Authentication failed

Carlos Jimenez Barranco cjimenez at impala-net.com
Thu Jul 12 09:43:01 CEST 2007


***********************
Mensaje examinado por el antivirus perimetral de Impala Network Solutions
***********-***********


Good afternoon:

We are trying to install a server with Red Hat Enterprise Linux v.4 with a FreeRadius v1.0.1-3. The topology has an Enterasys AP which authenticates users with freeradius v1.0.1-3 versus a Windows Server 2003 Domain.
After configuring Samba, FreeRadius, joining the domain and configured the AP, we have found that users cannot authenticate correctly.
It continuously appears the message:

Error: rlm_eap: UserIdentity Unknown 
Error: rlm_eap: Identity Unknown, authentication


Could you help us?


We attach the freeradius debugging log:

ot at FO sbin]# /usr/sbin/radiusd -X -A
Starting - reading configuration files ...
reread_config:  reading radiusd.conf
Config:   including file: /etc/raddb/proxy.conf
Config:   including file: /etc/raddb/clients.conf
Config:   including file: /etc/raddb/snmp.conf
Config:   including file: /etc/raddb/eap.conf
Config:   including file: /etc/raddb/sql.conf
 main: prefix = "/usr"
 main: localstatedir = "/var"
 main: logdir = "/var/log/radius"
 main: libdir = "/usr/lib"
 main: radacctdir = "/var/log/radius/radacct"
 main: hostname_lookups = no
 main: max_request_time = 30
 main: cleanup_delay = 5
 main: max_requests = 1024
 main: delete_blocked_requests = 0
 main: port = 0
 main: allow_core_dumps = no
 main: log_stripped_names = no
 main: log_file = "/var/log/radius/radius.log"
 main: log_auth = no
 main: log_auth_badpass = no
 main: log_auth_goodpass = no
 main: pidfile = "/var/run/radiusd/radiusd.pid"
 main: user = "radiusd"
 main: group = "radiusd"
 main: usercollide = no
 main: lower_user = "no"
 main: lower_pass = "no"
 main: nospace_user = "no"
 main: nospace_pass = "no"
 main: checkrad = "/usr/sbin/checkrad"
 main: proxy_requests = yes
 proxy: retry_delay = 5
 proxy: retry_count = 3
 proxy: synchronous = no
 proxy: default_fallback = yes
 proxy: dead_time = 120
 proxy: post_proxy_authorize = yes
 proxy: wake_all_if_all_dead = no
 security: max_attributes = 200
 security: reject_delay = 1
 security: status_server = no
 main: debug_level = 0
read_config_files:  reading dictionary
read_config_files:  reading naslist
Using deprecated naslist file.  Support for this will go away soon.
read_config_files:  reading clients
read_config_files:  reading realms
radiusd:  entering modules setup
Module: Library search path is /usr/lib
Module: Loaded exec
 exec: wait = yes
 exec: program = "(null)"
 exec: input_pairs = "request"
 exec: output_pairs = "(null)"
 exec: packet_type = "(null)"
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
 pap: encryption_scheme = "crypt"
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
 mschap: use_mppe = yes
 mschap: require_encryption = no
 mschap: require_strong = no
 mschap: with_ntdomain_hack = yes
 mschap: passwd = "(null)"
 mschap: authtype = "MS-CHAP"
 mschap: ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key "
Module: Instantiated mschap (mschap)
Module: Loaded System
 unix: cache = no
 unix: passwd = "(null)"
 unix: shadow = "/etc/shadow"
 unix: group = "(null)"
 unix: radwtmp = "/var/log/radius/radwtmp"
 unix: usegroup = no
 unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded eap
 eap: default_eap_type = "peap"
 eap: timer_expire = 60
 eap: ignore_unknown_eap_types = no
 eap: cisco_accounting_username_bug = no
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
 gtc: challenge = "Password: "
 gtc: auth_type = "PAP"
rlm_eap: Loaded and initialized type gtc
 tls: rsa_key_exchange = no
 tls: dh_key_exchange = yes
 tls: rsa_key_length = 512
 tls: dh_key_length = 512
 tls: verify_depth = 0
 tls: CA_path = "(null)"
 tls: pem_file_type = yes
 tls: private_key_file = "/etc/raddb/certs/cert-srv.pem"
 tls: certificate_file = "/etc/raddb/certs/cert-srv.pem"
 tls: CA_file = "/etc/raddb/certs/demoCA/cacert.pem"
 tls: private_key_password = "whatever"
 tls: dh_file = "/etc/raddb/certs/dh"
 tls: random_file = "/dev/urandom"
 tls: fragment_size = 1024
 tls: include_length = yes
 tls: check_crl = no
 tls: check_cert_cn = "(null)"
rlm_eap: Loaded and initialized type tls
 peap: default_eap_type = "mschapv2"
 peap: copy_request_to_tunnel = no
 peap: use_tunneled_reply = no
 peap: proxy_tunneled_request_as_eap = yes
rlm_eap: Loaded and initialized type peap
 mschapv2: with_ntdomain_hack = no
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded preprocess
 preprocess: huntgroups = "/etc/raddb/huntgroups"
 preprocess: hints = "/etc/raddb/hints"
 preprocess: with_ascend_hack = no
 preprocess: ascend_channels_per_line = 23
