<DIV>Hi ,</DIV> <DIV> Use eap-GTC as Peap inner eap-type. Got error message too. See below.Thanks.</DIV> <DIV> </DIV> <DIV> </DIV> <DIV>rad_recv: Access-Request packet from host 10.155.20.84:1040, id=27, length=210<BR> User-Name = "hhe123"<BR> NAS-IP-Address = 10.155.20.84<BR> NAS-Identifier = "AH-000030"<BR> NAS-Port = 0<BR> Called-Station-Id = "00-19-77-00-00-31:hhe"<BR> Calling-Station-Id = "00-19-E0-80-A5-5A"<BR> Framed-MTU = 1500<BR> NAS-Port-Type = Wireless-802.11<BR> Connect-Info = "CONNECT 11Mbps 802.11b"<BR>
EAP-Message = 0x0210002b19001703010020fa82601d02aeb434f977c693f3b15669cc64e1a7ad240381f70aca16f54cc411<BR> State = 0x443b0c2424a63b6bbcb865bc5beb0a2f<BR> Message-Authenticator = 0x596fe7a72eeebd5e58ec6d29e7ba85e0<BR> Processing the authorize section of radiusd.conf<BR>modcall: entering group authorize for request 27<BR> modcall[authorize]: module "mschap" returns noop for request 27<BR> rlm_eap: EAP packet type response id 16 length 43<BR> rlm_eap: No EAP Start, assuming it's an on-going EAP conversation<BR> modcall[authorize]: module "eap" returns updated for request 27<BR> users: Matched entry hhe123 at line 95<BR> modcall[authorize]: module "files" returns ok for request 27<BR>modcall: leaving group authorize (returns updated) for request 27<BR> rad_check_password: Found Auth-Type EAP<BR>auth: type "EAP"<BR>
Processing the authenticate section of radiusd.conf<BR>modcall: entering group authenticate for request 27<BR> rlm_eap: Request found, released from the list<BR> rlm_eap: EAP/peap<BR> rlm_eap: processing type peap<BR> rlm_eap_peap: Authenticate<BR> rlm_eap_tls: processing TLS<BR> eaptls_verify returned 7<BR> rlm_eap_tls: Done initial handshake<BR> eaptls_process returned 7<BR> rlm_eap_peap: EAPTLS_OK<BR> rlm_eap_peap: Session established. Decoding tunneled attributes.<BR> rlm_eap_peap: EAP type gtc<BR> rlm_eap_peap: Tunneled data is valid.<BR> PEAP: Got tunneled EAP-Message<BR> EAP-Message = 0x0210000b06686865313233<BR> PEAP: Setting User-Name to hhe123<BR> PEAP: Adding old state with 71 e4<BR> PEAP: Sending tunneled request<BR> EAP-Message =
0x0210000b06686865313233<BR> FreeRADIUS-Proxied-To = 127.0.0.1<BR> User-Name = "hhe123"<BR> State = 0x71e4120f420e1eea12c8ad78728c974c<BR> Processing the authorize section of radiusd.conf<BR>modcall: entering group authorize for request 27<BR> modcall[authorize]: module "mschap" returns noop for request 27<BR> rlm_eap: EAP packet type response id 16 length 11<BR> rlm_eap: No EAP Start, assuming it's an on-going EAP conversation<BR> modcall[authorize]: module "eap" returns updated for request 27<BR> users: Matched entry hhe123 at line 95<BR> modcall[authorize]: module "files" returns ok for request 27<BR>modcall: leaving group authorize (returns updated) for request 27<BR> rad_check_password: Found Auth-Type EAP<BR>auth: type "EAP"<BR> Processing the authenticate section of
radiusd.conf<BR>modcall: entering group authenticate for request 27<BR> rlm_eap: Request found, released from the list<BR> rlm_eap: EAP/gtc<BR> rlm_eap: processing type gtc<BR> ERROR: Unknown value specified for Auth-Type. Cannot perform requested action.<BR> rlm_eap: Handler failed in EAP/gtc<BR> rlm_eap: Failed in EAP select<BR> modcall[authenticate]: module "eap" returns invalid for request 27<BR>modcall: leaving group authenticate (returns invalid) for request 27<BR>auth: Failed to validate the user.<BR> PEAP: Got tunneled reply RADIUS code 3<BR> Reply-Message = "Hello"<BR> EAP-Message = 0x04100004<BR> Message-Authenticator = 0x00000000000000000000000000000000<BR> PEAP: Processing from tunneled session code 0x8150ec8 3<BR> Reply-Message =
