eap_peap: We sent a success, but the client did not agree [FreeRadius + samba4 AD + dynamic vlans]
Elias Pereira
empbilly at gmail.com
Mon Jul 23 02:26:52 CEST 2018
Hello Alan,
Thanks for all your help!!
I have reviewed the conf files and the mschap entry in the authenticate
block from sites-enable/default was disabled. I guess that's why it was not
working properly.
On Thu, Jul 19, 2018 at 5:12 PM Alan DeKok <aland at deployingradius.com>
wrote:
> On Jul 19, 2018, at 2:11 PM, Elias Pereira <empbilly at gmail.com> wrote:
> >
> > New logs shows.
> >
> > ...
> > (11) eap_peap: The users session was previously rejected: returning
> > reject (again.)
> > (11) eap_peap: This means you need to read the PREVIOUS messages in the
> > debug output
>
> Which generally means READ THE PREVIOUS MESSAGES.
>
> What part of that is unclear?
>
> From the logs:
>
> (10) # Executing group from file
> /etc/freeradius/3.0/sites-enabled/inner-tunnel
> (10) authenticate {
> (10) eap: Expiring EAP session with state 0x67a3fc4367a8e64c
> (10) eap: Finished EAP session with state 0x67a3fc4367a8e64c
> (10) eap: Previous EAP request found for state 0x67a3fc4367a8e64c,
> released from the list
> (10) eap: Peer sent packet with method EAP MSCHAPv2 (26)
> (10) eap: Calling submodule eap_mschapv2 to process data
> (10) eap_mschapv2: Auth-Type sub-section not found. Ignoring.
>
> You edited the default configuration and broke it. Don't do that.
>
> a) start with the default config
>
> b) follow the documentation
>
> c) it WILL work
>
> Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
--
Elias Pereira
More information about the Freeradius-Users
mailing list