1. RE: Gigaword support (eugene@snowball.co.za) 2. Re : Multiple server certificates in EAP-TLS or EAP-TTLS (Eshun Benjamin) 3. Re: log file for free radius 1.1.6 eap-tls authentication (anoop_c@sifycorp.com) 4. problem in autehtication with EAP-MD5 (shantanu choudhary) Hi 2 I am getting the following message in log first it satatrts (radiud -X) [root@localhost radius]# cat radius.log Wed May 30 11:24:14 2007 : Info: Using deprecated naslist file. Support for this will go away soon. Wed May 30 11:24:14 2007 : Info: rlm_exec: Wait=yes but no output defined. Did you mean output=none? Wed May 30 11:24:14 2007 : Info: rlm_eap_tls: Loading the certificate file as a chain Wed May 30 11:24:14 2007 : Info: Ready to process requests. But if again start the server no logs and nothing other than this is coming in the log. regarding users file in navisradius i uesd to do that in EAP_TLS thats why i asked. Regards Anoop --
Message: 5 Date: Tue, 29 May 2007 09:42:52 +0100 From: <tnt@kalik.co.yu> Subject: Re: log file for free radius 1.1.6 eap-tls authentication To: \"FreeRadius users mailing list\" <freeradius-users@lists.freeradius.org> Message-ID: <g9b0RimS.1180428172.8965940.tnt@kalik.co.yu> Content-Type: text/plain; charset=ISO-8859-2
1. That\'s not how certificates work. You add those that you want to PREVENT from connecting (for whatever reason) to Certificate Revocation List (CRL). You suposedly do have control over who are certificates issued to. If you have no control over CA then you shouldn\'t be using them.
2. Is anything (reading config files etc.) written to the log when you restart the server?
Ivan Kalik Kalik Informatika ISP
Dana 29/5/2007, \"anoop_c@sifycorp.com\" <anoop_c@sifycorp.com> pi?e:
Hi 1 I know its eap-tls and certificate based. Earlier i was using Navis radius .In that for eap-tls we have to add certificate name to a specific user file. Like that here also user file is there can i make use of the user file so that only that user get authenticated,
2 Logs are not happening.In config changes required to get the same? Regards Anoop
Message: 2 Date: Mon, 28 May 2007 15:07:06 +0100 From: <tnt@kalik.co.yu> Subject: Re: log file for free radius 1.1.6 eap-tls authentication To: \"FreeRadius users mailing list\" <freeradius-users@lists.freeradius.org> Message-ID: <a8emGRAP.1180361226.4861000.tnt@kalik.co.yu> Content-Type: text/plain; charset=ISO-8859-2
This is EAP-TLS. This user has a valid user certificate and is accepted. If you don\'t want to go via certificates but use user/password, use EAP-TTLS with MS-CHAPv2 (or PAP or any other auth protocol).
Ivan Kalik Kalik Informatika ISP
------------------------------ Message: 4 Date: Wed, 30 May 2007 09:23:21 +0100 (BST) From: shantanu choudhary <shantanu_843@yahoo.co.in> Subject: problem in autehtication with EAP-MD5 To: freeradius-users@lists.freeradius.org Message-ID: <327609.49387.qm@web7602.mail.in.yahoo.com> Content-Type: text/plain; charset="iso-8859-1" hi all, i am trying to get autheticated by radius server using EAP-MD5 but i always get FAILURE and i m not able to figure out the problem, can anyone help me out!!!!! my client side shows out put like this:- EAPOL: SUPP_BE entering state RESPONSE EAPOL: txSuppRsp TX EAPOL - hexdump(len=17): 01 00 00 0d 02 00 00 0d 01 74 65 73 74 75 73 65 72 EAPOL: SUPP_BE entering state RECEIVE RX EAPOL from 00:03:7f:09:60:a0 RX EAPOL - hexdump(len=26): 01 00 00 16 01 01 00 16 04 10 e5 b2 63 cb 4e 4f e7 d1 b1 4f 30 95 6c 21 cd a9 EAPOL: Received EAP-Packet frame EAPOL: SUPP_BE entering state REQUEST EAPOL: getSuppRsp EAP: EAP entering state RECEIVED EAP: Received EAP-Request id=1 method=4 vendor=0 vendorMethod=0 EAP: EAP entering state GET_METHOD EAP: Initialize selected EAP method: vendor 0 method 4 (MD5) CTRL-EVENT-EAP-METHOD EAP vendor 0 method 4 (MD5) selected