Cisco login and Windows 2003 SP1 IAS radius

Hi firends,

I have a problem which I try to solve for the past 4 days, and unable
to understand why this doesn't work.

I have a Cisco router running with the following commands:

aaa new-model
aaa authentication login default group radius local
aaa authorization exec default group radius if-authenticated
aaa session-id common
!
radius-server host 192.168.104.49 auth-port 1645 acct-port 1646 key 0
forradius
radius-server vsa send authentication


and an IAS configured as following:

Remote Access Policies

*if a connection request matches the specified conditions:

-----
Edit Profile...

specification for vendor specific attributes.

***
This is the only Remote Access Policy I have, and it's order is 1
(because its the only one LOL)
***
Now... When I try to login to the cisco router I get "Access Denied"
and I started debugging:

At the "Event Viewer" I see this:

User ciscoa was denied access.
Fully-Qualified-User-Name = DOMAIN\ciscoa
NAS-IP-Address = 192.168.104.50
NAS-Identifier = <not present>
Called-Station-Identifier = <not present>
Calling-Station-Identifier = 192.168.104.49
Client-Friendly-Name = C1841
Client-IP-Address = 192.168.104.50
NAS-Port-Type = Virtual
NAS-Port = 195
Proxy-Policy-Name = Use Windows authentication for all users
Authentication-Provider = Windows
Authentication-Server = <undetermined>
Policy-Name = <undetermined>
Authentication-Type = PAP
EAP-Type = <undetermined>
Reason-Code = 16
Reason = Authentication was not successful because an unknown user
name or incorrect password was used.

Now... the Reason is... in no chance!!! the wrong use of user/pass!! I
checked and dubbled checked the user/pass and it's not the reason, not
in this lifetime!

I also checked the user properties to make sure I checked:
Dial-in tab

And yeap, it is checked!

***
So... I started sniffing, used Ethereal for sniffing and saw this:

No. Time Source Destination
Protocol Info
10 5.699731 192.168.104.50 192.168.104.49 RADIUS
Access-Request(1) (id=52, l=133)

Frame 10 (175 bytes on wire, 175 bytes captured)
Arrival Time: Apr 15, 2006 16:00:46.848414000
Time delta from previous packet: 3.929897000 seconds
Time since reference or first frame: 5.699731000 seconds
Frame Number: 10
Packet Length: 175 bytes
Capture Length: 175 bytes
Protocols in frame: eth:ip:udp:radius
Ethernet II, Src: 212.143.37.86 (00:12:80:7a:6d:cf), Dst:
192.168.104.49 (00:20:ed:8e:bf:ba)
Destination: 192.168.104.49 (00:20:ed:8e:bf:ba)
Source: 212.143.37.86 (00:12:80:7a:6d:cf)
Type: IP (0x0800)
Internet Protocol, Src: 192.168.104.50 (192.168.104.50), Dst:
192.168.104.49 (192.168.104.49)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 161
Identification: 0x092e (2350)
Flags: 0x00
0... = Reserved bit: Not set
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 254
Protocol: UDP (0x11)
Header checksum: 0x9b2b [correct]
Source: 192.168.104.50 (192.168.104.50)
Destination: 192.168.104.49 (192.168.104.49)
User Datagram Protocol, Src Port: 1645 (1645), Dst Port: 1645 (1645)
Source port: 1645 (1645)
Destination port: 1645 (1645)
Length: 141
Checksum: 0x1719 [correct]
Radius Protocol
Code: Access-Request (1)
Packet identifier: 0x34 (52)
Length: 133
Authenticator: 24B9B3D06A231136330F06BF52062304
Attribute Value Pairs
AVP: l=8 t=User-Name(1): ciscoa
Length: 6
User-Name: ciscoa
AVP: l=30 t=Reply-Message(18): Please enter your password:
Length: 28
Reply-Message: Please enter your password:
AVP: l=34 t=User-Password(2): Encrypted
Length: 32
User-Password:
C.qG\237;|\016m\343\271\[\3131\276+\\002\206\2321\023\026l{L\307\245\355\032\235
AVP: l=6 t=NAS-Port(5): 195
Length: 4
NAS-Port: 195
AVP: l=8 t=NAS-Port-Id(87): tty195
Length: 6
NAS-Port-Id: tty195
AVP: l=6 t=NAS-Port-Type(61): Virtual(5)
Length: 4
NAS-Port-Type: Virtual (5)
AVP: l=15 t=Calling-Station-Id(31): 192.168.104.49
Length: 13
Calling-Station-Id: 192.168.104.49
AVP: l=6 t=NAS-IP-Address(4): 192.168.104.50
Length: 4
NAS-IP-Address: 192.168.104.50 (192.168.104.50)

0000 00 20 ed 8e bf ba 00 12 80 7a 6d cf 08 00 45 00 .
........zm...E.
0010 00 a1 09 2e 00 00 fe 11 9b 2b d4 8f 49 81 d4 8f
..........+..I...
0020 25 52 06 6d 06 6d 00 8d 17 19 01 34 00 85 24 b9
%R.m.m.....4..$.
0030 b3 d0 6a 23 11 36 33 0f 06 bf 52 06 23 04 01 08
...j#.63...R.#...
0040 6d 6f 72 64 75 6b 12 1e 50 6c 65 61 73 65 20 65 ciscoa..Please
e
0050 6e 74 65 72 20 79 6f 75 72 20 70 61 73 73 77 6f nter your
passwo
0060 72 64 3a 20 02 22 43 2e 71 47 9f 3b 7c 0e 6d e3 rd:
.."C.qG.;|.m.
0070 b9 5c 5b cb 31 be 2b 5c 02 86 9a 31 13 16 6c 7b
..\[.1.+\...1..l{
0080 4c c7 a5 ed 1a 9d 05 06 00 00 00 c3 57 08 74 74
L...........W.tt
0090 79 31 39 35 3d 06 00 00 00 05 1f 0f 32 31 32 2e
y195=.......212.
00a0 31 34 33 2e 33 37 2e 38 32 04 06 d4 8f 49 81 143.37.82....I.

No. Time Source Destination
Protocol Info
11 5.728148 192.168.104.49 192.168.104.50 RADIUS
Access-Reject(3) (id=52, l=20)

Frame 11 (62 bytes on wire, 62 bytes captured)
Arrival Time: Apr 15, 2006 16:00:46.876831000
Time delta from previous packet: 0.028417000 seconds
Time since reference or first frame: 5.728148000 seconds
Frame Number: 11
Packet Length: 62 bytes
Capture Length: 62 bytes
Protocols in frame: eth:ip:udp:radius
Ethernet II, Src: 192.168.104.49 (00:20:ed:8e:bf:ba), Dst:
212.143.37.86 (00:12:80:7a:6d:cf)
Destination: 212.143.37.86 (00:12:80:7a:6d:cf)
Source: 192.168.104.49 (00:20:ed:8e:bf:ba)
Type: IP (0x0800)
Internet Protocol, Src: 192.168.104.49 (192.168.104.49), Dst:
192.168.104.50 (192.168.104.50)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 48
Identification: 0xcb67 (52071)
Flags: 0x00
0... = Reserved bit: Not set
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 128
Protocol: UDP (0x11)
Header checksum: 0x5763 [correct]
Source: 192.168.104.49 (192.168.104.49)
Destination: 192.168.104.50 (192.168.104.50)
User Datagram Protocol, Src Port: 1645 (1645), Dst Port: 1645 (1645)
Source port: 1645 (1645)
Destination port: 1645 (1645)
Length: 28
Checksum: 0x7afb [correct]
Radius Protocol
Code: Access-Reject (3)
Packet identifier: 0x34 (52)
Length: 20
Authenticator: 97FCA76742D0A0CDE44C256BAD2A82C1

0000 00 12 80 7a 6d cf 00 20 ed 8e bf ba 08 00 45 00 ...zm..
.......E.
0010 00 30 cb 67 00 00 80 11 57 63 d4 8f 25 52 d4 8f
..0.g....Wc..%R..
0020 49 81 06 6d 06 6d 00 1c 7a fb 03 34 00 14 97 fc
I..m.m..z..4....
0030 a7 67 42 d0 a0 cd e4 4c 25 6b ad 2a 82 c1 .gB....L%k.*..

***


This is so weird... and I am starting to feel that I am running out of
options... so any help will be appriciated... realy,

Thanks alot guys, I hope one of you knows how to solve this, + maybe
there is a connection to the 2003 server "Routing and Remote Access"
but I'm not realy sure.

Thanks again.


