04-01-2009 11:16 AM - edited 03-10-2019 04:24 PM
Dear all,
I configured 802.1x with an 2950 and IAS ins the LAB, everything is working finde with dynamic VLAN Assignement and Guest VLAN.
I did the same with an 2948, I need to use it (mangement decission they don't want buy new one :-(( )
But I got an error message:
A malformed RADIUS message was received from client 10.1.2.100. The data is the RADIUS message.
Can somebody helps me?
I think it is a setting in the IAS Radius-Client setting, or I'm wrong? I tried Cisco o. Radius Standard.
Thanks, Sebastian
04-01-2009 02:37 PM
Please make sure shared secret key is same on both ends.
Regards,
~JG
04-02-2009 12:36 AM
04-02-2009 05:16 AM
you might need to install wireshark on the server or somehow otherwise sniff the radius packets. this will give you more information than that event log.
04-02-2009 09:48 AM
Thanks for the Idea..
Thats the output:
I think the service-types in IAS and the 2948 are not the same..any ideas? I tried with someone but it do not work. But, I get a second erros message in the ias..bevor I type in the password, something tried with another user azbycx, thats strange I think..
No. Time Source Destination Protocol Info
6 30.902648 10.1.2.100 10.1.20.10 RADIUS Access-Request(1) (id=3, l=119)
Frame 6 (161 bytes on wire, 161 bytes captured)
Ethernet II, Src: Cisco_11:b7:42 (00:13:c3:11:b7:42), Dst: Vmware_9c:a8:42 (00:0c:29:9c:a8:42)
Internet Protocol, Src: 10.1.2.100 (10.1.2.100), Dst: 10.1.20.10 (10.1.20.10)
User Datagram Protocol, Src Port: redstorm_join (2346), Dst Port: radius (1812)
Radius Protocol
Code: Access-Request (1)
Packet identifier: 0x3 (3)
Length: 119
Authenticator: 02FA248B0A0C213711B8213325BB1A04
Attribute Value Pairs
AVP: l=13 t=User-Name(1): CISLAB\test
User-Name: CISLAB\test
AVP: l=6 t=NAS-IP-Address(4): 10.1.2.100
NAS-IP-Address: 10.1.2.100 (10.1.2.100)
AVP: l=7 t=NAS-Port(5): [unhandled integer length(5)]
AVP: l=6 t=Framed-MTU(12): 1000
Framed-MTU: 1000
AVP: l=19 t=Calling-Station-Id(31): 00-17-42-21-6e-df
Calling-Station-Id: 00-17-42-21-6e-df
AVP: l=6 t=Service-Type(6): Framed-User(2)
Service-Type: Framed-User (2)
AVP: l=6 t=NAS-Port-Type(61): Ethernet(15)
NAS-Port-Type: Ethernet (15)
AVP: l=18 t=EAP-Message(79) Last Segment[1]
EAP fragment
Extensible Authentication Protocol
Code: Response (2)
Id: 1
Length: 16
Type: Identity [RFC3748] (1)
Identity (11 bytes): CISLAB\test
AVP: l=18 t=Message-Authenticator(80): 35D1789AA9FFED111C540DE63F093A53
Message-Authenticator: 35D1789AA9FFED111C540DE63F093A53
04-10-2009 06:20 AM
It is working now with Software 8.4. I used 8.3 but this makes trouble in my case.
>Thanks all
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide