Hi,
I know it's plain English but I still can't figure out where the warning is comming from and what I have to change. It finds the password, but still gives the auth(failure):

 auth: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user
 auth: Failed to validate the user.

I'm using the default config-files with PEAP auth. Can somebody give me a hint in the right direction? Where/what config file should I look in and what to edit? THANKS!

Here are my logs...

Listening on authentication address 172.16.27.103 port 1812
Ready to process requests.
rad_recv: Access-Request packet from host 172.16.27.37 port 3072, id=0, length=141
        User-Name = "userX"
        NAS-IP-Address = 172.16.27.37
        Called-Station-Id = "001c1066a106"
        Calling-Station-Id = "001cdf77bb4d"
        NAS-Identifier = "001c1066a106"
        NAS-Port = 1
        Framed-MTU = 1400
        NAS-Port-Type = Wireless-802.11
        EAP-Message = 0x02000013016a656c6c656c616e6762726f656b
        Message-Authenticator = 0x933439cddca44559a4ee3c2b327aaac5
+- entering group authorize
++[preprocess] returns ok
        expand: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/172.16.27.37/auth-detail-20080620
rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/172.16.27.37/auth-detail-20080620
        expand: %t -> Fri Jun 20 15:25:59 2008
++[auth_log] returns ok
++[chap] returns noop
++[mschap] returns noop
    rlm_realm: No '@' in User-Name = "userX", looking up realm NULL
    rlm_realm: No such realm "NULL"
++[suffix] returns noop
  rlm_eap: EAP packet type response id 0 length 19
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
        expand: %{User-Name} -> userX
rlm_sql (sql): sql_set_user escaped user --> 'userX'
rlm_sql (sql): Reserving sql socket id: 4
        expand: SELECT ownerid as id, username, 'Cleartext-Password' as attribute, passwd as value, ':=' as op           FROM nodes           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT ownerid as id, username, 'Cleartext-Password' as attribute, passwd as value, ':=' as op           FROM nodes           WHERE username = 'userX'           ORDER BY id
rlm_sql (sql): User found in radcheck table
        expand: SELECT ownerid as id, username, 'Cleartext-Password' as attribute, passwd as value, ':=' as op           FROM nodes           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT ownerid as id, username, 'Cleartext-Password' as attribute, passwd as value, ':=' as op           FROM nodes           WHERE username = 'userX'           ORDER BY id
        expand: SELECT 'dynamic' as groupname           FROM customers           WHERE name = '%{SQL-User-Name}'           ORDER BY id -> SELECT 'dynamic' as groupname           FROM customers           WHERE name = 'userX'           ORDER BY id
rlm_sql (sql): Released sql socket id: 4
++[sql] returns ok
++[expiration] returns noop
++[logintime] returns noop
rlm_pap: Found existing Auth-Type, not changing it.
++[pap] returns noop
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
  rlm_eap: EAP Identity
  rlm_eap: processing type tls
  rlm_eap_tls: Initiate
  rlm_eap_tls: Start returned 1
++[eap] returns handled
Sending Access-Challenge of id 0 to 172.16.27.37 port 3072
        EAP-Message = 0x010100061920
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x9baa2d299bab34161e655ea3ece36f0c
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 172.16.27.37 port 3072, id=0, length=233
Cleaning up request 0 ID 0 with timestamp +41
        User-Name = "userX"
        NAS-IP-Address = 172.16.27.37
        Called-Station-Id = "001c1066a106"
        Calling-Station-Id = "001cdf77bb4d"
        NAS-Identifier = "001c1066a106"
        NAS-Port = 1
        Framed-MTU = 1400
        State = 0x9baa2d299bab34161e655ea3ece36f0c
        NAS-Port-Type = Wireless-802.11
        EAP-Message = 0x0201005d190016030100520100004e0301485baf3e8e15e57593e3e1819134ab3ad55c2a65dbdd6278dadce70ffee5409a00002600390038003500160013000a00330032002f0005000400150012000900140011000800060003020100
        Message-Authenticator = 0xda28b5bb86c975ef4fd3c5bf45e4bba5
+- entering group authorize
++[preprocess] returns ok
        expand: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/172.16.27.37/auth-detail-20080620
rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/172.16.27.37/auth-detail-20080620
        expand: %t -> Fri Jun 20 15:25:59 2008
++[auth_log] returns ok
++[chap] returns noop
++[mschap] returns noop
    rlm_realm: No '@' in User-Name = "userX", looking up realm NULL
    rlm_realm: No such realm "NULL"
++[suffix] returns noop
  rlm_eap: EAP packet type response id 1 length 93
  rlm_eap: Continuing tunnel setup.
