Sorry to spam you, but we have #radtest user1 password 127.0.0.1:1812 0
testing1234 and
#radtest user1 password 127.0.0.1:18120 0 testing1234
and we have got the same result for the client
________________________________
De : arnauld ndefo <ndefo2...@yahoo.fr>
À : alan buxey <a.l.m.bu...@lboro.ac.uk>; FreeRadius users mailing list
<freeradius-users@lists.freeradius.org>; Arran Cudbard-Bell
<a.cudba...@freeradius.org>
Cc : Alan DeKok <al...@deployingradius.com>; tatiana dibanda
<tdiband...@yahoo.fr>; "tdibanda2...@yahoo.fr" <tdibanda2...@yahoo.fr>
Envoyé le : Mardi 18 septembre 2012 23h38
Objet : Re: error of segmentation during the implementation of eap2
Hi,
Concerning the error of segmentation, we have removed in the section authorize
the part eap2{ ok = return} in the default and inner-server file. After that we
have got the output of the radiusd -X which is in the attached file
radiusd.txt. Normally we think that it is fine because the eap2 module has been
loaded and we have at the end the line
... adding new socket proxy address * port 52902
Listening on authentication address * port 1812
Listening on accounting address * port 1813
Listening on command file /usr/local/var/run/radiusd/radiusd.sock
Listening on authentication address 127.0.0.1 port 18120 as server inner-tunnel
Listening on proxy address * port 1814
Ready to process requests.
For the test of the eap2 module, we have put in the users file the line user1
Auth-Type :=eap2, Cleartext-Password :="password"
On the client, we have got
#radtest user1 password 127.0.0.1:18120 0 testing1234
sh: getcwd() failed: No such file or directory
Sending Access-Request of id 217 to 127.0.0.1 port 18120
User-Name = "user1"
User-Password = "password"
NAS-IP-Address = 127.0.1.1
NAS-Port = 0
Message-Authenticator = 0x00000000000000000000000000000000
rad_recv: Access-Reject packet from host 127.0.0.1 port 18120, id=217, length=20
And on the server we have got
rad_recv: Access-Request packet from host 127.0.0.1 port 53591, id=217,
length=75
User-Name = "user1"
User-Password = "password"
NAS-IP-Address = 127.0.1.1
NAS-Port = 0
Message-Authenticator = 0xd755b04bec06d6babdc5c934be2aae5a
server inner-tunnel {
# Executing section authorize from file
/usr/local/etc/raddb/sites-enabled/inner-tunnel
+- entering group authorize {...}
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "user1", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
++[control] returns noop
[files] users: Matched entry user1 at line 204
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING: Auth-Type already set. Not setting to PAP
++[pap] returns noop
Found Auth-Type = eap2
# Executing group from file /usr/local/etc/raddb/sites-enabled/inner-tunnel
+- entering group authenticate {...}
[eap2] No EAP-Message. Not doing EAP.
++[eap2] returns fail
Failed to authenticate the user.
} # server inner-tunnel
Using Post-Auth-Type REJECT
# Executing group from file /usr/local/etc/raddb/sites-enabled/inner-tunnel
+- entering group REJECT {...}
[attr_filter.access_reject] expand: %{User-Name} -> user1
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 1 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 1
Sending Access-Reject of id 217 to 127.0.0.1 port 53591
Waking up in 4.9 seconds.
Cleaning up request 1 ID 217 with timestamp +96
I have checked all the file and everything is Ok. Then i dont know why the
server doesnt success to authenticate the user??? As you see, we have a failed
to authenticate the user.
Do you have an ideas or suggestions please??
Thank you
________________________________
De : alan buxey <a.l.m.bu...@lboro.ac.uk>
À : arnauld ndefo <ndefo2...@yahoo.fr>; FreeRadius users mailing list
<freeradius-users@lists.freeradius.org>
Cc : Alan DeKok <al...@deployingradius.com>; tatiana dibanda
<tdiband...@yahoo.fr>; "tdibanda2...@yahoo.fr" <tdibanda2...@yahoo.fr>
Envoyé le : Mardi 18 septembre 2012 17h57
Objet : Re: error of segmentation during the implementation of eap2
Hi,
> My project is to authenticate a client openpana with my radius server. The
> authentication method used by the client is based on the
EAP-PSK, which is
> why I would have a radius server with authtentification method as EAP-PSK.
> After apply the instruction of doc/bugs, i have got a file gdb-radiusd.log
> which i have attached to the mail.
I take it that you've tried removing eap2 call from authorize and only have it
in the authentication
section?
alan-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
