Pretty new to FR as well but from what it looks like to me is your using Workstation login not user login. The portion [suffix] No '@' in User-Name = "host/W400210.interoute.com", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] EAP packet type response id 198 length 31 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] returns updated ++[files] returns noop ++[expiration] returns noop ++[logintime] returns noop [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop Found Auth-Type = EAP looks like your supplicant is sending workstation logins and your LDAP server is rejecting them. I don't know though, I am not a big log reader, I skim over them to find the error, I really need to get into them more:) Brett Littrell Network Manager MUSD CISSP, CCSP, CCVP, MCNE
On Wednesday, February 16, 2011 at 1:38 AM, in message <1297849120978-3387353.post@n5.nabble.com>, lucky79 <lukas.hofrichtr@interoute.com> wrote:
Hi Alan, Thanks for quick reply I have read the log several times however nothing points me to the right direction...thats why I posted a question here... when I use username@domain.com I get access-reject as ntlm authentication fails so from this point its working ok I guess. Also I dont think its a certificate problem as I've got same results with linux / windows 7 clients.
From the debug I see ntlm authentication went OK then EAP session does not finish, but why this is happening? Do you think I am really facing the certificate compatibility problem? Even its working fine with freeradius 1.1.7? I've tried to create a new one but same results... Or have I missed anything else? Sorry FR 2.x.x is still new to me
Thanks Lukas -- View this message in context: http://freeradius.1045715.n5.nabble.com/Freeradius2-1-3-Fedora9-PEAP-AD-prob... Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html