hello all
i have a kind of a problem with my EAP authentication. please also read the following lines out of mailings with alan and later... in fact the topic should read "cisco ap340 & ...", but well, sorry... Alan DeKok wrote: > > > in fact, in my authorize section EAP was the first module from the > > beginning on and in the authenticate section it is even the only one. > > If you're ever going to do System authentication, you'll need the > 'unix' module, too. but if not, i don't need it, right? > > the error message after the reponse to the challenge is now: > > > > rlm_eap: Request found, released from the list > > rlm_eap: EAP_TYPE - md5 > > rlm_eap: processing type md5 > > rlm_eap_md5: No password configured for this user > > > > Do I have to configure something like EAP-Password in the user section? > > No. Hmm... maybe try 'User-Password :=' ??? Tried that one, but no effect, the same behaviour. > Due to historical issues, the treatment of 'User-Password' in the > 'users' file is a little odd. > > Alan DeKok. My user definition looks like that: (etc/raddb/users) artur Auth-Type = System, User-Password == "hello" Reply-Message = "Hello, %u" This is the whole log: rad_recv: Access-Request packet from host xxx.xxx.xxx.xxx:1108, id=41, length=122 User-Name = "artur" NAS-IP-Address = xxx.xxx.xxx.xxx Called-Station-Id = "00409xxxxxx" Calling-Station-Id = "00409xxxxxx" NAS-Identifier = "foo" NAS-Port = 37 Framed-MTU = 1400 NAS-Port-Type = Wireless-802.11 EAP-Message = "\002\001\000\n\001artur" Message-Authenticator = 0x5b449df9561cef7bf3e9cbf51bdd3ec7 rlm_eap: processing type md5 Login OK: [artur/<no User-Password attribute>] (from nas foo port 37 cli 0 0409xxxxxxx) Sending Access-Challenge of id 41 to xxx.xxx.xxx.xxx:1108 EAP-Message = "\001)\000\026\004\020\277\301\034\265\377\002\353\210{pfV\2 16B\031J" Message-Authenticator = 0x00000000000000000000000000000000 State = 0x5146ea0a1d791d424f48ab0503adac5dee33c3bea05fa01f39bd65ae1b5fa213fc rad_recv: Access-Request packet from host xxx.xxx.xxx.xxx:1109, id=42, length=177 User-Name = "artur" NAS-IP-Address = xxx.xxx.xxx.xxx Called-Station-Id = "00409xxxxx" Calling-Station-Id = "00409xxxxx" NAS-Identifier = "foo" NAS-Port = 37 Framed-MTU = 1400 State = 0x5146ea01d791d424f48a30503adac5dee33cabea05a0119b6d65ae1b5f213fc NAS-Port-Type = Wireless-802.11 EAP-Message = "\002)\000\033\004\020\310\311\005_\3429\230B%\361\363\014S\ 336Q\376artur" Message-Authenticator = 0xeec69b65a21ef350339a5e260b2c4fc8 rlm_eap: Request found, released from the list rlm_eap: EAP_TYPE - md5 rlm_eap: processing type md5 rlm_eap_md5: No password configured for this user Login incorrect: [artur/<no User-Password attribute>] (from nas foo port 3 7 cli 00409xxxxxxxx) Sending Access-Reject of id 42 to xxx.xxx.xxx.xxx:1109 EAP-Message = "\004*\000\004" Message-Authenticator = 0x00000000000000000000000000000000 so finally it's rejected. i'm still using radius 0.5 and my sections look like that: authorize { preprocess eap suffix files } authenticate { eap } any idea where this comes from? artur -- Artur Hecker Groupe Accès et Mobilité [EMAIL PROTECTED] Département Informatique et Réseaux +33 1 45 81 7507 46, rue Barrault 75634 Paris cedex 13 http://www.infres.enst.fr ENST Paris - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html