 192.168.92.2 141730: 1w6d: RADIUS: AAA Unsupported
[136] 3
Aug 18 17:14:02 192.168.92.2 141731: 1w6d: RADIUS: 35
[5]
Aug 18 17:14:02 192.168.92.2 141732: 1w6d: RADIUS(000008A3): Using existing
nas_port 506
Aug 18 17:14:02 192.168.92.2 141733: 1w6d: RADIUS/ENCODE(000008A3):
dropping service type, "radius-server attribute 6 on-for-login-auth" is off
Aug 18 17:14:02 192.168.92.2 141734: 1w6d: RADIUS/ENCODE(000008A3):
acct_session_id: 2211
Aug 18 17:14:02 192.168.92.2 141735: 1w6d: RADIUS(000008A3): sending
Aug 18 17:14:02 192.168.92.2 141736: 1w6d: RADIUS: Send to unknown id 88
192.168.88.23:1812, Access-Request, len 157
Aug 18 17:14:02 192.168.92.2 141737: 1w6d: RADIUS: authenticator 0B 5A 9C
CA 5D 3B 71 78 - 53 95 6E 8B 86 FB 46 C5
Aug 18 17:14:02 192.168.92.2 141738: 1w6d: RADIUS: User-Name [1]
29 ""
Aug 18 17:14:02 192.168.92.2 141739: 1w6d: RADIUS: Framed-MTU
[12] 6 1400
Aug 18 17:14:02 192.168.92.2 141740: 1w6d: RADIUS: Called-Station-Id
[30] 16 "000c.85db.bf45"
Aug 18 17:14:02 192.168.92.2 141741: 1w6d: RADIUS: Calling-Station-Id
[31] 16 "000a.b7bb.026f"
Aug 18 17:14:02 192.168.92.2 141742: 1w6d: RADIUS: Message-Authenticato
[80] 18 *
Aug 18 17:14:02 192.168.92.2 141743: 1w6d: RADIUS: EAP-Message
[79] 34
Aug 18 17:14:02 192.168.92.2 141744: 1w6d: RADIUS: 02 03 00 20 01 73 74
65 76 65 2E 66 72 61 6E 6B [??? ?steve.frank]
Aug 18 17:14:02 192.168.92.2 141745: 1w6d: RADIUS: 40 6E 65 77 63 6F 73
70 61 72 65 73 2E 63 6F 6D [@trialbyfire.int]
Aug 18 17:14:02 192.168.92.2 141746: 1w6d: RADIUS: NAS-Port-Type
[61] 6 Virtual [5]
Aug 18 17:14:02 192.168.92.2 141747: 1w6d: RADIUS: NAS-Port [5]
6 506
Aug 18 17:14:02 192.168.92.2 141748: 1w6d: RADIUS: NAS-IP-Address [4]
6 192.168.92.2
Aug 18 17:14:02 192.168.92.2 141749: 1w6d: RADIUS: Received from id 88
192.168.88.23:1812, Access-Challenge, len 76
Aug 18 17:14:02 192.168.92.2 141750: 1w6d: RADIUS: authenticator 22 77 B3
B0 E7 4E 3E 7E - 82 29 9D BE 89 5D 0A 50
Aug 18 17:14:02 192.168.92.2 141751: 1w6d: RADIUS: Session-Timeout
[27] 6 30
Aug 18 17:14:02 192.168.92.2 141752: 1w6d: RADIUS: EAP-Message
[79] 8
Aug 18 17:14:02 192.168.92.2 141753: 1w6d: RADIUS: 01 04 00 06 0D 20
[????? ]
Aug 18 17:14:02 192.168.92.2 141754: 1w6d: RADIUS: State
[24] 24
Aug 18 17:14:02 192.168.92.2 141755: 1w6d: RADIUS: 1C D2 04 73 00 00 01
37 00 01 C0 A8 58 17 00 00 [???s???7????X???]
Aug 18 17:14:02 192.168.92.2 141756: 1w6d: RADIUS: 00 02 11 D5 AC CE
[??????]
Aug 18 17:14:02 192.168.92.2 141757: 1w6d: RADIUS: Message-Authenticato
[80] 18 *
Aug 18 17:14:02 192.168.92.2 141758: 1w6d: RADIUS: Received from id 8A3
Aug 18 17:14:02 192.168.92.2 141759: 1w6d: RADIUS/DECODE: EAP-Message
fragments, 6, total 6 bytes
Aug 18 17:14:02 192.168.92.2 141760: 1w6d: RADIUS: AAA Unsupported
[136] 3
Aug 18 17:14:02 192.168.92.2 141761: 1w6d: RADIUS: 35
[5]
Aug 18 17:14:02 192.168.92.2 141762: 1w6d: RADIUS(000008A3): Using existing
nas_port 506
Aug 18 17:14:02 192.168.92.2 141763: 1w6d: RADIUS/ENCODE(000008A3):
dropping service type, "radius-server attribute 6 on-for-login-auth" is off
Aug 18 17:14:02 192.168.92.2 141764: 1w6d: RADIUS/ENCODE(000008A3):
acct_session_id: 2211
Aug 18 17:14:02 192.168.92.2 141765: 1w6d: RADIUS(000008A3): sending
Aug 18 17:14:02 192.168.92.2 141766: 1w6d: RADIUS: Send to unknown id 89
192.168.88.23:1812, Access-Request, len 261
Aug 18 17:14:02 192.168.92.2 141767: 1w6d: RADIUS: authenticator 70 F1 1E
BC A4 99 85 0F - 8F 68 62 A4 99 9E AC 96
Aug 18 17:14:02 192.168.92.2 141768: 1w6d: RADIUS: User-Name [1]
29 ""
Aug 18 17:14:02 192.168.92.2 141769: 1w6d: RADIUS: Framed-MTU
[12] 6 1400
Aug 18 17:14:02 192.168.92.2 141770: 1w6d: RADIUS: Called-Station-Id
[30] 16 "000c.85db.bf45"
Aug 18 17:14:02 192.168.92.2 141771: 1w6d: RADIUS: Calling-Station-Id
[31] 16 "000a.b7bb.026f"
Aug 18 17:14:02 192.168.92.2 141772: 1w6d: RADIUS: Message-Authenticato
[80] 18 *
Aug 18 17:14:02 192.168.92.2 141773: 1w6d: RADIUS: EAP-Message
[79] 114
Aug 18 17:14:02 192.168.92.2 141774: 1w6d: RADIUS: 02 04 00 70 0D 80 00
00 00 66 16 03 01 00 61 01 [???p?????f????a?]
Aug 18 17:14:02 192.168.92.2 141775: 1w6d: RADIUS: 00 00 5D 03 01 3F 41
4F AA 99 7C C2 DE FC F1 56 [??]???AO??|????V]
Aug 18 17:14:02 192.168.92.2 141776: 1w6d: RADIUS: 76 AB 55 AB CE EC 17
9A 87 5A 9F B6 6E A3 3C 1F [v?U??????Z??n?<?]
Aug 18 17:14:02 192.168.92.2 141777: 1w6d: RADIUS: 72 5B D2 BC 15 20 E9
0E 00 00 1B 1A 53 93 33 A2 [r[??? ??????S?3?]
Aug 18 17:14:02 192.168.92.2 141778: 1w6d: RADIUS: E2 02 C8 91 60 5F 1F
A3 BF 97 BF 04 73 E3 15 B0 [????`_??????s???]
Aug 18 17:14:02 192.168.92.2 141779: 1w6d: RADIUS: 7F DD 7C EC 2E B1 00
16 00 04 00 05 00 0A 00 09 [??|?.???????????]
Aug 18 17:14:02 192.168.92.2 141780: 1w6d: RADIUS: 00 64 00 62 00 03 00
06 00 13 00 12 00 63 01 00 [?d?b?????????c??]
Aug 18 17:14:02 192.168.92.2 141781: 1w6d: RADIUS: NAS-Port-Type
[61] 6 Virtual [5]
Aug 18 17:14:02 192.168.92.2 141782: 1w6d: RADIUS: NAS-Port [5]
6 506
Aug 18 17:14:02 192.168.92.2 141783: 1w6d: RADIUS: State
[24] 24
Aug 18 17:14:02 192.168.92.2 141784: 1w6d: RADIUS: 1C D2 04 73 00 00 01
37 00 01 C0 A8 58 17 00 00 [???s???7????X???]
Aug 18 17:14:02 192.168.92.2 141785: 1w6d: RADIUS: 00 02 11 D5 AC CE
[??????]
Aug 18 17:14:02 192.168.92.2 141786: 1w6d: RADIUS: NAS-IP-Address [4]
6 192.168.92.2
Aug 18 17:14:02 192.168.92.2 141787: 1w6d: RADIUS: Received from id 89
192.168.88.23:1812, Access-Challenge, len 202
Aug 18 17:14:02 192.168.92.2 141788: 1w6d: RADIUS: authenticator A3 25 01
E2 C2 F1 BA 0E - E4 19 EF 1C 8A 21 B4 C0
Aug 18 17:14:02 192.168.92.2 141789: 1w6d: RADIUS: Session-Timeout
[27] 6 30
Aug 18 17:14:02 192.168.92.2 141790: 1w6d: RADIUS: EAP-Message
[79] 134
Aug 18 17:14:02 192.168.92.2 141791: 1w6d: RADIUS: 01 05 00 84 0D 80 00
00 00 7A 16 03 01 00 4A 02 [?????????z????J?]
Aug 18 17:14:02 192.168.92.2 141792: 1w6d: RADIUS: 00 00 46 03 01 3F 41
4F AA 2F 07 2C 82 89 F2 E8 [??F???AO?/?,????]
Aug 18 17:14:02 192.168.92.2 141793: 1w6d: RADIUS: 73 70 F3 AA 12 E9 9B
5F F5 86 EE 23 80 04 53 EC [sp?????_???#??S?]
Aug 18 17:14:02 192.168.92.2 141794: 1w6d: RADIUS: 9D F6 19 26 CB 20 E9
0E 00 00 1B 1A 53 93 33 A2 [???&? ??????S?3?]
Aug 18 17:14:02 192.168.92.2 141795: 1w6d: RADIUS: E2 02 C8 91 60 5F 1F
A3 BF 97 BF 04 73 E3 15 B0 [????`_??????s???]
Aug 18 17:14:02 192.168.92.2 141796: 1w6d: RADIUS: 7F DD 7C EC 2E B1 00
04 00 14 03 01 00 01 01 16 [??|?.???????????]
Aug 18 17:14:02 192.168.92.2 141797: 1w6d: RADIUS: 03 01 00 20 68 CC D5
55 7D 9D 67 BF 2A FA B4 C1 [??? h??U}?g?*???]
Aug 18 17:14:02 192.168.92.2 141798: 1w6d: RADIUS: 21 67 8F A5 86 75 04
37 B3 DC 95 BD 33 B2 19 B6 [!g???u?7????3???]
Aug 18 17:14:02 192.168.92.2 141799: 1w6d: RADIUS: A1 74 BC 31
[?t?1]
Aug 18 17:14:02 192.168.92.2 141800: 1w6d: RADIUS: State
[24] 24
Aug 18 17:14:02 192.168.92.2 141801: 1w6d: RADIUS: 1C D2 04 73 00 00 01
37 00 01 C0 A8 58 17 00 00 [???s???7????X???]
Aug 18 17:14:02 192.168.92.2 141802: 1w6d: RADIUS: 00 02 11 D5 AC CE
[??????]
Aug 18 17:14:02 192.168.92.2 141803: 1w6d: RADIUS: Message-Authenticato
[80] 18 *
Aug 18 17:14:02 192.168.92.2 141804: 1w6d: RADIUS: Received from id 8A3
Aug 18 17:14:02 192.168.92.2 141805: 1w6d: RADIUS/DECODE: EAP-Message
fragments, 132, total 132 bytes



thanks again!

 

the AP is getting the session timout attribute:

Session-Timeout [27] 6 30

but I don't know if it is set properly becaause you said it is set to 10 mn
so can we get the sniff from the ias server side?


