Hi all, I need help with the freeradius 2.1.3 in MacOS X Server. At the Apple discussion forum I don't get any answer. :( Using this version: radiusd: FreeRADIUS Version 2.1.3, for host i386-apple-darwin10.0, built on Feb 11 2010 at 02:25:02 Copyright (C) 1999-2008 The FreeRADIUS server project and contributors. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. You may redistribute copies of FreeRADIUS under the terms of the GNU General Public License. For more information about these matters, see the file named COPYRIGHT.
In short terms, Apple is trying to make it easy, with the serveradmin you can just add an Apple Airport and it will be configured automatically for radius authentication with the open directory server. If I then try to connect to the WLAN, I see this message in the RADIUS log: Fri Aug 13 14:46:50 2010 : Auth: rlm_opendirectory: User <ahu> is authorized. Fri Aug 13 14:46:59 2010 : Error: rlm_eap: No EAP session matching the State variable. I also activated the debug mode and it came out this: radiusd: #### Opening IP addresses and Ports #### Listening on authentication address * port 1812 Listening on accounting address * port 1813 Listening on proxy address * port 1814 Ready to process requests. rad_recv: Access-Request packet from host 192.168.214.100 port 65527, id=35, length=162 User-Name = "ahu" NAS-IP-Address = 192.168.214.100 NAS-Port = 0 Called-Station-Id = "00-1C-B3-AD-38-07:Andreas Huberts Netzwerk" Calling-Station-Id = "00-25-00-41-AD-F3" Framed-MTU = 1400 NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 0Mbps 802.11" EAP-Message = 0x02eb000801616875 Message-Authenticator = 0xbf4e12e4c08fe497d93f036e78d9629d rlm_opendirectory: The host 192.168.214.100 does not have an access group. rlm_opendirectory: User <ahu> is authorized. Sending Access-Challenge of id 35 to 192.168.214.100 port 65527 EAP-Message = 0x01ec00061520 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x7643105976af05ff18e41e4ad6d190e3 Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 192.168.214.100 port 65527, id=36, length=336 User-Name = "ahu" NAS-IP-Address = 192.168.214.100 NAS-Port = 0 Called-Station-Id = "00-1C-B3-AD-38-07:Andreas Huberts Netzwerk" Calling-Station-Id = "00-25-00-41-AD-F3" Framed-MTU = 1400 NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 0Mbps 802.11" EAP-Message = 0x02ec00a415800000009a16030100950100009103014c65432b508949d3aa234f3918396b1fcd3fc7210ed299f0517fadf848a1e035000056c00ac009c007c008c013c014c011c012c004c005c002c003c00ec00fc00cc00d002f000500040035000a000900030008000600320033003800390016001500140013001200110034003a0018001b001a00170019000101000012000a00080006001700180019000b00020100 State = 0x7643105976af05ff18e41e4ad6d190e3 Message-Authenticator = 0x8d68f17c3a5ee3cd61864c91fddc73be Sending Access-Challenge of id 36 to 192.168.214.100 port 65527 EAP-Message = 0x01ed035a158000000350160301002a0200002603014c65432bf1c8143b2611d52b71758554023eb6d883ed38f8b702c5fefdc1f92200002f0016030103130b00030f00030c00030930820305308201eda003020102020101300b06092a864886f70d01010530313122302006035504030c197873657276652d706172612d312e63656e73686172652e6465310b3009060355040613024445301e170d3039303932353134353334335a170d3130303932353134353334335a30313122302006035504030c197873657276652d706172612d312e63656e73686172652e6465310b300906035504061302444530820122300d06092a864886f70d01010105 EAP-Message = 0x000382010f003082010a0282010100b4b403f2e1b82e661ad564ed3b1c3953e5a71d922072239d7d0a739a2642ebb8dc193e610c34f4d06def71c8a9c081f37d6ef34d470eaed391cb21c2363c32c9712844156aed85a0a839d93452113fb915fc70ad9bce2f0d11a70c71311c125e6f66e6d6373cbbd2553d088f60db92e59d168d87c28309f73e10f5485fd5c2c60451297ec618f4261e9441ab4e7992cfc72b1f555e7a3597936dcc894601a5c2168e3a672febc7e69a343045ac62bc8d0fb5f7d87a93a99e4c9f18e24e281b5ea6c5533b4785c1954f35fdecfa64a3017af4f9ae8331eb7245d8912ae70750320cb801673874a568b25ad5c3a586 EAP-Message = 