Hello all,
I was trying to get EAP-MD5 authentication working with freeradius. I'm
using radeapclient to send in the request.
I have a user in my users file as shown below.
DNIS:123456789 Auth-Type := Local, User-Password == "marty"
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 1.2.3.4,
Framed-IP-Netmask = 255.255.255.0,
Framed-Routing = Broadcast-Listen,
Framed-Filter-Id = "std.ppp",
Framed-MTU = 1500,
Framed-Compression = Van-Jacobsen-TCP-IP
I'm sending in the request using radeapclient with the details below.
User-Name = "DNIS:123456789"
EAP-MD5-Password = "marty"
NAS-IP-Address = 10.230.199.211
EAP-Code = Response
EAP-Id = 210
EAP-Type-Identity = "DNIS:123456789"
Message-Authenticator = 0x00
NAS-Port = 0
./radeapclient -x 10.230.199.211 auth SharedSecret < ~/EAP/req.txt
It works and I get an Access Accept out with EAP Success.
However the Access-Challenge that freeradius sends me back contains all
the connection attributes as the output from radeapclient below shows.
rad_recv: Access-Challenge packet from host 10.230.199.211:1812, id=140,
length=131
Service-Type = Framed-User
Framed-Protocol = PPP
Framed-IP-Address = 1.2.3.4
Framed-IP-Netmask = 255.255.255.0
Framed-Routing = Broadcast-Listen
Filter-Id = "std.ppp"
Framed-MTU = 1500
Framed-Compression = Van-Jacobson-TCP-IP
EAP-Message = 0x01d300160410c85c14878e1b23ee8b5703ad2d916a25
Message-Authenticator = 0x39668b64ccf66b262e280f3d5c965e3c
State = 0x28b0e037604ae483026cf00352a72fa4
I know I have most likely mis-configured something to cause freeradius
to send these connection details out in a Challenge packet when it
should not.
Does anyone know what I might have wrong in my configuration.
Also does anyone know why I have to run the radeapclient program from
the freeradius-1.0.1/src/modules/rlm_eap directory where I complied the
code.
Thanks for any help,
Martin
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
