Re: Help with peap-eap/mschapv2

adreas Polyxronopoulos wrote:


rad_recv: Access-Request packet from host 10.0.0.10:3794, id=160, length=132
        NAS-IP-Address = 10.0.0.10
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 1
        Framed-MTU = 1400
        User-Name = "someone"
        Calling-Station-Id = "00166f122595"
        Called-Station-Id = "000d545c4190"
        NAS-Identifier = "3Com Access Point"
        EAP-Message = 0x0201000c01736f6d656f6e65
        Message-Authenticator = 0x160e121c6c28afb7f18ee9f0862390d0
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
  modcall[authorize]: module "preprocess" returns ok for request 0
  modcall[authorize]: module "mschap" returns noop for request 0
    rlm_realm: No '@' in User-Name = "someone", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 0
  rlm_eap: EAP packet type response id 1 length 12
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 0
    users: Matched entry DEFAULT at line 155
    users: Matched entry someone at line 219
  modcall[authorize]: module "files" returns ok for request 0
modcall: leaving group authorize (returns updated) for request 0
  rad_check_password:  Found Auth-Type Local
Don't set Auth-Type to Local. Don't set it to anything in fact. In 99% of cases, a correctly configured server will set it just fine itself, and attempting to fiddle with it will break things.
Most likely one of the two entries in the "users" file in line 155 or 219 is causing it to break. 

Your users file only needs:

username	User-Password := "thepassword"
This archive was generated by a fusion of Pipermail (Mailman edition) and MHonArc.