Hi: I'm trying to configure a FreeRadius server to perform a certification authentication from a Windows Laptop. I have follow the steps at http://wiki.freeradius.org/WPA_HOWTO#HOWTO_Do_It:_An_Outline But when I try to do the connection, it never ends... and I get peridical messeges at the FreeRadius server ouput in this way...
rad_recv: Access-Request packet from host 160.103.180.252:32769, id=0, length=176 User-Name = "radiusserv" Calling-Station-Id = "00-1d-e0-7f-c7-bd" Called-Station-Id = "00-26-cb-4c-f7-c0:Bidon" NAS-Port = 13 NAS-IP-Address = 160.103.180.252 NAS-Identifier = "wlc01" Airespace-Wlan-Id = 6 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-802.11 Tunnel-Type:0 = VLAN Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Private-Group-Id:0 = "82" EAP-Message = 0x0202000f0172616469757373657276 Message-Authenticator = 0x978d232412c863306539d3ad92c9d6b8 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: No '@' in User-Name = "radiusserv", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 0 users: Matched entry DEFAULT at line 179 modcall[authorize]: module "files" returns ok for request 0 modcall: leaving group authorize (returns ok) for request 0 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 0 rlm_eap: EAP Identity rlm_eap: processing type tls rlm_eap_tls: Requiring client certificate rlm_eap_tls: Initiate rlm_eap_tls: Start returned 1 modcall[authenticate]: module "eap" returns handled for request 0 modcall: leaving group authenticate (returns handled) for request 0 Sending Access-Challenge of id 0 to 160.103.180.252 port 32769 EAP-Message = 0x010300060d20 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xc321c12ede0c59624273d465195058be Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... rad_recv: Access-Request packet from host 160.103.180.252:32769, id=1, length=300 User-Name = "radiusserv" Calling-Station-Id = "00-1d-e0-7f-c7-bd" Called-Station-Id = "00-26-cb-4c-f7-c0:Bidon" NAS-Port = 13 NAS-IP-Address = 160.103.180.252 NAS-Identifier = "wlc01" Airespace-Wlan-Id = 6 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-802.11 Tunnel-Type:0 = VLAN Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Private-Group-Id:0 = "82" EAP-Message = 0x020300790d800000006f160301006a0100006603014af93134b45308b2252422bb395d6ce641bfdc48695e46696178ab4d4b407442000018002f00350005000ac009c00ac013c0140032003800130004010000250000000f000d00000a72616469757373657276000a00080006001700180019000b00020100 State = 0xc321c12ede0c59624273d465195058be Message-Authenticator = 0x209186e1eb149efd3ce2e8796100a977 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 1 modcall[authorize]: module "preprocess" returns ok for request 1 modcall[authorize]: module "chap" returns noop for request 1 modcall[authorize]: module "mschap" returns noop for request 1 rlm_realm: No '@' in User-Name = "radiusserv", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 1 users: Matched entry DEFAULT at line 179 modcall[authorize]: module "files" returns ok for request 1 modcall: leaving group authorize (returns ok) for request 1 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 1 rlm_eap: Request found, released from the list rlm_eap: EAP/tls rlm_eap: processing type tls rlm_eap_tls: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 (other): before/accept initialization TLS_accept: before/accept initialization rlm_eap_tls: <<< TLS 1.0 Handshake [length 006a], ClientHello TLS_accept: SSLv3 read client hello A rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello TLS_accept: SSLv3 write server hello A rlm_eap_tls: >>> TLS 1.0 Handshake [length 0283], Certificate TLS_accept: SSLv3 write certificate A rlm_eap_tls: >>> TLS 1.0 Handshake [length 0085], CertificateRequest TLS_accept: SSLv3 write certificate request A TLS_accept: SSLv3 flush data TLS_accept:error in SSLv3 read client certificate A rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0) In SSL Handshake Phase In SSL Accept mode eaptls_process returned 13 modcall[authenticate]: module "eap" returns handled for request 1 modcall: leaving group