Hi. I have problems with performing authentication with freeradius. When I use the command:
radtest tkiziloren password ldap.anaadolu.edu 10 testing123 i get the message below: rad_recv: Access-accepted... However when i try to perform same task by using securew2 on XP client, it always shows "attempting to authenticate", I pasted the debug results or radiusd below: I am new to freeradius. Could anybody help me where the problem is?. Is there a problem with certificate? (I use cisco aironet 1200 AP) Thanks in advance. Tevfik Kızılören. rad_recv: Access-Request packet from host 10.10.7.203:1645, id=0, length=148 User-Name = "tkiziloren" Framed-MTU = 1400 Called-Station-Id = "0017.0e85.f190" Calling-Station-Id = "0011.2fb9.d08b" Service-Type = Login-User Message-Authenticator = 0xfcbf4e4b477d844b3826ae784cd6977e EAP-Message = 0x020400061500 NAS-Port-Type = Wireless-802.11 NAS-Port = 675 State = 0x74d2bac8b603cafd625c55c0992b70ba NAS-IP-Address = 10.10.7.203 NAS-Identifier = "testbum" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 6 modcall[authorize]: module "preprocess" returns ok for request 6 modcall[authorize]: module "chap" returns noop for request 6 modcall[authorize]: module "mschap" returns noop for request 6 rlm_realm: No '@' in User-Name = "tkiziloren", skipping NULL due to config. modcall[authorize]: module "suffix" returns noop for request 6 rlm_eap: EAP packet type response id 4 length 6 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 6 users: Matched entry DEFAULT at line 29 modcall[authorize]: module "files" returns ok for request 6 rlm_ldap: - authorize rlm_ldap: performing user authorization for tkiziloren radius_xlat: '(uid=tkiziloren)' radius_xlat: 'ou=people,dc=anadolu,dc=edu,dc=tr' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: performing search in ou=people,dc=anadolu,dc=edu,dc=tr, with filter (uid=tkiziloren) rlm_ldap: looking for check items in directory... rlm_ldap: looking for reply items in directory... rlm_ldap: user tkiziloren authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap_1x" returns ok for request 6 modcall: leaving group authorize (returns updated) for request 6 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 6 rlm_eap: Request found, released from the list rlm_eap: EAP/ttls rlm_eap: processing type ttls rlm_eap_ttls: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Received EAP-TLS ACK message rlm_eap_tls: ack handshake fragment handler eaptls_verify returned 1 eaptls_process returned 13 modcall[authenticate]: module "eap" returns handled for request 6 modcall: leaving group authenticate (returns handled) for request 6 Sending Access-Challenge of id 0 to 10.10.7.203 port 1645 EAP-Message = 0x0105024e1580000006445504061302545231123010060355040813095452416e61646f6c75311b3019060355040a1312416e61646f6c7520556e6976657273697479310d300b060355040b13044241554d311c301a060355040313136c6461702e616e61646f6c752e6564752e74723122302006092a864886f70d01090116136c64617040616e61646f6c752e6564752e747230819f300d06092a864886f70d010101050003818d0030818902818100f87fe052d754f4586d4e311ea15bb54cd7bbe1e505e648171bfa44c6a1523906cc31d776e4a8113dd3f002e7ddd43868af03076e0f4c57c6791845adc2f7732d909e58267dc127244ebe656f95 EAP-Message = 0xf53a09222a4a3451369f97a04391610dc4b77848268d41b7f9bc37f04654d00abdc0ee376c8aad064e5ac5a5a1595bffeea9b30203010001a37b307930090603551d1304023000302c06096086480186f842010d041f161d4f70656e53534c2047656e657261746564204365727469666963617465301d0603551d0e0416041450fd81eacea4e2d3d18547e154bc515d08630096301f0603551d2304183016801450fd81eacea4e2d3d18547e154bc515d08630096300d06092a864886f70d01010505000381810092f44ed2dade447e098f90432e2a2b58d93139471c0b41d3bbdebf1c2d09e321b43bbe2faad7d8c60e6642f5b6c2746fbb4be07033 EAP-Message = 0x4b77db5093871b2203bf2271cb97b98cc169c03f4f67d7a01261d971dfddc176cce3a42e1dd1e37037060a528db7e8481722e222549b882a93cfa582a29df0f1b401a28e197772410a1f1016030100040e000000 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x9d3c9b53656089b1510d55b3a1f50a33 Finished request 6 Going to the next request Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 6 ID 0 with timestamp 46421b1a Cleaning up request 4 ID 254 with timestamp 46421b1a Cleaning up request 5 ID 255 with timestamp 46421b1a Nothing to do. Sleeping until we see a request. -- View this message in context: http://www.nabble.com/ttls-problem-tf3717596.html#a10400374 Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html