--

This posting is provided "AS IS", with NO warranties and confers NO rights

 

Will do. I'll pop this up here tomorrow for sure.

 

I have no idea where to find this specifically. There is a timeout for
reauthentication if the RADIUS server is unreachable (radius-server
timeout), which is waiting for it's reply, but this doesn't affect
client authentication.

This is quite strange. I ran a sniff using Network Monitor on the 2k3
RADIUS/IAS server. Here's a text output of a printout with the protocol
decoded on the RADIUS conversation (quite long). I must stress, I do
have the server set to give out a 10 minute timeout!



Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

************************************************************************
**********************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr
1 15.233498 000103E84BA3 LOCAL RADIUS Message Type: Access Request
(1) CiscoAP IASSERVER IP

+ FRAME: Base frame properties
+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 35530; Total IP Length
= 185; Options = No Options
+ UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 165
(0xA5)
RADIUS: Message Type: Access Request(1)
RADIUS: Message Type = Access Request
RADIUS: Identifier = 114 (0x72)
RADIUS: Length = 157 (0x9D)
RADIUS: Authenticator = 65 50 E4 4A FC 60 7A 74 85 4C CA 9C 1B 65
32 A3
RADIUS: Attribute Type: User Name(1)
RADIUS: Attribute type = User Name
RADIUS: Attribute length = 29 (0x1D)
RADIUS: User name =
RADIUS: Attribute Type: Framed MTU(12)
RADIUS: Attribute type = Framed MTU
RADIUS: Attribute length = 6 (0x6)
RADIUS: Framed MTU = 1400 (0x578)
RADIUS: Attribute Type: Called Station ID(30)
RADIUS: Attribute type = Called Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Called station ID =000c.85db.bf45
RADIUS: Attribute Type: Calling Station ID(31)
RADIUS: Attribute type = Calling Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Calling station ID =000a.b7bb.026f
RADIUS: Attribute Type: ARAP Signature(80)
RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)
RADIUS: Signature =Xém+kJ¦na<¯+-y[(
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 34 (0x22)
RADIUS: EAP code = Response
RADIUS: EAP identifier = 2 (0x2)
RADIUS: EAP length = 32 (0x20)
RADIUS: EAP data = 01 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E
65 77 63 6F 73 70 61 72 65 73 2E 63 6F 6D
RADIUS: Attribute Type: NAS Port Type(61)
RADIUS: Attribute type = NAS Port Type
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS port type = Virtual
RADIUS: Attribute Type: NAS Port(5)
RADIUS: Attribute type = NAS Port
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS port = 264 (0x108)
RADIUS: Attribute Type: NAS IP Address(4)
RADIUS: Attribute type = NAS IP Address
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS IP address = 192.168.92.2



Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
£..E.
00010: 00 B9 8A CA 00 00 FE 11 FB FE C0 A8 5C 02 C0 A8 .¹?Ê..þ.ûþÀ¨
\.ˬ
00020: 58 17 06 6D 07 14 00 A5 7F 40 01 72 00 9D 65 50 X..m...
¥@.r.eP
00030: E4 4A FC 60 7A 74 85 4C CA 9C 1B 65 32 A3 01 1D äJü`zt?LÊ?.e2
£..
00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

************************************************************************
*************************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr
2 15.249123 LOCAL 000103E84BA3 RADIUS Message Type: Access
Challenge(11) IASSERVER CiscoAP IP

+ FRAME: Base frame properties
+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 35163; Total IP Length
= 104; Options = No Options
+ UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 84
(0x54)
RADIUS: Message Type: Access Challenge(11)
RADIUS: Message Type = Access Challenge
RADIUS: Identifier = 114 (0x72)
RADIUS: Length = 76 (0x4C)
RADIUS: Authenticator = 70 81 6C 48 B8 52 AC A6 2A 5B ED BA 93 B7
6E 54
RADIUS: Attribute Type: Session Timeout(27)
RADIUS: Attribute type = Session Timeout
RADIUS: Attribute length = 6 (0x6)
RADIUS: Session timeout(seconds) = 30 (0x1E)
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 8 (0x8)
RADIUS: EAP code = Request
RADIUS: EAP identifier = 3 (0x3)
RADIUS: EAP length = 6 (0x6)
RADIUS: EAP data = 0D 20
RADIUS: Attribute Type: State(24)
RADIUS: Attribute type = State
RADIUS: Attribute length = 24 (0x18)
RADIUS: State =+y
RADIUS: Attribute Type: ARAP Signature(80)
RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)
RADIUS: Signature =-¦»U°+ k}Ä Cî¦

00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
«g...E.
00010: 00 68 89 5B 00 00 80 11 7B BF C0 A8 58 17 C0 A8 .h?[..?.{¿
ˬX.ˬ
00020: 5C 02 07 14 06 6D 00 54 73 82 0B 72 00 4C 70 81
\....m.Ts?.r.Lp
00030: 6C 48 B8 52 AC A6 2A 5B ED BA 93 B7 6E 54 1B 06 lH¸R¬¦*[íº?·
nT..
00040: 00 00 00 1E 4F 08 01 03 00 06 0D 20 18 18 1C D8 ....O......
....Ø

************************************************************************
**********************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr
3 15.264748 000103E84BA3 LOCAL RADIUS Message Type: Access Request
(1) CiscoAP IASSERVER IP

+ FRAME: Base frame properties
+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 35560; Total IP Length
= 289; Options = No Options
+ UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 269
(0x10D)


Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

RADIUS: Message Type: Access Request(1)
RADIUS: Message Type = Access Request
RADIUS: Identifier = 115 (0x73)
RADIUS: Length = 261 (0x105)
RADIUS: Authenticator = 04 DB 73 AA BD 37 EB 97 3F F0 50 C6 0B EB
E3 AB
RADIUS: Attribute Type: User Name(1)
RADIUS: Attribute type = User Name
RADIUS: Attribute length = 29 (0x1D)
RADIUS: User name =
RADIUS: Attribute Type: Framed MTU(12)
RADIUS: Attribute type = Framed MTU
RADIUS: Attribute length = 6 (0x6)
RADIUS: Framed MTU = 1400 (0x578)
RADIUS: Attribute Type: Called Station ID(30)
RADIUS: Attribute type = Called Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Called station ID =000c.85db.bf45
RADIUS: Attribute Type: Calling Station ID(31)
RADIUS: Attribute type = Calling Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Calling station ID =000a.b7bb.026f
RADIUS: Attribute Type: ARAP Signature(80)
RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)
RADIUS: Signature =·¦\ߦs_p++8Vt8
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 114 (0x72)
RADIUS: EAP code = Response
RADIUS: EAP identifier = 3 (0x3)
RADIUS: EAP length = 112 (0x70)
RADIUS: EAP data = 0D 80 00 00 00 66 16 03 01 00 61 01 00 00
5D 03 01 3F 42 78 E2 76 9E F1 85 A9 58 04 58 43 A7 6F 08 0D 09 9C 49 1A
17...
RADIUS: Attribute Type: NAS Port Type(61)
RADIUS: Attribute type = NAS Port Type
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS port type = Virtual
RADIUS: Attribute Type: NAS Port(5)
RADIUS: Attribute type = NAS Port
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS port = 264 (0x108)
RADIUS: Attribute Type: State(24)
RADIUS: Attribute type = State
RADIUS: Attribute length = 24 (0x18)
RADIUS: State =+y
RADIUS: Attribute Type: NAS IP Address(4)
RADIUS: Attribute type = NAS IP Address
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS IP address = 192.168.92.2

00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
£..E.
00010: 01 21 8A E8 00 00 FE 11 FB 78 C0 A8 5C 02 C0 A8 .!?è..þ.ûxÀ¨
\.ˬ
00020: 58 17 06 6D 07 14 01 0D 2A E7 01 73 01 05 04 DB X..m....
*ç.s...Û
00030: 73 AA BD 37 EB 97 3F F0 50 C6 0B EB E3 AB 01 1D sª½7ë??ðPÆ.ëã
«..

page 3


Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

************************************************************************
*************************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr
4 15.264748 LOCAL 000103E84BA3 RADIUS Message Type: Access
Challenge(11) IASSERVER CiscoAP IP

+ FRAME: Base frame properties
+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 35164; Total IP Length
= 230; Options = No Options
+ UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 210
(0xD2)
RADIUS: Message Type: Access Challenge(11)
RADIUS: Message Type = Access Challenge
RADIUS: Identifier = 115 (0x73)
RADIUS: Length = 202 (0xCA)
RADIUS: Authenticator = C6 6C 9A EF CF CB E8 05 AF 6F 17 66 01 A9
06 B1
RADIUS: Attribute Type: Session Timeout(27)
RADIUS: Attribute type = Session Timeout
RADIUS: Attribute length = 6 (0x6)
RADIUS: Session timeout(seconds) = 30 (0x1E)
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 134 (0x86)
RADIUS: EAP code = Request
RADIUS: EAP identifier = 4 (0x4)
RADIUS: EAP length = 132 (0x84)
RADIUS: EAP data = 0D 80 00 00 00 7A 16 03 01 00 4A 02 00 00
46 03 01 3F 42 78 E1 0F 1A 61 BD FD 1D 77 A3 EB 55 A1 8F 7E E5 AA 37 B1
F9...
RADIUS: Attribute Type: State(24)
RADIUS: Attribute type = State
RADIUS: Attribute length = 24 (0x18)
RADIUS: State =+y
RADIUS: Attribute Type: ARAP Signature(80)
RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)
RADIUS: Signature =qfOú"ä·Ä=XEÅ-+¦v

00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
«g...E.
00010: 00 E6 89 5C 00 00 80 11 7B 40 C0 A8 58 17 C0 A8 .æ?\..?.
{@ˬX.ˬ
00020: 5C 02 07 14 06 6D 00 D2 B6 43 0B 73 00 CA C6 6C
\....m.Ò¶C.s.ÊÆl
00030: 9A EF CF CB E8 05 AF 6F 17 66 01 A9 06 B1 1B 06 ?ïÏËè.¯o.f.©.
±..
00040: 00 00 00 1E 4F 86 01 04 00 84 0D 80 00 00 00 7A
.....O?...?.?...z

************************************************************************
**********************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr
5 15.342873 000103E84BA3 LOCAL RADIUS Message Type: Access Request
(1) CiscoAP IASSERVER IP

+ FRAME: Base frame properties
+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 35606; Total IP Length
= 230; Options = No Options
+ UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 210
(0xD2)
RADIUS: Message Type: Access Request(1)
RADIUS: Message Type = Access Request
RADIUS: Identifier = 116 (0x74)
RADIUS: Length = 202 (0xCA)

page 4


Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

RADIUS: Authenticator = 91 42 42 4C EE 8F BF 5D 3F 66 43 53 95 A7
F1 73
RADIUS: Attribute Type: User Name(1)
RADIUS: Attribute type = User Name
RADIUS: Attribute length = 29 (0x1D)
RADIUS: User name =
RADIUS: Attribute Type: Framed MTU(12)
RADIUS: Attribute type = Framed MTU
RADIUS: Attribute length = 6 (0x6)
RADIUS: Framed MTU = 1400 (0x578)
RADIUS: Attribute Type: Called Station ID(30)
RADIUS: Attribute type = Called Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Called station ID =000c.85db.bf45
RADIUS: Attribute Type: Calling Station ID(31)
RADIUS: Attribute type = Calling Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Calling station ID =000a.b7bb.026f
RADIUS: Attribute Type: ARAP Signature(80)
RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)
RADIUS: Signature =¦í+d¦d
-w_{h+Uuî
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 55 (0x37)
RADIUS: EAP code = Response
RADIUS: EAP identifier = 4 (0x4)
RADIUS: EAP length = 53 (0x35)
RADIUS: EAP data = 0D 80 00 00 00 2B 14 03 01 00 01 01 16 03
01 00 20 63 E0 58 30 7C 78 A1 9C B2 65 FA 88 10 90 0B 17 E3 FB 3C 36 27
89...
RADIUS: Attribute Type: NAS Port Type(61)
RADIUS: Attribute type = NAS Port Type
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS port type = Virtual
RADIUS: Attribute Type: NAS Port(5)
RADIUS: Attribute type = NAS Port
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS port = 264 (0x108)
RADIUS: Attribute Type: State(24)
RADIUS: Attribute type = State
RADIUS: Attribute length = 24 (0x18)
RADIUS: State =+y
RADIUS: Attribute Type: NAS IP Address(4)
RADIUS: Attribute type = NAS IP Address
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS IP address = 192.168.92.2