LORD-MORDUK

 

how about the NAS password ?
try re-enter radiuskeys in both ends

Hi firends,

I have a problem which I try to solve for the past 4 days, and unable
to understand why this doesn't work.

I have a Cisco router running with the following commands:

aaa new-model
aaa authentication login default group radius local
aaa authorization exec default group radius if-authenticated
aaa session-id common
!
radius-server host 192.168.104.49 auth-port 1645 acct-port 1646 key 0
forradius
radius-server vsa send authentication


and an IAS configured as following:

Remote Access Policies

*if a connection request matches the specified conditions:

-----
Edit Profile...

specification for vendor specific attributes.

***
This is the only Remote Access Policy I have, and it's order is 1
(because its the only one LOL)
***
Now... When I try to login to the cisco router I get "Access Denied"
and I started debugging:

At the "Event Viewer" I see this:

User ciscoa was denied access.
Fully-Qualified-User-Name = DOMAIN\ciscoa
NAS-IP-Address = 192.168.104.50
NAS-Identifier = <not present>
Called-Station-Identifier = <not present>
Calling-Station-Identifier = 192.168.104.49
Client-Friendly-Name = C1841
Client-IP-Address = 192.168.104.50
NAS-Port-Type = Virtual
NAS-Port = 195
Proxy-Policy-Name = Use Windows authentication for all users
Authentication-Provider = Windows
Authentication-Server = <undetermined>
Policy-Name = <undetermined>
Authentication-Type = PAP
EAP-Type = <undetermined>
Reason-Code = 16
Reason = Authentication was not successful because an unknown user
name or incorrect password was used.

Now... the Reason is... in no chance!!! the wrong use of user/pass!! I
checked and dubbled checked the user/pass and it's not the reason, not
in this lifetime!

I also checked the user properties to make sure I checked:
Dial-in tab

And yeap, it is checked!

***
So... I started sniffing, used Ethereal for sniffing and saw this:

No. Time Source Destination
Protocol Info
10 5.699731 192.168.104.50 192.168.104.49 RADIUS
Access-Request(1) (id=52, l=133)

Frame 10 (175 bytes on wire, 175 bytes captured)
Arrival Time: Apr 15, 2006 16:00:46.848414000
Time delta from previous packet: 3.929897000 seconds
Time since reference or first frame: 5.699731000 seconds
Frame Number: 10
Packet Length: 175 bytes
Capture Length: 175 bytes
Protocols in frame: eth:ip:udp:radius
Ethernet II, Src: 212.143.37.86 (00:12:80:7a:6d:cf), Dst:
192.168.104.49 (00:20:ed:8e:bf:ba)
Destination: 192.168.104.49 (00:20:ed:8e:bf:ba)
Source: 212.143.37.86 (00:12:80:7a:6d:cf)
Type: IP (0x0800)
Internet Protocol, Src: 192.168.104.50 (192.168.104.50), Dst:
192.168.104.49 (192.168.104.49)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 161
Identification: 0x092e (2350)
Flags: 0x00
0... = Reserved bit: Not set
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 254
Protocol: UDP (0x11)
Header checksum: 0x9b2b [correct]
Source: 192.168.104.50 (192.168.104.50)
Destination: 192.168.104.49 (192.168.104.49)
User Datagram Protocol, Src Port: 1645 (1645), Dst Port: 1645 (1645)
Source port: 1645 (1645)
Destination port: 1645 (1645)
Length: 141
Checksum: 0x1719 [correct]
Radius Protocol
Code: Access-Request (1)
Packet identifier: 0x34 (52)
Length: 133
Authenticator: 24B9B3D06A231136330F06BF52062304
Attribute Value Pairs
AVP: l=8 t=User-Name(1): ciscoa
Length: 6
User-Name: ciscoa
AVP: l=30 t=Reply-Message(18): Please enter your password:
Length: 28
Reply-Message: Please enter your password:
AVP: l=34 t=User-Password(2): Encrypted
Length: 32
User-Password:
C.qG\237;|\016m\343\271\[\3131\276+\\002\206\2321\023\026l{L\307\245\355\032
\235
AVP: l=6 t=NAS-Port(5): 195
Length: 4
NAS-Port: 195
AVP: l=8 t=NAS-Port-Id(87): tty195
Length: 6
NAS-Port-Id: tty195
AVP: l=6 t=NAS-Port-Type(61): Virtual(5)
Length: 4
NAS-Port-Type: Virtual (5)
AVP: l=15 t=Calling-Station-Id(31): 192.168.104.49
Length: 13
Calling-Station-Id: 192.168.104.49
AVP: l=6 t=NAS-IP-Address(4): 192.168.104.50
Length: 4
NAS-IP-Address: 192.168.104.50 (192.168.104.50)

