Interestingly, MAB works just fine. After 802.1x fails I can open a web page and log in via the packetfence portal ...
On 9/7/16 15:23, Jason 'XenoPhage' Frisvold wrote: > Hi all, > > I'm trying to set up a new packetfence instance to authenticate via > 802.1x. I'm working on wired only right now but will be adding wireless > shortly. I'm running into a problem, though, as shown in the error > pasted below. > > I'm only looking to use users defined in the packetfence admin > interface, no external database as of right now. What am I doing wrong? > > ==> logs/radius.log <== > Wed Sep 7 15:18:20 2016 : ERROR: (36) mschap: ERROR: Program returned > code (1) and output 'Reading winbind reply failed! (0xc0000001)' > Wed Sep 7 15:18:20 2016 : Auth: (36) Login incorrect (mschap: Program > returned code (1) and output 'Reading winbind reply failed! > (0xc0000001)'): [testuser] (from client 192.168.10.10 port 50101 cli > xx:xx:xx:xx:xx:xx via TLS tunnel) > Wed Sep 7 15:18:20 2016 : Info: rlm_sql (sql): Closing connection (61): > Hit idle_timeout, was idle for 97 seconds > Wed Sep 7 15:18:20 2016 : Info: rlm_sql (sql): Closing connection (62): > Hit idle_timeout, was idle for 97 seconds > Wed Sep 7 15:18:20 2016 : Info: rlm_sql (sql): Opening additional > connection (63), 1 of 64 pending slots used > Wed Sep 7 15:18:20 2016 : Info: rlm_sql (sql): Need 2 more connections > to reach 10 spares > Wed Sep 7 15:18:20 2016 : Info: rlm_sql (sql): Opening additional > connection (64), 1 of 63 pending slots used > Wed Sep 7 15:18:20 2016 : Info: (37) eap_peap: The users session was > previously rejected: returning reject (again.) > Wed Sep 7 15:18:20 2016 : Info: (37) eap_peap: This means you need to > read the PREVIOUS messages in the debug output > Wed Sep 7 15:18:20 2016 : Info: (37) eap_peap: to find out the reason > why the user was rejected > Wed Sep 7 15:18:20 2016 : Info: (37) eap_peap: Look for "reject" or > "fail". Those earlier messages will tell you > Wed Sep 7 15:18:20 2016 : Info: (37) eap_peap: what went wrong, and > how to fix the problem > Wed Sep 7 15:18:20 2016 : Auth: (37) Login incorrect (eap: Failed > continuing EAP PEAP (25) session. EAP sub-module failed): [testuser] > (from client 192.168.10.10 port 50101 cli xx:xx:xx:xx:xx:xx) > Wed Sep 7 15:18:20 2016 : [mac:xx:xx:xx:xx:xx:xx] Rejected user: testuser > > Thanks, > > > > ------------------------------------------------------------------------------ > > > > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users > -- --------------------------- Jason 'XenoPhage' Frisvold [email protected] --------------------------- "A common mistake that people make when trying to design something completely foolproof is to underestimate the ingenuity of complete fools." - The Hitchhikers Guide to the Galaxy
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