00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
£..E.
00010: 00 E6 8B 16 00 00 FE 11 FB 85 C0 A8 5C 02 C0 A8 .æ?...þ.û?À¨
\.ˬ
00020: 58 17 06 6D 07 14 00 D2 62 DE 01 74 00 CA 91 42
X..m...ÒbÞ.t.Ê?B
00030: 42 4C EE 8F BF 5D 3F 66 43 53 95 A7 F1 73 01 1D BLî¿]?fCS?
§ñs..
00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

************************************************************************
*********************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr

Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

6 15.358498 LOCAL 000103E84BA3 RADIUS Message Type: Access Accept
(2) IASSERVER CiscoAP IP

+ FRAME: Base frame properties
+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 35166; Total IP Length
= 238; Options = No Options
+ UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 218
(0xDA)
RADIUS: Message Type: Access Accept(2)
RADIUS: Message Type = Access Accept
RADIUS: Identifier = 116 (0x74)
RADIUS: Length = 210 (0xD2)
RADIUS: Authenticator = 68 2F F8 BF 06 93 43 82 17 3E EC D3 C0 D4
81 AD
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 6 (0x6)
RADIUS: EAP code = Success
RADIUS: EAP identifier = 5 (0x5)
RADIUS: EAP length = 4 (0x4)
RADIUS: EAP data =
RADIUS: Attribute Type: Service Type(6)
RADIUS: Attribute type = Service Type
RADIUS: Attribute length = 6 (0x6)
RADIUS: Service type = Framed
RADIUS: Attribute Type: Session Timeout(27)
RADIUS: Attribute type = Session Timeout
RADIUS: Attribute length = 6 (0x6)
RADIUS: Session timeout(seconds) = 600 (0x258)
RADIUS: Attribute Type: Termination Action(29)
RADIUS: Attribute type = Termination Action
RADIUS: Attribute length = 6 (0x6)
RADIUS: Termination action = RADIUS Request
RADIUS: Attribute Type: Vendor Specific(26)
RADIUS: Attribute type = Vendor Specific
RADIUS: Attribute length = 58 (0x3A)
RADIUS: Vendor ID = 311 (0x137)
RADIUS: Vendor string =4ìtRE¦¦tbnn-mnsy9ó½+m[w[--¶05+ ¬JqO
<«E
-ï:s+Sx¡:fw
RADIUS: Attribute Type: Vendor Specific(26)
RADIUS: Attribute type = Vendor Specific
RADIUS: Attribute length = 58 (0x3A)
RADIUS: Vendor ID = 311 (0x137)
RADIUS: Vendor string =4ìFZòï+-wà:ó¦{¦(G9¬+ -¢¦
è=¥w¿
RADIUS: )ë+e/+#\½h
RADIUS: Attribute Type: Class(25)
RADIUS: Attribute type = Class
RADIUS: Attribute length = 32 (0x20)
RADIUS: Class =D¼¦
RADIUS: Attribute Type: ARAP Signature(80)
RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)
RADIUS: Signature =s0îgdÑ ƒ-¦"Ç*)

00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
«g...E.
00010: 00 EE 89 5E 00 00 80 11 7B 36 C0 A8 58 17 C0 A8 .î?^..?.
{6ˬX.ˬ
00020: 5C 02 07 14 06 6D 00 DA 88 CD 02 74 00 D2 68 2F \....m.Ú?
Í.t.Òh/


Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

00030: F8 BF 06 93 43 82 17 3E EC D3 C0 D4 81 AD 4F 06 ø¿.?C?.>ìÓÀÔ­
O.
00040: 03 05 00 04 06 06 00 00 00 02 1B 06 00 00 02 58
................X

************************************************************************
**********************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr
7 16.374123 000103E84BA3 LOCAL RADIUS Message Type: Access Request
(1) CiscoAP IASSERVER IP

+ FRAME: Base frame properties
+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 35663; Total IP Length
= 185; Options = No Options
+ UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 165
(0xA5)
RADIUS: Message Type: Access Request(1)
RADIUS: Message Type = Access Request
RADIUS: Identifier = 117 (0x75)
RADIUS: Length = 157 (0x9D)
RADIUS: Authenticator = 5B 3D 1F DB 26 2C 6A 8B 12 E0 CE E3 E9 FE
53 C2
RADIUS: Attribute Type: User Name(1)
RADIUS: Attribute type = User Name
RADIUS: Attribute length = 29 (0x1D)
RADIUS: User name =
RADIUS: Attribute Type: Framed MTU(12)
RADIUS: Attribute type = Framed MTU
RADIUS: Attribute length = 6 (0x6)
RADIUS: Framed MTU = 1400 (0x578)
RADIUS: Attribute Type: Called Station ID(30)
RADIUS: Attribute type = Called Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Called station ID =000c.85db.bf45
RADIUS: Attribute Type: Calling Station ID(31)
RADIUS: Attribute type = Calling Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Calling station ID =000a.b7bb.026f
RADIUS: Attribute Type: ARAP Signature(80)
RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)
RADIUS: Signature =IK-T+ü0ÿªc(T¦.¦
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 34 (0x22)
RADIUS: EAP code = Response
RADIUS: EAP identifier = 3 (0x3)
RADIUS: EAP length = 32 (0x20)
RADIUS: EAP data = 01 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E
65 77 63 6F 73 70 61 72 65 73 2E 63 6F 6D
RADIUS: Attribute Type: NAS Port Type(61)
RADIUS: Attribute type = NAS Port Type
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS port type = Virtual
RADIUS: Attribute Type: NAS Port(5)
RADIUS: Attribute type = NAS Port
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS port = 264 (0x108)
RADIUS: Attribute Type: NAS IP Address(4)
RADIUS: Attribute type = NAS IP Address


Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS IP address = 192.168.92.2

00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
£..E.
00010: 00 B9 8B 4F 00 00 FE 11 FB 79 C0 A8 5C 02 C0 A8 .¹?O..þ.ûyÀ¨
\.ˬ
00020: 58 17 06 6D 07 14 00 A5 7D 42 01 75 00 9D 5B 3D X..m...¥}B.u.
[=
00030: 1F DB 26 2C 6A 8B 12 E0 CE E3 E9 FE 53 C2 01 1D
..Û&,j?.àÎãéþSÂ..
00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

************************************************************************
*************************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr
8 16.374123 LOCAL 000103E84BA3 RADIUS Message Type: Access
Challenge(11) IASSERVER CiscoAP IP

+ FRAME: Base frame properties
+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 35186; Total IP Length
= 104; Options = No Options
+ UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 84
(0x54)
RADIUS: Message Type: Access Challenge(11)
RADIUS: Message Type = Access Challenge
RADIUS: Identifier = 117 (0x75)
RADIUS: Length = 76 (0x4C)
RADIUS: Authenticator = FF 59 C5 FD CC 80 21 DC 8A 50 EC 4D C3 77
43 70
RADIUS: Attribute Type: Session Timeout(27)
RADIUS: Attribute type = Session Timeout
RADIUS: Attribute length = 6 (0x6)
RADIUS: Session timeout(seconds) = 30 (0x1E)
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 8 (0x8)
RADIUS: EAP code = Request
RADIUS: EAP identifier = 4 (0x4)
RADIUS: EAP length = 6 (0x6)
RADIUS: EAP data = 0D 20
RADIUS: Attribute Type: State(24)
RADIUS: Attribute type = State
RADIUS: Attribute length = 24 (0x18)
RADIUS: State =+z
RADIUS: Attribute Type: ARAP Signature(80)
RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)
RADIUS: Signature =(5èîg6BôHW·,)-½

00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
«g...E.
00010: 00 68 89 72 00 00 80 11 7B A8 C0 A8 58 17 C0 A8 .h?r..?.
{¨À¨X.À¨
00020: 5C 02 07 14 06 6D 00 54 20 C8 0B 75 00 4C FF 59 \....m.T
È.u.LÿY
00030: C5 FD CC 80 21 DC 8A 50 EC 4D C3 77 43 70 1B 06 ÅýÌ?!Ü?
PìMÃwCp..
00040: 00 00 00 1E 4F 08 01 04 00 06 0D 20 18 18 1C D9 ....O......
....Ù

************************************************************************
**********************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr
9 16.405373 000103E84BA3 LOCAL RADIUS Message Type: Access Request
(1) CiscoAP IASSERVER IP

+ FRAME: Base frame properties


Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 35693; Total IP Length
= 289; Options = No Options
+ UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 269
(0x10D)
RADIUS: Message Type: Access Request(1)
RADIUS: Message Type = Access Request
RADIUS: Identifier = 118 (0x76)
RADIUS: Length = 261 (0x105)
RADIUS: Authenticator = B1 7E 88 6B 5B 5A A0 5F 9E 08 72 53 9B 32
62 A2
RADIUS: Attribute Type: User Name(1)
RADIUS: Attribute type = User Name
RADIUS: Attribute length = 29 (0x1D)
RADIUS: User name =
RADIUS: Attribute Type: Framed MTU(12)
RADIUS: Attribute type = Framed MTU
RADIUS: Attribute length = 6 (0x6)
RADIUS: Framed MTU = 1400 (0x578)
RADIUS: Attribute Type: Called Station ID(30)
RADIUS: Attribute type = Called Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Called station ID =000c.85db.bf45
RADIUS: Attribute Type: Calling Station ID(31)
RADIUS: Attribute type = Calling Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Calling station ID =000a.b7bb.026f
RADIUS: Attribute Type: ARAP Signature(80)
RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)
RADIUS: Signature =÷ ñl+)Ææ9e++¦'¦
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 114 (0x72)
RADIUS: EAP code = Response
RADIUS: EAP identifier = 4 (0x4)
RADIUS: EAP length = 112 (0x70)
RADIUS: EAP data = 0D 80 00 00 00 66 16 03 01 00 61 01 00 00
5D 03 01 3F 42 78 E3 DE 6E 40 A1 AB 70 14 35 0B 96 9E AB 81 81 8C 71 8B
49...
RADIUS: Attribute Type: NAS Port Type(61)
RADIUS: Attribute type = NAS Port Type
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS port type = Virtual
RADIUS: Attribute Type: NAS Port(5)
RADIUS: Attribute type = NAS Port
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS port = 264 (0x108)
RADIUS: Attribute Type: State(24)
RADIUS: Attribute type = State
RADIUS: Attribute length = 24 (0x18)
RADIUS: State =+z
RADIUS: Attribute Type: NAS IP Address(4)
RADIUS: Attribute type = NAS IP Address
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS IP address = 192.168.92.2

00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
£..E.

Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

00010: 01 21 8B 6D 00 00 FE 11 FA F3 C0 A8 5C 02 C0 A8 .!?m..þ.úóÀ¨
\.ˬ
00020: 58 17 06 6D 07 14 01 0D 0F 7C 01 76 01 05 B1 7E X..m.....|.v..
±~
00030: 88 6B 5B 5A A0 5F 9E 08 72 53 9B 32 62 A2 01 1D ?k[Z _?.rS?
2b¢..
00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

************************************************************************
**************************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr
10 16.405373 LOCAL 000103E84BA3 RADIUS Message Type: Access
Challenge(11) IASSERVER CiscoAP IP

+ FRAME: Base frame properties
+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 35188; Total IP Length
= 230; Options = No Options
+ UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 210
(0xD2)
RADIUS: Message Type: Access Challenge(11)
RADIUS: Message Type = Access Challenge
RADIUS: Identifier = 118 (0x76)
RADIUS: Length = 202 (0xCA)
RADIUS: Authenticator = 99 31 C9 0D 09 01 40 23 A1 CE 95 43 FA 48
D2 C9
RADIUS: Attribute Type: Session Timeout(27)
RADIUS: Attribute type = Session Timeout
RADIUS: Attribute length = 6 (0x6)
RADIUS: Session timeout(seconds) = 30 (0x1E)
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 134 (0x86)
RADIUS: EAP code = Request
RADIUS: EAP identifier = 5 (0x5)
RADIUS: EAP length = 132 (0x84)
RADIUS: EAP data = 0D 80 00 00 00 7A 16 03 01 00 4A 02 00 00
46 03 01 3F 42 78 E2 44 59 4D E0 BF E0 B3 67 D6 46 31 7C 7D D3 4A 89 9F
56...
RADIUS: Attribute Type: State(24)
RADIUS: Attribute type = State
RADIUS: Attribute length = 24 (0x18)
RADIUS: State =+z
RADIUS: Attribute Type: ARAP Signature(80)
RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)
RADIUS: Signature =
f¦=¯yÇj·²ë#µ=<

00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
«g...E.
00010: 00 E6 89 74 00 00 80 11 7B 28 C0 A8 58 17 C0 A8 .æ?t..?.
{(ˬX.ˬ
00020: 5C 02 07 14 06 6D 00 D2 C5 E2 0B 76 00 CA 99 31
\....m.ÒÅâ.v.Ê?1
00030: C9 0D 09 01 40 23 A1 CE 95 43 FA 48 D2 C9 1B 06 É[email protected]#¡Î?
CúHÒÉ..
00040: 00 00 00 1E 4F 86 01 05 00 84 0D 80 00 00 00 7A
.....O?...?.?...z

************************************************************************
***********************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr
11 16.483498 000103E84BA3 LOCAL RADIUS Message Type: Access Request
(1) CiscoAP IASSERVER IP

+ FRAME: Base frame properties
+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 35739; Total IP Length
= 230; Options = No Options
+ UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 210
(0xD2)
RADIUS: Message Type: Access Request(1)

Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

RADIUS: Message Type = Access Request
RADIUS: Identifier = 119 (0x77)
RADIUS: Length = 202 (0xCA)
RADIUS: Authenticator = E6 9D 5B BA 2D CA 75 CA DD 46 2B EB F4 CE
ED 94
RADIUS: Attribute Type: User Name(1)
RADIUS: Attribute type = User Name
RADIUS: Attribute length = 29 (0x1D)
RADIUS: User name =
RADIUS: Attribute Type: Framed MTU(12)
RADIUS: Attribute type = Framed MTU
RADIUS: Attribute length = 6 (0x6)
RADIUS: Framed MTU = 1400 (0x578)
RADIUS: Attribute Type: Called Station ID(30)
RADIUS: Attribute type = Called Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Called station ID =000c.85db.bf45
RADIUS: Attribute Type: Calling Station ID(31)
RADIUS: Attribute type = Calling Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Calling station ID =000a.b7bb.026f
RADIUS: Attribute Type: ARAP Signature(80)
RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)
RADIUS: Signature =-òÆ
RADIUS: A¦ a+?ï<+
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 55 (0x37)
RADIUS: EAP code = Response
RADIUS: EAP identifier = 5 (0x5)
RADIUS: EAP length = 53 (0x35)
RADIUS: EAP data = 0D 80 00 00 00 2B 14 03 01 00 01 01 16 03
01 00 20 C1 27 22 48 12 7E CB 06 41 22 05 2D 70 04 2E 01 D8 17 16 C7 91
5C...
RADIUS: Attribute Type: NAS Port Type(61)
RADIUS: Attribute type = NAS Port Type
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS port type = Virtual
RADIUS: Attribute Type: NAS Port(5)
RADIUS: Attribute type = NAS Port
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS port = 264 (0x108)
RADIUS: Attribute Type: State(24)
RADIUS: Attribute type = State
RADIUS: Attribute length = 24 (0x18)
RADIUS: State =+z
RADIUS: Attribute Type: NAS IP Address(4)
RADIUS: Attribute type = NAS IP Address
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS IP address = 192.168.92.2

00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
£..E.
00010: 00 E6 8B 9B 00 00 FE 11 FB 00 C0 A8 5C 02 C0 A8 .æ??..þ.û.À¨
\.ˬ
00020: 58 17 06 6D 07 14 00 D2 5B DC 01 77 00 CA E6 9D X..m...Ò
[Ü.w.Êæ
00030: 5B BA 2D CA 75 CA DD 46 2B EB F4 CE ED 94 01 1D [º-
ÊuÊÝF+ëôÎí?..

Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

************************************************************************
**********************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr
12 16.483498 LOCAL 000103E84BA3 RADIUS Message Type: Access Accept
(2) IASSERVER CiscoAP IP

+ FRAME: Base frame properties
+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 35189; Total IP Length
= 238; Options = No Options
+ UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 218
(0xDA)
RADIUS: Message Type: Access Accept(2)
RADIUS: Message Type = Access Accept
RADIUS: Identifier = 119 (0x77)
RADIUS: Length = 210 (0xD2)
RADIUS: Authenticator = 9E DF 84 8F 5A D1 8C 21 51 6D A5 E7 5F 84
82 2E
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 6 (0x6)
RADIUS: EAP code = Success
RADIUS: EAP identifier = 6 (0x6)
RADIUS: EAP length = 4 (0x4)
RADIUS: EAP data =
RADIUS: Attribute Type: Service Type(6)
RADIUS: Attribute type = Service Type
RADIUS: Attribute length = 6 (0x6)
RADIUS: Service type = Framed
RADIUS: Attribute Type: Session Timeout(27)
RADIUS: Attribute type = Session Timeout
RADIUS: Attribute length = 6 (0x6)
RADIUS: Session timeout(seconds) = 600 (0x258)
RADIUS: Attribute Type: Termination Action(29)
RADIUS: Attribute type = Termination Action
RADIUS: Attribute length = 6 (0x6)
RADIUS: Termination action = RADIUS Request
RADIUS: Attribute Type: Vendor Specific(26)
RADIUS: Attribute type = Vendor Specific
RADIUS: Attribute length = 58 (0x3A)
RADIUS: Vendor ID = 311 (0x137)
RADIUS: Vendor string =4ìT+:-+-ƒ+:ê+
RADIUS: $aGÄ/l/}ü_ 'n :$¦t4\ç[@dÑP=8
RADIUS: 
RADIUS: Attribute Type: Vendor Specific(26)
RADIUS: Attribute type = Vendor Specific
RADIUS: Attribute length = 58 (0x3A)
RADIUS: Vendor ID = 311 (0x137)
RADIUS: Vendor string =4ìOs,º)1nÅ0(`Zêxk8ìæ='JE¦û|7
+'$áqOƒpÉ 
g˜
¦h+¦
RADIUS: Attribute Type: Class(25)
RADIUS: Attribute type = Class
RADIUS: Attribute length = 32 (0x20)
RADIUS: Class =D»¦
RADIUS: Attribute Type: ARAP Signature(80)
RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)


Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

RADIUS: Signature =7÷&>§{+F,+¦ñë/âô

00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
«g...E.
00010: 00 EE 89 75 00 00 80 11 7B 1F C0 A8 58 17 C0 A8 .î?u..?.
{.ˬX.ˬ
00020: 5C 02 07 14 06 6D 00 DA DA C3 02 77 00 D2 9E DF
\....m.ÚÚÃ.w.Ò?ß
00030: 84 8F 5A D1 8C 21 51 6D A5 E7 5F 84 82 2E 4F 06 ?ZÑ?!Qm
¥ç_??.O.
00040: 03 06 00 04 06 06 00 00 00 02 1B 06 00 00 02 58
................X

************************************************************************
***********************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr
13 17.499123 000103E84BA3 LOCAL RADIUS Message Type: Access Request
(1) CiscoAP IASSERVER IP

+ FRAME: Base frame properties
+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 35794; Total IP Length
= 185; Options = No Options
+ UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 165
(0xA5)
RADIUS: Message Type: Access Request(1)
RADIUS: Message Type = Access Request
RADIUS: Identifier = 120 (0x78)
RADIUS: Length = 157 (0x9D)
RADIUS: Authenticator = B3 12 CE C7 20 D8 04 F7 9A 28 2C 40 75 E3
D8 61
RADIUS: Attribute Type: User Name(1)
RADIUS: Attribute type = User Name
RADIUS: Attribute length = 29 (0x1D)
RADIUS: User name =
RADIUS: Attribute Type: Framed MTU(12)
RADIUS: Attribute type = Framed MTU
RADIUS: Attribute length = 6 (0x6)
RADIUS: Framed MTU = 1400 (0x578)
RADIUS: Attribute Type: Called Station ID(30)
RADIUS: Attribute type = Called Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Called station ID =000c.85db.bf45
RADIUS: Attribute Type: Calling Station ID(31)
RADIUS: Attribute type = Calling Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Calling station ID =000a.b7bb.026f
RADIUS: Attribute Type: ARAP Signature(80)
RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)
RADIUS: Signature =û,ÅG+=èmÄê-¦*+v'
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 34 (0x22)
RADIUS: EAP code = Response
RADIUS: EAP identifier = 4 (0x4)
RADIUS: EAP length = 32 (0x20)
RADIUS: EAP data = 01 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E
65 77 63 6F 73 70 61 72 65 73 2E 63 6F 6D
RADIUS: Attribute Type: NAS Port Type(61)
RADIUS: Attribute type = NAS Port Type
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS port type = Virtual
RADIUS: Attribute Type: NAS Port(5)


Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

RADIUS: Attribute type = NAS Port
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS port = 264 (0x108)
RADIUS: Attribute Type: NAS IP Address(4)
RADIUS: Attribute type = NAS IP Address
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS IP address = 192.168.92.2

00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
£..E.
00010: 00 B9 8B D2 00 00 FE 11 FA F6 C0 A8 5C 02 C0 A8 .¹?Ò..þ.úöÀ¨
\.ˬ
00020: 58 17 06 6D 07 14 00 A5 BB 54 01 78 00 9D B3 12 X..m...¥»
T.x.³.
00030: CE C7 20 D8 04 F7 9A 28 2C 40 75 E3 D8 61 01 1D ÎÇ Ø.÷?(,
@uãØa..
00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

************************************************************************
**************************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr
14 17.514748 LOCAL 000103E84BA3 RADIUS Message Type: Access
Challenge(11) IASSERVER CiscoAP IP

+ FRAME: Base frame properties
+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 35210; Total IP Length
= 104; Options = No Options
+ UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 84
(0x54)
RADIUS: Message Type: Access Challenge(11)
RADIUS: Message Type = Access Challenge
RADIUS: Identifier = 120 (0x78)
RADIUS: Length = 76 (0x4C)
RADIUS: Authenticator = CC 8B 42 C1 83 4C 8C B2 32 42 74 FC F8 0F
2C C0
RADIUS: Attribute Type: Session Timeout(27)
RADIUS: Attribute type = Session Timeout
RADIUS: Attribute length = 6 (0x6)
RADIUS: Session timeout(seconds) = 30 (0x1E)
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 8 (0x8)
RADIUS: EAP code = Request
RADIUS: EAP identifier = 5 (0x5)
RADIUS: EAP length = 6 (0x6)
RADIUS: EAP data = 0D 20
RADIUS: Attribute Type: State(24)
RADIUS: Attribute type = State
RADIUS: Attribute length = 24 (0x18)
RADIUS: State =+{
RADIUS: Attribute Type: ARAP Signature(80)
RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)
RADIUS: Signature =w+6˜pêWɲq*û¦+