0000 00 20 ed 8e bf ba 00 12 80 7a 6d cf 08 00 45 00 .
........zm...E.
0010 00 a1 09 2e 00 00 fe 11 9b 2b d4 8f 49 81 d4 8f
..........+..I...
0020 25 52 06 6d 06 6d 00 8d 17 19 01 34 00 85 24 b9
%R.m.m.....4..$.
0030 b3 d0 6a 23 11 36 33 0f 06 bf 52 06 23 04 01 08
...j#.63...R.#...
0040 6d 6f 72 64 75 6b 12 1e 50 6c 65 61 73 65 20 65 ciscoa..Please
e
0050 6e 74 65 72 20 79 6f 75 72 20 70 61 73 73 77 6f nter your
passwo
0060 72 64 3a 20 02 22 43 2e 71 47 9f 3b 7c 0e 6d e3 rd:
.."C.qG.;|.m.
0070 b9 5c 5b cb 31 be 2b 5c 02 86 9a 31 13 16 6c 7b
..\[.1.+\...1..l{
0080 4c c7 a5 ed 1a 9d 05 06 00 00 00 c3 57 08 74 74
L...........W.tt
0090 79 31 39 35 3d 06 00 00 00 05 1f 0f 32 31 32 2e
y195=.......212.
00a0 31 34 33 2e 33 37 2e 38 32 04 06 d4 8f 49 81 143.37.82....I.

No. Time Source Destination
Protocol Info
11 5.728148 192.168.104.49 192.168.104.50 RADIUS
Access-Reject(3) (id=52, l=20)

Frame 11 (62 bytes on wire, 62 bytes captured)
Arrival Time: Apr 15, 2006 16:00:46.876831000
Time delta from previous packet: 0.028417000 seconds
Time since reference or first frame: 5.728148000 seconds
Frame Number: 11
Packet Length: 62 bytes
Capture Length: 62 bytes
Protocols in frame: eth:ip:udp:radius
Ethernet II, Src: 192.168.104.49 (00:20:ed:8e:bf:ba), Dst:
212.143.37.86 (00:12:80:7a:6d:cf)
Destination: 212.143.37.86 (00:12:80:7a:6d:cf)
Source: 192.168.104.49 (00:20:ed:8e:bf:ba)
Type: IP (0x0800)
Internet Protocol, Src: 192.168.104.49 (192.168.104.49), Dst:
192.168.104.50 (192.168.104.50)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 48
Identification: 0xcb67 (52071)
Flags: 0x00
0... = Reserved bit: Not set
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 128
Protocol: UDP (0x11)
Header checksum: 0x5763 [correct]
Source: 192.168.104.49 (192.168.104.49)
Destination: 192.168.104.50 (192.168.104.50)
User Datagram Protocol, Src Port: 1645 (1645), Dst Port: 1645 (1645)
Source port: 1645 (1645)
Destination port: 1645 (1645)
Length: 28
Checksum: 0x7afb [correct]
Radius Protocol
Code: Access-Reject (3)
Packet identifier: 0x34 (52)
Length: 20
Authenticator: 97FCA76742D0A0CDE44C256BAD2A82C1

0000 00 12 80 7a 6d cf 00 20 ed 8e bf ba 08 00 45 00 ...zm..
.......E.
0010 00 30 cb 67 00 00 80 11 57 63 d4 8f 25 52 d4 8f
..0.g....Wc..%R..
0020 49 81 06 6d 06 6d 00 1c 7a fb 03 34 00 14 97 fc
I..m.m..z..4....
0030 a7 67 42 d0 a0 cd e4 4c 25 6b ad 2a 82 c1 .gB....L%k.*..

***


This is so weird... and I am starting to feel that I am running out of
options... so any help will be appriciated... realy,

Thanks alot guys, I hope one of you knows how to solve this, + maybe
there is a connection to the 2003 server "Routing and Remote Access"
but I'm not realy sure.

Thanks again.


