Hi
all, We
are using FreeRADIUS server for one of our requirements and we saw freeradius server
sending a reject packet with zero length attributes. Could
anybody of u can help me in understanding in what circumstances FreeRadius server
will send a reject packet with zero length attributes in between the access
challenges OR access requests. In the normal scenario when the password or
certificate mismatch is found the FreeRADIUS sends an access-Reject packet with
EAP-Message and message Authenticator. But in the below case it does not
send any attributes. One
such instance where we observed radius server sending reject packet with zero
attributes is as follows. Going to the next request Cleaning up request 17 ID 243 with timestamp 44dd6e90 Waking up in 1 seconds... --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Sending Access-Reject of id 246 to 10.201.114.29:1050 Waking up in 4 seconds... rad_recv: Access-Request packet from host 10.201.114.29:1050, id=165,
length=158
NAS-IP-Address = 10.201.114.147
NAS-Port = 2 Framed-MTU = 1388
NAS-Port-Type = Wireless-802.11
Service-Type = 128
Called-Station-Id = "60-c4-b6-48-80-00:"
Calling-Station-Id = "fc-50-d1-ba-70-00"
NAS-Port-Id =
"fc-50-d1-ba-70-00" State = 0xe92296731885b23183f47834fb748272
User-Name = "root"
EAP-Message = 0x020500060d00
Message-Authenticator = 0x035037019647238daa63c6f29829afd2 Processing the authorize
section of radiusd.conf modcall: entering group authorize for request 20 modcall[authorize]: module
"preprocess" returns ok for request 20 modcall[authorize]: module
"chap" returns noop for request 20 modcall[authorize]: module
"mschap" returns noop for request 20 rlm_realm: No
rlm_realm: No such realm "NULL" Please let me know if u need any more information. Thanks in advance. Regards, G
Muralidhar Raju.
|
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html