00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
«g...E.
00010: 00 68 89 8A 00 00 80 11 7B 90 C0 A8 58 17 C0 A8 .h??..?.
{ˬX.ˬ
00020: 5C 02 07 14 06 6D 00 54 6D AF 0B 78 00 4C CC 8B
\....m.Tm¯.x.LÌ?
00030: 42 C1 83 4C 8C B2 32 42 74 FC F8 0F 2C C0 1B 06 BÁ?L?
²2Btüø.,À..
00040: 00 00 00 1E 4F 08 01 05 00 06 0D 20 18 18 1C DA ....O......
....Ú


Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

************************************************************************
***********************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr
15 17.561623 000103E84BA3 LOCAL RADIUS Message Type: Access Request
(1) CiscoAP IASSERVER IP

+ FRAME: Base frame properties
+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 35824; Total IP Length
= 289; Options = No Options
+ UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 269
(0x10D)
RADIUS: Message Type: Access Request(1)
RADIUS: Message Type = Access Request
RADIUS: Identifier = 121 (0x79)
RADIUS: Length = 261 (0x105)
RADIUS: Authenticator = 13 05 E3 7E 48 8E ED 1A 9E C8 BB 5D E0 6D
6E 32
RADIUS: Attribute Type: User Name(1)
RADIUS: Attribute type = User Name
RADIUS: Attribute length = 29 (0x1D)
RADIUS: User name =
RADIUS: Attribute Type: Framed MTU(12)
RADIUS: Attribute type = Framed MTU
RADIUS: Attribute length = 6 (0x6)
RADIUS: Framed MTU = 1400 (0x578)
RADIUS: Attribute Type: Called Station ID(30)
RADIUS: Attribute type = Called Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Called station ID =000c.85db.bf45
RADIUS: Attribute Type: Calling Station ID(31)
RADIUS: Attribute type = Calling Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Calling station ID =000a.b7bb.026f
RADIUS: Attribute Type: ARAP Signature(80)
RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)
RADIUS: Signature =\<8+ñ¦ësaÜn
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 114 (0x72)
RADIUS: EAP code = Response
RADIUS: EAP identifier = 5 (0x5)
RADIUS: EAP length = 112 (0x70)
RADIUS: EAP data = 0D 80 00 00 00 66 16 03 01 00 61 01 00 00
5D 03 01 3F 42 78 E4 95 37 0D 5A 2F E0 F4 71 BA A6 EB C5 76 01 50 DA B3
E1...
RADIUS: Attribute Type: NAS Port Type(61)
RADIUS: Attribute type = NAS Port Type
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS port type = Virtual
RADIUS: Attribute Type: NAS Port(5)
RADIUS: Attribute type = NAS Port
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS port = 264 (0x108)
RADIUS: Attribute Type: State(24)
RADIUS: Attribute type = State
RADIUS: Attribute length = 24 (0x18)
RADIUS: State =+{
RADIUS: Attribute Type: NAS IP Address(4)


Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

RADIUS: Attribute type = NAS IP Address
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS IP address = 192.168.92.2

00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
£..E.
00010: 01 21 8B F0 00 00 FE 11 FA 70 C0 A8 5C 02 C0 A8 .!?ð..þ.úpÀ¨
\.ˬ
00020: 58 17 06 6D 07 14 01 0D BF F0 01 79 01 05 13 05 X..m....¿
ð.y....
00030: E3 7E 48 8E ED 1A 9E C8 BB 5D E0 6D 6E 32 01 1D ã~H?í.?È»]
àmn2..
00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

************************************************************************
**************************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr
16 17.561623 LOCAL 000103E84BA3 RADIUS Message Type: Access
Challenge(11) IASSERVER CiscoAP IP

+ FRAME: Base frame properties
+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 35211; Total IP Length
= 230; Options = No Options
+ UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 210
(0xD2)
RADIUS: Message Type: Access Challenge(11)
RADIUS: Message Type = Access Challenge
RADIUS: Identifier = 121 (0x79)
RADIUS: Length = 202 (0xCA)
RADIUS: Authenticator = C6 C0 47 5A 6D 0C 66 59 5C 9A FF 7A B1 1A
4F 6B
RADIUS: Attribute Type: Session Timeout(27)
RADIUS: Attribute type = Session Timeout
RADIUS: Attribute length = 6 (0x6)
RADIUS: Session timeout(seconds) = 30 (0x1E)
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 134 (0x86)
RADIUS: EAP code = Request
RADIUS: EAP identifier = 6 (0x6)
RADIUS: EAP length = 132 (0x84)
RADIUS: EAP data = 0D 80 00 00 00 7A 16 03 01 00 4A 02 00 00
46 03 01 3F 42 78 E3 FB 93 C7 13 E4 5C A3 94 31 E8 AD 55 AF BE 28 E7 C5
CF...
RADIUS: Attribute Type: State(24)
RADIUS: Attribute type = State
RADIUS: Attribute length = 24 (0x18)
RADIUS: State =+{
RADIUS: Attribute Type: ARAP Signature(80)
RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)
RADIUS: Signature =+NL¦¬+ó¦¥Ç;s¦è

00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
«g...E.
00010: 00 E6 89 8B 00 00 80 11 7B 11 C0 A8 58 17 C0 A8 .æ??..?.
{.ˬX.ˬ
00020: 5C 02 07 14 06 6D 00 D2 BC 1F 0B 79 00 CA C6 C0
\....m.Ò¼..y.ÊÆÀ
00030: 47 5A 6D 0C 66 59 5C 9A FF 7A B1 1A 4F 6B 1B 06 GZm.fY\?
ÿz±.Ok..
00040: 00 00 00 1E 4F 86 01 06 00 84 0D 80 00 00 00 7A
.....O?...?.?...z

************************************************************************
***********************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr
17 17.639748 000103E84BA3 LOCAL RADIUS Message Type: Access Request
(1) CiscoAP IASSERVER IP


Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

+ FRAME: Base frame properties
+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 35870; Total IP Length
= 230; Options = No Options
+ UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 210
(0xD2)
RADIUS: Message Type: Access Request(1)
RADIUS: Message Type = Access Request
RADIUS: Identifier = 122 (0x7A)
RADIUS: Length = 202 (0xCA)
RADIUS: Authenticator = B8 DC 2B 48 D8 D2 FD 59 7F 95 84 11 51 FE
70 2D
RADIUS: Attribute Type: User Name(1)
RADIUS: Attribute type = User Name
RADIUS: Attribute length = 29 (0x1D)
RADIUS: User name =
RADIUS: Attribute Type: Framed MTU(12)
RADIUS: Attribute type = Framed MTU
RADIUS: Attribute length = 6 (0x6)
RADIUS: Framed MTU = 1400 (0x578)
RADIUS: Attribute Type: Called Station ID(30)
RADIUS: Attribute type = Called Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Called station ID =000c.85db.bf45
RADIUS: Attribute Type: Calling Station ID(31)
RADIUS: Attribute type = Calling Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Calling station ID =000a.b7bb.026f
RADIUS: Attribute Type: ARAP Signature(80)
RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)
RADIUS: Signature =¦æßôä§táv-!Ö<£Çv
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 55 (0x37)
RADIUS: EAP code = Response
RADIUS: EAP identifier = 6 (0x6)
RADIUS: EAP length = 53 (0x35)
RADIUS: EAP data = 0D 80 00 00 00 2B 14 03 01 00 01 01 16 03
01 00 20 C4 37 20 3E A9 6F 20 B0 2A D0 D3 46 9A B6 05 7B 74 61 44 AA C2
7F...
RADIUS: Attribute Type: NAS Port Type(61)
RADIUS: Attribute type = NAS Port Type
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS port type = Virtual
RADIUS: Attribute Type: NAS Port(5)
RADIUS: Attribute type = NAS Port
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS port = 264 (0x108)
RADIUS: Attribute Type: State(24)
RADIUS: Attribute type = State
RADIUS: Attribute length = 24 (0x18)
RADIUS: State =+{
RADIUS: Attribute Type: NAS IP Address(4)
RADIUS: Attribute type = NAS IP Address
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS IP address = 192.168.92.2


Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
£..E.
00010: 00 E6 8C 1E 00 00 FE 11 FA 7D C0 A8 5C 02 C0 A8 .æ?...þ.ú}À¨
\.ˬ
00020: 58 17 06 6D 07 14 00 D2 FB 7D 01 7A 00 CA B8 DC
X..m...Òû}.z.ʸÜ
00030: 2B 48 D8 D2 FD 59 7F 95 84 11 51 FE 70 2D 01 1D
+HØÒýY??.Qþp-..
00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

************************************************************************
**********************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr
18 17.639748 LOCAL 000103E84BA3 RADIUS Message Type: Access Accept
(2) IASSERVER CiscoAP IP

+ FRAME: Base frame properties
+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 35213; Total IP Length
= 238; Options = No Options
+ UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 218
(0xDA)
RADIUS: Message Type: Access Accept(2)
RADIUS: Message Type = Access Accept
RADIUS: Identifier = 122 (0x7A)
RADIUS: Length = 210 (0xD2)
RADIUS: Authenticator = 89 C6 27 F3 9A 49 4F 5D 3C 0C 30 DC 99 37
E5 B2
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 6 (0x6)
RADIUS: EAP code = Success
RADIUS: EAP identifier = 7 (0x7)
RADIUS: EAP length = 4 (0x4)
RADIUS: EAP data =
RADIUS: Attribute Type: Service Type(6)
RADIUS: Attribute type = Service Type
RADIUS: Attribute length = 6 (0x6)
RADIUS: Service type = Framed
RADIUS: Attribute Type: Session Timeout(27)
RADIUS: Attribute type = Session Timeout
RADIUS: Attribute length = 6 (0x6)
RADIUS: Session timeout(seconds) = 600 (0x258)
RADIUS: Attribute Type: Termination Action(29)
RADIUS: Attribute type = Termination Action
RADIUS: Attribute length = 6 (0x6)
RADIUS: Termination action = RADIUS Request
RADIUS: Attribute Type: Vendor Specific(26)
RADIUS: Attribute type = Vendor Specific
RADIUS: Attribute length = 58 (0x3A)
RADIUS: Vendor ID = 311 (0x137)
RADIUS: Vendor string =4ìd½eG¦T«->m:}KT¦kè)-t;<ó+2u÷+JF
LL:˜¥|¢¦µGr¦J
RADIUS: Attribute Type: Vendor Specific(26)
RADIUS: Attribute type = Vendor Specific
RADIUS: Attribute length = 58 (0x3A)
RADIUS: Vendor ID = 311 (0x137)
RADIUS: Vendor string =4ì8¦ú¦¦+.eZPëq¿ -
¬Æ`f¦T~§ g8ÅñnvÄ=ùdòj-+h¤¡;g
RADIUS: Attribute Type: Class(25)
RADIUS: Attribute type = Class
RADIUS: Attribute length = 32 (0x20)
RADIUS: Class =D¦¦
RADIUS: Attribute Type: ARAP Signature(80)

page 18


Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)
RADIUS: Signature =m¦-P$à^-d+)ç.D

00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
«g...E.
00010: 00 EE 89 8D 00 00 80 11 7B 07 C0 A8 58 17 C0 A8 .î?..?.
{.ˬX.ˬ
00020: 5C 02 07 14 06 6D 00 DA 56 39 02 7A 00 D2 89 C6
\....m.ÚV9.z.Ò?Æ
00030: 27 F3 9A 49 4F 5D 3C 0C 30 DC 99 37 E5 B2 4F 06 'ó?IO]<.0Ü?
7å²O.
00040: 03 07 00 04 06 06 00 00 00 02 1B 06 00 00 02 58
................X

************************************************************************
***********************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr
19 18.655373 000103E84BA3 LOCAL RADIUS Message Type: Access Request
(1) CiscoAP IASSERVER IP