 preprocess: with_ntdomain_hack = no
 preprocess: with_specialix_jetstream_hack = no
 preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
 realm: format = "suffix"
 realm: delimiter = "@"
 realm: ignore_default = no
 realm: ignore_null = no
Module: Instantiated realm (suffix)
Module: Loaded files
 files: usersfile = "/etc/raddb/users"
 files: acctusersfile = "/etc/raddb/acct_users"
 files: preproxy_usersfile = "/etc/raddb/preproxy_users"
 files: compat = "no"
Module: Instantiated files (files)
Module: Loaded Acct-Unique-Session-Id
 acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
Module: Instantiated acct_unique (acct_unique)
Module: Loaded detail
 detail: detailfile = "/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
 detail: detailperm = 384
 detail: dirperm = 493
 detail: locking = no
Module: Instantiated detail (detail)
Module: Loaded radutmp
 radutmp: filename = "/var/log/radius/radutmp"
 radutmp: username = "%{User-Name}"
 radutmp: case_sensitive = yes
 radutmp: check_with_nas = yes
 radutmp: perm = 384
 radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Listening on authentication *:1812
Listening on accounting *:1813
Listening on proxy *:1814
Ready to process requests.
rad_recv: Access-Request packet from host 172.24.230.15:3292, id=6, length=113
        NAS-IP-Address = 172.24.230.15
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 1
        Framed-MTU = 1400
        User-Name = ""
        Calling-Station-Id = "00118865b6e5"
        Called-Station-Id = "0011885ae5b0"
        NAS-Identifier = "RoamAbout AP"
        EAP-Message = 0x0201000501
        Message-Authenticator = 0x7e0bca64564aa7a36a948978afd11855
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
  modcall[authorize]: module "preprocess" returns ok for request 0
  modcall[authorize]: module "chap" returns noop for request 0
  modcall[authorize]: module "mschap" returns noop for request 0
    rlm_realm: No '@' in User-Name = "", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 0
  rlm_eap: EAP packet type response id 1 length 5
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 0
    users: Matched DEFAULT at 152
  modcall[authorize]: module "files" returns ok for request 0
modcall: group authorize returns updated for request 0
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 0
rlm_eap: UserIdentity Unknown
rlm_eap: Identity Unknown, authentication failed
  rlm_eap: Failed in handler
  modcall[authenticate]: module "eap" returns invalid for request 0
modcall: group authenticate returns invalid for request 0
auth: Failed to validate the user.
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 6 to 172.24.230.15:3292
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 6 with timestamp 4694d142
Nothing to do.  Sleeping until we see a request.
rad_recv: Access-Request packet from host 172.24.230.15:3301, id=7, length=113
        NAS-IP-Address = 172.24.230.15
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 1
        Framed-MTU = 1400
        User-Name = ""
        Calling-Station-Id = "00118865b6e5"
        Called-Station-Id = "0011885ae5b0"
        NAS-Identifier = "RoamAbout AP"
        EAP-Message = 0x0201000501
        Message-Authenticator = 0x16f2050b520d58294db57fea05923e73
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
  modcall[authorize]: module "preprocess" returns ok for request 1
  modcall[authorize]: module "chap" returns noop for request 1
  modcall[authorize]: module "mschap" returns noop for request 1
    rlm_realm: No '@' in User-Name = "", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 1
  rlm_eap: EAP packet type response id 1 length 5
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 1
    users: Matched DEFAULT at 152
  modcall[authorize]: module "files" returns ok for request 1
modcall: group authorize returns updated for request 1
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 1
rlm_eap: UserIdentity Unknown
rlm_eap: Identity Unknown, authentication failed
  rlm_eap: Failed in handler
  modcall[authenticate]: module "eap" returns invalid for request 1
modcall: group authenticate returns invalid for request 1
auth: Failed to validate the user.
Delaying request 1 for 1 seconds
Finished request 1
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 7 to 172.24.230.15:3301
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 1 ID 7 with timestamp 4694d180
Nothing to do.  Sleeping until we see a request.
rad_recv: Access-Request packet from host 172.24.230.15:3310, id=8, length=113
        NAS-IP-Address = 172.24.230.15
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 1
        Framed-MTU = 1400
        User-Name = ""