LORD-MORDUK

 

also check MS for patches on this one ,,,
seem to recall this issue has been seen before ...


Hi firends,

I have a problem which I try to solve for the past 4 days, and unable
to understand why this doesn't work.

I have a Cisco router running with the following commands:

aaa new-model
aaa authentication login default group radius local
aaa authorization exec default group radius if-authenticated
aaa session-id common
!
radius-server host 192.168.104.49 auth-port 1645 acct-port 1646 key 0
forradius
radius-server vsa send authentication


and an IAS configured as following:

Remote Access Policies

*if a connection request matches the specified conditions:

-----
Edit Profile...

specification for vendor specific attributes.

***
This is the only Remote Access Policy I have, and it's order is 1
(because its the only one LOL)
***
Now... When I try to login to the cisco router I get "Access Denied"
and I started debugging:

At the "Event Viewer" I see this:

User ciscoa was denied access.
Fully-Qualified-User-Name = DOMAIN\ciscoa
NAS-IP-Address = 192.168.104.50
NAS-Identifier = <not present>
Called-Station-Identifier = <not present>
Calling-Station-Identifier = 192.168.104.49
Client-Friendly-Name = C1841
Client-IP-Address = 192.168.104.50
NAS-Port-Type = Virtual
NAS-Port = 195
Proxy-Policy-Name = Use Windows authentication for all users
Authentication-Provider = Windows
Authentication-Server = <undetermined>
Policy-Name = <undetermined>
Authentication-Type = PAP
EAP-Type = <undetermined>
Reason-Code = 16
Reason = Authentication was not successful because an unknown user
name or incorrect password was used.

Now... the Reason is... in no chance!!! the wrong use of user/pass!! I
checked and dubbled checked the user/pass and it's not the reason, not
in this lifetime!

I also checked the user properties to make sure I checked:
Dial-in tab

And yeap, it is checked!

***
So... I started sniffing, used Ethereal for sniffing and saw this:

No. Time Source Destination
Protocol Info
10 5.699731 192.168.104.50 192.168.104.49 RADIUS
Access-Request(1) (id=52, l=133)

Frame 10 (175 bytes on wire, 175 bytes captured)
Arrival Time: Apr 15, 2006 16:00:46.848414000
Time delta from previous packet: 3.929897000 seconds
Time since reference or first frame: 5.699731000 seconds
Frame Number: 10
Packet Length: 175 bytes
Capture Length: 175 bytes
Protocols in frame: eth:ip:udp:radius
Ethernet II, Src: 212.143.37.86 (00:12:80:7a:6d:cf), Dst:
192.168.104.49 (00:20:ed:8e:bf:ba)
Destination: 192.168.104.49 (00:20:ed:8e:bf:ba)
Source: 212.143.37.86 (00:12:80:7a:6d:cf)
Type: IP (0x0800)
Internet Protocol, Src: 192.168.104.50 (192.168.104.50), Dst:
192.168.104.49 (192.168.104.49)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 161
Identification: 0x092e (2350)
Flags: 0x00
0... = Reserved bit: Not set
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 254
Protocol: UDP (0x11)
Header checksum: 0x9b2b [correct]
Source: 192.168.104.50 (192.168.104.50)
Destination: 192.168.104.49 (192.168.104.49)
User Datagram Protocol, Src Port: 1645 (1645), Dst Port: 1645 (1645)
Source port: 1645 (1645)
Destination port: 1645 (1645)
Length: 141
Checksum: 0x1719 [correct]
Radius Protocol
Code: Access-Request (1)
Packet identifier: 0x34 (52)
Length: 133
Authenticator: 24B9B3D06A231136330F06BF52062304
Attribute Value Pairs
AVP: l=8 t=User-Name(1): ciscoa
Length: 6
User-Name: ciscoa
AVP: l=30 t=Reply-Message(18): Please enter your password:
Length: 28
Reply-Message: Please enter your password:
AVP: l=34 t=User-Password(2): Encrypted
Length: 32
User-Password:
C.qG\237;|\016m\343\271\[\3131\276+\\002\206\2321\023\026l{L\307\245\355\032
\235
AVP: l=6 t=NAS-Port(5): 195
Length: 4
NAS-Port: 195
AVP: l=8 t=NAS-Port-Id(87): tty195
Length: 6
NAS-Port-Id: tty195
AVP: l=6 t=NAS-Port-Type(61): Virtual(5)
Length: 4
NAS-Port-Type: Virtual (5)
AVP: l=15 t=Calling-Station-Id(31): 192.168.104.49
Length: 13
Calling-Station-Id: 192.168.104.49
AVP: l=6 t=NAS-IP-Address(4): 192.168.104.50
Length: 4
NAS-IP-Address: 192.168.104.50 (192.168.104.50)

