Digest Authentications Cisco Access Registrar 4.1.X

Hoa But hoabut at earthlink.net
Wed Jul 30 03:57:48 CEST 2008


Hello,

Thanks for all the RADIUS messages.  They are very helpful.

I am able to successfully implemented digest authentications in FreeRADIUS and have been using
it ever since.  This is after getting help from the great people on this mailing.

I wonder if anyone here has any experience Cisco Access Registrar 4.1.X as it relates to digest
authentications?  I know it is probably not related to FreeRADIUS but I tried everything and
Cisco Access Registrar 4.1.X keeps dropping the Access-Request packets with response-type: -1.  cisco support is of no help.
I went through 5 support representatives so far.

Below is the output of the trace file (i.e. name_radius_1_trace).  This is running on Solaris 10 on
a T1000 Ultrasparc T1 8 cores, 4 threads per core, 32 virtual cpus total.  I am not sure if any
of the cores make any difference.

As always, your assistances are greatly appreciated.  Best regards,  Hoa

------------------ Output of trace file --------------------------

07/29/2008 18:55:04: P11864: Packet received from 10.8.140.21
07/29/2008 18:55:04: P11864: Packet successfully added
07/29/2008 18:55:04: P11864: Trace of Access-Request packet
07/29/2008 18:55:04: P11864:    identifier = 209
07/29/2008 18:55:04: P11864:    length = 218
07/29/2008 18:55:04: P11864:    reqauth = cf:04:c9:51:ae:f5:ed:34:aa:47:61:ed:9f:96:63:eb
07/29/2008 18:55:04: P11864:    User-Name = fakeuser
07/29/2008 18:55:04: P11864:    Service-Type = 200
07/29/2008 18:55:04: P11864:    NAS-Identifier = qcs-qchat-ops-2-3.qln.test.com.(none)
07/29/2008 18:55:04: P11864:    NAS-Port-Type = Virtual
07/29/2008 18:55:04: P11864:    Digest-Response = fakeqcdigest
07/29/2008 18:55:04: P11864:    Digest-Attributes = { Realm = fakedomain }
07/29/2008 18:55:04: P11864:    Digest-Attributes = { Nonce = fakeqcnonce }
07/29/2008 18:55:04: P11864:    Digest-Attributes = { Method = QCHAT-REGISTER }
07/29/2008 18:55:04: P11864:    Digest-Attributes = { URI = fakedomain }
07/29/2008 18:55:04: P11864:    Digest-Attributes = { QOP = auth }
07/29/2008 18:55:04: P11864:    Digest-Attributes = { Algorithm = MD5-sess }
07/29/2008 18:55:04: P11864:    Digest-Attributes = { CNonce = fakeqccnonce }
07/29/2008 18:55:04: P11864:    Digest-Attributes = { Nonce-Count = 1 }
07/29/2008 18:55:04: P11864:    Digest-Attributes = { User-Name = fakeuseraddr }
07/29/2008 18:55:04: P11864: Running Server's IncomingScript: show-contents
07/29/2008 18:55:04: Log: Request from 10.8.140.21: Server IncomingScript failed fakeuser
07/29/2008 18:55:04: P11864: Dropping request (response-type: -1)
07/29/2008 18:55:04: P11864: Packet successfully removed

---------------------------------------------------------------------



More information about the Freeradius-Users mailing list