TTLS/PEAP seg faults
can I do something about this?
I'm using ldap in authorize{}(just uncommented it
and not using in it in authenticate{}(I don't need it for EAP-TTLS right?) Do
I need to add the auth-type ldap in users?
I'm around this for a week now :(
rad_recv: Access-Request packet from host 192.168.5.1:2048, id=0, length=247
User-Name = "forevertheuni"
NAS-IP-Address = 192.168.5.1
Called-Station-Id = "000ea65b5239"
Calling-Station-Id = "0011f547e038"
NAS-Identifier = "000ea65b5239"
NAS-Port = 31
Framed-MTU = 1400
State = 0x729d931bc6bfa59612707c69d4ac0269
NAS-Port-Type = Wireless-802.11
EAP-Message =
0x0201006c15001603010061015d0301444ac484048c1ded0c6a1a0ff213c2e6a1632cd26d6c89501a7f6d10461f81533600390038003500160013000a00330032002f0007006600050004006300620061001500120009006500640060001400110008000600030100
Message-Authenticator = 0xbaf1f6903393341b2e2cddff9dc928d4
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 4
modcall[authorize]: module "preprocess" returns ok for request 4
modcall[authorize]: module "chap" returns noop for request 4
modcall[authorize]: module "mschap" returns noop for request 4
rlm_realm: No '@' in User-Name = "forevertheuni", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 4
rlm_eap: EAP packet type response id 1 length 108
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 4
modcall[authorize]: module "files" returns notfound for request 4
rlm_ldap: - authorize
rlm_ldap: performing user authorization for forevertheuni
radius_xlat: '(uid=forevertheuni)'
radius_xlat: 'ou=Users,dc=cartoons,dc=buh'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in ou=Users,dc=cartoons,dc=buh, with filter
(uid=forevertheuni)
rlm_ldap: checking if remote access for forevertheuni is allowed by uid
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user forevertheuni authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 4
modcall: leaving group authorize (returns updated) for request 4
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 4
rlm_eap: Request found, released from the list
rlm_eap: EAP/ttls
rlm_eap: processing type ttls
rlm_eap_ttls: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
(other): before/accept initialization
TLS_accept: before/accept initialization
Segmentation fault: 11 (core dumped)
[EMAIL PROTECTED] /home/forevertheuni]#
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: EAP-TLS + LDAP
Em Quinta, 20 de Abril de 2006 16:52, o Alan DeKok escreveu:
> sukhvinder kumar <[EMAIL PROTECTED]> wrote:
> > So if i comment the line Auth-Type LDAP , then how can
> > i authenticate the users as we are using LDAP only.
>
> EAP-TLS does certificate authentication, and doesn't use, or require
> user/password checks.
>
> So you *can't* use LDAP.
hmm so ldap should be in authorize{} and not in authenticate{}?
pgp11yyGqS03H.pgp
Description: PGP signature
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Fwd: Fwd: LDAP+EAP
In the TLS/TTLS attenpts or in all of them?The client doesn't have ip right . all the connection is made by the Acess Point? I'll probably try with a windows computer or something.I'm using wpa_supplicant/wpa_gui. and I authenticate with 802.1x in my university ok. On Tuesday 18 April 2006 22:36, Alan DeKok wrote: > [EMAIL PROTECTED] wrote: > > That's xpextensions? I think it's ok now. but I still have not > > authentication (I have a update in http://nebioq.ath.cx:85/radiuslog.txt > > ). I have cert-src.pem cert-clt.pem .der (for both) and .p12(for both) > > with TTLS both freeradius and wpa_supplicant crash now :(. I've read > > everything in freeradius.org/doc ..couldn't find help > > The client isn't responding to the server. Go ask the client why > this is happening. > > There's little you can do to the server to make the client respond to it. > > Alan DeKok. > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Fwd: LDAP+EAP
I have seen the output of radiusd -X -A It's in http://nebioq.ath.cx:85/radiuslog.txt I've made some other tries I don't if I'm closer or far away from goal. Run the server in debugging mode and read the output. ALL of it. Alan DeKok. -- Mensagem Reencaminhada -- Subject: LDAP+EAP Date: Segunda, 17 de Abril de 2006 20:54 From: João Mamede <[EMAIL PROTECTED]> To: freeradius-users@lists.freeradius.org Well noone gave me a hint about my config...so can someone send me your raddb dir(withouth the secrets and certs of course) of a freeradius+ldap+EAP to authenticate in an access point?I've read all the man's howto's everything I still can't understand why EAP is failing(radtest works ok for my ldap users) Best Regards João Mamede --- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
LDAP+EAP
Well noone gave me a hint about my config...so can someone send me your raddb dir(withouth the secrets and certs of course) of a freeradius+ldap+EAP to authenticate in an access point?I've read all the man's howto's everything I still can't understand why EAP is failing(radtest works ok for my ldap users) Best Regards João Mamede - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ldap+radius+wpa 802.1x authentication
No help for me?I'm desperate I've lost 3 nights now :D I already have my own certs. Best Regards João Mamede Hi I've been trying to set up my freeradius with my ldap database(all users to authenticate) and I can't authenticate my wireless machines using my AP with EAP. all my config files can be found at http://nebioq.ath.cx:85/radius.tar.bz2 and my radiusd -X -A in http://nebioq.ath.cx:85/radiuslog.txt I've tried EAP-MD5 and EAP-TTLS I'm using the certs that came with freeradius because I'm unable to create new one's(an error about some library or something). I can associate to my AP(d-link DI-624) but then the EAP auth fails. My machine is a freeBSD machine(with the radiusd). Oh radtest: radtest forevertheuni mypassword t4 0 radiussecret Sending Access-Request of id 42 to 192.168.5.100 port 1812 User-Name = "forevertheuni" User-Password = "mypassword" NAS-IP-Address = 255.255.255.255 NAS-Port = 0 rad_recv: Access-Accept packet from host 192.168.5.100:1812, id=42, length=20 Hope you folks can help me! Thanks for any help in advance. João Mamede - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
