eap_peap: We sent a success, but the client did not agree [FreeRadius + samba4 AD + dynamic vlans]
Alan DeKok
aland at deployingradius.com
Thu Jul 19 22:12:16 CEST 2018
On Jul 19, 2018, at 2:11 PM, Elias Pereira <empbilly at gmail.com> wrote:
>
> New logs shows.
>
> ...
> (11) eap_peap: The users session was previously rejected: returning
> reject (again.)
> (11) eap_peap: This means you need to read the PREVIOUS messages in the
> debug output
Which generally means READ THE PREVIOUS MESSAGES.
What part of that is unclear?
From the logs:
(10) # Executing group from file /etc/freeradius/3.0/sites-enabled/inner-tunnel
(10) authenticate {
(10) eap: Expiring EAP session with state 0x67a3fc4367a8e64c
(10) eap: Finished EAP session with state 0x67a3fc4367a8e64c
(10) eap: Previous EAP request found for state 0x67a3fc4367a8e64c, released from the list
(10) eap: Peer sent packet with method EAP MSCHAPv2 (26)
(10) eap: Calling submodule eap_mschapv2 to process data
(10) eap_mschapv2: Auth-Type sub-section not found. Ignoring.
You edited the default configuration and broke it. Don't do that.
a) start with the default config
b) follow the documentation
c) it WILL work
Alan DeKok.
More information about the Freeradius-Users
mailing list