        Calling-Station-Id = "00118865b6e5"
        Called-Station-Id = "0011885ae5b0"
        NAS-Identifier = "RoamAbout AP"
        EAP-Message = 0x0201000501
        Message-Authenticator = 0xc976ca6ed7f45b59c4603f30d00f7dc7
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 2
  modcall[authorize]: module "preprocess" returns ok for request 2
  modcall[authorize]: module "chap" returns noop for request 2
  modcall[authorize]: module "mschap" returns noop for request 2
    rlm_realm: No '@' in User-Name = "", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 2
  rlm_eap: EAP packet type response id 1 length 5
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 2
    users: Matched DEFAULT at 152
  modcall[authorize]: module "files" returns ok for request 2
modcall: group authorize returns updated for request 2
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 2
rlm_eap: UserIdentity Unknown
rlm_eap: Identity Unknown, authentication failed
  rlm_eap: Failed in handler
  modcall[authenticate]: module "eap" returns invalid for request 2
modcall: group authenticate returns invalid for request 2
auth: Failed to validate the user.
Delaying request 2 for 1 seconds
Finished request 2
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 8 to 172.24.230.15:3310
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 2 ID 8 with timestamp 4694d1d1
Nothing to do.  Sleeping until we see a request.
rad_recv: Access-Request packet from host 172.24.230.15:3315, id=9, length=113
        NAS-IP-Address = 172.24.230.15
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 1
        Framed-MTU = 1400
        User-Name = ""
        Calling-Station-Id = "00118865b6e5"
        Called-Station-Id = "0011885ae5b0"
        NAS-Identifier = "RoamAbout AP"
        EAP-Message = 0x0201000501
        Message-Authenticator = 0x15797bd0134b1a245d0eacacaf2013dc
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 3
  modcall[authorize]: module "preprocess" returns ok for request 3
  modcall[authorize]: module "chap" returns noop for request 3
  modcall[authorize]: module "mschap" returns noop for request 3
    rlm_realm: No '@' in User-Name = "", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 3
  rlm_eap: EAP packet type response id 1 length 5
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 3
    users: Matched DEFAULT at 152
  modcall[authorize]: module "files" returns ok for request 3
modcall: group authorize returns updated for request 3
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 3
rlm_eap: UserIdentity Unknown
rlm_eap: Identity Unknown, authentication failed
  rlm_eap: Failed in handler
  modcall[authenticate]: module "eap" returns invalid for request 3
modcall: group authenticate returns invalid for request 3
auth: Failed to validate the user.
Delaying request 3 for 1 seconds
Finished request 3
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 9 to 172.24.230.15:3315
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 3 ID 9 with timestamp 4694d20f
Nothing to do.  Sleeping until we see a request.
rad_recv: Access-Request packet from host 172.24.230.15:3324, id=10, length=113
        NAS-IP-Address = 172.24.230.15
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 1
        Framed-MTU = 1400
        User-Name = ""
        Calling-Station-Id = "00118865b6e5"
        Called-Station-Id = "0011885ae5b0"
        NAS-Identifier = "RoamAbout AP"
        EAP-Message = 0x0201000501
        Message-Authenticator = 0xf6e4825749e3bc4b04a99bc11c37fbba
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 4
  modcall[authorize]: module "preprocess" returns ok for request 4
  modcall[authorize]: module "chap" returns noop for request 4
  modcall[authorize]: module "mschap" returns noop for request 4
    rlm_realm: No '@' in User-Name = "", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 4
  rlm_eap: EAP packet type response id 1 length 5
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 4
    users: Matched DEFAULT at 152
  modcall[authorize]: module "files" returns ok for request 4
modcall: group authorize returns updated for request 4
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 4
rlm_eap: UserIdentity Unknown
rlm_eap: Identity Unknown, authentication failed
  rlm_eap: Failed in handler
  modcall[authenticate]: module "eap" returns invalid for request 4
modcall: group authenticate returns invalid for request 4
auth: Failed to validate the user.
Delaying request 4 for 1 seconds
Finished request 4
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 10 to 172.24.230.15:3324
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 4 ID 10 with timestamp 4694d25b
Nothing to do.  Sleeping until we see a request.
 


