Per Alan's initial advice, I installed the dev snapshot for PEAP support. After some tweaking with configs, I got it running properly. But I can't get an Access-Accept packet from the FreeRADIUS server.
AP in question is a Buffalo WLMR-L11G ( which supposedly supports 802.1x /EAP authentication ).
using a standard WinXP Home edition install and its native PEAP implementation ( ms_chapv2 ).
snippet of radius -xxyz stdout
---
Thread 1 handling request 5, (2 handled so far)
User-Name = "fakeAcctTwo"
NAS-Identifier = "AirStation Pro"
NAS-IP-Address = 172.16.0.1
NAS-Port = 1
NAS-Port-Type = Wireless-802.11
Called-Station-Id = "00022d75ad58"
Calling-Station-Id = "00022d18efec"
Framed-MTU = 1400
EAP-Message = 0x020100100166616b654163637454776f
Message-Authenticator = 0x78017258bc031904dc61afbf9d7fe658
modcall: entering group authorize for request 5
modcall[authorize]: module "preprocess" returns ok for request 5
radius_xlat: '/usr/local/radius-dev/var/log/radius/radacct/adsl-67-65-12-193.dsl.austtx.swbell.net/auth-detail-20031222'
rlm_detail: /usr/local/radius-dev/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /usr/local/radius-dev/var/log/radius/radacct/adsl-67-65-12-193.dsl.austtx.swbell.net/auth-detail-20031222
modcall[authorize]: module "auth_log" returns ok for request 5
-- this is the part that worries me:
rlm_eap: EAP packet type response id 1 length 16
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 5
rlm_realm: No '@' in User-Name = "fakeAcctTwo", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 5shouldn't the Access Point add the 'EAP-Start' to the message encoding?
-- more snippet:
rad_check_password: Found Auth-Type Local
auth: type Local
auth: No User-Password or CHAP-Password attribute in the request
auth: Failed to validate the user.
Login incorrect: [fakeAcctTwo/<no User-Password attribute>] (from client satan port 1 cli 00022d18efec)
rad_rmspace_pair: User-Name now 'fakeAcctTwo'
modcall: entering group authorize for request 5
should the Auth-Type in fact be local?
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
