I am running freeradius 20030922 snapshot on RedHat 9.0. I am authorizing and authenticating via ldap. I seem to be getting authorized and authenticated but my supplicant continues to try and authenticate. Below is my debug output. If anyone can see anything unusual please let me know. Thanks for any help.
rad_recv: Access-Request packet from host 10.5.50.115:1645, id=106, length=211 User-Name = "install" Framed-MTU = 1400 Called-Station-Id = "000d.bd43.d9a8" Calling-Station-Id = "0040.9645.c07a" Message-Authenticator = 0xaba44c3d8a18f7aa63dbf2fe20630dae EAP-Message = 0x0205004f15800000004517030100409dcc64928d8f5ff60c838cef0ac6a057006e51ad920af73b628207daa197dcbdcd1fbd2ea04505100cd5d27cf356a14adb8eb92944976da2adffa2e5623fdea9 NAS-Port-Type = Virtual NAS-Port = 496 State = 0x0cd1fc1c30ee0fc4a8488e79f6205014 NAS-IP-Address = 10.5.50.115 NAS-Identifier = "TESTAP1" modcall: entering group authorize rlm_ldap: - authorize rlm_ldap: performing user authorization for install radius_xlat: '(uid=install)' radius_xlat: 'ou=academics,o=dbu' ldap_get_conn: Got Id: 0 rlm_ldap: performing search in ou=academics,o=dbu, with filter (uid=install) rlm_ldap: looking for check items in directory... rlm_ldap: looking for reply items in directory... rlm_ldap: user install authorized to use remote access ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns ok rlm_eap: EAP packet type response id 5 length 79 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated modcall: group authorize returns updated rad_check_password: Found Auth-Type LDAP rad_check_password: Found Auth-Type EAP Warning: Found 2 auth-types on request for user 'install' auth: type "EAP" modcall: entering group authenticate rlm_eap: Request found, released from the list rlm_eap: EAP_TYPE - ttls rlm_eap: processing type ttls rlm_eap_ttls: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 eaptls_process returned 7 rlm_eap_ttls: Session established. Proceeding to decode tunneled attributes. TTLS: Got tunneled request User-Name = "install" User-Password = "f0ulb3ast" Freeradius-Proxied-To = 127.0.0.1 TTLS: Sending tunneled request User-Name = "install" User-Password = "f0ulb3ast" Freeradius-Proxied-To = 127.0.0.1 modcall: entering group authorize rlm_ldap: - authorize rlm_ldap: performing user authorization for install radius_xlat: '(uid=install)' radius_xlat: 'ou=academics,o=dbu' ldap_get_conn: Got Id: 0 rlm_ldap: performing search in ou=academics,o=dbu, with filter (uid=install) rlm_ldap: looking for check items in directory... rlm_ldap: looking for reply items in directory... rlm_ldap: user install authorized to use remote access ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns ok rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop modcall: group authorize returns ok rad_check_password: Found Auth-Type LDAP auth: type "LDAP" modcall: entering group authenticate rlm_ldap: - authenticate rlm_ldap: login attempt by "install" with password "f0ulb3ast" rlm_ldap: user DN: cn=install,ou=Academics,o=DBU rlm_ldap: (re)connect to 10.5.10.215:389, authentication 1 rlm_ldap: bind as cn=install,ou=Academics,o=DBU/f0ulb3ast to 10.5.10.215:389 rlm_ldap: waiting for bind result ... rlm_ldap: user install authenticated succesfully modcall[authenticate]: module "ldap" returns ok modcall: group authenticate returns ok Trying to look up name of unknown client 127.0.0.1. Login OK: [install/f0ulb3ast] (from client UNKNOWN-CLIENT port 0) TTLS: Got tunneled reply RADIUS code 2 TTLS: Got tunneled Access-Accept rlm_eap: Freeing handler modcall[authenticate]: module "eap" returns handled modcall: group authenticate returns handled Sending Access-Accept of id 106 to 10.5.50.115:1645 MS-MPPE-Recv-Key = 0xe4bcd7f454abdd128405446d00ebf4127842ccf9716b0ae4ebd5da185ad75c17 MS-MPPE-Send-Key = 0xa847b8c85d1c43f533610ebceef89cbe6c8f1daf24e04dfe6316513047111c6f EAP-Message = 0x03050004 Message-Authenticator = 0x00000000000000000000000000000000 User-Name = "install" Finished request 23 Going to the next request Waking up in 1 seconds... rick... Rom.5:8 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html