++[eap] returns ok
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/peap
  rlm_eap: processing type peap
  rlm_eap_peap: Authenticate
  rlm_eap_tls: processing TLS
  eaptls_verify returned 7
  rlm_eap_tls: Done initial handshake
    (other): before/accept initialization
    TLS_accept: before/accept initialization
  rlm_eap_tls: <<< TLS 1.0 Handshake [length 0052], ClientHello
    TLS_accept: SSLv3 read client hello A
  rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello
    TLS_accept: SSLv3 write server hello A
  rlm_eap_tls: >>> TLS 1.0 Handshake [length 085e], Certificate
    TLS_accept: SSLv3 write certificate A
  rlm_eap_tls: >>> TLS 1.0 Handshake [length 020d], ServerKeyExchange
    TLS_accept: SSLv3 write key exchange A
  rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
    TLS_accept: SSLv3 write server done A
    TLS_accept: SSLv3 flush data
    TLS_accept: Need to read more data: SSLv3 read client certificate A
In SSL Handshake Phase
In SSL Accept mode
  eaptls_process returned 13
  rlm_eap_peap: EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 0 to 172.16.27.37 port 3072
        EAP-Message = 0x0102040019c000000acd160301004a020000460301485bafe7c5b0d88a48309c43edcd95ad1a7074078f255e9ae50b996f1652ccb920a16607e93eaa7110ee032225ce8e42a2f268a83d10b15c608aaa906a0983b761003901160301085e0b00085a0008570003a6308203a23082028aa003020102020101300d06092a864886f70d0101040500308193310b3009060355040613024652310f300d060355040813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d3126302406035504
        EAP-Message = 0x03131d4578616d706c6520436572746966696361746520417574686f72697479301e170d3038303631383134323133315a170d3039303631383134323133315a307c310b3009060355040613024652310f300d0603550408130652616469757331153013060355040a130c4578616d706c6520496e632e312330210603550403131a4578616d706c65205365727665722043657274696669636174653120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100e51de7b82469cbac2af9f14199eb4c8ebc3f2c3102c669d669d474b3c8a9
        EAP-Message = 0x10af6d0ed5e1d33fdca7a6fd55b046f135a4d7fce70cce39f1e2378ef0e137638ba9fa1dc376347d313f64f63d5955437faad9f0898028cd6386e91cc7305583103b82f4614092c960a0a0bced39a7cbdfc2267da2ffc5e29b607d9f47169ca043d4aa054efccb590ee0f0eb0c3825d5d72595f3afc15a59b39c3eaebee214108bbfdd4a5f3787b9d434219b11a62e59fdbeb53e2d962333c53483821af4d69d282dabeb36117b5b99cedb3800652d4901f44ae12e9eedd6e5d77513831376822f2fd03ff4f0236abbc6eaf831d4838909a263a0673f7ac176673eff4506db30bf950203010001a317301530130603551d25040c300a06082b06010505
        EAP-Message = 0x070301300d06092a864886f70d01010405000382010100996af82a8524e81fa2070413fa3bc07ef4d1acc88e96ee8f90b412dcd1564de0280bd3bc8eb8f024c7753ee0fb3a1d9c9e7e1fc60e87aa7309ba76e44ac083788079b800f28c46bf4cdbc8423c40b6c897ec4a2ccaa95c4b59d0c035a00725cc5e943ec10dac7cf1669995ec20a26ffaedf7c0e7bdc2acc11882ecb3e9f9e06e8597dfc4c30a9d69210cdf2872ed848af5e1c89e2ed34a6db012129685b12f56d4bec3f6e13e7b43b6e00a81545a38f28090f1ff3ceca37a107ea01898d2269f7156ca7c74c8b20ead294a6a7d1d32eb70065bda7bcfe009a070c6f01a9b0b9674fa3cff08a1
        EAP-Message = 0xd8bf0854f4d5920b817066b8
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x9baa2d299aa834161e655ea3ece36f0c
Finished request 1.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 172.16.27.37 port 3072, id=0, length=146
Cleaning up request 1 ID 0 with timestamp +41
        User-Name = "userX"
        NAS-IP-Address = 172.16.27.37
        Called-Station-Id = "001c1066a106"
        Calling-Station-Id = "001cdf77bb4d"
        NAS-Identifier = "001c1066a106"
        NAS-Port = 1
        Framed-MTU = 1400
        State = 0x9baa2d299aa834161e655ea3ece36f0c
        NAS-Port-Type = Wireless-802.11
        EAP-Message = 0x020200061900
        Message-Authenticator = 0x6ae87b9fa610cc290341c3c8721eab9c
+- entering group authorize
++[preprocess] returns ok
        expand: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/172.16.27.37/auth-detail-20080620
rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/172.16.27.37/auth-detail-20080620
        expand: %t -> Fri Jun 20 15:25:59 2008
++[auth_log] returns ok
++[chap] returns noop
++[mschap] returns noop
    rlm_realm: No '@' in User-Name = "userX", looking up realm NULL
    rlm_realm: No such realm "NULL"
++[suffix] returns noop
  rlm_eap: EAP packet type response id 2 length 6
  rlm_eap: Continuing tunnel setup.
