Hi all!!!
I have installed freeradius-snapshot-20040216
with redhat 9.
I use Alfa&Ariss client under Windows XP,
cisco pcmcia car on my laptop.
When Alfa&Ariss client ask me user, password
and domain I write my user and password, but I don't know exactly what is my
domain.
I think there are two possible raisons to this
error:
1.- Write the correct domain.
2.- My radiusd.conf is not correct.
help please!!!!!!!!!!!
My freeradius logs and radiusd.conf
are:
My freeradius error is:
-----------------------------------
rad_recv: Access-Request packet from host
XXX.XXX.XXX.252:1229, id=90,
length=146 User-Name =
"001122334455"
NAS-IP-Address =
XXX.XXX.XXX.252
NAS-Port =
0
Called-Station-Id =
"00-80-C8-01-01-55"
Calling-Station-Id =
"00-0B-46-26-1B-E2"
NAS-Identifier = "DWL-1000AP+"
Framed-MTU = 1380
NAS-Port-Type
= Wireless-802.11
EAP-Message =
0x0201001101303031313232333334343535
Message-Authenticator = 0xb2dfd83cf36fc223a2a5326d6b528259
modcall:
entering group authorize for request 2
modcall[authorize]: module
"preprocess" returns ok for request 2
rlm_ldap: - authorize
rlm_ldap:
performing user authorization for 001122334455
radius_xlat:
'(uid=001122334455)'
radius_xlat:
'ou=Wireless,dc=sgi,dc=es'
ldap_get_conn: Got Id: 0
rlm_ldap: performing
search in ou=Wireless,dc=sgi,dc=es, with filter
(uid=001122334455)
rlm_ldap: looking for check items in
directory...
rlm_ldap: Adding radiusExpiration as Expiration, value 08
& op=21
rlm_ldap: Adding radiusAuthType as Auth-Type, value EAP &
op=21
rlm_ldap: looking for reply items in directory...
rlm_ldap: user
001122334455 authorized to use remote access
ldap_release_conn: Release Id:
0
modcall[authorize]: module "ldap" returns ok for request
2
modcall: group authorize returns ok for request 2
auth: Failed to
validate the user.
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<=====================
------------------------------------------
radiusd.conf
------------------------------------------
...
eap
{
default_eap_type = ttls
timer_expire = 60
ignore_unknown_eap_types = no
md5 {
}
leap
{
}
tls
{
private_key_password =
izadisan
private_key_file =
/usr/local/openssl/ssl/certs/server/server.pem
certificate_file =
/usr/local/openssl/ssl/certs/server/server.pem
CA_file =
/usr/local/openssl/ssl/certs/ca/ca.pem
dh_file =
/usr/local/openssl/ssl/certs/dh
random_file =
/usr/local/openssl/ssl/certs/random
fragment_size =
1024
include_length = yes
}
ttls
{
default_eap_type = md5
copy_request_to_tunnel = no
use_tunneled_reply =
no
}
mschapv2
{
}
}
...
ldap
{
server =
192.168.49.222
identity =
"cn=Manager,dc=sgi,dc=es"
password =
izadisan
basedn =
"ou=Wireless,dc=sgi,dc=es"
filter =
"(uid=%u)"
start_tls =
no
tls_mode =
no
dictionary_mapping =
${raddbdir}/ldap.attrmap
ldap_connections_number =
5
timeout =
4
timelimit =
3
net_timeout = 1
}
José Luis Solano
SGI - Soluciones Globales
Internet S.A.
Delegación Regional Sur
[EMAIL PROTECTED]
(+34)
954.088.060
