modcall: group authorize returns updated for request 5
rad_check_password: Found Auth-Type EAP
rad_check_password: Found Auth-Type Local
Warning: Found 2 auth-types on request for user 'veraldi'
Don't set Auth-Type = Local.
Alan DeKok.
I tried EAP as Auth-Type but I Still have the same problem. I Am really not able to figure out what happens...
modcall[authorize]: module "auth_log" returns ok for request 1
rlm_eap: EAP packet type notification id 1 length 29
rlm_eap: EAP Start not found
modcall[authorize]: module "eap" returns updated for request 1
users: Matched veraldi at 90
modcall[authorize]: module "files" returns ok for request 1
modcall: group authorize returns updated for request 1
rad_check_password: Found Auth-Type eap
auth: type "EAP"
modcall: entering group authenticate for request 1
rlm_eap: EAP packet type notification id 1 length 29
rlm_eap: EAP Start not found
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - md5
rlm_eap: processing type md5
rlm_eap: Freeing handler
modcall[authenticate]: module "eap" returns ok for request 1
modcall: group authenticate returns ok for request 1
Login OK: [veraldi/<no User-Password attribute>] (from client sw-v port 0 cli ?)
Sending Access-Accept of id 200 to 192.84.145.6:1812
EAP-Message = 0x03010004
Message-Authenticator = 0x00000000000000000000000000000000
Finished request 1
On Thu, 5 Feb 2004, Riccardo Veraldi wrote:
Fatto... comunque al mio problema non ha risposto nessuno.
Riccardo
Ombretta Pinazza wrote:
Ciao Riccardo, per favore, puoi mandare alla lista freeradius per me questo messaggio? Non so piu' cosa fare... Grazie mille!! Ombretta -------------------------------------------------------------
Subject: EAP/TLS getting repeated Access-Challenge messages
Hi all,
I'm trying to set up EAP/TLS authentication with freeradius 0.9.3 on linux RH 8, an Access Point Cisco 350 (firmware 11.23T) and Windows XP SP1 with a D-link DWL-650 card as a supplicant.
The setup is exactly the one described in the excellent document http://www.impossiblereflex.com/8021x/eap-tls-HOWTO.htm
I've never obtained an Access-Accept message: the server is repeating the same Access-Challenge as a loop (I've attached an excerpt from the radius log, trunkating long lines).
The Win XP connection page says: "attempting to Authenticate:
The Cisco AP says: Station state "assoc, EAP Pend".
Any suggestion? Thank you in advance,
...........
rad_recv: Access-Request packet from host 192.168.253.13:4547, id=177, length=249
User-Name = "pitest"
Cisco-AVPair = "ssid=my-test"
NAS-IP-Address = 192.168.253.13
Called-Station-Id = "004096570d0c"
Calling-Station-Id = "00055da77019"
NAS-Identifier = "msm0wl"
NAS-Port = 37
Framed-MTU = 1400
State = 0x3cd52e8c24e41e4e0669f2f0224bf8ec610122409b067f
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x020700500d640062000300060013001200630100
Message-Authenticator = 0x119cb87c0589e59650406d8c646bbd
modcall: entering group authorize for request 7
modcall[authorize]: module "preprocess" returns ok for request 7
rlm_eap: EAP packet type notification id 7 length 80
rlm_eap: EAP Start not found
modcall[authorize]: module "eap" returns updated for request 7
rlm_realm: No '@' in User-Name = "pitest", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 7
users: Matched DEFAULT at 152
users: Matched pitest at 215
modcall[authorize]: module "files" returns ok for request 7
modcall: group authorize returns updated for request 7
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate for request 7
rlm_eap: EAP packet type notification id 7 length 80
rlm_eap: EAP Start not found
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - tls
rlm_eap: processing type tls
rlm_eap_tls: Authenticate
rlm_eap_tls: Length Included
undefined: before/accept initialization
TLS_accept: before/accept initialization
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0041], ClientHello
TLS_accept: SSLv3 read client hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello
TLS_accept: SSLv3 write server hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 06b4], Certificate
TLS_accept: SSLv3 write certificate A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 00b8], CertificateRequest
TLS_accept: SSLv3 write certificate request A
TLS_accept: SSLv3 flush data
TLS_accept:error in SSLv3 read client certificate A
rlm_eap_tls: SSL_read Error
Error code is ..... 2
SSL Error ..... 2
modcall[authenticate]: module "eap" returns ok for request 7
modcall: group authenticate returns ok for request 7
Sending Access-Challenge of id 177 to 192.168.253.13:4547
EAP-Message = 0x010806e00dc0000007c5160003081a5310b3009060355
EAP-Message = 0x7a7a61204341312a302806092a864886f70d010901161
EAP-Message = 0x2a864886f70d010101050003818d0030818902818100c
EAP-Message = 0xccb66e49769d4a2907589d04c348c9dba0e1ca274eacb
EAP-Message = 0x657474612e50696e617a7a6140626f2e696e666e2e697
EAP-Message = 0xcb6271fd54fa50e1244fc7b70c325bca3ae2d629d1dd0
EAP-Message = 0x071307426f6c6f676e61310d300b060355040a1304494
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x321fa80a79811ab63757282fbf44497361012240a8b8e77eadc
Finished request 7
Going to the next request
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 6 ID 176 with timestamp 40220161
Cleaning up request 7 ID 177 with timestamp 40220161
Nothing to do. Sleeping until we see a request.
........................
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
