groupcmp fails during tunneled request
Matthieu Lazaro
matthieu.lazaro at eservglobal.com
Thu Jul 30 10:39:42 CEST 2009
Hello again,
I'll try to be more specific so someone can give me an advice.
Here is the thing: the server is running, and now the group check is
failing since I can't be authorised because it says that I don't have a
huntgroup (ie: no huntrgoup).
On my ldap account, I do have them.
I stop the server and put it in debug mode: it works flawlessly!!!
I stop the debug and restart freeradius, it works a while, then it
starts failing again.... And I have nothing more in the logs than:
Auth: [preprocess] No huntgroup access:
Error: Discarding duplicate request from client
Error: WARNING: Unresponsive child for request 1953, in module
preprocess component authorize
and sometimes:
Error: TLS Alert read:fatal:access denied
Error: TLS_accept:failed in SSLv3 read client certificate A
Error: rlm_eap: SSL error error:14094419:SSL
routines:SSL3_READ_BYTES:tlsv1 alert access denied
Error: SSL: SSL_read failed inside of TLS (-1), TLS session fails.
I a bit confused as I can't see the group membership errors in debug as
it doesn't occur. I guess the TLS alert is ome client with a wrong CA.
Any help, suggestion will be really appreciated.
Matthew
Matthieu Lazaro a écrit :
> Hello,
>
> I'm still having the issue.
> It all works ok when I restart freeradius or when I run the debug then
> it starts failing a while later.
> I tried to increase the time out on ldap connexions.This did nothing.
>
> Any idea is welcome.
>
> Thanks,
>
> Matthew
>
>
> Ivan Kalik a écrit :
>
>> I don't see anything wrong with that debug. It all looks as expected.
>>
>> Ivan Kalik
>> Kalik Informatika ISP
>>
>>
>>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
More information about the Freeradius-Users
mailing list