++[eap] returns ok
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/peap
  rlm_eap: processing type peap
  rlm_eap_peap: Authenticate
  rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
  rlm_eap_tls: ack handshake fragment handler
  eaptls_verify returned 1
  eaptls_process returned 13
  rlm_eap_peap: EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 0 to 172.16.27.37 port 3072
        EAP-Message = 0x010303fc19401cd7c4c2a6889ffa64eb3b48b32b0004ab308204a73082038fa003020102020900d0b321af3f5e6edb300d06092a864886f70d0101050500308193310b3009060355040613024652310f300d060355040813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f72697479301e170d3038303631383134323133305a170d3038303731383134323133305a308193310b30090603
        EAP-Message = 0x55040613024652310f300d060355040813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f7269747930820122300d06092a864886f70d01010105000382010f003082010a0282010100c61affd9b5606d309f732b738a593c3adc04fc3cd9d9b4b974c83e330b98f92eb01c54c4a73ba87e32181239a999468e387accc8edac79fe1d61b7331b3a4d5d658858ecdaa0e0119b6d2a958f7bf3
        EAP-Message = 0x6c05b684d836361612e031a7c863de56c0c2eecea221506078f4f991d6f7f1b40882d1981e6be282cc6ca1e5555309375397dfc7b6a379cf23f9780841d540d83ac4a89847ec588c84073f1d8e4be9c2fc955cc79d12fc8e4e51a0bc388854a5fd8d19f7bf36495cdeade9dc373fdde84b6b4e452109c95785f65e663bdce3543241b34c49b8d41b1fe44362998a782bc18398a00b8261b303f9a6b025cb8165e6a107967a5f823a135c83611b99f5c0c30203010001a381fb3081f8301d0603551d0e0416041442ba48fa03771a044de938b92a0ac80bd48b46c83081c80603551d230481c03081bd801442ba48fa03771a044de938b92a0ac80bd48b
        EAP-Message = 0x46c8a18199a48196308193310b3009060355040613024652310f300d060355040813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f72697479820900d0b321af3f5e6edb300c0603551d13040530030101ff300d06092a864886f70d010105050003820101009271c64430e33a20e02c5c3ea887afbda2e892a25f633961c5b13d6df2461f7675b2d3ef317087b1eeeef20c6855c4208c7d
        EAP-Message = 0x22dbf87ea84011c3
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x9baa2d2999a934161e655ea3ece36f0c
Finished request 2.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 172.16.27.37 port 3072, id=0, length=146
Cleaning up request 2 ID 0 with timestamp +41
        User-Name = "userX"
        NAS-IP-Address = 172.16.27.37
        Called-Station-Id = "001c1066a106"
        Calling-Station-Id = "001cdf77bb4d"
        NAS-Identifier = "001c1066a106"
        NAS-Port = 1
        Framed-MTU = 1400
        State = 0x9baa2d2999a934161e655ea3ece36f0c
        NAS-Port-Type = Wireless-802.11
        EAP-Message = 0x020300061900
        Message-Authenticator = 0x55eb06fdd249f58d4b098d211ef699db
+- entering group authorize
++[preprocess] returns ok
        expand: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/172.16.27.37/auth-detail-20080620
rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/172.16.27.37/auth-detail-20080620
        expand: %t -> Fri Jun 20 15:25:59 2008
++[auth_log] returns ok
++[chap] returns noop
++[mschap] returns noop
    rlm_realm: No '@' in User-Name = "userX", looking up realm NULL
    rlm_realm: No such realm "NULL"
++[suffix] returns noop
  rlm_eap: EAP packet type response id 3 length 6
  rlm_eap: Continuing tunnel setup.
