<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Verdana
}
--></style>
</head>
<body class='hmmessage'>
<br>Freeradius 1.1.7<br>Openldap <br>Windows XP SP2 (WPA-TKIP / Protected EAP (PEAP))<br><br>Have any idea ? Where can i find the solution ?<br>When i trying connect freeradius server with wireless over<br>access point i get this error:<br><br><br>Tue Oct 13 12:00:45 2009 : Debug: Finished request 7<br>Tue Oct 13 12:00:45 2009 : Debug: Going to the next request<br>Tue Oct 13 12:00:45 2009 : Debug: Waking up in 6 seconds...<br>rad_recv: Access-Request packet from host 192.168.155.123:1812, id=77, length=117<br> User-Name = "kleberl"<br> NAS-IP-Address = 192.168.155.123<br> NAS-Port-Type = Wireless-802.11<br> State = 0xcdb24b80885193f00e1673d06eb7859c<br> EAP-Message = 0x029600261900170301001b8cfe319046bdc5f99d42805f852d4695a57e722889822c7a01be3f<br> Message-Authenticator = 0x9d1262ea1db0eca8f5ecaaee93e7ff1d<br>Tue Oct 13 12:00:45 2009 : Debug: Processing the authorize section of radiusd.conf<br>Tue Oct 13 12:00:45 2009 : Debug: modcall: entering group authorize for request 8<br>Tue Oct 13 12:00:45 2009 : Debug: modsingle[authorize]: calling preprocess (rlm_preprocess) for request 8<br>Tue Oct 13 12:00:45 2009 : Debug: modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 8<br>Tue Oct 13 12:00:45 2009 : Debug: modcall[authorize]: module "preprocess" returns ok for request 8<br>Tue Oct 13 12:00:45 2009 : Debug: modsingle[authorize]: calling chap (rlm_chap) for request 8<br>Tue Oct 13 12:00:45 2009 : Debug: modsingle[authorize]: returned from chap (rlm_chap) for request 8<br>Tue Oct 13 12:00:45 2009 : Debug: modcall[authorize]: module "chap" returns noop for request 8<br>Tue Oct 13 12:00:45 2009 : Debug: modsingle[authorize]: calling mschap (rlm_mschap) for request 8<br>Tue Oct 13 12:00:45 2009 : Debug: modsingle[authorize]: returned from mschap (rlm_mschap) for request 8<br>Tue Oct 13 12:00:45 2009 : Debug: modcall[authorize]: module "mschap" returns noop for request 8<br>Tue Oct 13 12:00:45 2009 : Debug: modsingle[authorize]: calling suffix (rlm_realm) for request 8<br>Tue Oct 13 12:00:45 2009 : Debug: rlm_realm: No '@' in User-Name = "kleberl", looking up realm NULL<br>Tue Oct 13 12:00:45 2009 : Debug: rlm_realm: No such realm "NULL"<br>Tue Oct 13 12:00:45 2009 : Debug: modsingle[authorize]: returned from suffix (rlm_realm) for request 8<br>Tue Oct 13 12:00:45 2009 : Debug: modcall[authorize]: module "suffix" returns noop for request 8<br>Tue Oct 13 12:00:45 2009 : Debug: modsingle[authorize]: calling ldap (rlm_ldap) for request 8<br>Tue Oct 13 12:00:45 2009 : Debug: rlm_ldap: - authorize<br>Tue Oct 13 12:00:45 2009 : Debug: rlm_ldap: performing user authorization for kleberl<br>Tue Oct 13 12:00:45 2009 : Debug: radius_xlat: '(uid=kleberl)'<br>Tue Oct 13 12:00:45 2009 : Debug: radius_xlat: 'ou=People,dc=stars,dc=net'<br>Tue Oct 13 12:00:45 2009 : Debug: rlm_ldap: ldap_get_conn: Checking Id: 0<br>Tue Oct 13 12:00:45 2009 : Debug: rlm_ldap: ldap_get_conn: Got Id: 0<br>Tue Oct 13 12:00:45 2009 : Debug: rlm_ldap: performing search in ou=People,dc=stars,dc=net, with filter (uid=kleberl)<br>Tue Oct 13 12:00:45 2009 : Debug: rlm_ldap: looking for check items in directory...