<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
</head>
<body bgcolor="#ffffff" text="#000000">
Hi all.<br>
<br>
I have 2 server radius and 1 "AP Cisco" configured to use EAP
Authentication.<br>
<br>
I have 2 server radius with freeradius 1.1.7 (fedora 8), configured in
the same way (PEAP) (I haad configured my first server radius and then
I copied my configuration files , and the certificates in second server
radius)<br>
<br>
Then by my linux laptop, with wpa_supplicant I try to connect to my
wireless ntwork.<br>
<br>
<br>
<br>
1)<br>
If my AP is configured to require the authentication on first server
radius 1, I obtain this log messages:<br>
<br>
<b>Mon May 19 08:51:20 2008 : Error: TLS_accept:error in SSLv3 read
client certificate A<br>
Mon May 19 08:51:20 2008 : Info: rlm_eap_tls: Received EAP-TLS ACK
message<br>
Mon May 19 08:51:20 2008 : Info: rlm_eap_tls: Received EAP-TLS ACK
message<br>
Mon May 19 08:51:20 2008 : Info: (other): SSL negotiation finished
successfully<br>
Mon May 19 08:51:20 2008 : Info: rlm_eap_tls: Received EAP-TLS ACK
message</b><br>
Mon May 19 08:51:20 2008 : Info: rlm_eap_mschapv2: Issuing Challenge<br>
<b>Mon May 19 08:51:20 2008 : Auth: Login OK: [fanti/<no
User-Password attribute>] (from client localhost port 3686 cli
001e.4c00.dade)<br>
Mon May 19 08:51:20 2008 : Auth: Login OK: [fanti/<no User-Password
attribute>] (from client ap-alternet port 3686 cli 001e.4c00.dade)</b><br>
<br>
##############################################################<br>
If I start with radius -X:<br>
<br>
<br>
rad_check_password: Found Auth-Type EAP<br>
auth: type "EAP"<br>
Processing the authenticate section of radiusd.conf<br>
modcall: entering group authenticate for request 9<br>
rlm_eap: Request found, released from the list<br>
rlm_eap: EAP/peap<br>
rlm_eap: processing type peap<br>
rlm_eap_peap: Authenticate<br>
rlm_eap_tls: processing TLS<br>
eaptls_verify returned 7<br>
rlm_eap_tls: Done initial handshake<br>
eaptls_process returned 7<br>
rlm_eap_peap: EAPTLS_OK<br>
rlm_eap_peap: Session established. Decoding tunneled attributes.<br>
rlm_eap_peap: Received EAP-TLV response.<br>
rlm_eap_peap: Tunneled data is valid.<br>
rlm_eap_peap: Success<br>
rlm_eap: Freeing handler<br>
modcall[authenticate]: module "eap" returns ok for request 9<br>
modcall: group authenticate returns ok for request 9<br>
<b>Login OK: [fanti/<no User-Password attribute>] (from client
ap-alternet port 3687 cli 001e.4c00.dade)</b><br>
<br>
##################################################################<br>
<br>
<br>
<br>
2)<br>
In my second server radius I obtain:<br>
<br>
<br>
Mon May 19 08:50:38 2008 : Info: rlm_eap_mschapv2: Issuing Challenge<br>
<b>Mon May 19 08:50:38 2008 : Auth: Login OK: [fanti] (from client
localhost port 3689 cli 001e.4c00.dade)<br>
Mon May 19 08:50:38 2008 : Auth: Login OK: [fanti] (from client
ap-alternet port 3689 cli 001e.4c00.dade)</b><br>
<br>
#####################<br>
If I start with radius -X:<br>
<br>
<br>
rad_check_password: Found Auth-Type EAP<br>
auth: type "EAP"<br>
Processing the authenticate section of radiusd.conf<br>
modcall: entering group authenticate for request 9<br>
rlm_eap: Request found, released from the list<br>
rlm_eap: EAP/peap<br>
rlm_eap: processing type peap<br>
rlm_eap_peap: Authenticate<br>
rlm_eap_tls: processing TLS<br>
eaptls_verify returned 7<br>
rlm_eap_tls: Done initial handshake<br>
eaptls_process returned 7<br>
rlm_eap_peap: EAPTLS_OK<br>
rlm_eap_peap: Session established. Decoding tunneled attributes.<br>
rlm_eap_peap: Received EAP-TLV response.<br>
rlm_eap_peap: Tunneled data is valid.<br>
rlm_eap_peap: Success<br>
rlm_eap: Freeing handler<br>
modcall[authenticate]: module "eap" returns ok for request 9<br>
modcall: leaving group authenticate (returns ok) for request 9<br>
<b>Login OK: [fanti] (from client ap-alternet port 3690 cli
001e.4c00.dade<br>
<br>
<br>
</b>I don't understand why I have differences in this 2 logs (In rows
where I have Login OK).<br>
<br>
Can you help me please ?<br>
<br>
Thank you<br>
enrico<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
</body>
</html>