0000 00 20 ed 8e bf ba 00 12 80 7a 6d cf 08 00 45 00 .
........zm...E.
0010 00 a1 09 2e 00 00 fe 11 9b 2b d4 8f 49 81 d4 8f
..........+..I...
0020 25 52 06 6d 06 6d 00 8d 17 19 01 34 00 85 24 b9
%R.m.m.....4..$.
0030 b3 d0 6a 23 11 36 33 0f 06 bf 52 06 23 04 01 08
...j#.63...R.#...
0040 6d 6f 72 64 75 6b 12 1e 50 6c 65 61 73 65 20 65 ciscoa..Please
e
0050 6e 74 65 72 20 79 6f 75 72 20 70 61 73 73 77 6f nter your
passwo
0060 72 64 3a 20 02 22 43 2e 71 47 9f 3b 7c 0e 6d e3 rd:
.."C.qG.;|.m.
0070 b9 5c 5b cb 31 be 2b 5c 02 86 9a 31 13 16 6c 7b
..\[.1.+\...1..l{
0080 4c c7 a5 ed 1a 9d 05 06 00 00 00 c3 57 08 74 74
L...........W.tt
0090 79 31 39 35 3d 06 00 00 00 05 1f 0f 32 31 32 2e
y195=.......212.
00a0 31 34 33 2e 33 37 2e 38 32 04 06 d4 8f 49 81 143.37.82....I.

No. Time Source Destination
Protocol Info
11 5.728148 192.168.104.49 192.168.104.50 RADIUS
Access-Reject(3) (id=52, l=20)

Frame 11 (62 bytes on wire, 62 bytes captured)
Arrival Time: Apr 15, 2006 16:00:46.876831000
Time delta from previous packet: 0.028417000 seconds
Time since reference or first frame: 5.728148000 seconds
Frame Number: 11
Packet Length: 62 bytes
Capture Length: 62 bytes
Protocols in frame: eth:ip:udp:radius
Ethernet II, Src: 192.168.104.49 (00:20:ed:8e:bf:ba), Dst:
212.143.37.86 (00:12:80:7a:6d:cf)
Destination: 212.143.37.86 (00:12:80:7a:6d:cf)
Source: 192.168.104.49 (00:20:ed:8e:bf:ba)
Type: IP (0x0800)
Internet Protocol, Src: 192.168.104.49 (192.168.104.49), Dst:
192.168.104.50 (192.168.104.50)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 48
Identification: 0xcb67 (52071)
Flags: 0x00
0... = Reserved bit: Not set
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 128
Protocol: UDP (0x11)
Header checksum: 0x5763 [correct]
Source: 192.168.104.49 (192.168.104.49)
Destination: 192.168.104.50 (192.168.104.50)
User Datagram Protocol, Src Port: 1645 (1645), Dst Port: 1645 (1645)
Source port: 1645 (1645)
Destination port: 1645 (1645)
Length: 28
Checksum: 0x7afb [correct]
Radius Protocol
Code: Access-Reject (3)
Packet identifier: 0x34 (52)
Length: 20
Authenticator: 97FCA76742D0A0CDE44C256BAD2A82C1

0000 00 12 80 7a 6d cf 00 20 ed 8e bf ba 08 00 45 00 ...zm..
.......E.
0010 00 30 cb 67 00 00 80 11 57 63 d4 8f 25 52 d4 8f
..0.g....Wc..%R..
0020 49 81 06 6d 06 6d 00 1c 7a fb 03 34 00 14 97 fc
I..m.m..z..4....
0030 a7 67 42 d0 a0 cd e4 4c 25 6b ad 2a 82 c1 .gB....L%k.*..

***


This is so weird... and I am starting to feel that I am running out of
options... so any help will be appriciated... realy,

Thanks alot guys, I hope one of you knows how to solve this, + maybe
there is a connection to the 2003 server "Routing and Remote Access"
but I'm not realy sure.

Thanks again.


LORD-MORDUK