++[eap] returns ok
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/peap
  rlm_eap: processing type peap
  rlm_eap_peap: Authenticate
  rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
  rlm_eap_tls: ack handshake fragment handler
  eaptls_verify returned 1
  eaptls_process returned 13
  rlm_eap_peap: EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 0 to 172.16.27.37 port 3072
        EAP-Message = 0x010402e71900589c274af17f1a494850cb1028aea864d133e063ba83420b4e3c091030cb4a0c5e5913181a57a0ef4e965b1a1490eb20c705bfc44603e0e52aa98d2f47831b1e88e8cb4149a777c58356b40fcb237ad48b79a1e61a5a02e245b071293b2b25d6b3bbc2e1eb5e26db78735d8172015a39ae2ab6d93382ef0be94f0419a5a7101b93f3f91c7a124f75d5884e225990d032bb21374f62ebdca5a3add90be36aa926a41695835c2eb3f7e88337da950eb5394a9ffb5f63412909f5e387762b4bc9607be7d5871e1c160301020d0c0002090080d98dfb21f227dd0de0112a4e02b14ba70211061c5b376bb17b336613f8dc7867bf69d166fa9a
        EAP-Message = 0x06947948dc5a2a0bb67aece8a2eb6ec595b94459607661010ebd873c133571818cf379124cde39be0e869e24c60c3ecaf1faaf1d96b46cb542c1a8207a4a2c8114788241b433bbe70a1c9ba7e56a3e27932254db2290c295e28300010200801e2c86c4785eeb02a0bb6dd6aa890202b7e118a106a5c230c576d7030939045bb009c2ac440005c74fe3659e3fd5b15f4554226f7dcd0131dc636b3d8b2152b63efc1cb23b6e8b0b3bd2960488c73b9bf499434d44629b813ff423fcf0580858aa6473354cce503e27925a2b5493fad07897a8f9ee105c4b949d6277b0ffa75d010034c14143a28ad289e2d0a39f498063167f73fcbf4000caa9c70a3905
        EAP-Message = 0x71a008d47f3651cca5a115167ccf4c3990bbaf3507e2b958546eb5e323c7fe857e8394a68251ad5404da26810c662052e242961cb37eafcab475f322a740a0abd48178f31bed95df9004fb37f667282bdbaa9db8402640ffad48ecb15a49ea5db0ace40026026cd5ab50949ade5c903144779999672f88dd7885fcf946ed5c01779571173271d8503a0c3e43791e06a2c4400ff0553c76e15bf7624cf432dd2d44643827b4d29a8763738b073e09b1bbb3c6f2d411391976badabf00cd6ccbb57627e315142009a49e948f5911cf3873557dc60adfebd10a8892d1ac71109fb9cf9a3e6416030100040e000000
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x9baa2d2998ae34161e655ea3ece36f0c
Finished request 3.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 172.16.27.37 port 3072, id=0, length=344
Cleaning up request 3 ID 0 with timestamp +41
        User-Name = "userX"
        NAS-IP-Address = 172.16.27.37
        Called-Station-Id = "001c1066a106"
        Calling-Station-Id = "001cdf77bb4d"
        NAS-Identifier = "001c1066a106"
        NAS-Port = 1
        Framed-MTU = 1400
        State = 0x9baa2d2998ae34161e655ea3ece36f0c
        NAS-Port-Type = Wireless-802.11
        EAP-Message = 0x020400cc190016030100861000008200804316d20c6a7c178058561a988cd4c857a1818bca9d6381d259ad888eb8590fb37aa41737e0465ed1c8645c4b84abd506a7d30c4bb7a7a10f909b9feb1f8a51b8430d748d87f03c7df6a01a3bb99c178da207b3a19c540469709f2845ba90768f8ec804175b2e9afaa80dccc2107919f7580b1953431922cdeda4f877c91e174f14030100010116030100300f7ef3899514ebb34daa12ac552eb8f9eb8841016f046ea3a63e53aadfb3e3397a93e73456cc41e1135861707733b220
        Message-Authenticator = 0xdea135864ef03eb8674379a35331fd5f
+- entering group authorize
++[preprocess] returns ok
        expand: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/172.16.27.37/auth-detail-20080620
rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/172.16.27.37/auth-detail-20080620
        expand: %t -> Fri Jun 20 15:25:59 2008
++[auth_log] returns ok
++[chap] returns noop
++[mschap] returns noop
    rlm_realm: No '@' in User-Name = "userX", looking up realm NULL
    rlm_realm: No such realm "NULL"
++[suffix] returns noop
  rlm_eap: EAP packet type response id 4 length 204
  rlm_eap: Continuing tunnel setup.
