Hi Managers, I am trying to configure my freeradius to except EAP-MD5 and I can not do it
PS: it is work with PAP only. Any idea Version freeradius-0.9.2 1) this is the log file when I us EAP-MD5: rad_recv: Access-Request packet from host 199.107.194.20:32855, id=8, length=77 NAS-IP-Address = 199.107.194.20 NAS-Identifier = "smartmanager" User-Name = "webct" EAP-Message = 0x0207000a017765626374 Message-Authenticator = 0x8c07b65c69585114de7c72e8977876b5 modcall: entering group authorize for request 10 modcall[authorize]: module "preprocess" returns ok for request 10 modcall[authorize]: module "chap" returns noop for request 10 rlm_eap: EAP packet type notification id 7 length 10 rlm_eap: EAP Start not found modcall[authorize]: module "eap" returns updated for request 10 rlm_realm: No '@' in User-Name = "webct", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 10 users: Matched DEFAULT at 152 modcall[authorize]: module "files" returns ok for request 10 modcall[authorize]: module "mschap" returns noop for request 10 rlm_ldap: - authorize rlm_ldap: performing user authorization for webct radius_xlat: '(uid=webct)' radius_xlat: 'ou=people,dc=clunet,dc=edu' ldap_get_conn: Got Id: 0 rlm_ldap: performing search in ou=people,dc=clunet,dc=edu, with filter (uid=webct) rlm_ldap: object not found or got ambiguous search result rlm_ldap: search failed ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns notfound for request 10 modcall: group authorize returns updated for request 10 rad_check_password: Found Auth-Type EAP auth: type "EAP" modcall: entering group authenticate for request 10 rlm_eap: list_clean deleted one item rlm_eap: list_clean deleted one item rlm_eap: list_clean deleted one item rlm_eap: EAP packet type notification id 7 length 10 rlm_eap: EAP Start not found rlm_eap: EAP Identity rlm_eap: processing type md5 rlm_eap_md5: Issuing Challenge modcall[authenticate]: module "eap" returns ok for request 10 modcall: group authenticate returns ok for request 10 Login OK: [webct/<no User-Password attribute>] (from client webct port 0) Sending Access-Challenge of id 8 to 199.107.194.20:32855 EAP-Message = 0x010800160410d7f4af6630b2addc46294de5afcc6382 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x186b7950dea9c450bc2dcb22e5442c2dcc08f7405a7a4a3ce207727a4084b327573d6b29 Finished request 10 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... rad_recv: Access-Request packet from host 199.107.194.20:32856, id=9, length=127 NAS-IP-Address = 199.107.194.20 NAS-Identifier = "smartmanager" User-Name = "webct" EAP-Message = 0x020800160410176d2bb7a593cea2dcca24c4b60d0ade Message-Authenticator = 0x46cd5c85988c46b7ee6e012051b27c7a State = 0x186b7950dea9c450bc2dcb22e5442c2dcc08f7405a7a4a3ce207727a4084b327573d6b29 modcall: entering group authorize for request 11 modcall[authorize]: module "preprocess" returns ok for request 11 modcall[authorize]: module "chap" returns noop for request 11 rlm_eap: EAP packet type notification id 8 length 22 rlm_eap: EAP Start not found modcall[authorize]: module "eap" returns updated for request 11 rlm_realm: No '@' in User-Name = "webct", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 11 users: Matched DEFAULT at 152 modcall[authorize]: module "files" returns ok for request 11 modcall[authorize]: module "mschap" returns noop for request 11 rlm_ldap: - authorize rlm_ldap: performing user authorization for webct radius_xlat: '(uid=webct)' radius_xlat: 'ou=people,dc=clunet,dc=edu' ldap_get_conn: Got Id: 0 rlm_ldap: performing search in ou=people,dc=clunet,dc=edu, with filter (uid=webct) rlm_ldap: object not found or got ambiguous search result rlm_ldap: search failed ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns notfound for request 11 modcall: group authorize returns updated for request 11 rad_check_password: Found Auth-Type EAP auth: type "EAP" modcall: entering group authenticate for request 11 rlm_eap: EAP packet type notification id 8 length 22 rlm_eap: EAP Start not found rlm_eap: Request found, released from the list rlm_eap: EAP_TYPE - md5 rlm_eap: processing type md5 rlm_eap_md5: No password configured for this user modcall[authenticate]: module "eap" returns invalid for request 11 modcall: group authenticate returns invalid for request 11 auth: Failed to validate the user. Login incorrect (rlm_ldap: User not found): [webct/<no User-Password attribute>] (from client webct port 0) Delaying request 11 for 1 seconds Finished request 11 Going to the next request Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 10 ID 8 with timestamp 40f708cc Sending Access-Reject of id 9 to 199.107.194.20:32856 EAP-Message = 0x04080004 Message-Authenticator = 0x00000000000000000000000000000000 Cleaning up request 11 ID 9 with timestamp 40f708cc Nothing to do. Sleeping until we see a request. Result: Authentication failed ---------------------------------------------------------------------------- 2) This is a log file when I use PAP rad_recv: Access-Request packet from host 199.107.194.20:32856, id=10, length=65 NAS-Identifier = "smartmanager" NAS-IP-Address = 199.107.194.20 User-Name = "webct" User-Password = "123456" modcall: entering group authorize for request 12 modcall[authorize]: module "preprocess" returns ok for request 12 modcall[authorize]: module "chap" returns noop for request 12 rlm_eap: EAP-Message not found modcall[authorize]: module "eap" returns noop for request 12 rlm_realm: No '@' in User-Name = "webct", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 12 users: Matched DEFAULT at 152 modcall[authorize]: module "files" returns ok for request 12 modcall[authorize]: module "mschap" returns noop for request 12 rlm_ldap: - authorize rlm_ldap: performing user authorization for webct radius_xlat: '(uid=webct)' radius_xlat: 'ou=people,dc=clunet,dc=edu' ldap_get_conn: Got Id: 0 rlm_ldap: performing search in ou=people,dc=clunet,dc=edu, with filter (uid=webct) rlm_ldap: object not found or got ambiguous search result rlm_ldap: search failed ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns notfound for request 12 modcall: group authorize returns ok for request 12 rad_check_password: Found Auth-Type System auth: type "System" modcall: entering group authenticate for request 12 modcall[authenticate]: module "unix" returns ok for request 12 modcall: group authenticate returns ok for request 12 Login OK: [webct/123456] (from client webct port 0) Sending Access-Accept of id 10 to 199.107.194.20:32856 Finished request 12 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 12 ID 10 with timestamp 40f709b9 Nothing to do. Sleeping until we see a request. Result: Authentication successful Role: CLU User -- Sincerely, Rezk Mekhael Manager of Systems - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html