Try sending the *entire* debug output. You're only sending the part that occurs *after* the *real* error. The true error is happening earlier in the authentication sequence.
--Mike On Thu, 2004-09-09 at 08:21, Hugo Sousa wrote: > Hello, > > I'm trying to authenticate a XP SP2. I'm using, for testing only, the > root username and password. And the result is on the bottom. What > could be the problem? > > > Waking up in 6 seconds... > rad_recv: Access-Request packet from host 192.168.2.14:2050, id=0, > length=168 > User-Name = "root" > NAS-IP-Address = 192.168.2.14 > Called-Station-Id = "000f6645db2a" > Calling-Station-Id = "0020ed792d18" > NAS-Identifier = "000f6645db2a" > NAS-Port = 12 > Framed-MTU = 1400 > State = 0x9ffc28e6266e915f48a2c65201988172 > NAS-Port-Type = Wireless-802.11 > EAP-Message = > 0x020800261900170301001bdc0d980a2faf3b259a1c839845feaee7fa20acda7735f5da62fb21 > Message-Authenticator = 0xc1149f0adc27f8d6973700ddb42b51ab > Processing the authorize section of radiusd.conf > modcall: entering group authorize for request 78 > modcall[authorize]: module "preprocess" returns ok for request 78 > modcall[authorize]: module "chap" returns noop for request 78 > modcall[authorize]: module "mschap" returns noop for request 78 > rlm_realm: No '@' in User-Name = "root", looking up realm NULL > rlm_realm: Found realm "NULL" > rlm_realm: Adding Stripped-User-Name = "root" > rlm_realm: Proxying request from user root to realm NULL > rlm_realm: Adding Realm = "NULL" > rlm_realm: Authentication realm is LOCAL. > modcall[authorize]: module "suffix" returns noop for request 78 > rlm_eap: EAP packet type response id 8 length 38 > rlm_eap: No EAP Start, assuming it's an on-going EAP conversation > modcall[authorize]: module "eap" returns updated for request 78 > users: Matched DEFAULT at 152 > modcall[authorize]: module "files" returns ok for request 78 > modcall: group authorize returns updated for request 78 > rad_check_password: Found Auth-Type EAP > auth: type "EAP" > Processing the authenticate section of radiusd.conf > modcall: entering group authenticate for request 78 > rlm_eap: Request found, released from the list > rlm_eap: EAP/peap > rlm_eap: processing type peap > rlm_eap_peap: Authenticate > rlm_eap_tls: processing TLS > eaptls_verify returned 7 > rlm_eap_tls: Done initial handshake > eaptls_process returned 7 > rlm_eap_peap: EAPTLS_OK > rlm_eap_peap: Session established. Decoding tunneled attributes. > rlm_eap_peap: Received EAP-TLV response. > rlm_eap_peap: Tunneled data is valid. > rlm_eap_peap: Had sent TLV failure, rejecting. > rlm_eap: Handler failed in EAP/peap > rlm_eap: Failed in EAP select > modcall[authenticate]: module "eap" returns invalid for request 78 > modcall: group authenticate returns invalid for request 78 > auth: Failed to validate the user. > Delaying request 78 for 1 seconds > Finished request 78 > Going to the next request > --- Walking the entire request list --- > Waking up in 1 seconds... > --- Walking the entire request list --- > Waking up in 1 seconds... > --- Walking the entire request list --- > Sending Access-Reject of id 0 to 192.168.2.14:2050 > EAP-Message = 0x04080004 > Message-Authenticator = 0x00000000000000000000000000000000 > Waking up in 4 seconds... > --- Walking the entire request list --- > Cleaning up request 78 ID 0 with timestamp 413fce87 > Nothing to do. Sleeping until we see a request. > > > > > > Regards, > > Hugo Sousa > SysAdmin / NetworkAdmin > http://www.netsystems.pt > Portugal > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html