Hi I configured a freeradius server with EAP_TLS to authenticate clients that connects to Cisco AP.
When I run freeradius -X I got a lot of activity output but the client is still trying to authenticate I post last lines from the server's output I see the port of Access-request es 1645 but I did configure 1812 in both server and Cisco AP The line "[tls] eaptls_process returned 13 " means something wrong? What should be the correct output when successful authentication occurs? Thanks ==== rad_recv: Access-Request packet from host 192.168.X.X port 1645, id=51, length=143 User-Name = "etalaveran" Framed-MTU = 1400 Called-Station-Id = "aca0.16ba.89f2" Calling-Station-Id = "0021.63ca.fdbe" Service-Type = Login-User Message-Authenticator = 0x32824bc17cf2b4b4920577cc57e00177 EAP-Message = 0x020700060d00 NAS-Port-Type = Wireless-802.11 NAS-Port = 285 NAS-Port-Id = "285" State = 0x732b0744702c0abef63c2dd8a2b9de35 NAS-IP-Address = 192.168.1.82 +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "etalaveran", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] EAP packet type response id 7 length 6 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] returns updated ++[unix] returns notfound [files] users: Matched entry etalaveran at line 2 ++[files] returns ok ++[expiration] returns noop ++[logintime] returns noop [pap] Found existing Auth-Type, not changing it. ++[pap] returns noop Found Auth-Type = EAP +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/tls [eap] processing type tls [tls] Authenticate [tls] processing EAP-TLS [tls] Received TLS ACK [tls] ACK handshake fragment handler [tls] eaptls_verify returned 1 [tls] eaptls_process returned 13 ++[eap] returns handled Sending Access-Challenge of id 51 to 192.168.X.X port 1645 EAP-Message = 0x0108000a0d8000000000 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x732b074477230abef63c2dd8a2b9de35 Finished request 19. Going to the next request Waking up in 4.8 seconds. Cleaning up request 15 ID 47 with timestamp +117 Cleaning up request 16 ID 48 with timestamp +117 Cleaning up request 17 ID 49 with timestamp +117 Cleaning up request 18 ID 50 with timestamp +117 Cleaning up request 19 ID 51 with timestamp +117 Ready to process requests. ================= -- *Esteban Talavera*
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html