Joseph, >From the info you sent to the list it looks like the NT authentication is not >happening...
NOTE: I don't know why it is but the EAP - Start not found shows up in the debug normally [grin]... Here is the line that indicates the actual problem: rlm_eap_leap: No User-Password or NT-Password configured for this user Hope this helps you .... Gary N. McKinney Network Administrator Computer Services Dept. Brevard County Library System ---------- Original Message ---------------------------------- From: "Joseph Silvin" <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] Date: Mon, 24 May 2004 19:01:36 +0530 >Hi, > >Currently using LEAP through Cisco AP 1200 and Cisco Client adapter (350 >series) >Not able to connect. > >Any suggestions are welcome. > >JS > >===================================================================== >Waking up in 5 seconds... >rad_recv: Access-Request packet from host 192.168.1.7:21654, id=211, >length=194 > User-Name = "Joseph" > Framed-MTU = 1400 > Called-Station-Id = "000e.d7b1.008b" > Calling-Station-Id = "000f.245d.b532" > Message-Authenticator = 0xbfff0cd4e770e2b66a99fb1b3fd057c0 > EAP-Message = >0x02040028110100181cd0eb44b170c98d8f75735f502bed799897f9be3ceb75af46416e74686f6e79 > NAS-Port-Type = Wireless-802.11 > NAS-Port = 377 > State = >0xa098942a08a361fac4b58e0be619329c434faf401ce42fce9ace56190b71178623755fa7 > Service-Type = Framed-User > NAS-IP-Address = 192.168.1.7 > NAS-Identifier = "ap" >modcall: entering group authorize for request 2 > modcall[authorize]: module "preprocess" returns ok for request 2 > modcall[authorize]: module "chap" returns noop for request 2 > rlm_eap: EAP packet type notification id 4 length 40 > rlm_eap: EAP Start not found > modcall[authorize]: module "eap" returns updated for request 2 > rlm_realm: No '@' in User-Name = "Joseph", looking up realm NULL > rlm_realm: No such realm "NULL" > modcall[authorize]: module "suffix" returns noop for request 2 >rlm_ldap: Entering ldap_groupcmp() >radius_xlat: 'o=MyOrg' >radius_xlat: '(uid=Joseph)' >ldap_get_conn: Got Id: 0 >rlm_ldap: performing search in o=MyOrg, with filter (uid=Joseph) >ldap_release_conn: Release Id: 0 >radius_xlat: '(&(uid=Joseph)(objectclass=top))' >ldap_get_conn: Got Id: 0 >rlm_ldap: performing search in OU=MyLocation,O=MyOrg, with filter >(&(uid=Joseph)(objectclass=top)) >rlm_ldap::ldap_groupcmp: User found in group OU=MyLocation,O=MyOrg >ldap_release_conn: Release Id: 0 > users: Matched DEFAULT at 161 > users: Matched DEFAULT at 180 > modcall[authorize]: module "files" returns ok for request 2 > modcall[authorize]: module "mschap" returns noop for request 2 >rlm_ldap: - authorize >rlm_ldap: performing user authorization for Joseph >radius_xlat: '(uid=Joseph)' >radius_xlat: 'o=MyOrg' >ldap_get_conn: Got Id: 0 >rlm_ldap: performing search in o=MyOrg, with filter (uid=Joseph) >rlm_ldap: checking if remote access for Joseph is allowed by >proposedaltorgunit >rlm_ldap: looking for check items in directory... >rlm_ldap: looking for reply items in directory... >rlm_ldap: user Joseph authorized to use remote access >ldap_release_conn: Release Id: 0 > modcall[authorize]: module "ldap" returns ok for request 2 >modcall: group authorize returns updated for request 2 > rad_check_password: Found Auth-Type EAP >auth: type "EAP" >modcall: entering group authenticate for request 2 > rlm_eap: EAP packet type notification id 4 length 40 > rlm_eap: EAP Start not found > rlm_eap: Request found, released from the list > rlm_eap: EAP_TYPE - leap > rlm_eap: processing type leap >rlm_eap_leap: No User-Password or NT-Password configured for this user > modcall[authenticate]: module "eap" returns invalid for request 2 >modcall: group authenticate returns invalid for request 2 >auth: Failed to validate the user. >Delaying request 2 for 1 seconds >Finished request 2 >Going to the next request >Waking up in 5 seconds... >rad_recv: Access-Request packet from host 192.168.1.7:21654, id=211, >length=194 >Sending Access-Reject of id 211 to 192.168.1.7:21654 > EAP-Message = 0x04040004 > Message-Authenticator = 0x00000000000000000000000000000000 >--- Walking the entire request list --- >Cleaning up request 0 ID 209 with timestamp 40af4f42 >Cleaning up request 1 ID 210 with timestamp 40af4f42 >Waking up in 1 seconds... >--- Walking the entire request list --- >Cleaning up request 2 ID 211 with timestamp 40af4f43 >Nothing to do. Sleeping until we see a request. >================================================== > > >----- Forwarded by Joseph Silvin/Information Technology/MyLocation/MyOrg on >24/05/2004 07:02 PM ----- > > > Joseph Silvin > > To: [EMAIL PROTECTED] > > 24/05/2004 09:53 cc: > > AM Subject: rlm_eap: EAP Start not found > > > > > > > > >Hi, > >Need: >Authorization through Domino LDAP (Lotus Notes) >Authentication through EAP without certificates > >Current System: >Server - FreeRadius (freeradius-0.9.3-1.i386.rpm) on RedHat Fedora 1 >AP - Cisco Aironet 1200 >Client - Windows 2000 with Odyssey Client > >Problem: >LDAP working perfectly.... (checked with radtest) >but, the eap component is not working. (rlm_eap: EAP Start not found ) > >Any pointers to a solution is welcome. > >JS > >****************DISCLAIMER***************** This message and any >attachments (hereinafter referred to as the 'mail content') is intended >solely for the addressee. The 'mail content' is confidential and may be >privileged and is also prohibited from disclosure. Access, use, copying, >distribution or re-use of the 'mail content' by anyone except the >addressee is unauthorized. If you are not the intended addressee, please >destroy all copies of the 'mail content' in your possession and also >delete the same from your computer. Any views expressed in the 'mail >content' are those of the individual sender except where the sender, with >due authority of Jyoti Structures Ltd., specifically states them to be >the views of Jyoti Structures Ltd. Nothing contained in the 'mail >content' is capable or intended to create any legally binding >obligations on the sender, Jyoti Structures Ltd. The sender, Jyoti >Structures Ltd., accepts no responsibility, whatsoever, for loss or damage >from the use of the 'Said Information' including damage from viruses. >**************************************************** > > > >- >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html >--- >[This E-mail scanned for viruses by Declude Ant-Virus Scanner] > > ________________________________________________________________ Sent via the KillerWebMail system at mail.brev.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
