<html><head><style type="text/css"><!-- DIV {margin:0px;} --></style></head><body><div style="font-family:times new roman, new york, times, serif;font-size:12pt"><div>well...<br><br>i am not sure, but it might be: the fact that peap needs user/password and i just sent username... <img src="http://mail.yimg.com/us.yimg.com/i/mesg/tsmileys2/19.gif"><br><br>or that realm is null... <img src="http://mail.yimg.com/us.yimg.com/i/mesg/tsmileys2/19.gif"><br><br>i read the entire output and am still no sure. anyway, i'll check it as soon as i will be in front of the machine again!<br><br>thank you<br><br><br><br>- <br></div><div style="font-family: times new roman,new york,times,serif; font-size: 12pt;"><br><div style="font-family: times new roman,new york,times,serif; font-size: 12pt;">----- Message d'origine ----<br>De : Reveal MAP <revealmapp@yahoo.fr><br>À : Freeradius Mailing-List <freeradius-users@lists.freeradius.org><br>Envoyé le : Jeudi, 17
Juillet 2008, 12h35mn 15s<br>Objet : EAP-TLS OK - EAP-PEAP KO!! why that?<br><br><div style="font-family: times new roman,new york,times,serif; font-size: 12pt;"><div>Why could EAP-TLS run OK and not EAP-PEAP, giving a message like that: <br>"rlm_eap_peap: Received EAP-TLV response."<br><br>below is the entire output.<br><br><br>Thanx for the response!!<br><br>---------------------------------------<br><br>rad_recv: Access-Request packet from host 10.10.44.246 port 1027, id=99, length=194<br> User-Name = "maman"<br> NAS-IP-Address = 10.10.44.246<br> NAS-Port = 1<br> Called-Station-Id = "00-1C-F0-08-FB-F8:MoJo"<br> Calling-Station-Id = "00-12-F0-0C-97-61"<br> Framed-MTU =
1400<br> NAS-Port-Type = Wireless-802.11<br> Connect-Info = "CONNECT 54Mbps 802.11g"<br> EAP-Message = 0x020800261900170301001b97054012345511dfddf34251f30af4349bfda0f83797d643a3cea1<br> State = 0x766398ac716b81afdd1454abb61d46ce<br> Message-Authenticator = 0xf76a88f5654802fac4faed08e055d5fb<br>+- entering group authorize<br>++[preprocess] returns ok<br>++[chap] returns noop<br>++[mschap] returns noop<br> rlm_realm: No '@' in User-Name = "maman", looking up realm NULL<br> rlm_realm: No such realm "NULL"<br>++[suffix] returns noop<br> rlm_eap: EAP packet type response id 8 length 38<br> rlm_eap: Continuing tunnel setup.<br>++[eap] returns ok<br> rad_check_password: Found Auth-Type
EAP<br>auth: type "EAP"<br>+- entering group authenticate<br> rlm_eap: Request found, released from the list<br> rlm_eap: EAP/peap<br> rlm_eap: processing type peap<br> rlm_eap_peap: Authenticate<br> rlm_eap_tls: processing TLS<br> eaptls_verify returned 7<br> rlm_eap_tls: Done initial handshake<br> eaptls_process returned 7<br> rlm_eap_peap: EAPTLS_OK<br> rlm_eap_peap: Session established. Decoding tunneled attributes.<br> rlm_eap_peap: Received EAP-TLV response.<br> rlm_eap_peap: Had sent TLV failure. User was rejected earlier in this session.<br> rlm_eap: Handler failed in EAP/peap<br> rlm_eap: Failed in EAP select<br>++[eap] returns invalid<br>auth: Failed to validate the user.<br> Found Post-Auth-Type Reject<br>+- entering group REJECT<br> expand: %{User-Name} -> maman<br> attr_filter: Matched
entry DEFAULT at line 11<br>++[attr_filter.access_reject] returns updated<br>Sending Access-Reject of id 99 to 10.10.44.246 port 1027<br> EAP-Message = 0x04080004<br> Message-Authenticator = 0x00000000000000000000000000000000<br>Finished request 8.<br>Going to the next request<br>Waking up in 4.8 seconds.<br>Cleaning up request 0 ID 91 with timestamp +139<br>Cleaning up request 1 ID 92 with timestamp +139<br>Cleaning up request 2 ID 93 with timestamp +139<br>Cleaning up request 3 ID 94 with timestamp +139<br>Cleaning up request 4 ID 95 with timestamp +139<br>Cleaning up request 5 ID 96 with timestamp +140<br>Cleaning up request 6 ID 97 with timestamp +140<br>Cleaning up request 7 ID 98 with timestamp +140<br>Cleaning up request 8 ID 99 with timestamp +140<br>Ready to process
requests.<br> <br></div></div><br><hr size="1">
Envoyé avec <a rel="nofollow" target="_blank" href="http://us.rd.yahoo.com/mailuk/taglines/isp/control/*http://us.rd.yahoo.com/evt=52423/*http://fr.docs.yahoo.com/mail/overview/index.html">Yahoo! Mail</a>.<br>Une boite mail plus intelligente. </div></div></div><br>
<hr size="1">
Envoyé avec <a href="http://us.rd.yahoo.com/mailuk/taglines/isp/control/*http://us.rd.yahoo.com/evt=52423/*http://fr.docs.yahoo.com/mail/overview/index.html">Yahoo! Mail</a>.<br>Une boite mail plus intelligente. </a></body></html>