+ FRAME: Base frame properties
+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 35925; Total IP Length
= 185; Options = No Options
+ UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 165
(0xA5)
RADIUS: Message Type: Access Request(1)
RADIUS: Message Type = Access Request
RADIUS: Identifier = 123 (0x7B)
RADIUS: Length = 157 (0x9D)
RADIUS: Authenticator = 47 6A 04 C8 D5 9E 3C 72 16 21 14 AC 5E 64
FC 6A
RADIUS: Attribute Type: User Name(1)
RADIUS: Attribute type = User Name
RADIUS: Attribute length = 29 (0x1D)
RADIUS: User name =
RADIUS: Attribute Type: Framed MTU(12)
RADIUS: Attribute type = Framed MTU
RADIUS: Attribute length = 6 (0x6)
RADIUS: Framed MTU = 1400 (0x578)
RADIUS: Attribute Type: Called Station ID(30)
RADIUS: Attribute type = Called Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Called station ID =000c.85db.bf45
RADIUS: Attribute Type: Calling Station ID(31)
RADIUS: Attribute type = Calling Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Calling station ID =000a.b7bb.026f
RADIUS: Attribute Type: ARAP Signature(80)
RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)
RADIUS: Signature =m-+ƦxB,R`"-ä-ea
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 34 (0x22)
RADIUS: EAP code = Response
RADIUS: EAP identifier = 5 (0x5)
RADIUS: EAP length = 32 (0x20)
RADIUS: EAP data = 01 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E
65 77 63 6F 73 70 61 72 65 73 2E 63 6F 6D
RADIUS: Attribute Type: NAS Port Type(61)
RADIUS: Attribute type = NAS Port Type
RADIUS: Attribute length = 6 (0x6)

page 19


Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

RADIUS: NAS port type = Virtual
RADIUS: Attribute Type: NAS Port(5)
RADIUS: Attribute type = NAS Port
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS port = 264 (0x108)
RADIUS: Attribute Type: NAS IP Address(4)
RADIUS: Attribute type = NAS IP Address
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS IP address = 192.168.92.2

00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
£..E.
00010: 00 B9 8C 55 00 00 FE 11 FA 73 C0 A8 5C 02 C0 A8 .¹?U..þ.úsÀ¨
\.ˬ
00020: 58 17 06 6D 07 14 00 A5 52 C1 01 7B 00 9D 47 6A X..m...¥RÁ.
{.Gj
00030: 04 C8 D5 9E 3C 72 16 21 14 AC 5E 64 FC 6A 01 1D .ÈÕ?<r.!.
¬^düj..
00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

************************************************************************
**************************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr
20 18.670998 LOCAL 000103E84BA3 RADIUS Message Type: Access
Challenge(11) IASSERVER CiscoAP IP

+ FRAME: Base frame properties
+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 35235; Total IP Length
= 104; Options = No Options
+ UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 84
(0x54)
RADIUS: Message Type: Access Challenge(11)
RADIUS: Message Type = Access Challenge
RADIUS: Identifier = 123 (0x7B)
RADIUS: Length = 76 (0x4C)
RADIUS: Authenticator = 8D 00 F5 BB 80 37 44 B4 9A FC 4B A1 12 4C
45 43
RADIUS: Attribute Type: Session Timeout(27)
RADIUS: Attribute type = Session Timeout
RADIUS: Attribute length = 6 (0x6)
RADIUS: Session timeout(seconds) = 30 (0x1E)
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 8 (0x8)
RADIUS: EAP code = Request
RADIUS: EAP identifier = 6 (0x6)
RADIUS: EAP length = 6 (0x6)
RADIUS: EAP data = 0D 20
RADIUS: Attribute Type: State(24)
RADIUS: Attribute type = State
RADIUS: Attribute length = 24 (0x18)
RADIUS: State =¦|
RADIUS: Attribute Type: ARAP Signature(80)
RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)
RADIUS: Signature =+xs·H%_FC~fn¿

00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
«g...E.
00010: 00 68 89 A3 00 00 80 11 7B 77 C0 A8 58 17 C0 A8 .h?£..?.
{wˬX.ˬ
00020: 5C 02 07 14 06 6D 00 54 57 7B 0B 7B 00 4C 8D 00 \....m.TW{.
{.L.
00030: F5 BB 80 37 44 B4 9A FC 4B A1 12 4C 45 43 1B 06 õ»?7D´?
üK¡.LEC..

page 20


Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

00040: 00 00 00 1E 4F 08 01 06 00 06 0D 20 18 18 1C DB ....O......
....Û

************************************************************************
***********************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr
21 18.702248 000103E84BA3 LOCAL RADIUS Message Type: Access Request
(1) CiscoAP IASSERVER IP

+ FRAME: Base frame properties
+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 35955; Total IP Length
= 289; Options = No Options
+ UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 269
(0x10D)
RADIUS: Message Type: Access Request(1)
RADIUS: Message Type = Access Request
RADIUS: Identifier = 124 (0x7C)
RADIUS: Length = 261 (0x105)
RADIUS: Authenticator = 6E BD BC 4F A6 FE 89 32 52 87 BA A6 AB 0E
07 CC
RADIUS: Attribute Type: User Name(1)
RADIUS: Attribute type = User Name
RADIUS: Attribute length = 29 (0x1D)
RADIUS: User name =
RADIUS: Attribute Type: Framed MTU(12)
RADIUS: Attribute type = Framed MTU
RADIUS: Attribute length = 6 (0x6)
RADIUS: Framed MTU = 1400 (0x578)
RADIUS: Attribute Type: Called Station ID(30)
RADIUS: Attribute type = Called Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Called station ID =000c.85db.bf45
RADIUS: Attribute Type: Calling Station ID(31)
RADIUS: Attribute type = Calling Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Calling station ID =000a.b7bb.026f
RADIUS: Attribute Type: ARAP Signature(80)
RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)
RADIUS: Signature =D§û$V'¦GM¬¦C+ó
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 114 (0x72)
RADIUS: EAP code = Response
RADIUS: EAP identifier = 6 (0x6)
RADIUS: EAP length = 112 (0x70)
RADIUS: EAP data = 0D 80 00 00 00 66 16 03 01 00 61 01 00 00
5D 03 01 3F 42 78 E5 D1 2A 3A EE 5F 67 D4 A1 89 AE 17 58 B2 5F DA 05 E9
02...
RADIUS: Attribute Type: NAS Port Type(61)
RADIUS: Attribute type = NAS Port Type
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS port type = Virtual
RADIUS: Attribute Type: NAS Port(5)
RADIUS: Attribute type = NAS Port
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS port = 264 (0x108)
RADIUS: Attribute Type: State(24)
RADIUS: Attribute type = State
RADIUS: Attribute length = 24 (0x18)

page 21


Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

RADIUS: State =¦|
RADIUS: Attribute Type: NAS IP Address(4)
RADIUS: Attribute type = NAS IP Address
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS IP address = 192.168.92.2

00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
£..E.
00010: 01 21 8C 73 00 00 FE 11 F9 ED C0 A8 5C 02 C0 A8 .!?s..þ.ùíÀ¨
\.ˬ
00020: 58 17 06 6D 07 14 01 0D A1 7D 01 7C 01 05 6E BD X..m....¡}.
|..n½
00030: BC 4F A6 FE 89 32 52 87 BA A6 AB 0E 07 CC 01 1D ¼O¦þ?2R?º¦
«..Ì..
00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

************************************************************************
**************************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr
22 18.702248 LOCAL 000103E84BA3 RADIUS Message Type: Access
Challenge(11) IASSERVER CiscoAP IP

+ FRAME: Base frame properties
+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 35237; Total IP Length
= 230; Options = No Options
+ UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 210
(0xD2)
RADIUS: Message Type: Access Challenge(11)
RADIUS: Message Type = Access Challenge
RADIUS: Identifier = 124 (0x7C)
RADIUS: Length = 202 (0xCA)
RADIUS: Authenticator = AD D5 0B A8 46 51 18 A5 1A 1C 54 5D AB 98
82 0A
RADIUS: Attribute Type: Session Timeout(27)
RADIUS: Attribute type = Session Timeout
RADIUS: Attribute length = 6 (0x6)
RADIUS: Session timeout(seconds) = 30 (0x1E)
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 134 (0x86)
RADIUS: EAP code = Request
RADIUS: EAP identifier = 7 (0x7)
RADIUS: EAP length = 132 (0x84)
RADIUS: EAP data = 0D 80 00 00 00 7A 16 03 01 00 4A 02 00 00
46 03 01 3F 42 78 E5 42 6D 2F 75 0A 7D C3 EC AD E5 F0 3F 2F 42 E0 0A 6F
D4...
RADIUS: Attribute Type: State(24)
RADIUS: Attribute type = State
RADIUS: Attribute length = 24 (0x18)
RADIUS: State =¦|
RADIUS: Attribute Type: ARAP Signature(80)
RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)
RADIUS: Signature =¦+t!Y;Y+hIQnY

00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
«g...E.
00010: 00 E6 89 A5 00 00 80 11 7A F7 C0 A8 58 17 C0 A8 .æ?
¥..?.z÷À¨X.À¨
00020: 5C 02 07 14 06 6D 00 D2 EF EC 0B 7C 00 CA AD D5 \....m.Òïì.
|.Ê­Õ
00030: 0B A8 46 51 18 A5 1A 1C 54 5D AB 98 82 0A 1B 06 .¨FQ.¥..T]
«??...
00040: 00 00 00 1E 4F 86 01 07 00 84 0D 80 00 00 00 7A
.....O?...?.?...z

************************************************************************
***********************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr

page 22


Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

23 18.780373 000103E84BA3 LOCAL RADIUS Message Type: Access Request
(1) CiscoAP IASSERVER IP

+ FRAME: Base frame properties
+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 36001; Total IP Length
= 230; Options = No Options
+ UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 210
(0xD2)
RADIUS: Message Type: Access Request(1)
RADIUS: Message Type = Access Request
RADIUS: Identifier = 125 (0x7D)
RADIUS: Length = 202 (0xCA)
RADIUS: Authenticator = BA A4 A6 21 27 9F D4 16 D5 FC 9B C8 C3 4A
86 07
RADIUS: Attribute Type: User Name(1)
RADIUS: Attribute type = User Name
RADIUS: Attribute length = 29 (0x1D)
RADIUS: User name =
RADIUS: Attribute Type: Framed MTU(12)
RADIUS: Attribute type = Framed MTU
RADIUS: Attribute length = 6 (0x6)
RADIUS: Framed MTU = 1400 (0x578)
RADIUS: Attribute Type: Called Station ID(30)
RADIUS: Attribute type = Called Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Called station ID =000c.85db.bf45
RADIUS: Attribute Type: Calling Station ID(31)
RADIUS: Attribute type = Calling Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Calling station ID =000a.b7bb.026f
RADIUS: Attribute Type: ARAP Signature(80)
RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)
RADIUS: Signature =8+6`C*¼+"n:ü<H
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 55 (0x37)
RADIUS: EAP code = Response
RADIUS: EAP identifier = 7 (0x7)
RADIUS: EAP length = 53 (0x35)
RADIUS: EAP data = 0D 80 00 00 00 2B 14 03 01 00 01 01 16 03
01 00 20 5B F6 6F 17 25 F5 87 EA 0C 94 27 6E B9 05 5B 5A 9E 43 21 9E 63
4A...
RADIUS: Attribute Type: NAS Port Type(61)
RADIUS: Attribute type = NAS Port Type
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS port type = Virtual
RADIUS: Attribute Type: NAS Port(5)
RADIUS: Attribute type = NAS Port
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS port = 264 (0x108)
RADIUS: Attribute Type: State(24)
RADIUS: Attribute type = State
RADIUS: Attribute length = 24 (0x18)
RADIUS: State =¦|
RADIUS: Attribute Type: NAS IP Address(4)
RADIUS: Attribute type = NAS IP Address
RADIUS: Attribute length = 6 (0x6)

page 23


Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

RADIUS: NAS IP address = 192.168.92.2

00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
£..E.
00010: 00 E6 8C A1 00 00 FE 11 F9 FA C0 A8 5C 02 C0 A8 .æ?¡..þ.ùúÀ¨
\.ˬ
00020: 58 17 06 6D 07 14 00 D2 28 A7 01 7D 00 CA BA A4 X..m...Ò
(§.}.ʺ¤
00030: A6 21 27 9F D4 16 D5 FC 9B C8 C3 4A 86 07 01 1D ¦!'?Ô.Õü?
ÈÃJ?...
00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