++[eap] returns ok
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/peap
  rlm_eap: processing type peap
  rlm_eap_peap: Authenticate
  rlm_eap_tls: processing TLS
  eaptls_verify returned 7
  rlm_eap_tls: Done initial handshake
  rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange
    TLS_accept: SSLv3 read client key exchange A
  rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001]
  rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished
    TLS_accept: SSLv3 read finished A
  rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001]
    TLS_accept: SSLv3 write change cipher spec A
  rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished
    TLS_accept: SSLv3 write finished A
    TLS_accept: SSLv3 flush data
    (other): SSL negotiation finished successfully
SSL Connection Established
  eaptls_process returned 13
  rlm_eap_peap: EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 0 to 172.16.27.37 port 3072
        EAP-Message = 0x0105004119001403010001011603010030e6a2e4f9f396f695728dfc74be50459b34dea2ec026e3b041e64ad32a19bfc01ce00a4f39422c30e86d83059c040853f
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x9baa2d299faf34161e655ea3ece36f0c
Finished request 4.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 172.16.27.37 port 3072, id=0, length=146
Cleaning up request 4 ID 0 with timestamp +41
        User-Name = "userX"
        NAS-IP-Address = 172.16.27.37
        Called-Station-Id = "001c1066a106"
        Calling-Station-Id = "001cdf77bb4d"
        NAS-Identifier = "001c1066a106"
        NAS-Port = 1
        Framed-MTU = 1400
        State = 0x9baa2d299faf34161e655ea3ece36f0c
        NAS-Port-Type = Wireless-802.11
        EAP-Message = 0x020500061900
        Message-Authenticator = 0xaa2e2ed89ffe2379528536376d6b3678
+- entering group authorize
++[preprocess] returns ok
        expand: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/172.16.27.37/auth-detail-20080620
rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/172.16.27.37/auth-detail-20080620
        expand: %t -> Fri Jun 20 15:25:59 2008
++[auth_log] returns ok
++[chap] returns noop
++[mschap] returns noop
    rlm_realm: No '@' in User-Name = "userX", looking up realm NULL
    rlm_realm: No such realm "NULL"
++[suffix] returns noop
  rlm_eap: EAP packet type response id 5 length 6
  rlm_eap: Continuing tunnel setup.
++[eap] returns ok
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/peap
  rlm_eap: processing type peap
  rlm_eap_peap: Authenticate
  rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
  rlm_eap_tls: ack handshake is finished
  eaptls_verify returned 3
  eaptls_process returned 3
  rlm_eap_peap: EAPTLS_SUCCESS
++[eap] returns handled
Sending Access-Challenge of id 0 to 172.16.27.37 port 3072
        EAP-Message = 0x0106002b190017030100203d19543fef6a354b15802fa24ac6be930472a2bb2963b2cd40acb8569178208b
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x9baa2d299eac34161e655ea3ece36f0c
Finished request 5.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 172.16.27.37 port 3072, id=0, length=236
Cleaning up request 5 ID 0 with timestamp +41
        User-Name = "userX"
        NAS-IP-Address = 172.16.27.37
        Called-Station-Id = "001c1066a106"
        Calling-Station-Id = "001cdf77bb4d"
        NAS-Identifier = "001c1066a106"
        NAS-Port = 1
        Framed-MTU = 1400
        State = 0x9baa2d299eac34161e655ea3ece36f0c
        NAS-Port-Type = Wireless-802.11
        EAP-Message = 0x020600601900170301002006f9c4c30ed6970d17049ecab64a52b6bd0147e5e8aa1632efba5d9bc17ad65517030100307342716fd8fa732607a62a93a4ea9d0be8cd1c9717af27bb67b840bc0a308060563c313805c8b9810e19ba7a0485738a
        Message-Authenticator = 0x8aa405f4d2a413e1dfdf4f6019925a83
+- entering group authorize
++[preprocess] returns ok
        expand: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/172.16.27.37/auth-detail-20080620
rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/172.16.27.37/auth-detail-20080620
        expand: %t -> Fri Jun 20 15:25:59 2008
++[auth_log] returns ok
++[chap] returns noop
++[mschap] returns noop
    rlm_realm: No '@' in User-Name = "userX", looking up realm NULL
    rlm_realm: No such realm "NULL"
++[suffix] returns noop
  rlm_eap: EAP packet type response id 6 length 96
  rlm_eap: Continuing tunnel setup.
