
I am new to Freeradius world. Last two days trying to use Freeradius + Alcon AP 
WPA-Enterprise + Windows XP.

I installed FreeBSD 7.2-STABL with Freeradius 2.1.4 and configured it.

I followed instruction on 
http://wiki.freeradius.org/index.php?title=EAP-PEAP&redirect=no and 

I have 2 WLAN card on my Windows XP laptop.

After successfully install,configure freebsd/freeradius/AP and Windows XP.

1.My Linksys WPC300N WLAN card can connect to AP using PEAP/MS-CHAPv2.

2.But Intel PRO/Wireless 3945ABG card can't get connect, I tried many different 
way. First I tried Windows XP with SP2, then installed SP3 and all time same 

I captured Freeradius debugging information.

Please find second my email. Because maximum mailing-list size is 100K.

2.Intel PRO/Wireless 3945ABG
.rad_recv: Access-Request packet from host port 1077, id=0, 
        Message-Authenticator = 0xa0ca47a1b7294a8b23ae201660398ec5
        Service-Type = Framed-User
        User-Name = "test"
        Framed-MTU = 1488
        Called-Station-Id = "00-C0-A8-ED-84-11:CSMS"
        Calling-Station-Id = "00-1B-77-3D-97-CB"
        NAS-Identifier = "AP CSMS"
        NAS-Port-Type = Wireless-802.11
        Connect-Info = "CONNECT 54Mbps 802.11g"
        EAP-Message = 0x020000090174657374
        NAS-IP-Address =
        NAS-Port = 1
        NAS-Port-Id = "STA port # 1"
Sat May 23 06:12:59 2009 : Info: +- entering group authorize {...}
Sat May 23 06:12:59 2009 : Info: ++[preprocess] returns ok
Sat May 23 06:12:59 2009 : Info: ++[chap] returns noop
Sat May 23 06:12:59 2009 : Info: ++[mschap] returns noop
Sat May 23 06:12:59 2009 : Info: [suffix] No '@' in User-Name = "test", looking 
up realm NULL
Sat May 23 06:12:59 2009 : Info: [suffix] No such realm "NULL"
Sat May 23 06:12:59 2009 : Info: ++[suffix] returns noop
Sat May 23 06:12:59 2009 : Info: [eap] EAP packet type response id 0 length 9
Sat May 23 06:12:59 2009 : Info: [eap] No EAP Start, assuming it's an on-going 
EAP conversation
Sat May 23 06:12:59 2009 : Info: ++[eap] returns updated
Sat May 23 06:12:59 2009 : Info: ++[unix] returns notfound
Sat May 23 06:12:59 2009 : Info: [files] users: Matched entry test at line 206
Sat May 23 06:12:59 2009 : Info: ++[files] returns ok
Sat May 23 06:12:59 2009 : Info: ++[expiration] returns noop
Sat May 23 06:12:59 2009 : Info: ++[logintime] returns noop
Sat May 23 06:12:59 2009 : Info: [pap] Found existing Auth-Type, not changing 
Sat May 23 06:12:59 2009 : Info: ++[pap] returns noop
Sat May 23 06:12:59 2009 : Info: Found Auth-Type = EAP
Sat May 23 06:12:59 2009 : Info: +- entering group authenticate {...}
Sat May 23 06:12:59 2009 : Info: [eap] EAP Identity
Sat May 23 06:12:59 2009 : Info: [eap] processing type tls
Sat May 23 06:12:59 2009 : Info: [tls] Initiate
Sat May 23 06:12:59 2009 : Info: [tls] Start returned 1
Sat May 23 06:12:59 2009 : Info: ++[eap] returns handled
Sending Access-Challenge of id 0 to port 1077
        EAP-Message = 0x010100061920
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xab2d012bab2c18f6df82958be47c8d15
Sat May 23 06:12:59 2009 : Info: Finished request 65.
Sat May 23 06:12:59 2009 : Debug: Going to the next request
Sat May 23 06:12:59 2009 : Debug: Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host port 1077, id=1, length=265
        Message-Authenticator = 0xf38fba12d0d8983cafc03c4357006b1b
        Service-Type = Framed-User
        User-Name = "test"
        Framed-MTU = 1488
        State = 0xab2d012bab2c18f6df82958be47c8d15
        Called-Station-Id = "00-C0-A8-ED-84-11:CSMS"
        Calling-Station-Id = "00-1B-77-3D-97-CB"
        NAS-Identifier = "AP CSMS"
        NAS-Port-Type = Wireless-802.11
        Connect-Info = "CONNECT 54Mbps 802.11g"
        EAP-Message = 
        NAS-IP-Address =
