I do not have "raduser" configured in my proxy users file. If it is configuration problem on the Home-Server why does it work if I use radeapclient/radclient. 

I see following on my host on running eapol_test. Whay is NAS-IP-Address set as 127.0.0.1 in this case?

Reading configuration file '/tmp/eapol.conf'
Line: 1 - start of a new network block
key_mgmt: 0x4
eap methods - hexdump(len=16): 00 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00
identity - hexdump_ascii(len=21):
72 61 64 75 73 65 72 40 6e 65 76 69 73 74 65 73 raduser@mytes
74 2e 63 6f 6d t.com
password - hexdump_ascii(len=7):
70 61 73 73 31 32 33 pass123
Priority group 0
id=0 ssid=''
Authentication server 192.168.6.134:1812
RADIUS local address: 192.168.6.181:32771
EAPOL: SUPP_PAE entering state DISCONNECTED
EAPOL: KEY_RX entering state NO_KEY_RECEIVE
EAPOL: SUPP_BE entering state INITIALIZE
EAP: EAP entering state DISABLED
EAPOL: External notification - portValid=0
EAPOL: External notification - portEnabled=1
EAPOL: SUPP_PAE entering state CONNECTING
EAPOL: SUPP_BE entering state IDLE
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
Sending fake EAP-Request-Identity
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_PAE entering state RESTART
EAP: EAP entering state INITIALIZE
EAP: EAP entering state IDLE
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=0 method=1 vendor=0 vendorMethod=0
EAP: EAP entering state IDENTITY
CTRL-EVENT-EAP-STARTED EAP authentication started
EAP: EAP-Request Identity data - hexdump_ascii(len=0):
EAP: using real identity - hexdump_ascii(len=21):
72 61 64 75 73 65 72 40 6e 65 76 69 73 74 65 73 raduser@mytes
74 2e 63 6f 6d t.com
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
WPA: eapol_test_eapol_send(type=0 len=26)
TX EAP -> RADIUS - hexdump(len=26): 02 00 00 1a 01 72 61 64 75 73 65 72 40 6e 65 76 69 73 74 65 73 74 2e 63 6f 6d
Encapsulating EAP message into a RADIUS packet
Learned identity from EAP-Response-Identity - hexdump(len=21): 72 61 64 75 73 65 72 40 6e 65 76 69 73 74 65 73 74 2e 63 6f 6d
Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=0 length=150
Attribute 1 (User-Name) length=23
Value: 'raduser@mytest.com'
Attribute 4 (NAS-IP-Address) length=6
Value: 127.0.0.1
Attribute 31 (Calling-Station-Id) length=19
Value: '02-00-00-00-00-01'
Attribute 12 (Framed-MTU) length=6
Value: 1400
Attribute 61 (NAS-Port-Type) length=6
Value: 19
Attribute 77 (Connect-Info) length=24
Value: 'CONNECT 11Mbps 802.11b'
Attribute 79 (EAP-Message) length=28
Value: 02 00 00 1a 01 72 61 64 75 73 65 72 40 6e 65 76 69 73 74 65 73 74 2e 63 6f 6d
Attribute 80 (Message-Authenticator) length=18
Value: cb 60 23 ea b3 e1 3d 7d 11 81 f1 02 53 39 5d e1
Next RADIUS client retransmit in 3 seconds

EAPOL: SUPP_BE entering state RECEIVE
Received 129 bytes from RADIUS server
Received RADIUS message
RADIUS message: code=11 (Access-Challenge) identifier=0 length=129
Attribute 27 (Session-Timeout) length=6
Value: 6
Attribute 79 (EAP-Message) length=37
Value: 01 01 00 23 04 10 b3 70 ee 1c 3c 59 73 f5 a2 4e 77 b7 a2 4d cb 01 52 4f 4f 54 54 45 53 54 4c 41 42 41 44
Attribute 24 (State) length=25
Value: 1a 35 02 b4 00 00 01 37 00 01 c0 a8 07 28 00 00 00 03 23 5c 23 3e 00
Attribute 80 (Message-Authenticator) length=18
Value: d8 fb 71 20 d9 1c ca 4d 61 a5 7d 7a e6 34 0c 4b
Attribute 1 (User-Name) length=23
Value: 'raduser@mytest.com'
STA 02:00:00:00:00:01: Received RADIUS packet matched with a pending request, round trip time 0.00 sec

