Re: [m0n0wall] PPTP with W2K3 IAS as radius server

From:	Steve Bertrand <iaccounts at ibctech dot ca>
To:	M0n0wall Mailing List <m0n0wall at lists dot m0n0 dot ch>
Subject:	Re: [m0n0wall] PPTP with W2K3 IAS as radius server
Date:	Wed, 09 May 2007 12:07:47 -0400

>> Thanks for the input.  My IAS server and m0n0wall are on the same
>> subnet, and I've retyped the shared secret a million times (maybe a
>> slight exaggeration).  What gets me is there are absolutely NO log
>> entries in IAS when trying to go through m0n0wall, but when I connect
>> directly all works fine, including logs.  I would think IAS would log
>> SOMETHING if there are connection attempts to it from m0n0.  I am
>> using 
>> 1.3B2.  I'm thinking I should report it in the bug section of the
>> forum. 
>>
>> Chris
> 
> I have noticed that IAS only logs "Successful connections" in the system
> event log. This gives a quick time/date stamp on who is connecting...
> 
> The default setting for IAS logging is "none". In the IAS console you
> can set the local logging you can log the "Accounting Requests",
> "Authentication Requests" and "Periodic Status" (all are off by
> default). The Log is saved in windows/system32/logfiles. The log files
> can be in IAS format or Database compatible (what ever that means...)
> 
> Maybe turning any/all of these on will shed some light on the issue...

Or perhaps running a packet sniffer like Wireshark on the ISA server to
see if in fact the m0n0wall is delivering packets that are being
discarded silently.

I've found that troubleshooting using MS logs is as effective as peeing
into the wind.

There's nothing like tcpdump (or in this case an equivalent) to find out
exactly what is going on on the wire.

Steve