<div dir="ltr">Hi, <br>PEAP MSCHAPv2 works well with Active Directory Backend. I am not sure of its Authentication Process with users file. <br><br>Try with EAP MD5, it works well with Users file.<br><br>SYED<br><div class="gmail_quote">
On Thu, Oct 16, 2008 at 5:21 PM, saini_jas16 <span dir="ltr"><<a href="mailto:jaswinder.kaur@northyorks.gov.uk">jaswinder.kaur@northyorks.gov.uk</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>
Hello All,<br>
<br>
I am trying to authenticate a Windows XP Client with the username and<br>
password configured in the Users file on the Radius Server. I have tried<br>
saveral changes, but I am not able to get rid of this error. I am running<br>
freeradius 2.1.1 on Suse 10 SP1.<br>
<br>
Kindly Help, I am in urgent need of making this radius server up and<br>
running.<br>
Below is the error I am receiving.<br>
<br>
<br>
rad_recv: Access-Request packet from host <a href="http://130.1.254.174" target="_blank">130.1.254.174</a> port 20000, id=212,<br>
length=182<br>
NAS-Port-Id = "2049/1"<br>
Calling-Station-Id = "00-1F-3B-70-5B-7F"<br>
Called-Station-Id = "00-18-6E-30-70-C0:NYCC_TEST"<br>
Service-Type = Framed-User<br>
User-Name = "jaswinder"<br>
State = 0x2aaca71b29aabed260fc846046180105<br>
EAP-Message =<br>
0x02060021198000000017150301001294659677442f8e7a361ee8ee93374c90ed53<br>
NAS-Port-Type = Wireless-802.11<br>
NAS-Identifier = "3Com"<br>
NAS-IP-Address = <a href="http://130.1.254.174" target="_blank">130.1.254.174</a><br>
Message-Authenticator = 0xe42d1530c16b34c5b74bfb4c486083aa<br>
+- entering group authorize {...}<br>
++[preprocess] returns ok<br>
++[chap] returns noop<br>
++[mschap] returns noop<br>
[suffix] No '@' in User-Name = "jaswinder", looking up realm NULL<br>
[suffix] No such realm "NULL"<br>
++[suffix] returns noop<br>
[eap] EAP packet type response id 6 length 33<br>
[eap] Continuing tunnel setup.<br>
++[eap] returns ok<br>
Found Auth-Type = EAP<br>
+- entering group authenticate {...}<br>
[eap] Request found, released from the list<br>
[eap] EAP/peap<br>
[eap] processing type peap<br>
[peap] processing EAP-TLS<br>
TLS Length 23<br>
[peap] Length Included<br>
[peap] eaptls_verify returned 11<br>
[peap] <<< TLS 1.0 Alert [length 0002], fatal access_denied<br>
TLS Alert read:fatal:access denied<br>
[peap] WARNING: No data inside of the tunnel.<br>
[peap] eaptls_process returned 7<br>
[peap] EAPTLS_OK<br>
[peap] Session established. Decoding tunneled attributes.<br>
[peap] Tunneled data is invalid.<br>
[eap] Handler failed in EAP/peap<br>
[eap] Failed in EAP select<br>
++[eap] returns invalid<br>
Failed to authenticate the user.<br>
Using Post-Auth-Type Reject<br>
+- entering group REJECT {...}<br>
[attr_filter.access_reject] expand: %{User-Name} -> jaswinder<br>
attr_filter: Matched entry DEFAULT at line 11<br>
++[attr_filter.access_reject] returns updated<br>
Delaying reject of request 5 for 1 seconds<br>
Going to the next request<br>
<br>
Any help is greatly appreciated.<br>
Thanks,<br>
Jas<br>
<font color="#888888">--<br>
View this message in context: <a href="http://www.nabble.com/Mschapv2-not-working%21-Please-help%21-tp20015619p20015619.html" target="_blank">http://www.nabble.com/Mschapv2-not-working%21-Please-help%21-tp20015619p20015619.html</a><br>
Sent from the FreeRadius - User mailing list archive at Nabble.com.<br>
<br>
-<br>
List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br>
</font></blockquote></div><br></div>