<br>Tue Oct 13 12:00:45 2009 : Debug: rlm_ldap: looking for reply items in directory...<br>Tue Oct 13 12:00:45 2009 : Debug: rlm_ldap: user kleberl authorized to use remote access<br>Tue Oct 13 12:00:45 2009 : Debug: rlm_ldap: ldap_release_conn: Release Id: 0<br>Tue Oct 13 12:00:45 2009 : Debug: modsingle[authorize]: returned from ldap (rlm_ldap) for request 8<br>Tue Oct 13 12:00:45 2009 : Debug: modcall[authorize]: module "ldap" returns ok for request 8<br>Tue Oct 13 12:00:45 2009 : Debug: modsingle[authorize]: calling eap (rlm_eap) for request 8<br>Tue Oct 13 12:00:45 2009 : Debug: rlm_eap: EAP packet type response id 150 length 38<br>Tue Oct 13 12:00:45 2009 : Debug: rlm_eap: No EAP Start, assuming it's an on-going EAP conversation<br>Tue Oct 13 12:00:45 2009 : Debug: modsingle[authorize]: returned from eap (rlm_eap) for request 8<br>Tue Oct 13 12:00:45 2009 : Debug: modcall[authorize]: module "eap" returns updated for request 8<br>Tue Oct 13 12:00:45 2009 : Debug: modcall: leaving group authorize (returns updated) for request 8<br>Tue Oct 13 12:00:45 2009 : Debug: rad_check_password: Found Auth-Type EAP<br>Tue Oct 13 12:00:45 2009 : Debug: auth: type "EAP"<br>Tue Oct 13 12:00:45 2009 : Debug: Processing the authenticate section of radiusd.conf<br>Tue Oct 13 12:00:45 2009 : Debug: modcall: entering group authenticate for request 8<br>Tue Oct 13 12:00:45 2009 : Debug: modsingle[authenticate]: calling eap (rlm_eap) for request 8<br>Tue Oct 13 12:00:45 2009 : Debug: rlm_eap: Request found, released from the list<br>Tue Oct 13 12:00:45 2009 : Debug: rlm_eap: EAP/peap<br>Tue Oct 13 12:00:45 2009 : Debug: rlm_eap: processing type peap<br>Tue Oct 13 12:00:45 2009 : Debug: rlm_eap_peap: Authenticate<br>Tue Oct 13 12:00:45 2009 : Debug: rlm_eap_tls: processing TLS<br>Tue Oct 13 12:00:45 2009 : Debug: eaptls_verify returned 7 <br>Tue Oct 13 12:00:45 2009 : Debug: rlm_eap_tls: Done initial handshake<br>Tue Oct 13 12:00:45 2009 : Debug: eaptls_process returned 7 <br>Tue Oct 13 12:00:45 2009 : Debug: rlm_eap_peap: EAPTLS_OK<br>Tue Oct 13 12:00:45 2009 : Debug: rlm_eap_peap: Session established. Decoding tunneled attributes.<br>Tue Oct 13 12:00:45 2009 : Debug: rlm_eap_peap: Received EAP-TLV response.<br>Tue Oct 13 12:00:45 2009 : Debug: rlm_eap_peap: Tunneled data is valid.<br>Tue Oct 13 12:00:45 2009 : Debug: rlm_eap_peap: Had sent TLV failure. User was rejcted rejected earlier in this session.<br>Tue Oct 13 12:00:45 2009 : Debug: rlm_eap: Handler failed in EAP/peap<br>Tue Oct 13 12:00:45 2009 : Debug: rlm_eap: Failed in EAP select<br>Tue Oct 13 12:00:45 2009 : Debug: modsingle[authenticate]: returned from eap (rlm_eap) for request 8<br>Tue Oct 13 12:00:45 2009 : Debug: modcall[authenticate]: module "eap" returns invalid for request 8<br>Tue Oct 13 12:00:45 2009 : Debug: modcall: leaving group authenticate (returns invalid) for request 8<br>Tue Oct 13 12:00:45 2009 : Debug: auth: Failed to validate the user.<br>Tue Oct 13 12:00:45 2009 : Debug: Delaying request 8 for 1 seconds<br>Tue Oct 13 12:00:45 2009 : Debug: Finished request 8<br>Tue Oct 13 12:00:45 2009 : Debug: Going to the next request<br>Tue Oct 13 12:00:45 2009 : Debug: Waking up in 6 seconds...