        NAS-Port = 1
        NAS-Port-Id = "STA port # 1"
Sat May 23 06:12:59 2009 : Info: +- entering group authorize {...}
Sat May 23 06:12:59 2009 : Info: ++[preprocess] returns ok
Sat May 23 06:12:59 2009 : Info: ++[chap] returns noop
Sat May 23 06:12:59 2009 : Info: ++[mschap] returns noop
Sat May 23 06:12:59 2009 : Info: [suffix] No '@' in User-Name = "test", looking 
up realm NULL
Sat May 23 06:12:59 2009 : Info: [suffix] No such realm "NULL"
Sat May 23 06:12:59 2009 : Info: ++[suffix] returns noop
Sat May 23 06:12:59 2009 : Info: [eap] EAP packet type response id 1 length 80
Sat May 23 06:12:59 2009 : Info: [eap] Continuing tunnel setup.
Sat May 23 06:12:59 2009 : Info: ++[eap] returns ok
Sat May 23 06:12:59 2009 : Info: Found Auth-Type = EAP
Sat May 23 06:12:59 2009 : Info: +- entering group authenticate {...}
Sat May 23 06:12:59 2009 : Info: [eap] Request found, released from the list
Sat May 23 06:12:59 2009 : Info: [eap] EAP/peap
Sat May 23 06:12:59 2009 : Info: [eap] processing type peap
Sat May 23 06:12:59 2009 : Info: [peap] processing EAP-TLS
Sat May 23 06:12:59 2009 : Debug:   TLS Length 70
Sat May 23 06:12:59 2009 : Info: [peap] Length Included
Sat May 23 06:12:59 2009 : Info: [peap] eaptls_verify returned 11
Sat May 23 06:12:59 2009 : Info: [peap]     (other): before/accept 
Sat May 23 06:12:59 2009 : Info: [peap]     TLS_accept: before/accept 
Sat May 23 06:12:59 2009 : Info: [peap] <<< TLS 1.0 Handshake [length 0041], 
Sat May 23 06:12:59 2009 : Info: [peap]     TLS_accept: SSLv3 read client hello 
Sat May 23 06:12:59 2009 : Info: [peap] >>> TLS 1.0 Handshake [length 002a], 
Sat May 23 06:12:59 2009 : Info: [peap]     TLS_accept: SSLv3 write server 
hello A
Sat May 23 06:12:59 2009 : Info: [peap] >>> TLS 1.0 Handshake [length 0818], 
Sat May 23 06:12:59 2009 : Info: [peap]     TLS_accept: SSLv3 write certificate 
Sat May 23 06:12:59 2009 : Info: [peap] >>> TLS 1.0 Handshake [length 0004], 
Sat May 23 06:12:59 2009 : Info: [peap]     TLS_accept: SSLv3 write server done 
Sat May 23 06:12:59 2009 : Info: [peap]     TLS_accept: SSLv3 flush data
Sat May 23 06:12:59 2009 : Info: [peap]     TLS_accept: Need to read more data: 
SSLv3 read client certificate A
Sat May 23 06:12:59 2009 : Debug: In SSL Handshake Phase
Sat May 23 06:12:59 2009 : Debug: In SSL Accept mode
Sat May 23 06:12:59 2009 : Info: [peap] eaptls_process returned 13
Sat May 23 06:12:59 2009 : Info: [peap] EAPTLS_HANDLED
Sat May 23 06:12:59 2009 : Info: ++[eap] returns handled
Sending Access-Challenge of id 1 to port 1077
        EAP-Message = 
        EAP-Message = 
        EAP-Message = 
        EAP-Message = 
        EAP-Message = 0x0d06092a864886f70d010105
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xab2d012baa2f18f6df82958be47c8d15
Sat May 23 06:12:59 2009 : Info: Finished request 66.
Sat May 23 06:12:59 2009 : Debug: Going to the next request
Sat May 23 06:12:59 2009 : Debug: Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host port 1077, id=2, length=191
        Message-Authenticator = 0xe998fa0f52f462e1a8b21e3ec7f5c049
        Service-Type = Framed-User
        User-Name = "test"
        Framed-MTU = 1488
        State = 0xab2d012baa2f18f6df82958be47c8d15
        Called-Station-Id = "00-C0-A8-ED-84-11:CSMS"
        Calling-Station-Id = "00-1B-77-3D-97-CB"
        NAS-Identifier = "AP CSMS"
        NAS-Port-Type = Wireless-802.11
        Connect-Info = "CONNECT 54Mbps 802.11g"
        EAP-Message = 0x020200061900
        NAS-IP-Address =
        NAS-Port = 1
        NAS-Port-Id = "STA port # 1"
Sat May 23 06:12:59 2009 : Info: +- entering group authorize {...}
Sat May 23 06:12:59 2009 : Info: ++[preprocess] returns ok
Sat May 23 06:12:59 2009 : Info: ++[chap] returns noop
