Mac Auth - Timeout Connecting WiFi

schilling schilling2006 at gmail.com
Wed Apr 27 22:15:34 CEST 2011 

Any ACL on AP network which might block your debian server IP but not
your ubuntu IP?

Schilling

On Wed, Apr 27, 2011 at 3:59 PM, John Corps <envoys at gmail.com> wrote:
> Hello,
> I had freeradius setup and running perfectly on an ubuntu test machine and
> now I have done the exact same setup and configuration on a new debian
> machine with the addition of daloradius for easy configuration by other
> members of the team. I am running latest freeradius 2.1.10. The ubuntu
> machine was working perfect for mac auth but now this setup is not working.
> I try and connect to the WiFi and it always times out. Putting freeradius in
> debug mode shows nothing useful, it shows that it's sending the access
> accept packet but the connection times out still. Here is a sample debug, if
> anyone can be of any assistance it would be great. For reference, I change
> my AP back to the ubuntu server to do the radius mac auth and connect to the
> wifi and it sends the access accept and connects right away. Maybe I am
> missing something here....I don't think its an issue using sql as the ubuntu
> machine isn't using sql but if i disable sql and use exact config etc the
> time out still occurs.
> Ready to process requests.
> rad_recv: Access-Request packet from host 192.168.1.55 port 1030, id=0,
> length=160
> User-Name = "00-1E-58-F9-A6-94"
> User-Password = "NOPASSWORD"
> NAS-IP-Address = 192.168.1.55
> Called-Station-Id = "00-20-B0-E6-12-A6:TEST"
> Calling-Station-Id = "00-1E-58-F9-A6-94"
> NAS-Port-Type = Wireless-802.11
> Connect-Info = "CONNECT 11Mbps 802.11b"
> Message-Authenticator = 0x946f027f36890c6b16ec5b4132e8e1d9
> # Executing section authorize from file
> /etc/freeradius/sites-enabled/default
> +- entering group authorize {...}
> ++[preprocess] returns ok
> ++[chap] returns noop
> ++[mschap] returns noop
> ++[digest] returns noop
> [suffix] No '@' in User-Name = "00-1E-58-F9-A6-94", looking up realm NULL
> [suffix] No such realm "NULL"
> ++[suffix] returns noop
> [eap] No EAP-Message, not doing EAP
> ++[eap] returns noop
> ++[files] returns noop
> [sql] expand: %{User-Name} -> 00-1E-58-F9-A6-94
> [sql] sql_set_user escaped user --> '00-1E-58-F9-A6-94'
> rlm_sql (sql): Reserving sql socket id: 3
> [sql] expand: SELECT id, username, attribute, value, op           FROM
> radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id
> -> SELECT id, username, attribute, value, op           FROM radcheck
>   WHERE username = '00-1E-58-F9-A6-94'           ORDER BY id
> [sql] User found in radcheck table
> [sql] expand: SELECT id, username, attribute, value, op           FROM
> radreply           WHERE username = '%{SQL-User-Name}'           ORDER BY id
> -> SELECT id, username, attribute, value, op           FROM radreply
>   WHERE username = '00-1E-58-F9-A6-94'           ORDER BY id
> [sql] expand: SELECT groupname           FROM radusergroup           WHERE
> username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT
> groupname           FROM radusergroup           WHERE username =
> '00-1E-58-F9-A6-94'           ORDER BY priority
> rlm_sql (sql): Released sql socket id: 3
> ++[sql] returns ok
> ++[expiration] returns noop
> ++[logintime] returns noop
> [pap] WARNING: Auth-Type already set.  Not setting to PAP
> ++[pap] returns noop
> Found Auth-Type = Accept
> Auth-Type = Accept, accepting the user
> # Executing section post-auth from file
> /etc/freeradius/sites-enabled/default
> +- entering group post-auth {...}
> [sql] expand: %{User-Name} -> 00-1E-58-F9-A6-94
> [sql] sql_set_user escaped user --> '00-1E-58-F9-A6-94'
> [sql] expand: %{User-Password} -> NOPASSWORD
> [sql] expand: INSERT INTO radpostauth                           (username,
> pass, reply, authdate)                           VALUES (
>         '%{User-Name}',
> '%{%{User-Password}:-%{Chap-Password}}',
> '%{reply:Packet-Type}', '%S') -> INSERT INTO radpostauth
>       (username, pass, reply, authdate)                           VALUES (
>                         '00-1E-58-F9-A6-94',
> 'NOPASSWORD',                           'Access-Accept', '2011-04-27
> 15:33:47')
> rlm_sql (sql) in sql_postauth: query is INSERT INTO radpostauth
>               (username, pass, reply, authdate)
> VALUES (                           '00-1E-58-F9-A6-94',
>       'NOPASSWORD',                           'Access-Accept', '2011-04-27
> 15:33:47')
> rlm_sql (sql): Reserving sql socket id: 2
> rlm_sql (sql): Released sql socket id: 2
> ++[sql] returns ok
> ++[exec] returns noop
> Sending Access-Accept of id 0 to 192.168.1.55 port 1030
> Finished request 0.
> Going to the next request
> Waking up in 4.9 seconds.
> rad_recv: Access-Request packet from host 192.168.1.55 port 1030, id=0,
> length=160
> Sending duplicate reply to client AP01 port 1030 - ID: 0
> Sending Access-Accept of id 0 to 192.168.1.55 port 1030
> Waking up in 1.9 seconds.
> Cleaning up request 0 ID 0 with timestamp +4732
> Ready to process requests.
>
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>

More information about the Freeradius-Users mailing list