We are using FreeRADIUS Version 1.0.2, for host , built on Feb 23 2005 at
15:02:37
We are trying to validate a client XP machine using eap-tls. We
used OpenSSL 0.9.7a Feb 19 2003 to generate the certs. I think we have
everything configured correctly. We followed "FreeRADIUS EAP/TLS - WinXP
HOWTO" at
http://www.alphacore.net/contrib/nantes-wireless/eap-tls-HOWTO.html
We still do not get a connection. Following is an excerpt from
radiusd -X Can anyone give me idea what is going on?
Thanks in advance!
Bill Stewart :-)
Kaman Corporation
1332 Blue Hills Avenue
Bloomfield, Connecticut, 06002
(860) 243-7058
rad_recv: Access-Request packet from host 149.158.3.250:1598, id=179,
length=69
User-Name = "00-01-f4-ec-97-29"
User-Password = "NOPASSWORD"
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
rad_rmspace_pair: User-Password now 'NOPASSWORD'
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 34
modcall[authorize]: module "preprocess" returns ok for request 34
modcall[authorize]: module "chap" returns noop for request 34
modcall[authorize]: module "mschap" returns noop for request 34
rlm_realm: No '@' in User-Name = "00-01-f4-ec-97-29", looking up realm
NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 34
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 34
users: Matched entry DEFAULT at line 155
modcall[authorize]: module "files" returns ok for request 34
modcall: group authorize returns ok for request 34
rad_check_password: Found Auth-Type System
auth: type "System"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 34
modcall[authenticate]: module "unix" returns notfound for request 34
modcall: group authenticate returns notfound for request 34
auth: Failed to validate the user.
Login incorrect: [00-01-f4-ec-97-29/NOPASSWORD] (from client wapcor001 port
2)
rad_lowerpair: User-Name now '00-01-f4-ec-97-29'
rad_rmspace_pair: User-Name now '00-01-f4-ec-97-29'
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 34
modcall[authorize]: module "preprocess" returns ok for request 34
modcall[authorize]: module "chap" returns noop for request 34
modcall[authorize]: module "mschap" returns noop for request 34
rlm_realm: No '@' in User-Name = "00-01-f4-ec-97-29", looking up realm
NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 34
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 34
users: Matched entry DEFAULT at line 155
modcall[authorize]: module "files" returns ok for request 34
modcall: group authorize returns ok for request 34
rad_check_password: Found Auth-Type System
auth: type "System"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 34
modcall[authenticate]: module "unix" returns notfound for request 34
modcall: group authenticate returns notfound for request 34
auth: Failed to validate the user.
Login incorrect: [00-01-f4-ec-97-29/NOPASSWORD] (from client wapcor001 port
2)
Delaying request 34 for 1 seconds
Finished request 34
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 179 to 149.158.3.250:1598
Waking up in 4 seconds...
rad_recv: Access-Request packet from host 149.158.3.250:1599, id=180,
length=108
Message-Authenticator = 0x37d8f90a68b1ec4c01b9e2733740fd0f
User-Name = "kmnradius"
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
NAS-Port-Type = Wireless-802.11
Calling-Station-Id = "00-01-f4-ec-97-29"
EAP-Message = 0x0201000e016b6d6e726164697573
Framed-MTU = 1000
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 35
modcall[authorize]: module "preprocess" returns ok for request 35
modcall[authorize]: module "chap" returns noop for request 35
modcall[authorize]: module "mschap" returns noop for request 35
rlm_realm: No '@' in User-Name = "kmnradius", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 35
rlm_eap: EAP packet type response id 1 length 14
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 35
users: Matched entry DEFAULT at line 155
modcall[authorize]: module "files" returns ok for request 35
modcall: group authorize returns updated for request 35
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 35
rlm_eap: EAP Identity
rlm_eap: processing type tls
rlm_eap_tls: Initiate
rlm_eap_tls: Start returned 1
modcall[authenticate]: module "eap" returns handled for request 35
modcall: group authenticate returns handled for request 35
Sending Access-Challenge of id 180 to 149.158.3.250:1599
EAP-Message = 0x010200061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x0c931410196def2535559d9d1df4c661
Finished request 35
Going to the next request
--- Walking the entire request list ---
Waking up in 2 seconds...
--- Walking the entire request list ---
Cleaning up request 34 ID 179 with timestamp 4230b1f9
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 35 ID 180 with timestamp 4230b1fd
Nothing to do. Sleeping until we see a request.
rad_recv: Access-Request packet from host 149.158.3.250:1600, id=181,
length=69
User-Name = "00-01-f4-ec-97-29"
User-Password = "NOPASSWORD"
NAS-IP-Address = 149.158.3.250
NAS-Port = 2
rad_rmspace_pair: User-Password now 'NOPASSWORD'
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 36
modcall[authorize]: module "preprocess" returns ok for request 36
modcall[authorize]: module "chap" returns noop for request 36
modcall[authorize]: module "mschap" returns noop for request 36
rlm_realm: No '@' in User-Name = "00-01-f4-ec-97-29", looking up realm
NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 36
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 36
users: Matched entry DEFAULT at line 155
modcall[authorize]: module "files" returns ok for request 36
modcall: group authorize returns ok for request 36
rad_check_password: Found Auth-Type System
auth: type "System"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 36
modcall[authenticate]: module "unix" returns notfound for request 36
modcall: group authenticate returns notfound for request 36
auth: Failed to validate the user.
Login incorrect: [00-01-f4-ec-97-29/NOPASSWORD] (from client wapcor001 port
2)
rad_lowerpair: User-Name now '00-01-f4-ec-97-29'
rad_rmspace_pair: User-Name now '00-01-f4-ec-97-29'
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 36
modcall[authorize]: module "preprocess" returns ok for request 36
modcall[authorize]: module "chap" returns noop for request 36
modcall[authorize]: module "mschap" returns noop for request 36
rlm_realm: No '@' in User-Name = "00-01-f4-ec-97-29", looking up realm
NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 36
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 36
users: Matched entry DEFAULT at line 155
modcall[authorize]: module "files" returns ok for request 36
modcall: group authorize returns ok for request 36
rad_check_password: Found Auth-Type System
auth: type "System"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 36
modcall[authenticate]: module "unix" returns notfound for request 36
modcall: group authenticate returns notfound for request 36
auth: Failed to validate the user.
Login incorrect: [00-01-f4-ec-97-29/NOPASSWORD] (from client wapcor001 port
2)
Delaying request 36 for 1 seconds
Finished request 36
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 181 to 149.158.3.250:1600
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 36 ID 181 with timestamp 4230b21b
Nothing to do. Sleeping until we see a request.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
