<[EMAIL PROTECTED]> wrote: > I ve installed freeRadius with EAP-TTLS. > i've done the configuration but i have always an access reject. for > a user who is in the users file.
Because you did exactly the opposite of what the configuration files say. > rlm_eap_ttls: Session established. Proceeding to decode tunneled attributes. > TTLS: Got tunneled request > User-Name = "Rola" > User-Password = "testing" > Freeradius-Proxied-To = 127.0.0.1 This is the request in the tunnel. > modcall[authorize]: module "suffix" returns noop for request 5 > users: Matched Rola at 92 This line of your "users" file contains "Auth-Type := EAP" > rad_check_password: Found Auth-Type EAP > auth: type "EAP" > modcall: entering group authenticate for request 5 > rlm_eap: EAP-Message not found > rlm_eap: Malformed EAP Message > modcall[authenticate]: module "eap" returns fail for request 5 There is no EAP session in the tunneled request, and you have told the server to use EAP to authenticate the user. It's telling you that it can't. Please read the entire debug message. Please read "radiusd.conf", and the comments at the start of the "authenticate" section, in any CVS snapshot from the past month or so. Do NOT set "Auth-Type := EAP". Ever. It's wrong. Alan DEKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
