CISCO knowledge or Win2k knowledge required

Thu, 14 Aug 2003 19:50:44 -0700 

hi,

I'm having a play around with a CISCO Catalyst 2950.  the thing i'm doing
is ultra basic, but its just not working! :-(

plan, authenticate machines plugged into this CISCO against a FreeRADIUS
server with just their MAC address!

the CISCO is talking to the FreeRADIUS server fine. in fact, if i use
the Win2k supplicant for 802.1x and put in my  username,password
or an EAP certificate, the FreeRADIUS enables the connection (Port 1
fastethernet)

however, if i just put the MAC info into the users file of FreeRADIUS
eg

000000000000 Auth-Type := Accept, Password == "000000000000"

then i'm unable to get any authentication from the FreeRADIUS
server...heres the FreeRADIUS output:

rad_recv: Access-Request packet from host xxx.xxx.xxx.xxx:1812, id=135, length=96
        NAS-IP-Address = xxx.xxx.xxx.xxx
        NAS-Port = 50001
        NAS-Port-Type = Ethernet
        User-Name = ""
        Calling-Station-Id = "00-00-00-00-00-00"
        Service-Type = Framed-User
        Framed-MTU = 1000
        EAP-Message = 0x0291000501
        Message-Authenticator = 0xfa6c0054301f530437524b5bf70b0215
modcall: entering group authorize
  modcall[authorize]: module "preprocess" returns ok
  modcall[authorize]: module "chap" returns noop
  rlm_eap: EAP packet type notification id 145 length 5
  modcall[authorize]: module "eap" returns updated
    rlm_realm: No '@' in User-Name = "", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop
    users: Matched DEFAULT at 161
    users: Matched DEFAULT at 180
  modcall[authorize]: module "files" returns ok
  modcall[authorize]: module "mschap" returns noop
modcall: group authorize returns updated
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate
  rlm_eap: EAP packet type notification id 145 length 5
rlm_eap: UserIdentity Unknown 
rlm_eap: Identity Unknown, authentication failed
  modcall[authenticate]: module "eap" returns invalid
modcall: group authenticate returns invalid
auth: Failed to validate the user.
Delaying request 1 for 1 seconds
Finished request 1


any pointers or is this not possible????? :-(

alan

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to