0x6e9dd6c58969b5dbeaa46a208e9208ce0dcd0203010001a32a3028300e0603551d0f0101ff04040302029430160603551d250101ff040c300a06082b06010505070301300d06092a864886f70d01010505000382010100262f875e3f0a16e09ca6df3ce3fafe205f9d943c1dfeba61376d4a5920413e6b0d4624c76544e015c8816ae1dca1aa840eb46eb692477976e9a782f035f2b96a0c4e214c42593bebd70d72e3c08afe877de86d9257a4395dfaabbc3ce8cf76f22bbfa4b4726821763f14dca93d707ebd916f36bddb0dadda01ceb37fc84175c5ee15701b0f4627d7f46beb3b39e4b9ab2ec881677c36ec591f2d39e998dc69c14a8983e14575 EAP-Message = 0x83749dba69683b8f0974b4744e39aa1dba0cf926299a0d3f6e674d90fc70398fb49e2523dbbb00dcd54da3ec354dab350c190b5f3b7b2b2e032f63bf898e8ba323724abc12b4baad64938e8d1baebafebf9715debd36a2f7c59816030100040e000000 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x7643105977ae05ff18e41e4ad6d190e3 Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 192.168.214.100 port 65527, id=37, length=510 User-Name = "ahu" NAS-IP-Address = 192.168.214.100 NAS-Port = 0 Called-Station-Id = "00-1C-B3-AD-38-07:Andreas Huberts Netzwerk" Calling-Station-Id = "00-25-00-41-AD-F3" Framed-MTU = 1400 NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 0Mbps 802.11" EAP-Message = 0x02ed015015800000014616030101061000010201003cab4843d2e07fc6be3d8b609e4395e7e8d5384784d6d5167707d57acef126ef7ddc80bc88a4b8f5f62b8835d29067c57e8df4bf447dedc7901e912503e6b6282fe347ecaef6e444d1a1604a7aab2e06b10cd8c3b38dfdb8bc81e29f65eb8adc9477d68b85c228a592ccef185805be2f0bba92fe1958463313524f300aac5254e0638e7dfdfcacc4e1b0c52059cf01976a2aa0b26840002494217b09341b868d71f4d6a8ee9ba71016e6fa19234f6e3e51d6676a92b942fcb0b214aa662d1ee46b49cd8ecf9c6a7983806d666cf879408500c3317630b192645a397edf5a36099d41b3a4fa10c2ff EAP-Message = 0x720b129c78752985cb0a418707b6eef0374ac4d38d144f7a14030100010116030100300150ef833c69851dae48a01e85bb4873fbec4399dc0b7c132a9953846b3e91139f90a88397a05d1ee2550874bac964fd State = 0x7643105977ae05ff18e41e4ad6d190e3 Message-Authenticator = 0xd4d3f8e0f2568572259589129bc719af Sending Access-Challenge of id 37 to 192.168.214.100 port 65527 EAP-Message = 0x01ee004515800000003b1403010001011603010030bbda33956ff9087b5291d1bf33e7bd7783b7e5a8334901c991146359bea1295b708aacf8a4f66486889750fe3f6c8969 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x7643105974ad05ff18e41e4ad6d190e3 Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 192.168.214.100 port 65527, id=37, length=510 Sending Access-Challenge of id 37 to 192.168.214.100 port 65527 Waking up in 1.9 seconds. Ready to process requests. rad_recv: Access-Request packet from host 192.168.214.100 port 65527, id=37, length=510 User-Name = "ahu" NAS-IP-Address = 192.168.214.100 NAS-Port = 0 Called-Station-Id = "00-1C-B3-AD-38-07:Andreas Huberts Netzwerk" Calling-Station-Id = "00-25-00-41-AD-F3" Framed-MTU = 1400 NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 0Mbps 802.11" EAP-Message = 0x02ed015015800000014616030101061000010201003cab4843d2e07fc6be3d8b609e4395e7e8d5384784d6d5167707d57acef126ef7ddc80bc88a4b8f5f62b8835d29067c57e8df4bf447dedc7901e912503e6b6282fe347ecaef6e444d1a1604a7aab2e06b10cd8c3b38dfdb8bc81e29f65eb8adc9477d68b85c228a592ccef185805be2f0bba92fe1958463313524f300aac5254e0638e7dfdfcacc4e1b0c52059cf01976a2aa0b26840002494217b09341b868d71f4d6a8ee9ba71016e6fa19234f6e3e51d6676a92b942fcb0b214aa662d1ee46b49cd8ecf9c6a7983806d666cf879408500c3317630b192645a397edf5a36099d41b3a4fa10c2ff EAP-Message = 0x720b129c78752985cb0a418707b6eef0374ac4d38d144f7a14030100010116030100300150ef833c69851dae48a01e85bb4873fbec4399dc0b7c132a9953846b3e91139f90a88397a05d1ee2550874bac964f State = 0x7643105977ae05ff18e41e4ad6d190e3 Message-Authenticator = 0xd4d3f8e0f2568572259589129bc719af rlm_eap: No EAP session matching the State variable. [eap] Either EAP-request timed out OR EAP-response to an unknown EAP-request Waking up in 0.9 seconds. Sending Access-Reject of id 37 to 192.168.214.100 port 65527 Waking up in 4.9 seconds. Ready to process requests. Does anyone know what could be wrong here? I hope I can find here some helpful people here rather than in the Apple discussion forum, where nobody know deeply stuff. Thanks Andreas
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html