I have two servers with identical configuration and identical versions of freeradius, one running Fedora 8, one running Fedora 9. The Fedora 8 one works issueless, however with Fedora 9 I simply cannot get PEAP authentication to work with it. I am constantly getting this debug output:

 

rad_recv: Access-Request packet from host 172.20.5.252 port 32769, id=4, length=194

        User-Name = "tcasartello"

        Calling-Station-Id = "00-13-02-08-C8-B2"

        Called-Station-Id = "00-1F-9D-DB-94-40:s-wsc"

        NAS-Port = 29

        NAS-IP-Address = 172.20.5.252

        NAS-Identifier = "Chaplin_Controller_A"

        Airespace-Wlan-Id = 4

        Service-Type = Framed-User

        Framed-MTU = 1300

        NAS-Port-Type = Wireless-802.11

        Tunnel-Type:0 = VLAN

        Tunnel-Medium-Type:0 = IEEE-802

        Tunnel-Private-Group-Id:0 = "191"

        EAP-Message = 0x020100100174636173617274656c6c6f

        Message-Authenticator = 0x4079116973b9e650df19cf63def7d564

+- entering group authorize {...}

++[preprocess] returns ok

++[chap] returns noop

++[mschap] returns noop

[suffix] No '@' in User-Name = "tcasartello", looking up realm NULL

[suffix] No such realm "NULL"

++[suffix] returns noop

[ntdomain] No '\' in User-Name = "tcasartello", looking up realm NULL

[ntdomain] No such realm "NULL"

++[ntdomain] returns noop

[eap] EAP packet type response id 1 length 16

[eap] No EAP Start, assuming it's an on-going EAP conversation

++[eap] returns updated

++[unix] returns notfound

[files] users: Matched entry DEFAULT at line 144

++[files] returns ok

++[expiration] returns noop

++[logintime] returns noop

[pap] WARNING! No "known good" password found for the user.  Authentication may fail because of this.

++[pap] returns noop

Found Auth-Type = EAP

+- entering group authenticate {...}

[eap] EAP Identity

[eap] processing type tls

[tls] Initiate

[tls] Start returned 1

++[eap] returns handled

Sending Access-Challenge of id 4 to 172.20.5.252 port 32769

        EAP-Message = 0x010200061920

        Message-Authenticator = 0x00000000000000000000000000000000

        State = 0xb276c10db274d82ffb970fb6bdf4b058

Finished request 9.

Going to the next request

Waking up in 4.9 seconds.

rad_recv: Access-Request packet from host 172.20.5.252 port 32769, id=4, length=194

Sending duplicate reply to client chaplin-wism-a.wsc.ma.edu port 32769 - ID: 4

Sending Access-Challenge of id 4 to 172.20.5.252 port 32769

Waking up in 3.0 seconds.

rad_recv: Access-Request packet from host 172.20.5.252 port 32769, id=4, length=194

Sending duplicate reply to client chaplin-wism-a.wsc.ma.edu port 32769 - ID: 4

Sending Access-Challenge of id 4 to 172.20.5.252 port 32769

Waking up in 0.9 seconds.

Cleaning up request 9 ID 4 with timestamp +377

Ready to process requests.

 

Any suggestions on what I can do to try to debug this further? This happens on every version of FreeRADIUS I try so I have a feeling it’s not directly a problem with freeradius perhaps some library broken or missing in Fedora 9. As  I said in my fedora 8 box I have an identical configuration that works flawlessly.

 

Thomas E. Casartello, Jr.

Infrastructure Technician

Linux Specialist

Department of Information Technology

Westfield State College

Wilson 105-A

(413) 572-8245

E-Mail: tcasartello@wsc.ma.edu

 

Red Hat Certified Technician (RHCT)