Re: PEAP with MS-Chapv2 Problem

[Alan DeKok]

xaeon [EMAIL PROTECTED] wrote:
  - And at the Login
 modcall: group authenticate returns reject for request 8
 auth: Failed to validate the user.
 Login incorrect: [alex/no User-Password attribute] (from client
 Wlan-AP port 0 cli 00-02-72-02-86-73)

  The whole point of debugging output is to read ALL of it.  The true
cause of the error is in one of the messages *before* the lines you
quoted.

  Looking at only the last few lines of the debug output is useless.

 Comment: I have no idea why the Freeradius get no Password .. :/

  Because there was none.  It's EAP, which doesn't inbclude a
User-Password attribute.  You can discover this for yourself by
reading the debugging output, and noting that there's no User-Password
in the request packet.

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

PEAP with MS-Chapv2 Problem

[xaeon]

Hi Folks,

i have following Problem with my Freeradius:

The Network:

# Laptop   
Windows 2000
IP: 192.168.10.23
|
|
# Access Point (W-Lan)
It's a Fujitsu Siemens Connect2Air 2000RDS
IP: 192.168.10.100
|
|
# Freeradius-Server
IP: 192.168.10.1
Version 1.0.0-pre0 (Cause of the PEAP-Support)

Now, my task is to authenticate the Laptop over PEAP-MSCHAPv2 with the
Freeradius-Server.
I use the buildin 802.1X - Support from Windows 2k.

I uploaded the log of the Radius-Server ('radius -X  log') and the needed
Config-files for you.
(And Of course: stipped the Comments out)

Debugginglog (with 'radiusd -X'):  
http://leenox.net/dateien/ML-errorlog.txt
EAP-Config File:  http://leenox.net/dateien/ML-eap.conf
Radius.conf File: http://leenox.net/dateien/ML-radiusd.conf


In the Log I found this Errors:

 - At the SSL-Handshake:
TLS_accept: SSLv3 flush data 
TLS_accept:error in SSLv3 read client certificate A 

Comment: I imported the Client-Certificate on my Laptop - Nothing
happened
But the Log shows also that the SSL-Tunnel connects sucessfully.(!?)

 - And at the Login
modcall: group authenticate returns reject for request 8
auth: Failed to validate the user.
Login incorrect: [alex/no User-Password attribute] (from client
Wlan-AP port 0 cli 00-02-72-02-86-73)

Comment: I have no idea why the Freeradius get no Password .. :/
  
Hope, someone can help me.

Thanks in advance

Alex Dornhoefer
(from Germany)

-- 
+++ NEU bei GMX und erstmalig in Deutschland: TÜV-geprüfter Virenschutz +++
100% Virenerkennung nach Wildlist. Infos: http://www.gmx.net/virenschutz


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html