Hi,
I'm configuring PEAP. I think the freeradius config is Ok. I'm using an Aironet AP
1100 configured to support 802.1X authentication and WEP and my wireless network is
enabled to use PEAP auth.
the fact is that when I try to authenticate my card against radius I'm not asked to
enter a user and a passw and it directly uses an unknown user for me called
PEAP-mi_card_MAC. Wasn't I suppossed to de asked to enter the user?
I add the logs in case they can help.
thanks a lot
bfr
rad_recv: Access-Request packet from host 172.26.0.3:1645, id=6, length=161
User-Name = "PEAP-000CCE21141B"
Framed-MTU = 1400
Called-Station-Id = "0040.96a0.19dc"
Calling-Station-Id = "000c.ce21.141b"
NAS-Port-Type = Wireless-802.11
Message-Authenticator = 0x642163f9e77208900dc76dd8c5b48981
EAP-Message = 0x0202001601504541502d303030434345323131343142
NAS-Port-Type = Virtual
NAS-Port = 63
Service-Type = Login-User
NAS-IP-Address = 172.26.0.3
NAS-Identifier = "ap_cisco "
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
modcall[authorize]: module "chap" returns noop for request 0
modcall[authorize]: module "mschap" returns noop for request 0
rlm_realm: No '@' in User-Name = "PEAP-000CCE21141B", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 0
rlm_eap: EAP packet type response id 2 length 22
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 0
users: Matched DEFAULT at 177
modcall[authorize]: module "files" returns ok for request 0
modcall: group authorize returns updated for request 0
rad_check_password: Found Auth-Type Reject
rad_check_password: Auth-Type = Reject, rejecting user
auth: Failed to validate the user.
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 6 to 172.26.0.3:1645
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 6 with timestamp 40b22f94
Nothing to do. Sleeping until we see a request.
rad_recv: Access-Request packet from host 172.26.0.3:1645, id=7, length=161
User-Name = "PEAP-000CCE21141B"
Framed-MTU = 1400
Called-Station-Id = "0040.96a0.19dc"
Calling-Station-Id = "000c.ce21.141b"
NAS-Port-Type = Wireless-802.11
Message-Authenticator = 0xbabd2bd7b3b9a2cf23018d052dcc7582
EAP-Message = 0x0201001601504541502d303030434345323131343142
NAS-Port-Type = Virtual
NAS-Port = 64
Service-Type = Login-User
NAS-IP-Address = 172.26.0.3
NAS-Identifier = "ap_cisco "
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
modcall[authorize]: module "preprocess" returns ok for request 1
modcall[authorize]: module "chap" returns noop for request 1
modcall[authorize]: module "mschap" returns noop for request 1
rlm_realm: No '@' in User-Name = "PEAP-000CCE21141B", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 1
rlm_eap: EAP packet type response id 1 length 22
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 1
users: Matched DEFAULT at 177
modcall[authorize]: module "files" returns ok for request 1
modcall: group authorize returns updated for request 1
rad_check_password: Found Auth-Type Reject
rad_check_password: Auth-Type = Reject, rejecting user
auth: Failed to validate the user.
Delaying request 1 for 1 seconds
Finished request 1
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 7 to 172.26.0.3:1645
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 1 ID 7 with timestamp 40b22f9f
Nothing to do. Sleeping until we see a request.
rad_recv: Access-Request packet from host 172.26.0.3:1645, id=8, length=161
User-Name = "PEAP-000CCE21141B"
Framed-MTU = 1400
Called-Station-Id = "0040.96a0.19dc"
Calling-Station-Id = "000c.ce21.141b"
NAS-Port-Type = Wireless-802.11
Message-Authenticator = 0x017eb94e1149c58524647d0840f81dce
EAP-Message = 0x0201001601504541502d303030434345323131343142
NAS-Port-Type = Virtual
NAS-Port = 65
Service-Type = Login-User
NAS-IP-Address = 172.26.0.3
NAS-Identifier = "ap_cisco "
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 2
modcall[authorize]: module "preprocess" returns ok for request 2
modcall[authorize]: module "chap" returns noop for request 2
modcall[authorize]: module "mschap" returns noop for request 2
rlm_realm: No '@' in User-Name = "PEAP-000CCE21141B", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 2
rlm_eap: EAP packet type response id 1 length 22
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 2
users: Matched DEFAULT at 177
modcall[authorize]: module "files" returns ok for request 2
modcall: group authorize returns updated for request 2
rad_check_password: Found Auth-Type Reject
rad_check_password: Auth-Type = Reject, rejecting user
auth: Failed to validate the user.
Delaying request 2 for 1 seconds
Finished request 2
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 8 to 172.26.0.3:1645
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 2 ID 8 with timestamp 40b22faa
Nothing to do. Sleeping until we see a request.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