Sat May 23 06:12:59 2009 : Info: ++[mschap] returns noop
Sat May 23 06:12:59 2009 : Info: [suffix] No '@' in User-Name = "test", looking 
up realm NULL
Sat May 23 06:12:59 2009 : Info: [suffix] No such realm "NULL"
Sat May 23 06:12:59 2009 : Info: ++[suffix] returns noop
Sat May 23 06:12:59 2009 : Info: [eap] EAP packet type response id 2 length 6
Sat May 23 06:12:59 2009 : Info: [eap] Continuing tunnel setup.
Sat May 23 06:12:59 2009 : Info: ++[eap] returns ok
Sat May 23 06:12:59 2009 : Info: Found Auth-Type = EAP
Sat May 23 06:12:59 2009 : Info: +- entering group authenticate {...}
Sat May 23 06:12:59 2009 : Info: [eap] Request found, released from the list
Sat May 23 06:12:59 2009 : Info: [eap] EAP/peap
Sat May 23 06:12:59 2009 : Info: [eap] processing type peap
Sat May 23 06:12:59 2009 : Info: [peap] processing EAP-TLS
Sat May 23 06:12:59 2009 : Info: [peap] Received TLS ACK
Sat May 23 06:12:59 2009 : Info: [peap] ACK handshake fragment handler
Sat May 23 06:12:59 2009 : Info: [peap] eaptls_verify returned 1
Sat May 23 06:12:59 2009 : Info: [peap] eaptls_process returned 13
Sat May 23 06:12:59 2009 : Info: [peap] EAPTLS_HANDLED
Sat May 23 06:12:59 2009 : Info: ++[eap] returns handled
Sending Access-Challenge of id 2 to port 1077
        EAP-Message = 
        EAP-Message = 
        EAP-Message = 
        EAP-Message = 
        EAP-Message = 0xe78e4d77cbec2fb9
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xab2d012ba92e18f6df82958be47c8d15
Sat May 23 06:12:59 2009 : Info: Finished request 67.
Sat May 23 06:12:59 2009 : Debug: Going to the next request
Sat May 23 06:12:59 2009 : Debug: Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host port 1077, id=3, length=191
        Message-Authenticator = 0xdd87b957079c3f4f81b4c7a5ba4be6d6
        Service-Type = Framed-User
        User-Name = "test"
        Framed-MTU = 1488
        State = 0xab2d012ba92e18f6df82958be47c8d15
        Called-Station-Id = "00-C0-A8-ED-84-11:CSMS"
        Calling-Station-Id = "00-1B-77-3D-97-CB"
        NAS-Identifier = "AP CSMS"
        NAS-Port-Type = Wireless-802.11
        Connect-Info = "CONNECT 54Mbps 802.11g"
        EAP-Message = 0x020300061900
        NAS-IP-Address =
        NAS-Port = 1
        NAS-Port-Id = "STA port # 1"
Sat May 23 06:12:59 2009 : Info: +- entering group authorize {...}
Sat May 23 06:12:59 2009 : Info: ++[preprocess] returns ok
Sat May 23 06:12:59 2009 : Info: ++[chap] returns noop
Sat May 23 06:12:59 2009 : Info: ++[mschap] returns noop
Sat May 23 06:12:59 2009 : Info: [suffix] No '@' in User-Name = "test", looking 
up realm NULL
Sat May 23 06:12:59 2009 : Info: [suffix] No such realm "NULL"
Sat May 23 06:12:59 2009 : Info: ++[suffix] returns noop
Sat May 23 06:12:59 2009 : Info: [eap] EAP packet type response id 3 length 6
Sat May 23 06:12:59 2009 : Info: [eap] Continuing tunnel setup.
Sat May 23 06:12:59 2009 : Info: ++[eap] returns ok
Sat May 23 06:12:59 2009 : Info: Found Auth-Type = EAP
Sat May 23 06:12:59 2009 : Info: +- entering group authenticate {...}
Sat May 23 06:12:59 2009 : Info: [eap] Request found, released from the list
Sat May 23 06:12:59 2009 : Info: [eap] EAP/peap
Sat May 23 06:12:59 2009 : Info: [eap] processing type peap
Sat May 23 06:12:59 2009 : Info: [peap] processing EAP-TLS
Sat May 23 06:12:59 2009 : Info: [peap] Received TLS ACK
Sat May 23 06:12:59 2009 : Info: [peap] ACK handshake fragment handler
Sat May 23 06:12:59 2009 : Info: [peap] eaptls_verify returned 1
Sat May 23 06:12:59 2009 : Info: [peap] eaptls_process returned 13
Sat May 23 06:12:59 2009 : Info: [peap] EAPTLS_HANDLED
Sat May 23 06:12:59 2009 : Info: ++[eap] returns handled
Sending Access-Challenge of id 3 to port 1077
        EAP-Message = 
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xab2d012ba82918f6df82958be47c8d15
