SPAM(6.5) Re: NAS list update without restarting radius server.

Johan Nyman Johan at mediavisiongroup.se
Sat Apr 12 21:10:01 CEST 2008 

Hello,


- Anyone can point me in the right direction if I am getting this error,
from the client:


"CTRL-EVENT-EAP-FAILURE EAP authentication failed"


- And on the freeradius console I have this:

        Called-Station-Id = "00-20-a6-64-c3-b1:MVG-Personal"
        Calling-Station-Id = "00-0f-cb-f9-3b-f9;MVG-Personal"
        NAS-Identifier = "MVG-1"
        State = 0x73e4f46973e6f0393091c54faaf880fd
        Framed-MTU = 1400
        NAS-Port-Type = Wireless-802.11
        EAP-Message = 0x020200060315
        Message-Authenticator = 0x330b306447495e1a49cd5c7cfe5c1c6d
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
    rlm_realm: No '@' in User-Name = "easy", looking up realm NULL
    rlm_realm: No such realm "NULL"
++[suffix] returns noop
  rlm_eap: EAP packet type response id 2 length 6
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[unix] returns notfound
    users: Matched entry easy at line 90
        expand: Hello, %{User-Name} -> Hello, easy
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
rlm_pap: Found existing Auth-Type, not changing it.
++[pap] returns noop
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
  rlm_eap: Request found, released from the list
  rlm_eap: EAP NAK
 rlm_eap: EAP-NAK asked for EAP-Type/ttls
  rlm_eap: processing type tls
  rlm_eap_tls: Initiate
  rlm_eap_tls: Start returned 1
++[eap] returns handled
        Reply-Message = "Hello, easy"
        EAP-Message = 0x010300061520
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x73e4f46972e7e1393091c54faaf880fd
Finished request 1.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 0 ID 153 with timestamp +279
Cleaning up request 1 ID 154 with timestamp +279
Ready to process requests.


- And the client don't get an IP address, guessing it has something to do
with EAP authentication "No EAP Start".


Thanks very much for help!

Best regards,
Johan Nyman

More information about the Freeradius-Users mailing list