CTRL_IFACE monitor send - hexdump(len=22): 2f 74 6d 70 2f 77 70 61 5f 63 74 72 6c 5f 31 36 32 37 35 2d 31 00 EAP: EAP entering state METHOD EAP-MD5: Challenge - hexdump(len=16): e5 b2 63 cb 4e 4f e7 d1 b1 4f 30 95 6c 21 cd a9 EAP-MD5: Generating Challenge Response EAP-MD5: Response - hexdump(len=16): 4a f8 0b fc 31 7e 27 47 ac 95 4c 77 56 30 bf c6 EAP: method process -> ignore=FALSE methodState=DONE decision=UNCOND_SUCC EAP: EAP entering state SEND_RESPONSE EAP: EAP entering state IDLE EAPOL: SUPP_BE entering state RESPONSE EAPOL: txSuppRsp TX EAPOL - hexdump(len=26): 01 00 00 16 02 01 00 16 04 10 4a f8 0b fc 31 7e 27 47 ac 95 4c 77 56 30 bf c6 EAPOL: SUPP_BE entering state RECEIVE RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=6): 53 54 41 54 55 53 STATUS ioctl[SIOCGIFADDR]: Cannot assign requested address RX ctrl_iface - hexdump_ascii(len=13): 4c 49 53 54 5f 4e 45 54 57 4f 52 4b 53 LIST_NETWORKS RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX EAPOL from 00:03:7f:09:60:a0 RX EAPOL - hexdump(len=8): 01 00 00 04 04 01 00 04 EAPOL: Received EAP-Packet frame EAPOL: SUPP_BE entering state REQUEST EAPOL: getSuppRsp EAP: EAP entering state RECEIVED EAP: Received EAP-Failure EAP: EAP entering state DISCARD EAP: EAP entering state IDLE EAPOL: SUPP_BE entering state RECEIVE RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING EAPOL: startWhen --> 0 RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=6): 53 54 41 54 55 53 STATUS ioctl[SIOCGIFADDR]: Cannot assign requested address RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=6): 53 54 41 54 55 53 STATUS ioctl[SIOCGIFADDR]: Cannot assign requested address RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=6): 53 54 41 54 55 53 STATUS ioctl[SIOCGIFADDR]: Cannot assign requested address RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING EAPOL: authWhile --> 0 EAPOL: SUPP_BE entering state TIMEOUT EAPOL: SUPP_PAE entering state CONNECTING EAPOL: SUPP_BE entering state IDLE RX EAPOL from 00:03:7f:09:60:a0 RX EAPOL - hexdump(len=9): 01 00 00 05 01 02 00 05 01 EAPOL: Received EAP-Packet frame EAPOL: SUPP_PAE entering state RESTART EAP: EAP entering state INITIALIZE EAP: deinitialize previously used EAP method (4, MD5) at INITIALIZE EAP: EAP entering state IDLE EAPOL: SUPP_PAE entering state AUTHENTICATING EAPOL: SUPP_BE entering state REQUEST EAPOL: getSuppRsp EAP: EAP entering state RECEIVED EAP: Received EAP-Request id=2 method=1 vendor=0 vendorMethod=0 EAP: EAP entering state IDENTITY CTRL-EVENT-EAP-STARTED EAP authentication started CTRL_IFACE monitor send - hexdump(len=22): 2f 74 6d 70 2f 77 70 61 5f 63 74 72 6c 5f 31 36 32 37 35 2d 31 00 EAP: EAP-Request Identity data - hexdump_ascii(len=0): EAP: using real identity - hexdump_ascii(len=8): 74 65 73 74 75 73 65 72 testuser EAP: EAP entering state SEND_RESPONSE EAP: EAP entering state IDLE EAPOL: SUPP_BE entering state RESPONSE EAPOL: txSuppRsp TX EAPOL - hexdump(len=17): 01 00 00 0d 02 02 00 0d 01 74 65 73 74 75 73 65 72 EAPOL: SUPP_BE entering state RECEIVE RX EAPOL from 00:03:7f:09:60:a0 RX EAPOL - hexdump(len=26): 01 00 00 16 01 03 00 16 04 10 62 2a 69 09 f7 63 b3 30 cf 0b bd 05 83 73 4f 4f EAPOL: Received EAP-Packet frame EAPOL: SUPP_BE entering state REQUEST EAPOL: getSuppRsp EAP: EAP entering state RECEIVED EAP: Received EAP-Request id=3 method=4 vendor=0 vendorMethod=0 EAP: EAP entering state GET_METHOD EAP: Initialize selected EAP method: vendor 0 method 4 (MD5) CTRL-EVENT-EAP-METHOD EAP vendor 0 method 4 (MD5) selected CTRL_IFACE monitor send - hexdump(len=22): 2f 74 6d 70 2f 77 70 61 5f 63 74 72 6c 5f 31 36 32 37 35 2d 31 00 EAP: EAP entering state METHOD EAP-MD5: Challenge - hexdump(len=16): 62 2a 69 09 f7 63 b3 30 cf 0b bd 05 83 73 4f 4f EAP-MD5: Generating Challenge Response EAP-MD5: Response - hexdump(len=16): bd c1 