************************************************************************
**********************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr
24 18.795998 LOCAL 000103E84BA3 RADIUS Message Type: Access Accept
(2) IASSERVER CiscoAP IP

+ FRAME: Base frame properties
+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 35238; Total IP Length
= 238; Options = No Options
+ UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 218
(0xDA)
RADIUS: Message Type: Access Accept(2)
RADIUS: Message Type = Access Accept
RADIUS: Identifier = 125 (0x7D)
RADIUS: Length = 210 (0xD2)
RADIUS: Authenticator = FB 6C B8 BD 97 02 1B 69 57 F6 A9 E7 B1 28
A1 B4
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 6 (0x6)
RADIUS: EAP code = Success
RADIUS: EAP identifier = 8 (0x8)
RADIUS: EAP length = 4 (0x4)
RADIUS: EAP data =
RADIUS: Attribute Type: Service Type(6)
RADIUS: Attribute type = Service Type
RADIUS: Attribute length = 6 (0x6)
RADIUS: Service type = Framed
RADIUS: Attribute Type: Session Timeout(27)
RADIUS: Attribute type = Session Timeout
RADIUS: Attribute length = 6 (0x6)
RADIUS: Session timeout(seconds) = 600 (0x258)
RADIUS: Attribute Type: Termination Action(29)
RADIUS: Attribute type = Termination Action
RADIUS: Attribute length = 6 (0x6)
RADIUS: Termination action = RADIUS Request
RADIUS: Attribute Type: Vendor Specific(26)
RADIUS: Attribute type = Vendor Specific
RADIUS: Attribute length = 58 (0x3A)
RADIUS: Vendor ID = 311 (0x137)
RADIUS: Vendor string =4ìfV#·(4-àn [email protected]`ljÿÇÿê-+)
+_=¦¬r=¶&W~¦{¦<+`T~ ¡iè
RADIUS: Attribute Type: Vendor Specific(26)
RADIUS: Attribute type = Vendor Specific
RADIUS: Attribute length = 58 (0x3A)
RADIUS: Vendor ID = 311 (0x137)
RADIUS: Vendor string =4ìeA-*¦<D=¦+e-g[ëö;=-R-£*¦¤!¡:5}}
stS_»+- -~(--e
RADIUS: Attribute Type: Class(25)
RADIUS: Attribute type = Class
RADIUS: Attribute length = 32 (0x20)

page 24


Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

RADIUS: Class =D¦+
RADIUS: Attribute Type: ARAP Signature(80)
RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)
RADIUS: Signature =cóç¦î·)+=¯Y«8

00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
«g...E.
00010: 00 EE 89 A6 00 00 80 11 7A EE C0 A8 58 17 C0 A8 .î?
¦..?.zîÀ¨X.À¨
00020: 5C 02 07 14 06 6D 00 DA 88 D6 02 7D 00 D2 FB 6C \....m.Ú?
Ö.}.Òûl
00030: B8 BD 97 02 1B 69 57 F6 A9 E7 B1 28 A1 B4 4F 06 ¸½?..iWö©ç±(¡
´O.
00040: 03 08 00 04 06 06 00 00 00 02 1B 06 00 00 02 58
................X

************************************************************************
***********************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr
25 20.311623 000103E84BA3 LOCAL RADIUS Message Type: Access Request
(1) CiscoAP IASSERVER IP

+ FRAME: Base frame properties
+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 36056; Total IP Length
= 185; Options = No Options
+ UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 165
(0xA5)
RADIUS: Message Type: Access Request(1)
RADIUS: Message Type = Access Request
RADIUS: Identifier = 126 (0x7E)
RADIUS: Length = 157 (0x9D)
RADIUS: Authenticator = 9A 6F E5 4C FE B8 D6 47 B7 14 05 D6 2D 3E
53 62
RADIUS: Attribute Type: User Name(1)
RADIUS: Attribute type = User Name
RADIUS: Attribute length = 29 (0x1D)
RADIUS: User name =
RADIUS: Attribute Type: Framed MTU(12)
RADIUS: Attribute type = Framed MTU
RADIUS: Attribute length = 6 (0x6)
RADIUS: Framed MTU = 1400 (0x578)
RADIUS: Attribute Type: Called Station ID(30)
RADIUS: Attribute type = Called Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Called station ID =000c.85db.bf45
RADIUS: Attribute Type: Calling Station ID(31)
RADIUS: Attribute type = Calling Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Calling station ID =000a.b7bb.026f
RADIUS: Attribute Type: ARAP Signature(80)
RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)
RADIUS: Signature =p2GP&+ì=Y¦
µ¦¥à
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 34 (0x22)
RADIUS: EAP code = Response
RADIUS: EAP identifier = 6 (0x6)
RADIUS: EAP length = 32 (0x20)
RADIUS: EAP data = 01 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E
65 77 63 6F 73 70 61 72 65 73 2E 63 6F 6D
RADIUS: Attribute Type: NAS Port Type(61)

page 25


Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

RADIUS: Attribute type = NAS Port Type
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS port type = Virtual
RADIUS: Attribute Type: NAS Port(5)
RADIUS: Attribute type = NAS Port
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS port = 264 (0x108)
RADIUS: Attribute Type: NAS IP Address(4)
RADIUS: Attribute type = NAS IP Address
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS IP address = 192.168.92.2

00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
£..E.
00010: 00 B9 8C D8 00 00 FE 11 F9 F0 C0 A8 5C 02 C0 A8 .¹?Ø..þ.ùðÀ¨
\.ˬ
00020: 58 17 06 6D 07 14 00 A5 2D 70 01 7E 00 9D 9A 6F X..m...¥-p.
~.?o
00030: E5 4C FE B8 D6 47 B7 14 05 D6 2D 3E 53 62 01 1D åLþ¸ÖG·..Ö->
Sb..
00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

************************************************************************
**************************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr
26 20.327248 LOCAL 000103E84BA3 RADIUS Message Type: Access
Challenge(11) IASSERVER CiscoAP IP

+ FRAME: Base frame properties
+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 35269; Total IP Length
= 104; Options = No Options
+ UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 84
(0x54)
RADIUS: Message Type: Access Challenge(11)
RADIUS: Message Type = Access Challenge
RADIUS: Identifier = 126 (0x7E)
RADIUS: Length = 76 (0x4C)
RADIUS: Authenticator = 48 CA E1 F4 94 6F 15 72 24 DA 0A CC 63 DD
5D 56
RADIUS: Attribute Type: Session Timeout(27)
RADIUS: Attribute type = Session Timeout
RADIUS: Attribute length = 6 (0x6)
RADIUS: Session timeout(seconds) = 30 (0x1E)
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 8 (0x8)
RADIUS: EAP code = Request
RADIUS: EAP identifier = 7 (0x7)
RADIUS: EAP length = 6 (0x6)
RADIUS: EAP data = 0D 20
RADIUS: Attribute Type: State(24)
RADIUS: Attribute type = State
RADIUS: Attribute length = 24 (0x18)
RADIUS: State =_}
RADIUS: Attribute Type: ARAP Signature(80)
RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)
RADIUS: Signature =ÇçÆÖ¦˜+-å_¬Ñÿi

00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
«g...E.
00010: 00 68 89 C5 00 00 80 11 7B 55 C0 A8 58 17 C0 A8 .h?Å..?.
{UˬX.ˬ

page 26


Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

00020: 5C 02 07 14 06 6D 00 54 C9 7B 0B 7E 00 4C 48 CA \....m.TÉ{.
~.LHÊ
00030: E1 F4 94 6F 15 72 24 DA 0A CC 63 DD 5D 56 1B 06 áô?o.r$Ú.ÌcÝ]
V..
00040: 00 00 00 1E 4F 08 01 07 00 06 0D 20 18 18 1C DC ....O......
....Ü

************************************************************************
***********************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr
27 21.545998 000103E84BA3 LOCAL RADIUS Message Type: Access Request
(1) CiscoAP IASSERVER IP

+ FRAME: Base frame properties
+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 36086; Total IP Length
= 289; Options = No Options
+ UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 269
(0x10D)
RADIUS: Message Type: Access Request(1)
RADIUS: Message Type = Access Request
RADIUS: Identifier = 127 (0x7F)
RADIUS: Length = 261 (0x105)
RADIUS: Authenticator = CB 60 D8 3B FD 15 8A CE 5B 93 35 F5 F2 A8
77 1C
RADIUS: Attribute Type: User Name(1)
RADIUS: Attribute type = User Name
RADIUS: Attribute length = 29 (0x1D)
RADIUS: User name =
RADIUS: Attribute Type: Framed MTU(12)
RADIUS: Attribute type = Framed MTU
RADIUS: Attribute length = 6 (0x6)
RADIUS: Framed MTU = 1400 (0x578)
RADIUS: Attribute Type: Called Station ID(30)
RADIUS: Attribute type = Called Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Called station ID =000c.85db.bf45
RADIUS: Attribute Type: Calling Station ID(31)
RADIUS: Attribute type = Calling Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Calling station ID =000a.b7bb.026f
RADIUS: Attribute Type: ARAP Signature(80)
RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)
RADIUS: Signature =é/-`%~e¦8|¦É((-
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 114 (0x72)
RADIUS: EAP code = Response
RADIUS: EAP identifier = 7 (0x7)
RADIUS: EAP length = 112 (0x70)
RADIUS: EAP data = 0D 80 00 00 00 66 16 03 01 00 61 01 00 00
5D 03 01 3F 42 78 E7 71 31 B0 2F 01 0C A5 E5 23 FF 75 21 E7 E7 7D 66 8F
32...
RADIUS: Attribute Type: NAS Port Type(61)
RADIUS: Attribute type = NAS Port Type
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS port type = Virtual
RADIUS: Attribute Type: NAS Port(5)
RADIUS: Attribute type = NAS Port
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS port = 264 (0x108)
RADIUS: Attribute Type: State(24)

page 27


Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

RADIUS: Attribute type = State
RADIUS: Attribute length = 24 (0x18)
RADIUS: State =_}
RADIUS: Attribute Type: NAS IP Address(4)
RADIUS: Attribute type = NAS IP Address
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS IP address = 192.168.92.2

00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
£..E.
00010: 01 21 8C F6 00 00 FE 11 F9 6A C0 A8 5C 02 C0 A8 .!?ö..þ.ùjÀ¨
\.ˬ
00020: 58 17 06 6D 07 14 01 0D 80 C3 01 7F 01 05 CB 60 X..m....?
Ã...Ë`
00030: D8 3B FD 15 8A CE 5B 93 35 F5 F2 A8 77 1C 01 1D Ø;ý.?Î[?
5õò¨w...
00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

************************************************************************
**************************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr
28 21.545998 LOCAL 000103E84BA3 RADIUS Message Type: Access
Challenge(11) IASSERVER CiscoAP IP

+ FRAME: Base frame properties
+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 35288; Total IP Length
= 230; Options = No Options
+ UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 210
(0xD2)
RADIUS: Message Type: Access Challenge(11)
RADIUS: Message Type = Access Challenge
RADIUS: Identifier = 127 (0x7F)
RADIUS: Length = 202 (0xCA)
RADIUS: Authenticator = 98 71 CB 94 5C D1 88 C0 BA A8 11 15 DE 1C
B4 2F
RADIUS: Attribute Type: Session Timeout(27)
RADIUS: Attribute type = Session Timeout
RADIUS: Attribute length = 6 (0x6)
RADIUS: Session timeout(seconds) = 30 (0x1E)
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 134 (0x86)
RADIUS: EAP code = Request
RADIUS: EAP identifier = 8 (0x8)
RADIUS: EAP length = 132 (0x84)
RADIUS: EAP data = 0D 80 00 00 00 7A 16 03 01 00 4A 02 00 00
46 03 01 3F 42 78 E7 D2 93 73 A7 1A 78 09 B9 5E BC 3C 4E 49 B3 9C 06 35
6C...
RADIUS: Attribute Type: State(24)
RADIUS: Attribute type = State
RADIUS: Attribute length = 24 (0x18)
RADIUS: State =_}
RADIUS: Attribute Type: ARAP Signature(80)
RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)
RADIUS: Signature =¦^M.úKÑ-¢á
RADIUS: ¯v


