Tiago Jose Goncalves Lages <[EMAIL PROTECTED]> wrote: > In my WLAN I use the Orinoco AP2000 Access Points, and they are configured > to do the authentication with a freeRadius Server using the 802.1x > protocol. The Access Point clients are WinXP and authenticate themselves > with chap password.
No, they don't. The debug output you posted to the list proves this. > handling request 176, (32 handled so far) > User-Name = "steve" > NAS-IP-Address = 192.168.33.3 > Called-Station-Id = "00-02-2d-48-5f-ad" > Calling-Station-Id = "00-02-2d-88-71-3d" > NAS-Identifier = "ORiNOCO AP-2000" > Framed-MTU = 1400 > NAS-Port-Type = Wireless-802.11 > EAP-Message = "\002\206\000\n\001steve" > Message-Authenticator = 0x7cdb58060b48171b109623c2173416ac There is *no* CHAP-Password in that request. > modcall: entering group authorize > modcall[authorize]: module "preprocess" returns ok rlm_chap: Could not > find proper Chap-Password attribute in request > modcall[authorize]: module "chap" returns noop > modcall[authorize]: module "mschap" returns notfound > rlm_realm: No '@' in User-Name = "steve", looking up realm NULL > rlm_realm: No such realm NULL > modcall[authorize]: module "suffix" returns noop > users: Matched steve at 80 > modcall[authorize]: module "files" returns ok modcall: group authorize > returns ok And you haven't listed 'eap' as an authentication method, so the EAP-Message in the packet will be ignored by the server. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html