authenticate (returns handled) for request 1 Sending Access-Challenge of id 1 to 160.103.180.252 port 32769 EAP-Message = 0x0104036b0d8000000361160301004a0200004603014af93134a0ad2fc9103447a6a53e1bd7b8e1a2581b8e10093af80ed2eb04a3b420561e9f8d80da1f899a98dce9e25e4ee70e780ba01becdc9ba1deb915f60224a4002f0016030102830b00027f00027c00027930820275308201dea003020102020100300d06092a864886f70d01010505003074310b3009060355040613024652310e300c0603550408130549736572653111300f060355040713084772656e6f626c65310d300b060355040a130445535246311330110603550403130a72616469757373657276311e301c06092a864886f70d010901160f6e6574776f726b40657372662e6672 EAP-Message = 0x301e170d3039313130333136353833315a170d3130313130333136353833315a3074310b3009060355040613024652310e300c0603550408130549736572653111300f060355040713084772656e6f626c65310d300b060355040a130445535246311330110603550403130a72616469757373657276311e301c06092a864886f70d010901160f6e6574776f726b40657372662e667230819f300d06092a864886f70d010101050003818d0030818902818100b8fd3330a5f8ed59944b0ab8f162332223f749059609e5dd68c5efeced0434e500b7178aa3d9ffe32679034200952f14c64f321c851ee7254e78210ad1b8b0420980fb43fa1adf2f89b8 EAP-Message = 0x56fadc8092ef42b1f507a02fc81ab60ed258c3fb079f8d709d8821164011516b7d4d4589ff86306ce61f98130a360ebb3182983900c30203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d01010505000381810091d8dca090d57b08a7731dd90db757ed0da0e534cfda5565b6220528e37edadf12944d2fc1c6398e418a99b636904e2b1c4152f614bc5f0b3c4309cf264f27b794e28242ee02bb6ea48d0e3b1440b69ad926bb080ccebc20c3f1ef3b23a9e7868b2a86303b82ee891e9829dd1d6750837c8d533df59899ddaf9c2350b46992ae16030100850d00007d020102007800763074310b3009 EAP-Message = 0x060355040613024652310e300c0603550408130549736572653111300f060355040713084772656e6f626c65310d300b060355040a130445535246311330110603550403130a72616469757373657276311e301c06092a864886f70d010901160f6e6574776f726b40657372662e66720e000000 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xa8f213a60ac152b2e7e42048e94461f9 Finished request 1 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 160.103.180.252:32769, id=2, length=185 User-Name = "radiusserv" Calling-Station-Id = "00-1d-e0-7f-c7-bd" Called-Station-Id = "00-26-cb-4c-f7-c0:Bidon" NAS-Port = 13 NAS-IP-Address = 160.103.180.252 NAS-Identifier = "wlc01" Airespace-Wlan-Id = 6 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-802.11 Tunnel-Type:0 = VLAN Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Private-Group-Id:0 = "82" EAP-Message = 0x020400060d00 State = 0xa8f213a60ac152b2e7e42048e94461f9 Message-Authenticator = 0xe9f04c151b954deb2b5e5c1ca7032f53 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 2 modcall[authorize]: module "preprocess" returns ok for request 2 modcall[authorize]: module "chap" returns noop for request 2 modcall[authorize]: module "mschap" returns noop for request 2 rlm_realm: No '@' in User-Name = "radiusserv", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 2 users: Matched entry DEFAULT at line 179 modcall[authorize]: module "files" returns ok for request 2 modcall: leaving group authorize (returns ok) for request 2 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 2 rlm_eap: Request found, released from the list rlm_eap: EAP/tls rlm_eap: processing type tls rlm_eap_tls: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Received EAP-TLS ACK message rlm_eap_tls: ack handshake fragment handler eaptls_verify returned 1 eaptls_process returned 13 modcall[authenticate]: module "eap" returns handled for request 2 modcall: leaving group authenticate (returns handled) for request 2 Sending Access-Challenge of id 2 to 160.103.180.252 port 32769 EAP-Message = 0x0105000a0d8000000000 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x09770a67d71842c41d63756db81b29fc Finished request 2 Going to the next request Waking up in 6 seconds... ------------------------------------- Any ideas what i'm doing wrong? -- View this message in context: http://old.nabble.com/Microsoft%3A-SmardCard-or-Certificate-Auth-tp26280525p26280525.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html