<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD><TITLE>Message</TITLE>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2800.1458" name=GENERATOR></HEAD>
<BODY>
<DIV><FONT face=Arial size=2>
<DIV><FONT face=Arial size=2>I have a device that uses EAP-MSCHAPv2 (without
PEAP) for authentication. I am running freeRadius on Redhat. The device is
plugged into a switch which sends the EAP request to the server. I am unable to
get the device authenticated with the Radius server. In the users file should
the Auth-type be local or MS-Chap? Should I be sending the authentication
request to an NT domain or will the username and password in the user file be
sufficient?</FONT>
<DIV><FONT face=Arial><FONT size=2>Any documentation or insight would be very
helpful and greatly appreciated!<SPAN class=384221413-12092006> Below is the
radius debug output.</SPAN></FONT></FONT></DIV>
<DIV><FONT face=Arial size=2>Thanks, Paul.</FONT></DIV></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>rad_recv: Access-Request packet from host
13.138.136.68:1645, id=226, length=127
NAS-IP-Address = 13.138.136.68<BR>
NAS-Port = 50003<BR> NAS-Port-Type =
Ethernet<BR> User-Name =
"tester"<BR> Called-Station-Id =
"00-0A-B8-39-79-85"<BR>
Calling-Station-Id =
"00-00-AA-6E-78-F6"<BR> Service-Type =
Framed-User<BR> Framed-MTU =
1500<BR> EAP-Message =
0x0201000b01746573746572<BR>
Message-Authenticator = 0x7836b28d762411aa9dcd27ff0d70d047<BR> Processing
the authorize section of radiusd.conf<BR>modcall: entering group authorize for
request 8<BR> modcall[authorize]: module "preprocess" returns ok for
request 8<BR> modcall[authorize]: module "chap" returns noop for request
8<BR> modcall[authorize]: module "mschap" returns noop for request
8<BR> rlm_realm: No <A href="mailto:'@'">'@'</A> in User-Name
= "tester", looking up realm NULL<BR> rlm_realm: No such realm
"NULL"<BR> modcall[authorize]: module "suffix" returns noop for request
8<BR> rlm_eap: EAP packet type response id 1 length 11<BR> rlm_eap:
No EAP Start, assuming it's an on-going EAP conversation<BR>
modcall[authorize]: module "eap" returns updated for request
8<BR> users: Matched entry tester at line 82<BR>
modcall[authorize]: module "files" returns ok for request 8<BR>modcall: leaving
group authorize (returns updated) for request 8<BR>
rad_check_password: Found Auth-Type Local<BR>auth: type Local<BR>auth: No
User-Password or CHAP-Password attribute in the request<BR>auth: Failed to
validate the user.<BR>Delaying request 8 for 1 seconds<BR>Finished request
8<BR></FONT></DIV></FONT></DIV>
<DIV> </DIV>
<DIV align=left><SPAN
style="FONT-SIZE: 7.5pt; COLOR: silver; FONT-FAMILY: 'Arial Narrow'; mso-no-proof: yes">This
e-mail message, including any attachments, is for the sole use of the intended
recipient(s) and may contain confidential information. Any unauthorized review,
use, disclosure or distribution is prohibited. If you are not the intended
recipient(s) please contact the sender by reply e-mail and destroy all copies of
the original message. Thank you</SPAN></DIV>
<DIV> </DIV></BODY></HTML>