Here, we attach also the simple freeradius log:

Wed Jul 11 14:22:18 2007 : Error: rlm_eap: UserIdentity Unknown 
Wed Jul 11 14:22:18 2007 : Error: rlm_eap: Identity Unknown, authentication failed
Wed Jul 11 14:23:47 2007 : Info: rlm_eap_tls:  Length Included
Wed Jul 11 14:23:47 2007 : Error:     TLS_accept:error in SSLv3 read client certificate A 
Wed Jul 11 14:23:47 2007 : Info: rlm_eap_tls: Received EAP-TLS ACK message
Wed Jul 11 14:23:47 2007 : Info: rlm_eap_tls:  Length Included
Wed Jul 11 14:23:47 2007 : Info:     (other): SSL negotiation finished successfully 
Wed Jul 11 14:23:48 2007 : Info: rlm_eap_tls: Received EAP-TLS ACK message
Wed Jul 11 14:23:48 2007 : Info: rlm_eap_mschapv2: Issuing Challenge
Wed Jul 11 14:24:21 2007 : Info: rlm_eap_tls:  Length Included
Wed Jul 11 14:24:21 2007 : Error:     TLS_accept:error in SSLv3 read client certificate A 
Wed Jul 11 14:24:21 2007 : Info: rlm_eap_tls: Received EAP-TLS ACK message
Wed Jul 11 14:24:21 2007 : Info: rlm_eap_tls:  Length Included
Wed Jul 11 14:24:21 2007 : Info:     (other): SSL negotiation finished successfully 
Wed Jul 11 14:24:21 2007 : Info: rlm_eap_tls: Received EAP-TLS ACK message
Wed Jul 11 14:24:21 2007 : Info: rlm_eap_mschapv2: Issuing Challenge
Wed Jul 11 14:25:08 2007 : Info: rlm_eap_tls:  Length Included
Wed Jul 11 14:25:08 2007 : Error:     TLS_accept:error in SSLv3 read client certificate A 
Wed Jul 11 14:25:08 2007 : Info: rlm_eap_tls: Received EAP-TLS ACK message
Wed Jul 11 14:25:09 2007 : Info: rlm_eap_tls:  Length Included
Wed Jul 11 14:25:09 2007 : Info:     (other): SSL negotiation finished successfully 
Wed Jul 11 14:25:09 2007 : Info: rlm_eap_tls: Received EAP-TLS ACK message
Wed Jul 11 14:25:09 2007 : Info: rlm_eap_mschapv2: Issuing Challenge
Wed Jul 11 14:25:14 2007 : Info: rlm_eap_tls:  Length Included
Wed Jul 11 14:25:14 2007 : Error:     TLS_accept:error in SSLv3 read client certificate A 
Wed Jul 11 14:25:14 2007 : Info: rlm_eap_tls: Received EAP-TLS ACK message
Wed Jul 11 14:25:14 2007 : Info: rlm_eap_tls:  Length Included
Wed Jul 11 14:25:15 2007 : Info:     (other): SSL negotiation finished successfully 
Wed Jul 11 14:25:15 2007 : Info: rlm_eap_tls: Received EAP-TLS ACK message
Wed Jul 11 14:25:15 2007 : Info: rlm_eap_mschapv2: Issuing Challenge
Wed Jul 11 14:25:20 2007 : Info: rlm_eap_tls:  Length Included
Wed Jul 11 14:25:20 2007 : Error:     TLS_accept:error in SSLv3 read client certificate A 
Wed Jul 11 14:25:20 2007 : Info: rlm_eap_tls: Received EAP-TLS ACK message
Wed Jul 11 14:25:21 2007 : Info: rlm_eap_tls:  Length Included
Wed Jul 11 14:25:21 2007 : Info:     (other): SSL negotiation finished successfully 
Wed Jul 11 14:25:21 2007 : Info: rlm_eap_tls: Received EAP-TLS ACK message
Wed Jul 11 14:25:21 2007 : Info: rlm_eap_mschapv2: Issuing Challenge
Wed Jul 11 14:25:26 2007 : Info: rlm_eap_tls:  Length Included
Wed Jul 11 14:25:26 2007 : Error:     TLS_accept:error in SSLv3 read client certificate A 
Wed Jul 11 14:25:26 2007 : Info: rlm_eap_tls: Received EAP-TLS ACK message
Wed Jul 11 14:25:26 2007 : Info: rlm_eap_tls:  Length Included
Wed Jul 11 14:25:26 2007 : Info:     (other): SSL negotiation finished successfully 
Wed Jul 11 14:25:27 2007 : Info: rlm_eap_tls: Received EAP-TLS ACK message
