On Fri, Jan 22, 2010 at 12:13 AM, Huckle Berry <huck.be...@gmail.com> wrote:
> Will report later. > I installed the new certs (I checked in the details tab on windows that both the server and client have the correct xpextentions) however the client still fails to respond. Just to be sure, I hopped over to my desktop, which runs linux, and set up Wicd for EAP-TLS and same results... Seems like it isn't a Windoze issue (as much as I'd liek it to be) Here's the relevant part of the log: rad_recv: Access-Request packet from host 192.168.1.1 port 3090, id=0, length=148 Cleaning up request 58 ID 0 with timestamp +233 User-Name = "u...@example.com" NAS-IP-Address = 192.168.1.1 Called-Station-Id = "0016b6e2cc20" Calling-Station-Id = "0016b659f0d7" NAS-Identifier = "0016b6e2cc20" NAS-Port = 62 Framed-MTU = 1400 State = 0x2c846de62e8760f57fd0c142afa7b978 NAS-Port-Type = Wireless-802.11 EAP-Message = 0x020300060d00 Message-Authenticator = 0x86dfb6f2b9a4a4a219ea59887d5563cc +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] Looking up realm "example.com" for User-Name = "u...@example.com" [suffix] Found realm "example.com" [suffix] Adding Realm = "example.com" [suffix] Proxying request from user user to realm example.com [suffix] Preparing to proxy authentication request to realm "example.com" ++[suffix] returns updated [eap] Request is supposed to be proxied to Realm example.com. Not doing EAP. ++[eap] returns noop ++[unix] returns notfound [files] users: Matched entry u...@example.com at line 51 [files] expand: Hello, %{User-Name} -> Hello, u...@example.com ++[files] returns ok ++[expiration] returns noop ++[logintime] returns noop [pap] Found existing Auth-Type, not changing it. ++[pap] returns noop Found Auth-Type = EAP +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/tls [eap] processing type tls [tls] Authenticate [tls] processing EAP-TLS [tls] Received TLS ACK [tls] ACK handshake fragment handler [tls] eaptls_verify returned 1 [tls] eaptls_process returned 13 ++[eap] returns handled Sending Access-Challenge of id 0 to 192.168.1.1 port 3090 Reply-Message = "Hello, u...@example.com" EAP-Message = 0x010404000dc000000b5703020102020900b66e36fdf4f33312300d06092... EAP-Message = 0x75733112301006035504071309536f6d657768657265311530130603550... EAP-Message = 0xeda0d0b5fe688a3f31d0d2569b4cf4d7f61a2196822bb2acee9a3ad4149... EAP-Message = 0x4652310f300d06035504081306526164697573311230100603550407130... EAP-Message = 0xd3c56640e3b3ce4de1c63af3 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x2c846de62f8060f57fd0c142afa7b978 Finished request 59. Going to the next request Waking up in 4.9 seconds. > ~Huckle Berry >
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html