Board index Radius

RADIUS w/ LanRover/E 5.0

RADIUS w/ LanRover/E 5.0

Post by Craig William » Tue, 12 Jan 1999 04:00:00



I am attempting to use the MS RADIUS from the IIS option pack with Shiva
LanRover/E v5.0.
I keep getting Failed Authentication 8199 errors in the event log.

The exaxt text is...
Failed authentication: Source = 10.22.29.168:2072
 Code = Access-Reject
 Identifier = 9

I'm using the following Profile attributes as indicated from the Shiva
knowledgebase:
Service Type Framed
Framed Protocol PPP
Framed IP Address 0.0.0.0
Framed IP Netmask 255.255.0.0
Framed Routing None
Framed Compression VJ TCP/IP
Framed MTU 1500

This is happening on Dial-OUT right now, but I can't imaging it working for
dial in from home tonight if I can't dial out first. There is also not log
created in the specified IAS directory.
I have also tried the settings in MS Q183337 for some USR hardware to no
avail.
Anyone have any luck with this combination?

Thanks

 
 
 
Top

RADIUS w/ LanRover/E 5.0

Post by M » Tue, 12 Jan 1999 04:00:00


see the following KB article .. let me know if it resolves the problem

http://support.microsoft.com/support/kb/articles/q195/2/87.asp?FR=0

Kevin (MS)


>I am attempting to use the MS RADIUS from the IIS option pack with Shiva
>LanRover/E v5.0.
>I keep getting Failed Authentication 8199 errors in the event log.

>The exaxt text is...
>Failed authentication: Source = 10.22.29.168:2072
> Code = Access-Reject
> Identifier = 9

>I'm using the following Profile attributes as indicated from the Shiva
>knowledgebase:
>Service Type Framed
>Framed Protocol PPP
>Framed IP Address 0.0.0.0
>Framed IP Netmask 255.255.0.0
>Framed Routing None
>Framed Compression VJ TCP/IP
>Framed MTU 1500

>This is happening on Dial-OUT right now, but I can't imaging it working for
>dial in from home tonight if I can't dial out first. There is also not log
>created in the specified IAS directory.
>I have also tried the settings in MS Q183337 for some USR hardware to no
>avail.
>Anyone have any luck with this combination?

>Thanks


 
 
 
Top

RADIUS w/ LanRover/E 5.0

Post by Craig William » Tue, 12 Jan 1999 04:00:00


Thank-you for the lead Kevin, would have never found it since the article
spells LanRover as LanDRover.
However, I was already using Framed Routing = NONE, which was the main point
of the article, and didn't get anything else out of it. Do you have any
other suggestions?

Thanks


>see the following KB article .. let me know if it resolves the problem

>http://support.microsoft.com/support/kb/articles/q195/2/87.asp?FR=0

>Kevin (MS)


>>I am attempting to use the MS RADIUS from the IIS option pack with Shiva
>>LanRover/E v5.0.
>>I keep getting Failed Authentication 8199 errors in the event log.

>>The exaxt text is...
>>Failed authentication: Source = 10.22.29.168:2072
>> Code = Access-Reject
>> Identifier = 9

>>I'm using the following Profile attributes as indicated from the Shiva
>>knowledgebase:
>>Service Type Framed
>>Framed Protocol PPP
>>Framed IP Address 0.0.0.0
>>Framed IP Netmask 255.255.0.0
>>Framed Routing None
>>Framed Compression VJ TCP/IP
>>Framed MTU 1500

>>This is happening on Dial-OUT right now, but I can't imaging it working
for
>>dial in from home tonight if I can't dial out first. There is also not log
>>created in the specified IAS directory.
>>I have also tried the settings in MS Q183337 for some USR hardware to no
>>avail.
>>Anyone have any luck with this combination?

>>Thanks

 
 
 
Top

RADIUS w/ LanRover/E 5.0

Post by M » Wed, 20 Jan 1999 04:00:00


sorry typo on my part :) ...i'll fix

I remember with the shiva's you need to set this to:  outgoing
can you post a netmon trace of the problem..

thanks Kevin


>Thank-you for the lead Kevin, would have never found it since the article
>spells LanRover as LanDRover.
>However, I was already using Framed Routing = NONE, which was the main
point
>of the article, and didn't get anything else out of it. Do you have any
>other suggestions?

>Thanks


>>see the following KB article .. let me know if it resolves the problem

>>http://support.microsoft.com/support/kb/articles/q195/2/87.asp?FR=0

>>Kevin (MS)


>>>I am attempting to use the MS RADIUS from the IIS option pack with Shiva
>>>LanRover/E v5.0.
>>>I keep getting Failed Authentication 8199 errors in the event log.