Wed Jul 11 14:25:27 2007 : Info: rlm_eap_mschapv2: Issuing Challenge
Wed Jul 11 14:25:35 2007 : Info: Using deprecated naslist file.  Support for this will go away soon.
Wed Jul 11 14:25:35 2007 : Info: rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Wed Jul 11 14:25:35 2007 : Info: Ready to process requests.
Wed Jul 11 14:26:32 2007 : Info: rlm_eap_tls:  Length Included
Wed Jul 11 14:26:32 2007 : Error:     TLS_accept:error in SSLv3 read client certificate A 
Wed Jul 11 14:26:32 2007 : Info: rlm_eap_tls: Received EAP-TLS ACK message
Wed Jul 11 14:26:32 2007 : Info: rlm_eap_tls:  Length Included
Wed Jul 11 14:26:32 2007 : Info:     (other): SSL negotiation finished successfully 
Wed Jul 11 14:27:02 2007 : Info: rlm_eap_tls:  Length Included
Wed Jul 11 14:27:02 2007 : Error:     TLS_accept:error in SSLv3 read client certificate A 
Wed Jul 11 14:27:19 2007 : Info: rlm_eap_tls:  Length Included
Wed Jul 11 14:27:19 2007 : Error:     TLS_accept:error in SSLv3 read client certificate A 
Wed Jul 11 14:27:19 2007 : Info: rlm_eap_tls: Received EAP-TLS ACK message
Wed Jul 11 14:27:19 2007 : Info: rlm_eap_tls:  Length Included
Wed Jul 11 14:27:19 2007 : Info:     (other): SSL negotiation finished successfully 
Wed Jul 11 14:27:19 2007 : Info: rlm_eap_tls: Received EAP-TLS ACK message
Wed Jul 11 14:27:19 2007 : Info: rlm_eap_mschapv2: Issuing Challenge
Wed Jul 11 14:27:58 2007 : Info: rlm_eap_tls:  Length Included
Wed Jul 11 14:27:58 2007 : Error:     TLS_accept:error in SSLv3 read client certificate A 
Wed Jul 11 14:27:58 2007 : Info: rlm_eap_tls: Received EAP-TLS ACK message
Wed Jul 11 14:27:58 2007 : Info: rlm_eap_tls:  Length Included
Wed Jul 11 14:27:58 2007 : Info:     (other): SSL negotiation finished successfully 
Wed Jul 11 14:27:58 2007 : Info: rlm_eap_tls: Received EAP-TLS ACK message
Wed Jul 11 14:27:59 2007 : Info: rlm_eap_mschapv2: Issuing Challenge
Wed Jul 11 14:28:32 2007 : Info: rlm_eap_tls:  Length Included
Wed Jul 11 14:28:32 2007 : Error:     TLS_accept:error in SSLv3 read client certificate A 
Wed Jul 11 14:28:32 2007 : Info: rlm_eap_tls: Received EAP-TLS ACK message
Wed Jul 11 14:28:32 2007 : Info: rlm_eap_tls:  Length Included
Wed Jul 11 14:28:32 2007 : Info:     (other): SSL negotiation finished successfully 
Wed Jul 11 14:28:32 2007 : Info: rlm_eap_tls: Received EAP-TLS ACK message
Wed Jul 11 14:28:32 2007 : Info: rlm_eap_mschapv2: Issuing Challenge
Wed Jul 11 14:29:20 2007 : Error: rlm_eap: UserIdentity Unknown 
Wed Jul 11 14:29:20 2007 : Error: rlm_eap: Identity Unknown, authentication failed
Wed Jul 11 14:30:33 2007 : Error: rlm_eap: UserIdentity Unknown 
Wed Jul 11 14:30:33 2007 : Error: rlm_eap: Identity Unknown, authentication failed
Wed Jul 11 14:31:39 2007 : Error: rlm_eap: UserIdentity Unknown 
Wed Jul 11 14:31:39 2007 : Error: rlm_eap: Identity Unknown, authentication failed
Wed Jul 11 14:32:06 2007 : Error: rlm_eap: UserIdentity Unknown 
Wed Jul 11 14:32:06 2007 : Error: rlm_eap: Identity Unknown, authentication failed
Wed Jul 11 14:33:11 2007 : Error: rlm_eap: UserIdentity Unknown 
Wed Jul 11 14:33:11 2007 : Error: rlm_eap: Identity Unknown, authentication failed
Wed Jul 11 14:33:36 2007 : Error: rlm_eap: UserIdentity Unknown 
