Freeradius 1.1.7 Openldap Windows XP SP2 (WPA-TKIP / Protected EAP (PEAP)) Have any idea ? Where can i find the solution ? When i trying connect freeradius server with wireless over access point i get this error: Tue Oct 13 12:00:45 2009 : Debug: Finished request 7 Tue Oct 13 12:00:45 2009 : Debug: Going to the next request Tue Oct 13 12:00:45 2009 : Debug: Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.155.123:1812, id=77, length=117 User-Name = "kleberl" NAS-IP-Address = 192.168.155.123 NAS-Port-Type = Wireless-802.11 State = 0xcdb24b80885193f00e1673d06eb7859c EAP-Message = 0x029600261900170301001b8cfe319046bdc5f99d42805f852d4695a57e722889822c7a01be3f Message-Authenticator = 0x9d1262ea1db0eca8f5ecaaee93e7ff1d Tue Oct 13 12:00:45 2009 : Debug: Processing the authorize section of radiusd.conf Tue Oct 13 12:00:45 2009 : Debug: modcall: entering group authorize for request 8 Tue Oct 13 12:00:45 2009 : Debug: modsingle[authorize]: calling preprocess (rlm_preprocess) for request 8 Tue Oct 13 12:00:45 2009 : Debug: modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 8 Tue Oct 13 12:00:45 2009 : Debug: modcall[authorize]: module "preprocess" returns ok for request 8 Tue Oct 13 12:00:45 2009 : Debug: modsingle[authorize]: calling chap (rlm_chap) for request 8 Tue Oct 13 12:00:45 2009 : Debug: modsingle[authorize]: returned from chap (rlm_chap) for request 8 Tue Oct 13 12:00:45 2009 : Debug: modcall[authorize]: module "chap" returns noop for request 8 Tue Oct 13 12:00:45 2009 : Debug: modsingle[authorize]: calling mschap (rlm_mschap) for request 8 Tue Oct 13 12:00:45 2009 : Debug: modsingle[authorize]: returned from mschap (rlm_mschap) for request 8 Tue Oct 13 12:00:45 2009 : Debug: modcall[authorize]: module "mschap" returns noop for request 8 Tue Oct 13 12:00:45 2009 : Debug: modsingle[authorize]: calling suffix (rlm_realm) for request 8 Tue Oct 13 12:00:45 2009 : Debug: rlm_realm: No '@' in User-Name = "kleberl", looking up realm NULL Tue Oct 13 12:00:45 2009 : Debug: rlm_realm: No such realm "NULL" Tue Oct 13 12:00:45 2009 : Debug: modsingle[authorize]: returned from suffix (rlm_realm) for request 8 Tue Oct 13 12:00:45 2009 : Debug: modcall[authorize]: module "suffix" returns noop for request 8 Tue Oct 13 12:00:45 2009 : Debug: modsingle[authorize]: calling ldap (rlm_ldap) for request 8 Tue Oct 13 12:00:45 2009 : Debug: rlm_ldap: - authorize Tue Oct 13 12:00:45 2009 : Debug: rlm_ldap: performing user authorization for kleberl Tue Oct 13 12:00:45 2009 : Debug: radius_xlat: '(uid=kleberl)' Tue Oct 13 12:00:45 2009 : Debug: radius_xlat: 'ou=People,dc=stars,dc=net' Tue Oct 13 12:00:45 2009 : Debug: rlm_ldap: ldap_get_conn: Checking Id: 0 Tue Oct 13 12:00:45 2009 : Debug: rlm_ldap: ldap_get_conn: Got Id: 0 Tue Oct 13 12:00:45 2009 : Debug: rlm_ldap: performing search in ou=People,dc=stars,dc=net, with filter (uid=kleberl) Tue Oct 13 12:00:45 2009 : Debug: rlm_ldap: looking for check items in directory... Tue Oct 13 12:00:45 