<br>Tue Oct 13 12:00:51 2009 : Debug: --- Walking the entire request list ---<br>Tue Oct 13 12:00:51 2009 : Debug: Cleaning up request 0 ID 69 with timestamp 4ad4961d<br>Tue Oct 13 12:00:51 2009 : Debug: Cleaning up request 1 ID 70 with timestamp 4ad4961d<br>Tue Oct 13 12:00:51 2009 : Debug: Cleaning up request 2 ID 71 with timestamp 4ad4961d<br>Tue Oct 13 12:00:51 2009 : Debug: Cleaning up request 3 ID 72 with timestamp 4ad4961d<br>Tue Oct 13 12:00:51 2009 : Debug: Cleaning up request 4 ID 73 with timestamp 4ad4961d<br>Tue Oct 13 12:00:51 2009 : Debug: Cleaning up request 5 ID 74 with timestamp 4ad4961d<br>Tue Oct 13 12:00:51 2009 : Debug: Cleaning up request 6 ID 75 with timestamp 4ad4961d<br>Tue Oct 13 12:00:51 2009 : Debug: Cleaning up request 7 ID 76 with timestamp 4ad4961d<br>Sending Access-Reject of id 77 to 192.168.155.123 port 1812<br> EAP-Message = 0x04960004<br> Message-Authenticator = 0x00000000000000000000000000000000<br>Tue Oct 13 12:00:51 2009 : Debug: Cleaning up request 8 ID 77 with timestamp 4ad4961d<br>Tue Oct 13 12:00:51 2009 : Debug: Nothing to do. Sleeping until we see a request.<br><br><br><br># --------------- EAP.CONF ----------------<br><br>eap {<br> default_eap_type = ttls<br> timer_expire = 60<br> ignore_unknown_eap_types = no<br> cisco_accounting_username_bug = no<br> <br> md5 {<br> }<br> <br> mschapv2 {<br> }<br> <br> tls {<br> private_key_password = whatever<br> private_key_file = ${raddbdir}/certs/cert-srv.pem<br> certificate_file = ${raddbdir}/certs/cert-srv.pem<br> CA_file = ${raddbdir}/certs/demoCA/cacert.pem<br> dh_file = ${raddbdir}/certs/dh<br> random_file = ${raddbdir}/certs/random<br> fragment_size = 1024<br> }<br><br> ttls {<br> default_eap_type = md5<br> copy_request_to_tunnel = no<br> use_tunneled_reply = no<br> }<br> peap {<br> <br> default_eap_type = mschapv2<br> copy_request_to_tunnel = yes<br> use_tunneled_reply = yes<br> # proxy_tunneled_request_as_eap = yes<br> }<br><br>}<br><br># ---------- RADIUSD.CONF-----------------<br><br> ldap {<br> server = "localhost"<br> identity = "cn=admin,dc=stars,dc=net"<br> password = secret55<br> basedn = "ou=People,dc=stars,dc=net"<br> filter = "(uid=%u)"<br> start_tls = no<br> #access_attr = "uid"<br> dictionary_mapping = ${raddbdir}/ldap.attrmap<br> ldap_connections_number = 5<br> timeout = 4<br> timelimit = 3<br> net_timeout = 1<br> }<br><br>authorize {<br> preprocess<br> chap<br> mschap<br> suffix<br> ldap<br> eap<br>}<br><br>authenticate {<br> Auth-Type PAP {<br> pap<br> }<br> Auth-Type MS-CHAP {<br> mschap<br> }<br>eap<br>}<br><br># -----------USERS ------------------<br><br>DEFAULT Auth-Type = System<br> Fall-Through = 1<br>DEFAULT Service-Type == Framed-User<br> Framed-IP-Address = 255.255.255.254,<br> Framed-MTU = 576,<br> Service-Type = Framed-User,<br> Fall-Through = Yes<br>DEFAULT Framed-Protocol == PPP<br> Framed-Protocol = PPP,<br> Framed-Compression = Van-Jacobson-TCP-IP<br>DEFAULT Hint == "CSLIP"<br> Framed-Protocol = SLIP,<br> Framed-Compression = Van-Jacobson-TCP-IP<br>DEFAULT Hint == "SLIP"<br> Framed-Protocol = SLIP<br><br> <br /><hr />Navegue com segurança com o Novo Internet Explorer 8. <a href='http://brasil.microsoft.com.br/IE8/mergulhe/?utm_source=MSN%3BHotmail&utm_medium=Tagline&utm_campaign=IE8' target='_new'>Baixe agora, é gratis!</a></body>
</html>