Duplicate "Auth: Login OK:"

Fajar A. Nugraha list at fajar.net
Fri Mar 25 04:52:19 CET 2011


On Fri, Mar 25, 2011 at 10:12 AM,  <John.Hayward at wheaton.edu> wrote:
> Free Radius Fans,
>
> First - thanks to the people who contribute to this product!
>
> Our environment - Wireless 802.1x, Novell NDSLdap to lookup passwords or
> mysql, Peap with mschapv2.
>
> I observe when a client successfully authenticates to the radius server
> there are two "Auth: Login OK:" messages - one with a via TLS tunnel and
> one without.  In looking at the eap messages (ID 9 or 10) it appears that
> the inner tunnel return a success but the outer sends another request.

I believe there's also another (possibly related) bug:
I disabled eap completely (comment-out the line "$INCLUDE eap.conf" on
radiusd.conf, removed sites-enabled/inner-tunnel, and removed all
reference to "eap" on sites-available/default and my virtual server),
yet with a simple "radtest" radius.log shows this:

Fri Mar 25 10:42:08 2011 : Auth: Login OK: [xxxx at myrealm] (from client
localhost port 0 via TLS tunnel)
Fri Mar 25 10:42:08 2011 : Auth: Login OK: [xxxx at myrealm] (from client
localhost port 0)

So far it's only annoying, so I just ignore it.

-- 
Fajar




More information about the Freeradius-Users mailing list