Wed Jul 11 14:33:36 2007 : Error: rlm_eap: Identity Unknown, authentication failed
Wed Jul 11 14:34:42 2007 : Error: rlm_eap: UserIdentity Unknown 
Wed Jul 11 14:34:42 2007 : Error: rlm_eap: Identity Unknown, authentication failed
Wed Jul 11 14:37:06 2007 : Error: rlm_eap: UserIdentity Unknown 
Wed Jul 11 14:37:06 2007 : Error: rlm_eap: Identity Unknown, authentication failed
Wed Jul 11 14:38:16 2007 : Error: rlm_eap: UserIdentity Unknown 
Wed Jul 11 14:38:16 2007 : Error: rlm_eap: Identity Unknown, authentication failed
Wed Jul 11 14:39:22 2007 : Error: rlm_eap: UserIdentity Unknown 
Wed Jul 11 14:39:22 2007 : Error: rlm_eap: Identity Unknown, authentication failed
Wed Jul 11 14:39:48 2007 : Error: rlm_eap: UserIdentity Unknown 
Wed Jul 11 14:39:48 2007 : Error: rlm_eap: Identity Unknown, authentication failed
Wed Jul 11 14:39:57 2007 : Error: rlm_eap: UserIdentity Unknown 
Wed Jul 11 14:39:57 2007 : Error: rlm_eap: Identity Unknown, authentication failed
Wed Jul 11 14:40:04 2007 : Error: rlm_eap: UserIdentity Unknown 
Wed Jul 11 14:40:04 2007 : Error: rlm_eap: Identity Unknown, authentication failed
Wed Jul 11 14:41:09 2007 : Error: rlm_eap: UserIdentity Unknown 
Wed Jul 11 14:41:09 2007 : Error: rlm_eap: Identity Unknown, authentication failed
Wed Jul 11 14:41:36 2007 : Error: rlm_eap: UserIdentity Unknown 
Wed Jul 11 14:41:36 2007 : Error: rlm_eap: Identity Unknown, authentication failed
Wed Jul 11 14:42:41 2007 : Error: rlm_eap: UserIdentity Unknown 
Wed Jul 11 14:42:41 2007 : Error: rlm_eap: Identity Unknown, authentication failed
Wed Jul 11 14:43:08 2007 : Error: rlm_eap: UserIdentity Unknown 
Wed Jul 11 14:43:08 2007 : Error: rlm_eap: Identity Unknown, authentication failed
Wed Jul 11 14:44:13 2007 : Error: rlm_eap: UserIdentity Unknown 
Wed Jul 11 14:44:13 2007 : Error: rlm_eap: Identity Unknown, authentication failed
Wed Jul 11 14:44:40 2007 : Error: rlm_eap: UserIdentity Unknown 
Wed Jul 11 14:44:40 2007 : Error: rlm_eap: Identity Unknown, authentication failed




Is it necessarily to attach the system message log?
Tell me if you need more info.

Thanks in advance.



Carlos Jimenez


___________________________________________________________________________

Este mensaje se dirije exclusivamente a su destinatario y puede contener
información privilegiada o confidencial de Impala Network Solutions S.L.
Si no es vd. el destinatario indicado, queda notificado de que la utilización,
divulgación y/o copia sin autorización está prohibida en virtud de la legislación vigente.
Si ha recibido este mensaje por error, le rogamos nos lo comunique
inmediatamente por esta misma via y proceda a su destrucción.


This message is intended exclusively for its addressee and may contain
information that is CONFIDENTIAL and protected by professional privilege.
If you are not the intended recipient you are hereby notified that any
dissemination, copy or disclosure of this communication is strictly
prohibited by law. If this message has been received in error, please
immediately notify us via e-mail and delete it.
___________________________________________________________________________




More information about the Freeradius-Users mailing list