++[eap] returns ok
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/peap
  rlm_eap: processing type peap
  rlm_eap_peap: Authenticate
  rlm_eap_tls: processing TLS
  eaptls_verify returned 7
  rlm_eap_tls: Done initial handshake
  eaptls_process returned 7
  rlm_eap_peap: EAPTLS_OK
  rlm_eap_peap: Session established.  Decoding tunneled attributes.
  rlm_eap_peap: Identity - userX
  PEAP: Got tunneled identity of userX
  PEAP: Setting default EAP type for tunneled EAP session.
  PEAP: Setting User-Name to userX
auth: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user
auth: Failed to validate the user.
  PEAP: Tunneled authentication was rejected.
  rlm_eap_peap: FAILURE
++[eap] returns handled
Sending Access-Challenge of id 0 to 172.16.27.37 port 3072
        EAP-Message = 0x0107003b1900170301003083a87eb6970e9d00f7463517385ede5e1301a3788b857b995947b8b8ab618a56ac5422ade8ea7d08e6be181deb19075e
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x9baa2d299dad34161e655ea3ece36f0c
Finished request 6.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 172.16.27.37 port 3072, id=0, length=236
Cleaning up request 6 ID 0 with timestamp +41
        User-Name = "userX"
        NAS-IP-Address = 172.16.27.37
        Called-Station-Id = "001c1066a106"
        Calling-Station-Id = "001cdf77bb4d"
        NAS-Identifier = "001c1066a106"
        NAS-Port = 1
        Framed-MTU = 1400
        State = 0x9baa2d299dad34161e655ea3ece36f0c
        NAS-Port-Type = Wireless-802.11
        EAP-Message = 0x0207006019001703010020e1e6a5669a6e1f2fad8b18557490b2a36580caac37130035ec533f519aa058651703010030ea09edd1a98107005cbbefece6de1029da93fab2b2f14456b2a2728ff91532a35d075fb23197f925da6206a6e1ee5db1
        Message-Authenticator = 0xd2a2e7d67cd0ea7f1d069d4ebf3731cc
+- entering group authorize
++[preprocess] returns ok
        expand: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/172.16.27.37/auth-detail-20080620
rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/172.16.27.37/auth-detail-20080620
        expand: %t -> Fri Jun 20 15:25:59 2008
++[auth_log] returns ok
++[chap] returns noop
++[mschap] returns noop
    rlm_realm: No '@' in User-Name = "userX", looking up realm NULL
    rlm_realm: No such realm "NULL"
++[suffix] returns noop
  rlm_eap: EAP packet type response id 7 length 96
  rlm_eap: Continuing tunnel setup.
++[eap] returns ok
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/peap
  rlm_eap: processing type peap
  rlm_eap_peap: Authenticate
  rlm_eap_tls: processing TLS
  eaptls_verify returned 7
  rlm_eap_tls: Done initial handshake
  eaptls_process returned 7
  rlm_eap_peap: EAPTLS_OK
  rlm_eap_peap: Session established.  Decoding tunneled attributes.
  rlm_eap_peap: Received EAP-TLV response.
  rlm_eap_peap:  Had sent TLV failure.  User was rejected earlier in this session.
 rlm_eap: Handler failed in EAP/peap
  rlm_eap: Failed in EAP select
++[eap] returns invalid
auth: Failed to validate the user.
  Found Post-Auth-Type Reject
+- entering group REJECT
        expand: %{User-Name} -> userX
 attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Sending Access-Reject of id 0 to 172.16.27.37 port 3072
        EAP-Message = 0x04070004
        Message-Authenticator = 0x00000000000000000000000000000000
Finished request 7.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 7 ID 0 with timestamp +41
Ready to process requests.





2008/6/20 Alan DeKok <aland@deployingradius.com>:
Andy An wrote:
> Hi Ivan:
> The password is in the ldap server as one of attributes binded to the
> user (userPassword: {CRYPT}something).
...
> rlm_ldap: performing search in ou=People,dc=eciad,dc=ca, with filter
> (uid=andyan)
...
> WARNING: No "known good" password was found in LDAP.  Are you sure that
> the user is configured correctly?

 The debug output disagrees with you.

 There is no known good password available.

 Again, it helps to READ the debug output yourself.  The warning
messages are clear, and are written in simple English.

 Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html