Decyhpering error message

King, Michael MKing at bridgew.edu
Wed Nov 30 15:59:20 CET 2005


I have a single user that cannot associate to a AP.  By chance, it's
actually me.

I'm failing 802.1x authentication . (We're using PEAP, with the XP
client) with FreeRadius talking to AD

Other users get on the AP fine.

Watching the radius.log I see this error message.  (I have not had a
chance to put the server into Debug mode, that would affect a few
hundred users, and right now it's just me, )

Wed Nov 30 09:49:40 2005 : Error: rlm_eap: UserIdentity Unknown 
Wed Nov 30 09:49:40 2005 : Error: rlm_eap: Identity Unknown,
authentication failed
Wed Nov 30 09:49:40 2005 : Auth: Login incorrect: [<no User-Name
attribute>] (from client Wireless-network-2 port 2 cli
00-14-a5-45-e9-22)
Wed Nov 30 09:49:41 2005 : Info: rlm_eap_tls:  Length Included
Wed Nov 30 09:49:41 2005 : Error:     TLS_accept:error in SSLv3 read
client certificate A 
Wed Nov 30 09:49:41 2005 : Info: rlm_eap_tls:  Length Included
Wed Nov 30 09:49:41 2005 : Error:     TLS_accept:error in SSLv3 read
client certificate A 
Wed Nov 30 09:49:41 2005 : Info: rlm_eap_tls: Received EAP-TLS ACK
message
Wed Nov 30 09:49:41 2005 : Info: rlm_eap_tls: Received EAP-TLS ACK
message
Wed Nov 30 09:49:41 2005 : Info: rlm_eap_tls: Received EAP-TLS ACK
message
Wed Nov 30 09:49:41 2005 : Info: rlm_eap_tls: Received EAP-TLS ACK
message
Wed Nov 30 09:49:41 2005 : Info: rlm_eap_tls:  Length Included
Wed Nov 30 09:49:41 2005 : Info:     (other): SSL negotiation finished
successfully 
Wed Nov 30 09:49:41 2005 : Info: rlm_eap_tls:  Length Included
Wed Nov 30 09:49:41 2005 : Info:     (other): SSL negotiation finished
successfully 
Wed Nov 30 09:49:41 2005 : Info: rlm_eap_tls: Received EAP-TLS ACK
message
Wed Nov 30 09:49:41 2005 : Info: rlm_eap_tls: Received EAP-TLS ACK
message
Wed Nov 30 09:49:42 2005 : Info: rlm_eap_mschapv2: Issuing Challenge
Wed Nov 30 09:49:42 2005 : Info: rlm_eap_mschapv2: Issuing Challenge
Wed Nov 30 09:49:51 2005 : Error: Discarding duplicate request from
client Wireless-network-2:1025 - ID: 227 due to unfinished request
4837665
Wed Nov 30 09:49:51 2005 : Error: rlm_radutmp: Logout entry for NAS
Wireless-network-2 port 1 has wrong ID
Wed Nov 30 09:49:53 2005 : Error: Discarding duplicate request from
client Wireless-network-2:1025 - ID: 227 due to unfinished request
4837665
Wed Nov 30 09:49:53 2005 : Info: rlm_eap_tls:  Length Included
Wed Nov 30 09:49:53 2005 : Error:     TLS_accept:error in SSLv3 read
client certificate A 
Wed Nov 30 09:49:53 2005 : Info: rlm_eap_tls: Received EAP-TLS ACK
message
Wed Nov 30 09:49:53 2005 : Info: rlm_eap_tls: Received EAP-TLS ACK
message
Wed Nov 30 09:49:53 2005 : Info: rlm_eap_tls:  Length Included
Wed Nov 30 09:49:53 2005 : Info:     (other): SSL negotiation finished
successfully 
Wed Nov 30 09:49:55 2005 : Error: rlm_radutmp: Logout entry for NAS
Wireless-network-2 port 2 has wrong ID


Now, the first line is not my MAC, so I don't think it's me.

I get timed out at 9:49:51

So my question:
That last entry Logout entry for NAS Wireless-network-2 port 2 has wrong
ID, I think that's an Accounting message.  Correct?

I know that without the debug logs, it's hard to actually diagnose my
acutal problem.




More information about the Freeradius-Users mailing list