2009 : Debug: rlm_ldap: looking for reply items in directory... Tue Oct 13 12:00:45 2009 : Debug: rlm_ldap: user kleberl authorized to use remote access Tue Oct 13 12:00:45 2009 : Debug: rlm_ldap: ldap_release_conn: Release Id: 0 Tue Oct 13 12:00:45 2009 : Debug: modsingle[authorize]: returned from ldap (rlm_ldap) for request 8 Tue Oct 13 12:00:45 2009 : Debug: modcall[authorize]: module "ldap" returns ok for request 8 Tue Oct 13 12:00:45 2009 : Debug: modsingle[authorize]: calling eap (rlm_eap) for request 8 Tue Oct 13 12:00:45 2009 : Debug: rlm_eap: EAP packet type response id 150 length 38 Tue Oct 13 12:00:45 2009 : Debug: rlm_eap: No EAP Start, assuming it's an on-going EAP conversation Tue Oct 13 12:00:45 2009 : Debug: modsingle[authorize]: returned from eap (rlm_eap) for request 8 Tue Oct 13 12:00:45 2009 : Debug: modcall[authorize]: module "eap" returns updated for request 8 Tue Oct 13 12:00:45 2009 : Debug: modcall: leaving group authorize (returns updated) for request 8 Tue Oct 13 12:00:45 2009 : Debug: rad_check_password: Found Auth-Type EAP Tue Oct 13 12:00:45 2009 : Debug: auth: type "EAP" Tue Oct 13 12:00:45 2009 : Debug: Processing the authenticate section of radiusd.conf Tue Oct 13 12:00:45 2009 : Debug: modcall: entering group authenticate for request 8 Tue Oct 13 12:00:45 2009 : Debug: modsingle[authenticate]: calling eap (rlm_eap) for request 8 Tue Oct 13 12:00:45 2009 : Debug: rlm_eap: Request found, released from the list Tue Oct 13 12:00:45 2009 : Debug: rlm_eap: EAP/peap Tue Oct 13 12:00:45 2009 : Debug: rlm_eap: processing type peap Tue Oct 13 12:00:45 2009 : Debug: rlm_eap_peap: Authenticate Tue Oct 13 12:00:45 2009 : Debug: rlm_eap_tls: processing TLS Tue Oct 13 12:00:45 2009 : Debug: eaptls_verify returned 7 Tue Oct 13 12:00:45 2009 : Debug: rlm_eap_tls: Done initial handshake Tue Oct 13 12:00:45 2009 : Debug: eaptls_process returned 7 Tue Oct 13 12:00:45 2009 : Debug: rlm_eap_peap: EAPTLS_OK Tue Oct 13 12:00:45 2009 : Debug: rlm_eap_peap: Session established. Decoding tunneled attributes. Tue Oct 13 12:00:45 2009 : Debug: rlm_eap_peap: Received EAP-TLV response. Tue Oct 13 12:00:45 2009 : Debug: rlm_eap_peap: Tunneled data is valid. Tue Oct 13 12:00:45 2009 : Debug: rlm_eap_peap: Had sent TLV failure. User was rejcted rejected earlier in this session. Tue Oct 13 12:00:45 2009 : Debug: rlm_eap: Handler failed in EAP/peap Tue Oct 13 12:00:45 2009 : Debug: rlm_eap: Failed in EAP select Tue Oct 13 12:00:45 2009 : Debug: modsingle[authenticate]: returned from eap (rlm_eap) for request 8 Tue Oct 13 12:00:45 2009 : Debug: modcall[authenticate]: module "eap" returns invalid for request 8 Tue Oct 13 12:00:45 2009 : Debug: modcall: leaving group authenticate (returns invalid) for request 8 Tue Oct 13 12:00:45 2009 : Debug: auth: Failed to validate the user. Tue Oct 13 12:00:45 2009 : Debug: Delaying request 8 for 1 seconds Tue Oct 13 12:00:45 2009 : Debug: Finished request 8 Tue Oct 13 12:00:45 2009 : Debug: Going to the next request Tue Oct 13 12:00:45 2009 : Debug: Waking up in 6 seconds... Tue Oct 13 12:00:51 2009 : Debug: --- Walking the entire request list --- Tue Oct 13 12:00:51 2009 : Debug: Cleaning up request 0 ID 69 with timestamp 4ad4961d Tue Oct 13 12:00:51 2009 : Debug: Cleaning up request 1 ID 70 with timestamp 4ad4961d Tue Oct 13 12:00:51 2009 : Debug: Cleaning up request 2 ID 71 with timestamp 4ad4961d Tue Oct 13 12:00:51 2009 : Debug: Cleaning up request 3 ID 72 with timestamp 4ad4961d Tue Oct 13 12:00:51 2009 : Debug: Cleaning up request 4 ID 73 with timestamp 4ad4961d Tue Oct 13 12:00:51 2009 : Debug: Cleaning up request 5 ID 74 with timestamp 4ad4961d Tue Oct 13 12:00:51 2009 : Debug: Cleaning up request 6 ID 75 with timestamp 4ad4961d Tue Oct 13 12:00:51 2009 : Debug: Cleaning up request 7 ID 76 with timestamp 4ad4961d Sending Access-Reject of id 77 to 192.168.155.123 port 1812 EAP-Message = 0x04960004 Message-Authenticator = 0x00000000000000000000000000000000 Tue Oct 13 12:00:51 2009 : Debug: Cleaning up request 8 ID 77 with timestamp 4ad4961d Tue Oct 13 12:00:51 2009 : Debug: Nothing to do. Sleeping until we see a request. # --------------- EAP.CONF ---------------- eap { default_eap_type = ttls timer_expire = 60 ignore_unknown_eap_types = no cisco_accounting_username_bug = no md5 { } mschapv2 { } tls { private_key_password = whatever private_key_file = ${raddbdir}/certs/cert-srv.pem certificate_file = ${raddbdir}/certs/cert-srv.pem CA_file = ${raddbdir}/certs/demoCA/cacert.pem dh_file = ${raddbdir}/certs/dh random_file = ${raddbdir}/certs/random fragment_size = 1024 } ttls { default_eap_type = md5 copy_request_to_tunnel = no use_tunneled_reply = no } peap { default_eap_type = mschapv2 copy_request_to_tunnel = yes use_tunneled_reply = yes # proxy_tunneled_request_as_eap = yes } } # ---------- RADIUSD.CONF----------------- ldap { server = "localhost" identity = "cn=admin,dc=stars,dc=net" password = secret55 basedn = "ou=People,dc=stars,dc=net" filter = "(uid=%u)" start_tls = no #access_attr = "uid" dictionary_mapping = ${raddbdir}/ldap.attrmap ldap_connections_number = 5 timeout = 4 timelimit = 3 net_timeout = 1 } authorize { preprocess chap mschap suffix ldap eap } authenticate { Auth-Type PAP { pap } Auth-Type MS-CHAP { mschap } eap } # -----------USERS ------------------ DEFAULT Auth-Type = System Fall-Through = 1 DEFAULT Service-Type == Framed-User Framed-IP-Address = 255.255.255.254, Framed-MTU = 576, Service-Type = Framed-User, Fall-Through = Yes DEFAULT Framed-Protocol == PPP Framed-Protocol = PPP, Framed-Compression = Van-Jacobson-TCP-IP DEFAULT Hint == "CSLIP" Framed-Protocol = SLIP, Framed-Compression = Van-Jacobson-TCP-IP DEFAULT Hint == "SLIP" Framed-Protocol = SLIP _________________________________________________________________ Você sabia que com o Hotmail você tem espaço ilimitado para guardar seus e-mails? Começe a usar já! http://www.microsoft.com/brasil/windows/windowslive/products/hotmail.aspx