d1 e3 be 9e 4c 46 7d d1 c0 a3 72 11 b0 ff EAP: method process -> ignore=FALSE methodState=DONE decision=UNCOND_SUCC EAP: EAP entering state SEND_RESPONSE EAP: EAP entering state IDLE EAPOL: SUPP_BE entering state RESPONSE EAPOL: txSuppRsp TX EAPOL - hexdump(len=26): 01 00 00 16 02 03 00 16 04 10 bd c1 d1 e3 be 9e 4c 46 7d d1 c0 a3 72 11 b0 ff EAPOL: SUPP_BE entering state RECEIVE RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=6): 53 54 41 54 55 53 STATUS ioctl[SIOCGIFADDR]: Cannot assign requested address RX ctrl_iface - hexdump_ascii(len=13): 4c 49 53 54 5f 4e 45 54 57 4f 52 4b 53 LIST_NETWORKS RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING EAPOL: startWhen --> 0 RX EAPOL from 00:03:7f:09:60:a0 RX EAPOL - hexdump(len=8): 01 00 00 04 04 03 00 04 EAPOL: Received EAP-Packet frame EAPOL: SUPP_BE entering state REQUEST EAPOL: getSuppRsp EAP: EAP entering state RECEIVED EAP: Received EAP-Failure EAP: EAP entering state DISCARD EAP: EAP entering state IDLE EAPOL: SUPP_BE entering state RECEIVE RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=6): 53 54 41 54 55 53 STATUS ioctl[SIOCGIFADDR]: Cannot assign requested address RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=6): 53 54 41 54 55 53 STATUS ioctl[SIOCGIFADDR]: Cannot assign requested address RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING RX ctrl_iface - hexdump_ascii(len=4): 50 49 4e 47 PING CTRL_IFACE monitor detached - hexdump(len=22): 2f 74 6d 70 2f 77 70 61 5f 63 74 72 6c 5f 31 36 32 37 35 2d 31 00 EAPOL: authWhile --> 0 EAPOL: SUPP_BE entering state TIMEOUT
i dont know what is this cannot assign requested address,(i am not requesting for any address!!!) my supplicant file is like this:- ctrl_interface=/var/run/wpa_supplicant ctrl_interface_group=wheel eapol_version=1 ap_scan=1 fast_reauth=1 network={ ssid="ATH182" scan_ssid=1 key_mgmt=WPA-EAP eap=MD5 identity="testuser" password="whatever" }
and correspondingly server side shows message like this:- Starting - reading configuration files ... reread_config: reading radiusd.conf Config: including file: /usr/local/etc/raddb/proxy.conf Config: including file: /usr/local/etc/raddb/clients.conf Config: including file: /usr/local/etc/raddb/snmp.conf Config: including file: /usr/local/etc/raddb/eap.conf Config: including file: /usr/local/etc/raddb/sql.conf main: prefix = "/usr/local" main: localstatedir = "/usr/local/var" main: logdir = "/usr/local/var/log/radius" main: libdir = "/usr/local/lib" main: radacctdir = "/usr/local/var/log/radius/radacct" main: hostname_lookups = no main: max_request_time = 30 main: cleanup_delay = 5 main: max_requests = 1024 main: delete_blocked_requests = 0 main: port = 0 main: allow_core_dumps = no main: log_stripped_names = no main: log_file = "/usr/local/var/log/radius/radius.log" main: log_auth = no main: log_auth_badpass = no main: log_auth_goodpass = no main: pidfile = "/usr/local/var/run/radiusd/radiusd.pid" main: user = "(null)" main: group = "(null)" main: usercollide = no main: lower_user = "no" main: lower_pass = "no" main: nospace_user = "no" main: nospace_pass = "no" main: checkrad = "/usr/local/sbin/checkrad" main: proxy_requests = yes proxy: retry_delay = 5 proxy: retry_count = 3 proxy: synchronous = no proxy: default_fallback = yes proxy: dead_time = 120 proxy: post_proxy_authorize = no proxy: wake_all_if_all_dead = no security: max_attributes = 200 security: reject_delay = 1 security: status_server = no main: debug_level = 0 read_config_files: reading dictionary read_config_files: reading naslist Using deprecated naslist file. Support for this will go away soon. read_config_files: reading clients read_config_files: reading realms radiusd: entering modules setup Module: Library search path is /usr/local/lib Module: Loaded exec exec: wait = yes exec: program = "(null)" exec: input_pairs = "request" exec: output_pairs = "(null)" exec: packet_type = "(null)" rlm_exec: Wait=yes but no output defined. Did you mean output=none? Module: Instantiated exec (exec) Module: Loaded expr Module: Instantiated expr (expr) Module: Loaded PAP pap: encryption_scheme = "crypt" pap: auto_header = yes Module: Instantiated pap (pap) Module: Loaded CHAP Module: Instantiated chap (chap) Module: Loaded MS-CHAP mschap: use_mppe = yes mschap: require_encryption = no mschap: require_strong = no mschap: with_ntdomain_hack = no mschap: passwd = "(null)" mschap: ntlm_auth = "(null)" Module: Instantiated mschap (mschap) Module: Loaded System unix: cache = no unix: passwd = "(null)" unix: shadow = "(null)" unix: group = "(null)" unix: radwtmp = "/usr/local/var/log/radius/radwtmp" unix: usegroup = no unix: cache_reload = 600 Module: Instantiated unix (unix) Module: Loaded eap eap: default_eap_type = "md5" eap: timer_expire = 60 eap: ignore_unknown_eap_types = no eap: cisco_accounting_username_bug = no rlm_eap: Loaded and initialized type md5 rlm_eap: Loaded and initialized type leap gtc: challenge = "Password: " gtc: auth_type = "PAP" rlm_eap: Loaded and initialized type gtc tls: rsa_key_exchange = no tls: dh_key_exchange = yes tls: rsa_key_length = 512 tls: dh_key_length = 512 tls: verify_depth = 0 tls: CA_path = "(null)" tls: pem_file_type = yes tls: private_key_file = "/usr/local/etc/raddb/certs/cert-srv.pem" tls: certificate_file = "/usr/local/etc/raddb/certs/cert-srv.pem" tls: CA_file = "/usr/local/etc/raddb/certs/root.pem" tls: private_key_password = "whatever" tls: dh_file = "/usr/local/etc/raddb/certs/dh" tls: random_file = "/usr/local/etc/raddb/certs/random" tls: fragment_size = 1024 tls: include_length = yes tls: check_crl = no tls: check_cert_cn = "(null)" tls: cipher_list = "(null)" tls: check_cert_issuer = "(null)" rlm_eap_tls: Loading the certificate file as a chain rlm_eap: Loaded and initialized type tls mschapv2: with_ntdomain_hack = no rlm_eap: Loaded and initialized type mschapv2 Module: Instantiated eap (eap) Module: Loaded preprocess preprocess: huntgroups = "/usr/local/etc/raddb/huntgroups" preprocess: hints = "/usr/local/etc/raddb/hints" preprocess: with_ascend_hack = no preprocess: ascend_channels_per_line = 23 preprocess: with_ntdomain_hack = no preprocess: with_specialix_jetstream_hack = no preprocess: with_cisco_vsa_hack = no preprocess: with_alvarion_vsa_hack = no Module: Instantiated preprocess (preprocess) Module: Loaded realm realm: format = "suffix" realm: delimiter = "@" realm: ignore_default = no realm: ignore_null = no Module: Instantiated realm (suffix) Module: Loaded files files: usersfile = "/usr/local/etc/raddb/users" files: acctusersfile = "/usr/local/etc/raddb/acct_users" files: preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users" files: compat = "no" Module: Instantiated files (files) Module: Loaded Acct-Unique-Session-Id acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port" Module: Instantiated acct_unique (acct_unique) Module: Loaded detail detail: detailfile = "/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d" detail: detailperm = 384 detail: dirperm = 493 detail: locking = no Module: Instantiated detail (detail) Module: Loaded radutmp radutmp: filename = "/usr/local/var/log/radius/radutmp" radutmp: username = "%{User-Name}" radutmp: case_sensitive = yes radutmp: check_with_nas = yes radutmp: perm = 384 radutmp: callerid = yes Module: Instantiated radutmp (radutmp) Listening on authentication *:1812 Listening on accounting *:1813 Ready to process requests. rad_recv: Access-Request packet from host 192.168.2.183:1079, id=0, length=177 Message-Authenticator = 0x48563b978d926b5c042592ec5eae4537 Service-Type = Framed-User User-Name = "testuser" Framed-MTU = 1488 Called-Station-Id = "00-03-7F-09-60-7E:ATH183" Calling-Station-Id = "00-03-7F-05-C0-9C" NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 54Mbps 802.11g" EAP-Message = 0x0200000d017465737475736572 NAS-IP-Address = 192.168.2.183 NAS-Port = 2 NAS-Port-Id = "STA port # 2" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: No '@' in User-Name = "testuser", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: EAP packet type response id 0 length 13 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 0 users: Matched entry DEFAULT at line 153 users: Matched entry DEFAULT at line 172 users: Matched entry testuser at line 216 modcall[authorize]: module "files" returns ok for request 0 rlm_pap: Found existing Auth-Type, not changing it. modcall[authorize]: module "pap" returns noop for request 0 modcall: leaving group authorize (returns updated) for request 0 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 0 rlm_eap: EAP Identity rlm_eap: processing type md5 rlm_eap_md5: Issuing Challenge modcall[authenticate]: module "eap" returns handled for request 0 modcall: leaving group authenticate (returns handled) for request 0 Sending Access-Challenge of id 0 to 192.168.2.183 port 1079 Framed-IP-Address = 255.255.255.254 Framed-MTU = 576 Service-Type = Framed-User EAP-Message = 0x010100160410457803a5fc7f8de5ad1e9065c4fec0b0 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x0eb6726b77f05929d54be6c45de1f52f Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 0 with timestamp 465abecc Nothing to do. Sleeping until we see a request. rad_recv: Access-Request packet from host 192.168.2.183:1079, id=1, length=204 Message-Authenticator = 0xfbcd80decacba158727083a6ca513fac Service-Type = Framed-User User-Name = "testuser" Framed-MTU = 1488 State = 0x0eb6726b77f05929d54be6c45de1f52f Called-Station-Id = "00-03-7F-09-60-7E:ATH183" Calling-Station-Id = "00-03-7F-05-C0-9C" NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 54Mbps 802.11g" EAP-Message = 0x020100160410b6cac9199b585c8705d9230d18b93094 NAS-IP-Address = 192.168.2.183 NAS-Port = 2 NAS-Port-Id = "STA port # 2" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 1 modcall[authorize]: module "preprocess" returns ok for request 1 modcall[authorize]: module "chap" returns noop for request 1 modcall[authorize]: module "mschap" returns noop for request 1 rlm_realm: No '@' in User-Name = "testuser", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 1 rlm_eap: EAP packet type response id 1 length 22 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 1 users: Matched entry DEFAULT at line 153 users: Matched entry DEFAULT at line 172 users: Matched entry testuser at line 216 modcall[authorize]: module "files" returns ok for request 1 rlm_pap: Found existing Auth-Type, not changing it. modcall[authorize]: module "pap" returns noop for request 1 modcall: leaving group authorize (returns updated) for request 1 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 1 rlm_eap: Request found, released from the list rlm_eap: EAP/md5 rlm_eap: processing type md5 rlm_eap: Freeing handler modcall[authenticate]: module "eap" returns ok for request 1 modcall: leaving group authenticate (returns ok) for request 1 Sending Access-Accept of id 1 to 192.168.2.183 port 1079 Framed-IP-Address = 255.255.255.254 Framed-MTU = 576 Service-Type = Framed-User EAP-Message = 0x03010004 Message-Authenticator = 0x00000000000000000000000000000000 User-Name = "testuser" Finished request 1 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 1 ID 1 with timestamp 465abee0 Nothing to do. Sleeping until we see a request.
can any one help me out it is really important and urgent. if u need i will also tell u my radius.conf, eap.conf and users file!! thank you regards shantanu
--------------------------------- Download prohibited? No problem! CHAT from any browser, without download.