We have the following:
Win XP <-> Cisco 2950 <-> Solaris/Freeradius
Freeradius authenticates üsing Unix PW, and we are trying to make
the Cisco 2950 authenticate the XP user who is using MD5.
Has anybody done this? I would appreciate some help.
In users we have tried:
myuser Auth-Type := EAP, User-Password == "youwish"
Fall-Through = Yes
myuser Auth-Type := local, User-Password == "youwish"
Fall-Through = Yes
and
myuser Auth-Type := System
Fall-Through = Yes
in radiusd.conf we have default_eap_type = md5
Example of failure:
Listening on IP address *, ports 1645/udp and 1646/udp, with proxy on 1647/udp.
Ready to process requests.
rad_recv: Access-Request packet from host 10.10.10.10:1812, id=17,
length=102
NAS-IP-Address = 10.10.10.10
NAS-Port = 50001
NAS-Port-Type = Ethernet
User-Name = "myuser"
Calling-Station-Id = "00-06-5B-AA-A6-##"
Service-Type = Framed-User
EAP-Message = "\002\002\000\013\001myuser"
Message-Authenticator = 0x93d0544093fbe6803415e666a485dd68
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
modcall[authorize]: module "eap" returns updated
modcall[authorize]: module "suffix" returns ok
users: Matched mraaum at 152
users: Matched DEFAULT at 215
modcall[authorize]: module "files" returns ok
modcall: group authorize returns updated
rad_check_password: Found Auth-Type local
auth: type Local
auth: No User-Password or CHAP-Password attribute in the request
auth: Failed to validate the user.
Sending Access-Reject of id 17 to 10.10.10.10:1812
Margrete
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
