Hi Alan, My configuration details:
1. my configuration is - EAP, TTLS, LDAP, Perl 2. Sending "username + OTP" and "LDAP password" as input credentials 3. Virtual servers has: "Default" and "inner-tunnel" *Authorize:* preprocess chap mschap suffix eap { ok = return } perl files ldap pap *Authenticate:* Auth-Type PAP { pap } Auth-Type CHAP { chap } Auth-Type MS-CHAP { mschap } Auth-Type EAP{ perl eap } 4. Perl module is calling script "example.pl", in this "Authorize" section of script I'm separating username and OTP and sending OTP for validation. => Rusult = Succeed 5. LDAP uses username from perl module and goes for authentication => Result = Succeed 6. In Authentication section of Virtual servers: Perl module script "authentication section" sets original username i.e. "username + otp" again to "User-Name" attribute and then proceed for EAP auth-type. Auth-Type EAP{ perl eap } => *Result = Failed* Found Auth-Type = MSCHAP # Executing group from file /etc/freeradius/sites-enabled/inner-tunnel +- entering group MS-CHAP {...} [mschap] No Cleartext-Password configured. Cannot create LM-Password. [mschap] No Cleartext-Password configured. Cannot create NT-Password. [mschap] Creating challenge hash with username: user1vvtntkjkckvediucfvvrcneucuklvdecturjdjfkgnrg [mschap] Told to do MS-CHAPv2 for user1vvtntkjkckvediucfvvrcneucuklvdecturjdjfkgnrg with NT-Password [mschap] FAILED: No NT/LM-Password. Cannot perform authentication. [mschap] FAILED: MS-CHAP2-Response is incorrect ++[mschap] returns reject Failed to authenticate the user. Please help. Thanks and best regards, Nand. On Mon, Oct 15, 2012 at 8:01 PM, Alan DeKok <al...@deployingradius.com>wrote: > Nandkumar Palkar wrote: > > Hi Alan, > > > > I'm facing the issue with configuration EAP-TTLS, LDAP and Perl and > > using test client as "eapol_test". > > > > Please find the debug logs below: > > You need to read it. It isn't hard. > > You highlighted in red the *wrong* piece. Look at the debug messages > before that. > > Alan DeKok. > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > -- Regards, Nandkumar Palkar Mob: 9967024237
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html