AP Radius client does not appear to recognize attributes returned by external radius server.

  • 1
  • Question
  • Updated 2 years ago
My ultimate goal is to set up MAC authentication in a way that a specific user profile would be selected based on an attribute pair returned from an external freeradius server after authentication. (Not secure I know, but this application it is about performance)

I have basic authentication working with a test user / password setup in the flat config file, as below

----- begin freeradius users file ----
3827bf23744f Cleartext-Password := "3827bf23744f"
             Filter-Id = restricted
---- end -------

However when I test authentication using the the RADIUS Server test page in HiveManager (Version 6.8r5)  I receive the following test result...

“RADIUS server is reachable. Get attributes from RADIUS server: None”


“The RADIUS server rejected the Access Request message. Check the submitted user name and password.”

Depending one whether I use the correct credentials or not.

However when I test the response from the same freeradius server using freeradius test client (radtest), I do receive the attributes back.

rad_recv: Access-Accept packet from host x.x.x.x port 1812, id=144, length=96
    Filter-Id = "restricted"
    MS-CHAP-MPPE-Keys = 0x6705fb673da4973c203fa642c8647c579603f22157136a2e0000000000000000
    MS-MPPE-Encryption-Policy = 0x00000001
    MS-MPPE-Encryption-Types = 0x00000006

I have also tried it with the python RADIUS module “pyrad”  with similar results. Both pyrad and freeradius clients will work with each others servers, however the AP250 (running HiveOS 7.0r2) report no attributes from either server.

I’ve also used freeradius’s debug mode to verify that the request is actually being made to the server and the server log is reporting that it is sending the attribute back to the AP. (Not being cached somewhere)

Is the Aerohive RADIUS test tool specific about which attributes it will report as a result?

Any suggestions on what else to try?
Photo of Mike


  • 1 Post
  • 0 Reply Likes

Posted 2 years ago

  • 1

There are no replies.