"Hello"<BR> EAP-Message = 0x04100004<BR> Message-Authenticator = 0x00000000000000000000000000000000<BR> PEAP: Tunneled authentication was rejected.<BR> rlm_eap_peap: FAILURE<BR> modcall[authenticate]: module "eap" returns handled for request 27<BR>modcall: leaving group authenticate (returns handled) for request 27<BR>Sending Access-Challenge of id 27 to 10.155.20.84 port 1040<BR> Reply-Message = "Hello"<BR> EAP-Message = 0x0111002b190017030100203a72821eb5dfc3a916d860a38e9ea1e339b0ef886f315fcd5f369d138e600a5e<BR> Message-Authenticator = 0x00000000000000000000000000000000<BR> State = 0x917adbb2a47421f8a387e5b7dfa5d3e7<BR>Finished request 27<BR>Going to the next request<BR>Waking up in 6
seconds...<BR>rad_recv: Access-Request packet from host 10.155.20.84:1040, id=28, length=210<BR> User-Name = "hhe123"<BR> NAS-IP-Address = 10.155.20.84<BR> NAS-Identifier = "AH-000030"<BR> NAS-Port = 0<BR> Called-Station-Id = "00-19-77-00-00-31:hhe"<BR> Calling-Station-Id = "00-19-E0-80-A5-5A"<BR> Framed-MTU = 1500<BR> NAS-Port-Type = Wireless-802.11<BR> Connect-Info = "CONNECT 11Mbps 802.11b"<BR> EAP-Message = 0x0211002b190017030100200dae6db09d400aff4db8b832bdc308e58f32d44878802cb305b8245cbafe2b56<BR> State =
0x917adbb2a47421f8a387e5b7dfa5d3e7<BR> Message-Authenticator = 0x9c0d713729c522b7cce89c4b6af3ba26<BR> Processing the authorize section of radiusd.conf<BR>modcall: entering group authorize for request 28<BR> modcall[authorize]: module "mschap" returns noop for request 28<BR> rlm_eap: EAP packet type response id 17 length 43<BR> rlm_eap: No EAP Start, assuming it's an on-going EAP conversation<BR> modcall[authorize]: module "eap" returns updated for request 28<BR> users: Matched entry hhe123 at line 95<BR> modcall[authorize]: module "files" returns ok for request 28<BR>modcall: leaving group authorize (returns updated) for request 28<BR> rad_check_password: Found Auth-Type EAP<BR>auth: type "EAP"<BR> Processing the authenticate section of radiusd.conf<BR>modcall: entering group authenticate for request 28<BR> rlm_eap: Request found, released from the
list<BR> rlm_eap: EAP/peap<BR> rlm_eap: processing type peap<BR> rlm_eap_peap: Authenticate<BR> rlm_eap_tls: processing TLS<BR> eaptls_verify returned 7<BR> rlm_eap_tls: Done initial handshake<BR> eaptls_process returned 7<BR> rlm_eap_peap: EAPTLS_OK<BR> rlm_eap_peap: Session established. Decoding tunneled attributes.<BR> rlm_eap_peap: Received EAP-TLV response.<BR> rlm_eap_peap: Tunneled data is valid.<BR> rlm_eap_peap: Had sent TLV failure. User was rejcted rejected earlier in this session.<BR> rlm_eap: Handler failed in EAP/peap<BR> rlm_eap: Failed in EAP select<BR> modcall[authenticate]: module "eap" returns invalid for request 28<BR>modcall: leaving group authenticate (returns invalid) for request 28<BR>auth: Failed to validate the user.<BR>Sending Access-Reject of id 28 to 10.155.20.84 port 1040<BR> EAP-Message =
0x04110004<BR> Message-Authenticator = 0x00000000000000000000000000000000<BR> Reply-Message = "Hello"<BR>Finished request 28<BR>Going to the next request<BR>Waking up in 6 seconds...</DIV> <DIV> </DIV> <DIV> </DIV> <DIV>John</DIV> <DIV><BR><BR><B><I>Alan DeKok <aland@deployingradius.com></I></B> 写道:</DIV> <BLOCKQUOTE class=replbq style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #1010ff 2px solid">Hangjun He wrote:<BR>> hi,<BR>> I am using Odyssey Client Manager and freeRADIUS 1.1.6.<BR>> When I set peap with inner eap-mschap-v2, It works well.When I change<BR>> inner eap type to eap-popt, seems can not work.<BR><BR>Why do you think FreeRADIUS supports EAP-POPT?<BR>...<BR>> rlm_eap: NAK asked for bad type 32<BR>> rlm_eap: Failed in EAP select<BR><BR>FreeRADIUS doesn't support that EAP type.<BR><BR>Alan DeKok.<BR>-<BR>List
info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html<BR></BLOCKQUOTE><BR><p>
<hr size=1><a href="http://cn.mail.yahoo.com/gc/index.html?entry=5&souce=mail_mailletter_tagline">雅虎邮箱传递新年祝福,个性贺卡送亲朋!</a>