>>>The exaxt text is...
>>>Failed authentication: Source = 10.22.29.168:2072
>>> Code = Access-Reject
>>> Identifier = 9

>>>I'm using the following Profile attributes as indicated from the Shiva
>>>knowledgebase:
>>>Service Type Framed
>>>Framed Protocol PPP
>>>Framed IP Address 0.0.0.0
>>>Framed IP Netmask 255.255.0.0
>>>Framed Routing None
>>>Framed Compression VJ TCP/IP
>>>Framed MTU 1500

>>>This is happening on Dial-OUT right now, but I can't imaging it working
>for
>>>dial in from home tonight if I can't dial out first. There is also not
log
>>>created in the specified IAS directory.
>>>I have also tried the settings in MS Q183337 for some USR hardware to no
>>>avail.
>>>Anyone have any luck with this combination?

>>>Thanks

 
 
 
Top

RADIUS w/ LanRover/E 5.0

Post by harold gravat » Tue, 26 Jan 1999 04:00:00


Kevin,

I am using the Bay Networks Extranet Connectivity Switch and the Shiva
device for dial in and out capabilities.  I can dial in, however, I cannot
dial out.  Using the configuration for the lanrover using Radius instead of
the internal user list I cannot dial out.  It states the Radius:
Authentication for (harold.gravatt) on line 1 succeeds! and shows
(harold.gravatt) logged in and kicks right back out and states
(harold.gravatt) logged out.  I can log in as the secret user id and
password and stay connected but not as a NT domain user.

I used the information in the article and have the correct setting for
framed routing. Any light that you can shed on this matter would be helpful.

Regards,

Harold Gravatt
Network Administrator
Burke E. Porter Machinery
Grand Rapids, MI


>sorry typo on my part :) ...i'll fix

>I remember with the shiva's you need to set this to:  outgoing
>can you post a netmon trace of the problem..

>thanks Kevin


>>Thank-you for the lead Kevin, would have never found it since the article
>>spells LanRover as LanDRover.
>>However, I was already using Framed Routing = NONE, which was the main
>point
>>of the article, and didn't get anything else out of it. Do you have any
>>other suggestions?

>>Thanks


>>>see the following KB article .. let me know if it resolves the problem

>>>http://support.microsoft.com/support/kb/articles/q195/2/87.asp?FR=0

>>>Kevin (MS)


>>>>I am attempting to use the MS RADIUS from the IIS option pack with Shiva
>>>>LanRover/E v5.0.
>>>>I keep getting Failed Authentication 8199 errors in the event log.

>>>>The exaxt text is...
>>>>Failed authentication: Source = 10.22.29.168:2072
>>>> Code = Access-Reject
>>>> Identifier = 9

>>>>I'm using the following Profile attributes as indicated from the Shiva
>>>>knowledgebase:
>>>>Service Type Framed
>>>>Framed Protocol PPP
>>>>Framed IP Address 0.0.0.0
>>>>Framed IP Netmask 255.255.0.0
>>>>Framed Routing None
>>>>Framed Compression VJ TCP/IP
>>>>Framed MTU 1500

>>>>This is happening on Dial-OUT right now, but I can't imaging it working
>>for
>>>>dial in from home tonight if I can't dial out first. There is also not
>log
>>>>created in the specified IAS directory.
>>>>I have also tried the settings in MS Q183337 for some USR hardware to no
>>>>avail.
>>>>Anyone have any luck with this combination?

>>>>Thanks

 
 
 
Top

1. Shiva Lanrover E/Plus (w/Radius) - IAS authentication problem

Hi.

We're trying to get our Shiva Lanrover E/Plus to work happily with our
Radius server (IAS on NT4 SP6a).

The Event Viewer shows successful authentication of requests from the Shiva
unit, but back at the Shiva, the log shows a different story.

The error appears to be in SPAP...  Here's a snippet from the log.

Serial1: New Dial-In session
Serial1: PPP: SPAP authentication failed for user testuser: User does not
have dialin privileges
Radius: Authentication for (testuser) on line 1 succeeds!

The upshot is when I dial in, I continually get prompted for username and
password.  "testuser" DOES have dial-in permissions enabled in his NT
account profile.

So far, I have IAS sending the default Raidus profile (the one that is set
up when you install it).  I've fiddled with some additional options, but
none have helped.

In the Dial-Up networking setup, I have ensured that the host type is set to
"PPP (etc)" and have tried it with "log on to network" checked and
unchecked.

Anybody have any experience with this little nugget?  I have so far found no
way of viewing, setting, or changing anything related to SPAP.

Thanks for any help.
--Tony

2. Registered Protective Devices (aka DAA)

3. IAS Radius returns "no dialin permissions" when try to authenticate with Shiva LanRover

4. Undocumented DECWINDOWS-TCP/IP License

5. Shiva Lanrover Access Switch and Radius

6. Win 98 Problems!!!! Please Help!!!!!!!!

7. Shiva Lanrover VPN Gateway w/radius question?

8. index MSword and MSpowerpoint

9. Radius for Shiva LanRover

10. IAS Radius On Shiva Lanrover NT SP6a

11. Y2K : shiva lanrover & IAS MS Radius

12. How to setup a proxy RADIUS and HOME RADIUS Server..


All times are UTC
Board index