Re: issues with peap + tlv part 1
I have gotten this to work with ntradping and radtest...just not windows ce client. It is an issue with mschapv2 and ntlmv2. --- Alan DeKok <[EMAIL PROTECTED]> wrote: > Damon McDougald <[EMAIL PROTECTED]> wrote: > > Yes, I have read the earlier debug message stating > > failure in mschapv2. > > That is the problem, not the message saying "the > authentication was > rejected earlier in the session". > > > I have tried not using mschapv2 and various > other configs, but > > with no luck. I see this is a common issue that > many people have > > encoutered but with vague answers and references. > > Nonsense. The answers are consistent and clear: > follow the > documentation and it will work. > > In your case, you didn't tell the server what the > *correct* password > was for the user. So it's impossible to > authenticate the user, > because the server has no idea if the password they > entered matches > the correct one. > > > Has anyone put together an faq that is more > descriptive or does > > anyone have a more descriptive answer beside look > in the debug > > trace? > > Configure a password for the user, and it WILL > work. > > In your case, it matches a "DEFAULT" entry in the > users file, which > doesn't have the users password. And you haven't > configured the > server to get the password from a database, either. > > Alan DeKok. > -- > http://deployingradius.com - The web site of > the book > http://deployingradius.com/blog/ - The blog > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: issues with peap + tlv part 1
Yes, I have read the earlier debug message stating failure in mschapv2. I have tried not using mschapv2 and various other configs, but with no luck. I see this is a common issue that many people have encoutered but with vague answers and references. Has anyone put together an faq that is more descriptive or does anyone have a more descriptive answer beside look in the debug trace? --- Alan DeKok <[EMAIL PROTECTED]> wrote: > Damon McDougald <[EMAIL PROTECTED]> wrote: > > Here is my dillema: > > rlm_eap_peap: EAPTLS_OK > > rlm_eap_peap: Session established. Decoding > > tunneled attributes. > > rlm_eap_peap: Received EAP-TLV response. > > rlm_eap_peap: Tunneled data is valid. > > rlm_eap_peap: Had sent TLV failure. User was > > rejcted rejected earlier in this session. > > I suggest reading the *earlier* messages in the > debug log. They > tell you when the user was rejected, and why. > > Alan DeKok. > -- > http://deployingradius.com - The web site of > the book > http://deployingradius.com/blog/ - The blog > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius_1.1.2 + ldap
Alright...I figured it out...I ran ldconfig and then the missing file liblber was linked to rlm_ldap. Hooray for beer --- Damon McDougald <[EMAIL PROTECTED]> wrote: > Hello to all, I am encountering a problem when I > start > my radius server: > radiusd -X > > Failed to link to module 'rlm_ldap': > liblber-2.3.so.0: > cannot open shared object file: No such file or > directory > > > when I ldd rlm_ldap I receive the following: > > linux-gate.so.1 => (0xe000) > libradius-1.1.2.so => > /usr/local/lib/libradius-1.1.2.so (0xb7fd7000) > libldap_r-2.3.so.0 => > /usr/local/lib/libldap_r-2.3.so.0 (0xb7f9b000) > libnsl.so.1 => /lib/libnsl.so.1 (0xb7f81000) > libresolv.so.2 => /lib/libresolv.so.2 > (0xb7f6e000) > libpthread.so.0 => /lib/tls/libpthread.so.0 > (0xb7f5c000) > libc.so.6 => /lib/tls/libc.so.6 (0xb7e42000) > libcrypt.so.1 => /lib/libcrypt.so.1 > (0xb7e13000) > liblber-2.3.so.0 => not found > libssl.so.0.9.7 => /usr/lib/libssl.so.0.9.7 > (0xb7de2000) > libcrypto.so.0.9.7 => > /usr/lib/libcrypto.so.0.9.7 (0xb7ce1000) > /lib/ld-linux.so.2 (0x8000) > libdl.so.2 => /lib/libdl.so.2 (0xb7cdd000) > > It is obvious I do not have liblber-2.3.so.0 or it > is > not linked. When compiling openldap and/or > freeradius > is their something special I need during the > .configure? > > Here is what I used to compile freeradius: > ./configure > --with-rlm-ldap-include=/usr/local/include > --with-rlm-ldap-include=/usr/local/lib > --enable-ltdg-install --enable-ltdl-install > > > Here is what I used to compile openldap: > ./confiugre --disable-slapd --disable-slurpd > --disable-ldbm > > Anything I am missing or am blind to? > > Thanks, > > Damon > > __ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam > protection around > http://mail.yahoo.com > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
freeradius_1.1.2 + ldap
Hello to all, I am encountering a problem when I start my radius server: radiusd -X Failed to link to module 'rlm_ldap': liblber-2.3.so.0: cannot open shared object file: No such file or directory when I ldd rlm_ldap I receive the following: linux-gate.so.1 => (0xe000) libradius-1.1.2.so => /usr/local/lib/libradius-1.1.2.so (0xb7fd7000) libldap_r-2.3.so.0 => /usr/local/lib/libldap_r-2.3.so.0 (0xb7f9b000) libnsl.so.1 => /lib/libnsl.so.1 (0xb7f81000) libresolv.so.2 => /lib/libresolv.so.2 (0xb7f6e000) libpthread.so.0 => /lib/tls/libpthread.so.0 (0xb7f5c000) libc.so.6 => /lib/tls/libc.so.6 (0xb7e42000) libcrypt.so.1 => /lib/libcrypt.so.1 (0xb7e13000) liblber-2.3.so.0 => not found libssl.so.0.9.7 => /usr/lib/libssl.so.0.9.7 (0xb7de2000) libcrypto.so.0.9.7 => /usr/lib/libcrypto.so.0.9.7 (0xb7ce1000) /lib/ld-linux.so.2 (0x8000) libdl.so.2 => /lib/libdl.so.2 (0xb7cdd000) It is obvious I do not have liblber-2.3.so.0 or it is not linked. When compiling openldap and/or freeradius is their something special I need during the .configure? Here is what I used to compile freeradius: ./configure --with-rlm-ldap-include=/usr/local/include --with-rlm-ldap-include=/usr/local/lib --enable-ltdg-install --enable-ltdl-install Here is what I used to compile openldap: ./confiugre --disable-slapd --disable-slurpd --disable-ldbm Anything I am missing or am blind to? Thanks, Damon __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html