heh.. sorry.. forgot to attach files --- debik <debik@vp.pl> wrote:
Could you sent me your configs. A would like to lokk how you use other authentication. ----- Original Message ----- From: "mat yuh" <yusshalimee@yahoo.com> To: <freeradius-users@lists.freeradius.org> Sent: Tuesday, December 06, 2005 10:50 AM Subject: Re: XP auth + PEAP (debik)
i'm also have a problem to make PEAP works with XP SP2.The PAP, EAP-tls, EAP-ttls work very well.i realise that freeradius gives me this error :
rlm_mschap: No User-Password configured. Cannot create LM-Password. rlm_mschap: No User-Password configured. Cannot create NT-Password. rlm_mschap: Told to do MS-CHAPv2 for nurah with NT-Password rlm_mschap: FAILED: No NT/LM-Password. Cannot perform authentication. rlm_mschap: FAILED: MS-CHAP2-Response is incorrect modcall[authenticate]: module "mschap" returns reject for request 6 modcall: leaving group MS-CHAP (returns reject) for request 6
i do read the maillist and search on google but cant make XP SP2 Work with PEAP. i'm using several NAS such as SMC BARRICADE 2804WBR and Linksys WRT54G. i do configure default_eap_type = peap in eap.conf and have a plain text password in users file :
nurah User-Password == "mypasswd"
** i make a new users file and put nurah user only in it
here is my complete debug message :
-----------------------
Initializing the thread pool... Listening on authentication address * port 1812 Listening on accounting address * port 1813 Listening on proxy address * port 1814 Ready to process requests. Nothing to do. Sleeping until we see a request. Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "unix" returns updated for request 0 rlm_realm: No '@' in User-Name = "nurah", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: EAP packet type response id 7 length 10 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 0 users: Matched entry nurah at line 9 modcall[authorize]: module "files" returns ok for request 0 modcall[authorize]: module "expiration" returns noop for request 0 modcall[authorize]: module "logintime" returns noop for request 0 rlm_pap: Found existing Auth-Type, not changing it. modcall[authorize]: module "pap" returns noop for request 0 modcall: leaving group authorize (returns updated) for request 0 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 0 rlm_eap: EAP Identity rlm_eap: processing type tls rlm_eap_tls: Initiate rlm_eap_tls: Start returned 1 modcall[authenticate]: module "eap" returns handled for request 0 modcall: leaving group authenticate (returns handled) for request 0 Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 5 seconds... Processing the authorize section of radiusd.conf modcall: entering group authorize for request 1 modcall[authorize]: module "preprocess" returns ok for request 1 modcall[authorize]: module "chap" returns noop for request 1 modcall[authorize]: module "mschap" returns noop for request 1 modcall[authorize]: module "chap" returns noop for request 1 modcall[authorize]: module "unix" returns updated for request 1 rlm_realm: No '@' in User-Name = "nurah", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 1 rlm_eap: EAP packet type response id 8 length 65 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 1 users: Matched entry nurah at line 9 modcall[authorize]: module "files" returns ok for request 1 modcall[authorize]: module "expiration" returns noop for request 1 modcall[authorize]: module "logintime" returns noop for request 1 rlm_pap: Found existing Auth-Type, not changing it. modcall[authorize]: module "pap" returns noop for request 1 modcall: leaving group authorize (returns updated) for request 1 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 1 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 (other): before/accept initialization TLS_accept: before/accept initialization rlm_eap_tls: <<< TLS 1.0 Handshake [length 0032], ClientHello TLS_accept: SSLv3 read client hello A rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello TLS_accept: SSLv3 write server hello A rlm_eap_tls: >>> TLS 1.0 Handshake [length 06cc], Certificate TLS_accept: SSLv3 write certificate A rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone TLS_accept: SSLv3 write server done A TLS_accept: SSLv3 flush data TLS_accept:error in SSLv3 read client certificate A In SSL Handshake Phase In SSL Accept mode
=== message truncated === __________________________________________ Yahoo! DSL Something to write home about. Just $16.99/mo. or less. dsl.yahoo.com