[ietf79-tech] Intermittent authentication problems on ietf-hotel.1x...

John Kemp kemp at network-services.uoregon.edu
Wed Nov 10 13:15:53 PST 2010 

Uh, was forwarding never turned on in the sysctl's for the NACs?

I think this is what I was using:

> net.bridge.bridge-nf-call-ip6tables = 1
> net.bridge.bridge-nf-call-iptables = 1
> net.bridge.bridge-nf-call-arptables = 0
> net.ipv4.ip_forward = 1
> net.ipv4.conf.all.forwarding = 1
> net.ipv4.conf.all.mc_forwarding = 1
> net.ipv4.conf.default.forwarding = 1
> net.ipv4.conf.default.mc_forwarding = 1
> net.ipv6.conf.all.forwarding = 1
> net.ipv6.conf.all.mc_forwarding = 1
> net.ipv6.conf.default.forwarding = 1
> net.ipv6.conf.default.mc_forwarding = 1

I'm fairly concerned that these sysctl's are not set.

/jgk



On 11/10/2010 06:26 AM, Xiaoliang Zhao wrote:
> i am using win7, and it works fine...
>  
> is John Kemp on this mailing list?
>  
> thanks,
> Leon
> On Wed, Nov 10, 2010 at 9:19 PM, Chris Elliott <chelliot at pobox.com
> <mailto:chelliot at pobox.com>> wrote:
> 
>     All,
> 
>     I'm sitting in my hotel room and I tried to use ietf-hotel.1x on my
>     Mac. Authentication failed. Tried multiple times, and authentication
>     failed. Then tried to use it from my phone and no problem. Tried
>     again from my Mac and it failed again. One more time and it worked.
>     Once I was on I checked the radius log on services-1 and I see:
> 
>     Wed Nov 10 13:04:28 2010 : Auth: Login incorrect: [7901182615] (from
>     client shangri-la-1 port 29 cli 60-33-4B-25-74-81)
>     Wed Nov 10 13:04:38 2010 : Auth: Login incorrect: [7901182615] (from
>     client shangri-la-1 port 29 cli 60-33-4B-25-74-81)
>     Wed Nov 10 13:04:49 2010 : Auth: Login incorrect: [7901182615] (from
>     client shangri-la-1 port 29 cli 60-33-4B-25-74-81)
>     Wed Nov 10 13:04:59 2010 : Auth: Login incorrect: [7901182615] (from
>     client shangri-la-1 port 29 cli 60-33-4B-25-74-81)
>     Wed Nov 10 13:06:17 2010 : Auth: Login OK: [7901182615] (from client
>     nacportal-1 port 0)
>     Wed Nov 10 13:07:13 2010 : Auth: Login incorrect: [7901182615] (from
>     client shangri-la-1 port 29 cli 60-33-4B-25-74-81)
>     Wed Nov 10 13:07:24 2010 : Auth: Login incorrect: [7901182615] (from
>     client shangri-la-1 port 29 cli 60-33-4B-25-74-81)
>     Wed Nov 10 13:10:05 2010 : Auth: Login OK: [7901182615] (from client
>     localhost port 0)
>     Wed Nov 10 13:10:05 2010 : Auth: Login OK: [7901182615] (from client
>     shangri-la-1 port 29 cli 90-27-E4-5B-3E-04)
>     Wed Nov 10 13:10:39 2010 : Auth: Login incorrect: [7901182615] (from
>     client shangri-la-1 port 29 cli 60-33-4B-25-74-81)
>     Wed Nov 10 13:10:49 2010 : Auth: Login incorrect: [7901182615] (from
>     client shangri-la-1 port 29 cli 60-33-4B-25-74-81)
>     Wed Nov 10 13:10:56 2010 : Auth: Login OK: [7901182615] (from client
>     localhost port 0)
>     Wed Nov 10 13:10:56 2010 : Auth: Login OK: [7901182615] (from client
>     shangri-la-1 port 29 cli 60-33-4B-25-74-81)
> 
>     I changed absolutely nothing on my Mac. I did type in the password
>     every time, but I don't think I misspelled ietf many times in a
>     row...and, no, the caps key was /not/ on!
> 
>     I can't explain this behavior, and I am concerned. Can other folks
>     test to see if they are seeing the same issue?
> 
>     Thanks!
>     Chris.
> 
>     -- 
>     Chris Elliott
>     chelliot at pobox.com <mailto:chelliot at pobox.com>
> 
> 
>     _______________________________________________
>     ietf79-tech mailing list
>     ietf79-tech at daedelus.com <mailto:ietf79-tech at daedelus.com>
>     http://www.daedelus.com/mailman/listinfo/ietf79-tech
> 
> 
> 
> 
> _______________________________________________
> ietf79-tech mailing list
> ietf79-tech at daedelus.com
> http://www.daedelus.com/mailman/listinfo/ietf79-tech

More information about the ietf79-tech mailing list