RADIUS packet matching with station
decapsulated EAP packet (code=1 id=1 len=35) from RADIUS server: EAP-Request-MD5 (4)
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=1 method=4 vendor=0 vendorMethod=0
EAP: EAP entering state GET_METHOD
EAP: Initialize selected EAP method: vendor 0 method 4 (MD5)
CTRL-EVENT-EAP-METHOD EAP vendor 0 method 4 (MD5) selected
EAP: EAP entering state METHOD
EAP-MD5: Challenge - hexdump(len=16): b3 70 ee 1c 3c 59 73 f5 a2 4e 77 b7 a2 4d cb 01
EAP-MD5: Generating Challenge Response
EAP-MD5: Response - hexdump(len=16): 26 f7 be 54 fc 4a 29 80 58 5c a6 65 69 02 2d 21
EAP: method process -> ignore=FALSE methodState=DONE decision=UNCOND_SUCC
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
WPA: eapol_test_eapol_send(type=0 len=22)
TX EAP -> RADIUS - hexdump(len=22): 02 01 00 16 04 10 26 f7 be 54 fc 4a 29 80 58 5c a6 65 69 02 2d 21
Encapsulating EAP message into a RADIUS packet
Copied RADIUS State Attribute
Sending RADIUS message to authentication server
RADIUS message: code=1 (Access-Request) identifier=1 length=171
Attribute 1 (User-Name) length=23
Value: 'raduser@mytest.com'
Attribute 4 (NAS-IP-Address) length=6
Value: 127.0.0.1
Attribute 31 (Calling-Station-Id) length=19
Value: '02-00-00-00-00-01'
Attribute 12 (Framed-MTU) length=6
Value: 1400
Attribute 61 (NAS-Port-Type) length=6
Value: 19
Attribute 77 (Connect-Info) length=24
Value: 'CONNECT 11Mbps 802.11b'
Attribute 79 (EAP-Message) length=24
Value: 02 01 00 16 04 10 26 f7 be 54 fc 4a 29 80 58 5c a6 65 69 02 2d 21
Attribute 24 (State) length=25
Value: 1a 35 02 b4 00 00 01 37 00 01 c0 a8 07 28 00 00 00 03 23 5c 23 3e 00
Attribute 80 (Message-Authenticator) length=18
Value: 74 44 82 76 ad 4a 69 3f 63 5d 39 6e 92 19 c1 53
Next RADIUS client retransmit in 3 seconds

EAPOL: SUPP_BE entering state RECEIVE
Received 44 bytes from RADIUS server
Received RADIUS message
RADIUS message: code=3 (Access-Reject) identifier=1 length=44
Attribute 79 (EAP-Message) length=6
Value: 04 01 00 04
Attribute 80 (Message-Authenticator) length=18
Value: 8f 2f ea 83 e9 df 05 6e 4b 01 be ee 65 a9 fc 6f
STA 02:00:00:00:00:01: Received RADIUS packet matched with a pending request, round trip time 1.00 sec

RADIUS packet matching with station
decapsulated EAP packet (code=4 id=1 len=4) from RADIUS server: EAP Failure
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Failure
EAP: EAP entering state DISCARD
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RECEIVE
EAPOL: EAP key not available
EAP: deinitialize previously used EAP method (4, MD5) at EAP deinit
MPPE keys OK: 0 mismatch: 1
FAILURE

Thanks,
Chidanand



On Mon, Sep 6, 2010 at 1:45 PM, Alan Buxey <A.L.M.Buxey@lboro.ac.uk> wrote:
Hi,

<snip>

> Sending Access-Request of id 177 to 192.168.7.40 port 1812

<cut>

> rad_recv: Access-Reject packet from host 192.168.7.40 port 1812, id=177, length=47


seems quite simple. the home server that you proxied the request to has rejected
it. check the logs on that server to see why - i suspect its because you are
stripping the username and thus the EAP stuff wont be right....


you seem to also have that user in your local users file...and you also seem to be setting
auth-type to accept - that wont work for EAP

alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html



--
Chidanand Gangur
Pune.