00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
«g...E.
00010: 00 E6 89 D8 00 00 80 11 7A C4 C0 A8 58 17 C0 A8 .æ?
Ø..?.zÄÀ¨X.À¨
00020: 5C 02 07 14 06 6D 00 D2 45 D7 0B 7F 00 CA 98 71
\....m.ÒE×..Ê?q
00030: CB 94 5C D1 88 C0 BA A8 11 15 DE 1C B4 2F 1B 06 Ë?\Ñ?Àº¨..Þ.
´/..
00040: 00 00 00 1E 4F 86 01 08 00 84 0D 80 00 00 00 7A
.....O?...?.?...z

page 28


Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt


************************************************************************
***********************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr
29 23.139748 000103E84BA3 LOCAL RADIUS Message Type: Access Request
(1) CiscoAP IASSERVER IP

+ FRAME: Base frame properties
+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 36132; Total IP Length
= 230; Options = No Options
+ UDP: Src Port: Unknown (1645); Dst Port: Unknown (1812); Length = 210
(0xD2)
RADIUS: Message Type: Access Request(1)
RADIUS: Message Type = Access Request
RADIUS: Identifier = 128 (0x80)
RADIUS: Length = 202 (0xCA)
RADIUS: Authenticator = 56 49 BB A0 DB 6A D6 F5 08 4D 47 C2 BC 57
33 28
RADIUS: Attribute Type: User Name(1)
RADIUS: Attribute type = User Name
RADIUS: Attribute length = 29 (0x1D)
RADIUS: User name =
RADIUS: Attribute Type: Framed MTU(12)
RADIUS: Attribute type = Framed MTU
RADIUS: Attribute length = 6 (0x6)
RADIUS: Framed MTU = 1400 (0x578)
RADIUS: Attribute Type: Called Station ID(30)
RADIUS: Attribute type = Called Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Called station ID =000c.85db.bf45
RADIUS: Attribute Type: Calling Station ID(31)
RADIUS: Attribute type = Calling Station ID
RADIUS: Attribute length = 16 (0x10)
RADIUS: Calling station ID =000a.b7bb.026f
RADIUS: Attribute Type: ARAP Signature(80)
RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)
RADIUS: Signature =+»Ff42¦+Y 2j
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 55 (0x37)
RADIUS: EAP code = Response
RADIUS: EAP identifier = 8 (0x8)
RADIUS: EAP length = 53 (0x35)
RADIUS: EAP data = 0D 80 00 00 00 2B 14 03 01 00 01 01 16 03
01 00 20 EF 8D 18 77 D9 FE 12 42 13 9B 95 9D 02 AB 87 D1 2E 5A 8F 04 EB
4B...
RADIUS: Attribute Type: NAS Port Type(61)
RADIUS: Attribute type = NAS Port Type
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS port type = Virtual
RADIUS: Attribute Type: NAS Port(5)
RADIUS: Attribute type = NAS Port
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS port = 264 (0x108)
RADIUS: Attribute Type: State(24)
RADIUS: Attribute type = State
RADIUS: Attribute length = 24 (0x18)
RADIUS: State =_}

page 29


Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

RADIUS: Attribute Type: NAS IP Address(4)
RADIUS: Attribute type = NAS IP Address
RADIUS: Attribute length = 6 (0x6)
RADIUS: NAS IP address = 192.168.92.2

00000: 00 B0 D0 AB 67 0C 00 01 03 E8 4B A3 08 00 45 00 .°Ð«g....èK
£..E.
00010: 00 E6 8D 24 00 00 FE 11 F9 77 C0 A8 5C 02 C0 A8 .æ$..þ.ùwÀ¨
\.ˬ
00020: 58 17 06 6D 07 14 00 D2 45 53 01 80 00 CA 56 49
X..m...ÒES.?.ÊVI
00030: BB A0 DB 6A D6 F5 08 4D 47 C2 BC 57 33 28 01 1D » ÛjÖõ.MG¼W3
(..
00040: 73 74 65 76 65 2E 66 72 61 6E 6B 40 6E 65 77 63 [email protected]

************************************************************************
**********************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr
30 23.155373 LOCAL 000103E84BA3 RADIUS Message Type: Access Accept
(2) IASSERVER CiscoAP IP

+ FRAME: Base frame properties
+ ETHERNET: EType = Internet IP (IPv4)
+ IP: Protocol = UDP - User Datagram; Packet ID = 35315; Total IP Length
= 238; Options = No Options
+ UDP: Src Port: Unknown (1812); Dst Port: Unknown (1645); Length = 218
(0xDA)
RADIUS: Message Type: Access Accept(2)
RADIUS: Message Type = Access Accept
RADIUS: Identifier = 128 (0x80)
RADIUS: Length = 210 (0xD2)
RADIUS: Authenticator = 28 E1 2A E5 B8 22 F1 B1 C5 42 C6 AF A8 A0
C2 36
RADIUS: Attribute Type: ARAP EAP Message(79)
RADIUS: Attribute type = ARAP EAP Message
RADIUS: Attribute length = 6 (0x6)
RADIUS: EAP code = Success
RADIUS: EAP identifier = 9 (0x9)
RADIUS: EAP length = 4 (0x4)
RADIUS: EAP data =
RADIUS: Attribute Type: Service Type(6)
RADIUS: Attribute type = Service Type
RADIUS: Attribute length = 6 (0x6)
RADIUS: Service type = Framed
RADIUS: Attribute Type: Session Timeout(27)
RADIUS: Attribute type = Session Timeout
RADIUS: Attribute length = 6 (0x6)
RADIUS: Session timeout(seconds) = 600 (0x258)
RADIUS: Attribute Type: Termination Action(29)
RADIUS: Attribute type = Termination Action
RADIUS: Attribute length = 6 (0x6)
RADIUS: Termination action = RADIUS Request
RADIUS: Attribute Type: Vendor Specific(26)
RADIUS: Attribute type = Vendor Specific
RADIUS: Attribute length = 58 (0x3A)
RADIUS: Vendor ID = 311 (0x137)
RADIUS: Vendor string =4ìnµ_ᘧR+4˜-x+&¦f0§F.
+á+ÅDÅ+íúüaP>+
·
âA+W+ä_
RADIUS: Attribute Type: Vendor Specific(26)
RADIUS: Attribute type = Vendor Specific
RADIUS: Attribute length = 58 (0x3A)
RADIUS: Vendor ID = 311 (0x137)
RADIUS: Vendor string =4ì=[R¯[BY£o¶±_¬¦8
}ï¦öJ½+
í+)8*

Network Monitor trace Tue 08/19/03 14:42:57 Captur 3.txt

RADIUS: [email protected]
héEêG-¥
RADIUS: Attribute Type: Class(25)
RADIUS: Attribute type = Class
RADIUS: Attribute length = 32 (0x20)
RADIUS: Class =D++
RADIUS: Attribute Type: ARAP Signature(80)
RADIUS: Attribute type = ARAP Signature
RADIUS: Attribute length = 18 (0x12)
RADIUS: Signature =± ¦mN\++sz¦àj0

00000: 00 01 03 E8 4B A3 00 B0 D0 AB 67 0C 08 00 45 00 ...èK£.°Ð
«g...E.
00010: 00 EE 89 F3 00 00 80 11 7A A1 C0 A8 58 17 C0 A8 .î?ó..?.z¡
ˬX.ˬ
00020: 5C 02 07 14 06 6D 00 DA 16 EE 02 80 00 D2 28 E1 \....m.Ú.î.?.Ò
(á
00030: 2A E5 B8 22 F1 B1 C5 42 C6 AF A8 A0 C2 36 4F 06
*å¸"ñ±ÅBƯ¨ Â6O.
00040: 03 09 00 04 06 06 00 00 00 02 1B 06 00 00 02 58
................X

************************************************************************
****************
Frame Time Src MAC Addr Dst MAC Addr Protocol Description Src
Other Addr Dst Other Addr Type Other Addr
31 0.000000 XEROX 000000 XEROX 000000 STATS Number of Frames
Captured = 30

+ FRAME: Base frame properties
+ ETHERNET: 802.3, DataLength = 130
+ LLC: Unnumbered (U) Frame, Command Frame, DSAP = Sub-Network Access
Protocol (SNAP), SSAP = Sub-Network Access Protocol (SNAP)
+ SNAP: Etype = 0x1984; Organization Code = 0x000000
+ TRAIL: FRAME TYPE = Capture Statistics
+ STATS: Number of Frames Captured = 30

00000: 00 00 00 00 00 00 00 00 00 00 00 00 00 82 AA AA .............?
ªª
00010: 03 00 00 00 19 84 24 4D 53 54 00 00 00 00 67 00 .....?
$MST....g.
00020: 00 00 5C 00 20 00 00 00 6B 6B C2 01 00 00 00 00 ..\.
....kkÂ.....
00030: 1E 00 00 00 90 1A 00 00 1E 00 00 00 90 1A 00 00
...............
00040: 00 00 00 00 00 00 00 00 83 02 00 00 EB 59 01 00
.........?...ëY..

 

One other thing, if I set the IAS Profile to have no timeout (unlimited),
my client is still reauthenticating as fast as it can. It's almost as if
the AP is saying "I didn't get a value from the RADIUS server, so it's
zero".

 

the radius server is sending the right value from
the sniff:
RADIUS: Attribute Type: Session Timeout(27)
RADIUS: Attribute type = Session Timeout
RADIUS: Attribute length = 6 (0x6)
RADIUS: Session timeout(seconds) = 600 (0x258)

the value sent is 600 seconds which corresponds to 10 mn as you configured

so this is for sure the AP who is not honoring the session timeout and
setting it ( not to 0, if it was 0 you will not reauth, but setting it to
something like 6 seconds)
the AP is misbehaving: either you need to update the BIOS or this is a bug

 

Hmm...I'm not convinced totally. I'm going to try some more things and
report back here. I'm not the first person to try this combination as
well. I'll work with Cisco directly and post back to hopefully save
someone some headaches in the future. Thanks for your help thus far.

 

I'll keep posting. I tried downgrading the AP to IOS 12.2(8)JA, and didn't
see it improve. In fact, the client seemed to be re-authenticating even
faster than before!

 

I found it!

I've made so many rudimentary errors in doing this that I'm almost
embarrased to admit it in public.

During all my attempts to get the EAP stuff working in the first place,
I tried way too many things and should have started over from scratch
before I pursued this problem.

The reason my client was reauthenticating every second is because I,
stupid as can be, told it to. On the Cisco AP under Security>Advanced
Security>EAP Authentication, I had set the 802.11b radio to ignore the
reauthentication interval sent by the RADIUS server, and I had set the
interval to 1. At one point, I thought this had something to do with
reaching the RADIUS server and wanted to lower what I, at the time,
thought was a timeout value. Ignorance is not blissful in this case.
As my boss says, ignorance is curable, stupid is for life. I'd have to
say it appeared this was nearly for life.

I am having another issue using a computer certificate to get access,
but I'm going to experiment before I cry for help on that one. Suffice
it to say I'm thrilled to be past this.

Vo

 

great to here this
let me know if you need help with the cert issue

by the way there a tech chat about IAS PEAP, and wireless you might be
interested information below



--

This posting is provided "AS IS", with NO warranties and confers NO rights

Upcoming Event: Tech Chat about "Secure Wireless authentication using IAS,
PEAP and EAP"
on September 25th at 10AM PT
http://communities2.microsoft.com/home/chatroom.aspx?siteid=34000081