Re: peap user

Mon, 24 May 2004 10:24:19 -0700

And the user sent isn't your computer name either? If not, I have no idea. I've never used Cisco's client software, I always use the supplicant built into windows.

On May 24, 2004, at 11:04 AM, BLANCA FERRERO RODRIGUEZ wrote:

I'm using Windows XP, the same as for eap/tls and it worked fine in that case. My card is a 350 cisco and follow the instructions in the cisco page to configure it as well as the AP.
In teh network manager I enabled PEAP auth and unchecked the box you mentioned about using my windows login to auth. Anyway the user sent to the radius is not my login!!!
any idea?


bfr

----- Mensaje original -----
De: Bob McCormick <[EMAIL PROTECTED]>
Fecha: Lunes, Mayo 24, 2004 6:42 pm
Asunto: Re: peap user

Sounds like a client side problem.   What supplicant are you
using?
Are you using the one built into Win2k or WinXP?  Both of those
have
checkboxes to automatically use your machine name or your windows
login
name.   Make sure those aren't checked.


On May 24, 2004, at 10:33 AM, BLANCA FERRERO RODRIGUEZ wrote:

Hi,

I'm configuring PEAP. I think the freeradius config is Ok. I'm
using
an Aironet AP 1100 configured to support 802.1X authentication
and 
WEP and my wireless network is enabled to use PEAP auth.
the fact is that when I try to authenticate my card against
radius I'm
not asked to enter a user and a passw and it directly uses an
unknown
user for me called PEAP-mi_card_MAC. Wasn't I suppossed to de
asked to 
enter the user?

I add the logs in case they can help.
thanks a lot

bfr

rad_recv: Access-Request packet from host 172.26.0.3:1645, id=6,
length=161
        User-Name = "PEAP-000CCE21141B"
        Framed-MTU = 1400
        Called-Station-Id = "0040.96a0.19dc"
        Calling-Station-Id = "000c.ce21.141b"
        NAS-Port-Type = Wireless-802.11
        Message-Authenticator = 0x642163f9e77208900dc76dd8c5b48981
        EAP-Message = 0x0202001601504541502d303030434345323131343142
        NAS-Port-Type = Virtual
        NAS-Port = 63
        Service-Type = Login-User
        NAS-IP-Address = 172.26.0.3
        NAS-Identifier = "ap_cisco  "
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
  modcall[authorize]: module "preprocess" returns ok for request 0
  modcall[authorize]: module "chap" returns noop for request 0
  modcall[authorize]: module "mschap" returns noop for request 0
    rlm_realm: No '@' in User-Name = "PEAP-000CCE21141B",
looking up 
realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 0
  rlm_eap: EAP packet type response id 2 length 22
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 0
    users: Matched DEFAULT at 177
  modcall[authorize]: module "files" returns ok for request 0
modcall: group authorize returns updated for request 0
  rad_check_password:  Found Auth-Type Reject
  rad_check_password: Auth-Type = Reject, rejecting user
auth: Failed to validate the user.
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 6 to 172.26.0.3:1645
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 6 with timestamp 40b22f94
Nothing to do.  Sleeping until we see a request.
rad_recv: Access-Request packet from host 172.26.0.3:1645, id=7,
length=161
        User-Name = "PEAP-000CCE21141B"
        Framed-MTU = 1400
        Called-Station-Id = "0040.96a0.19dc"
        Calling-Station-Id = "000c.ce21.141b"
        NAS-Port-Type = Wireless-802.11
        Message-Authenticator = 0xbabd2bd7b3b9a2cf23018d052dcc7582
        EAP-Message = 0x0201001601504541502d303030434345323131343142
        NAS-Port-Type = Virtual
        NAS-Port = 64
        Service-Type = Login-User
        NAS-IP-Address = 172.26.0.3
        NAS-Identifier = "ap_cisco  "
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
  modcall[authorize]: module "preprocess" returns ok for request 1
  modcall[authorize]: module "chap" returns noop for request 1
  modcall[authorize]: module "mschap" returns noop for request 1
    rlm_realm: No '@' in User-Name = "PEAP-000CCE21141B",
looking up 
realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 1
  rlm_eap: EAP packet type response id 1 length 22
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 1
    users: Matched DEFAULT at 177
  modcall[authorize]: module "files" returns ok for request 1
modcall: group authorize returns updated for request 1
  rad_check_password:  Found Auth-Type Reject
  rad_check_password: Auth-Type = Reject, rejecting user
auth: Failed to validate the user.
Delaying request 1 for 1 seconds
Finished request 1
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 7 to 172.26.0.3:1645
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 1 ID 7 with timestamp 40b22f9f
Nothing to do.  Sleeping until we see a request.
rad_recv: Access-Request packet from host 172.26.0.3:1645, id=8,
length=161
        User-Name = "PEAP-000CCE21141B"
        Framed-MTU = 1400
        Called-Station-Id = "0040.96a0.19dc"
        Calling-Station-Id = "000c.ce21.141b"
        NAS-Port-Type = Wireless-802.11
        Message-Authenticator = 0x017eb94e1149c58524647d0840f81dce
        EAP-Message = 0x0201001601504541502d303030434345323131343142
        NAS-Port-Type = Virtual
        NAS-Port = 65
        Service-Type = Login-User
        NAS-IP-Address = 172.26.0.3
        NAS-Identifier = "ap_cisco  "
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 2
  modcall[authorize]: module "preprocess" returns ok for request 2
  modcall[authorize]: module "chap" returns noop for request 2
  modcall[authorize]: module "mschap" returns noop for request 2
    rlm_realm: No '@' in User-Name = "PEAP-000CCE21141B",
looking up 
realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 2
  rlm_eap: EAP packet type response id 1 length 22
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 2
    users: Matched DEFAULT at 177
  modcall[authorize]: module "files" returns ok for request 2
modcall: group authorize returns updated for request 2
  rad_check_password:  Found Auth-Type Reject
  rad_check_password: Auth-Type = Reject, rejecting user
auth: Failed to validate the user.
Delaying request 2 for 1 seconds
Finished request 2
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 8 to 172.26.0.3:1645
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 2 ID 8 with timestamp 40b22faa
Nothing to do.  Sleeping until we see a request.



-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html


-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to