Sat May 23 06:12:59 2009 : Info: Finished request 68.
Sat May 23 06:12:59 2009 : Debug: Going to the next request
Sat May 23 06:12:59 2009 : Debug: Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host port 1077, id=4, length=191
        Message-Authenticator = 0x1a9c69cd9f1a6a400346442e1b1da646
        Service-Type = Framed-User
        User-Name = "test"
        Framed-MTU = 1488
        State = 0xab2d012ba82918f6df82958be47c8d15
        Called-Station-Id = "00-C0-A8-ED-84-11:CSMS"
        Calling-Station-Id = "00-1B-77-3D-97-CB"
        NAS-Identifier = "AP CSMS"
        NAS-Port-Type = Wireless-802.11
        Connect-Info = "CONNECT 54Mbps 802.11g"
        EAP-Message = 0x020400061900
        NAS-IP-Address =
        NAS-Port = 1
        NAS-Port-Id = "STA port # 1"
Sat May 23 06:12:59 2009 : Info: +- entering group authorize {...}
Sat May 23 06:12:59 2009 : Info: ++[preprocess] returns ok
Sat May 23 06:12:59 2009 : Info: ++[chap] returns noop
Sat May 23 06:12:59 2009 : Info: ++[mschap] returns noop
Sat May 23 06:12:59 2009 : Info: [suffix] No '@' in User-Name = "test", looking 
up realm NULL
Sat May 23 06:12:59 2009 : Info: [suffix] No such realm "NULL"
Sat May 23 06:12:59 2009 : Info: ++[suffix] returns noop
Sat May 23 06:12:59 2009 : Info: [eap] EAP packet type response id 4 length 6
Sat May 23 06:12:59 2009 : Info: [eap] Continuing tunnel setup.
Sat May 23 06:12:59 2009 : Info: ++[eap] returns ok
Sat May 23 06:12:59 2009 : Info: Found Auth-Type = EAP
Sat May 23 06:12:59 2009 : Info: +- entering group authenticate {...}
Sat May 23 06:12:59 2009 : Info: [eap] Request found, released from the list
Sat May 23 06:12:59 2009 : Info: [eap] EAP/peap
Sat May 23 06:12:59 2009 : Info: [eap] processing type peap
Sat May 23 06:12:59 2009 : Info: [peap] processing EAP-TLS
Sat May 23 06:12:59 2009 : Info: [peap] Received TLS ACK
Sat May 23 06:12:59 2009 : Info: [peap] ACK handshake fragment handler
Sat May 23 06:12:59 2009 : Info: [peap] eaptls_verify returned 1
Sat May 23 06:12:59 2009 : Info: [peap] eaptls_process returned 13
Sat May 23 06:12:59 2009 : Info: [peap] EAPTLS_HANDLED
Sat May 23 06:12:59 2009 : Info: ++[eap] returns handled
Sending Access-Challenge of id 4 to port 1077
        EAP-Message = 0x010500061900
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xab2d012baf2818f6df82958be47c8d15
Sat May 23 06:12:59 2009 : Info: Finished request 69.
Sat May 23 06:12:59 2009 : Debug: Going to the next request
Sat May 23 06:12:59 2009 : Debug: Waking up in 4.9 seconds.
Sat May 23 06:13:04 2009 : Info: Cleaning up request 65 ID 0 with timestamp +715
Sat May 23 06:13:04 2009 : Info: Cleaning up request 66 ID 1 with timestamp +715
Sat May 23 06:13:04 2009 : Info: Cleaning up request 67 ID 2 with timestamp +715
Sat May 23 06:13:04 2009 : Info: Cleaning up request 68 ID 3 with timestamp +715
Sat May 23 06:13:04 2009 : Info: Cleaning up request 69 ID 4 with timestamp +715
Sat May 23 06:13:04 2009 : Debug: Ready to process requests.

authorize {
        eap {
                ok = return
        Auth-Type MS-CHAP {

eap {
        default_eap_type = peap
tls  { 
check_cert_cn = %{User-Name}
peap {
                         default_eap_type = mschapv2
                        copy_request_to_tunnel = no
                        use_tunneled_reply = no
                mschapv2 {
      authtype = MS-CHAP

      use_mppe = yes

      require_encryption = yes

      require_strong = yes

test            Cleartext-Password := "test"

Is there anything wrong with configuration or?

My guess is Windows XP wireless client sofware didn't respond to Freeradius 
Access-Challenge request, but Linksys client software doing well.

Any suggestion?

List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to