Sorry to spam you, but we have #radtest user1 password 127.0.0.1:1812 0 testing1234 and #radtest user1 password 127.0.0.1:18120 0 testing1234 and we have got the same result for the client ________________________________ De : arnauld ndefo <ndefo2002@yahoo.fr> À : alan buxey <A.L.M.Buxey@lboro.ac.uk>; FreeRadius users mailing list <freeradius-users@lists.freeradius.org>; Arran Cudbard-Bell <a.cudbardb@freeradius.org> Cc : Alan DeKok <aland@deployingradius.com>; tatiana dibanda <tdibanda31@yahoo.fr>; "tdibanda2005@yahoo.fr" <tdibanda2005@yahoo.fr> Envoyé le : Mardi 18 septembre 2012 23h38 Objet : Re: error of segmentation during the implementation of eap2 Hi, Concerning the error of segmentation, we have removed in the section authorize the part eap2{ ok = return} in the default and inner-server file. After that we have got the output of the radiusd -X which is in the attached file radiusd.txt. Normally we think that it is fine because the eap2 module has been loaded and we have at the end the line ... adding new socket proxy address * port 52902 Listening on authentication address * port 1812 Listening on accounting address * port 1813 Listening on command file /usr/local/var/run/radiusd/radiusd.sock Listening on authentication address 127.0.0.1 port 18120 as server inner-tunnel Listening on proxy address * port 1814 Ready to process requests. For the test of the eap2 module, we have put in the users file the line user1 Auth-Type :=eap2, Cleartext-Password :="password" On the client, we have got #radtest user1 password 127.0.0.1:18120 0 testing1234 sh: getcwd() failed: No such file or directory Sending Access-Request of id 217 to 127.0.0.1 port 18120 User-Name = "user1" User-Password = "password" NAS-IP-Address = 127.0.1.1 NAS-Port = 0 Message-Authenticator = 0x00000000000000000000000000000000 rad_recv: Access-Reject packet from host 127.0.0.1 port 18120, id=217, length=20 And on the server we have got rad_recv: Access-Request packet from host 127.0.0.1 port 53591, id=217, length=75 User-Name = "user1" User-Password = "password" NAS-IP-Address = 127.0.1.1 NAS-Port = 0 Message-Authenticator = 0xd755b04bec06d6babdc5c934be2aae5a server inner-tunnel { # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/inner-tunnel +- entering group authorize {...} ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "user1", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop ++[control] returns noop [files] users: Matched entry user1 at line 204 ++[files] returns ok ++[expiration] returns noop ++[logintime] returns noop [pap] WARNING: Auth-Type already set. Not setting to PAP ++[pap] returns noop Found Auth-Type = eap2 # Executing group from file /usr/local/etc/raddb/sites-enabled/inner-tunnel +- entering group authenticate {...} [eap2] No EAP-Message. Not doing EAP. ++[eap2] returns fail Failed to authenticate the user. } # server inner-tunnel Using Post-Auth-Type REJECT # Executing group from file /usr/local/etc/raddb/sites-enabled/inner-tunnel +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} -> user1 attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 1 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 1 Sending Access-Reject of id 217 to 127.0.0.1 port 53591 Waking up in 4.9 seconds. Cleaning up request 1 ID 217 with timestamp +96 I have checked all the file and everything is Ok. Then i dont know why the server doesnt success to authenticate the user??? As you see, we have a failed to authenticate the user. Do you have an ideas or suggestions please?? Thank you ________________________________ De : alan buxey <A.L.M.Buxey@lboro.ac.uk> À : arnauld ndefo <ndefo2002@yahoo.fr>; FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Cc : Alan DeKok <aland@deployingradius.com>; tatiana dibanda <tdibanda31@yahoo.fr>; "tdibanda2005@yahoo.fr" <tdibanda2005@yahoo.fr> Envoyé le : Mardi 18 septembre 2012 17h57 Objet : Re: error of segmentation during the implementation of eap2 Hi,
My project is to authenticate a client openpana with my radius server. The authentication method used by the client is based on the EAP-PSK, which is why I would have a radius server with authtentification method as EAP-PSK. After apply the instruction of doc/bugs, i have got a file gdb-radiusd.log which i have attached to the mail.
I take it that you've tried removing eap2 call from authorize and only have it in the authentication section? alan