Problem with Freeradius+LDAP+wifi
Hello, I have that configuration: -server with Freeradius + connect with internal system and Ldap server -Linksys WPA54G -laptop with wifi -PC with freebsd when i testing connections from PC use radtest i was auth. by radius and ldap server. But when i want to use laptop and wifi i see some freeradius logs: - i see that linksys connect to ldap.server over freeradius but user (the same what on the pc auth) didn't be auth :( LOGS: rad_recv: Access-Request packet from host 192.168.1.245:3072, id=0, length=119 User-Name = "rka" NAS-IP-Address = 192.168.1.245 Called-Station-Id = "001217694588" Calling-Station-Id = "000d93ee9b55" NAS-Identifier = "001217694588" NAS-Port = 32 Framed-MTU = 1400 NAS-Port-Type = Wireless-802.11 EAP-Message = 0x0200000801726b61 Message-Authenticator = 0x31c848a6f4f552bd2024d49b5ffa79c4 Mon Jan 15 13:39:00 2007 : Debug: Processing the authorize section of radiusd.conf Mon Jan 15 13:39:00 2007 : Debug: modcall: entering group authorize for request 2 Mon Jan 15 13:39:00 2007 : Debug: modsingle[authorize]: calling ldap (rlm_ldap) for request 2 Mon Jan 15 13:39:00 2007 : Debug: rlm_ldap: - authorize Mon Jan 15 13:39:00 2007 : Debug: rlm_ldap: performing user authorization for rka Mon Jan 15 13:39:00 2007 : Debug: radius_xlat: '(uid=rka)' Mon Jan 15 13:39:00 2007 : Debug: radius_xlat: 'ou=Users,dc=domain' Mon Jan 15 13:39:00 2007 : Debug: rlm_ldap: ldap_get_conn: Checking Id: 0 Mon Jan 15 13:39:00 2007 : Debug: rlm_ldap: ldap_get_conn: Got Id: 0 Mon Jan 15 13:39:00 2007 : Debug: rlm_ldap: performing search in ou=Users,dc=blstream, with filter (uid=rka) Mon Jan 15 13:39:00 2007 : Debug: rlm_ldap: looking for check items in directory... Mon Jan 15 13:39:00 2007 : Debug: rlm_ldap: looking for reply items in directory... Mon Jan 15 13:39:00 2007 : Debug: rlm_ldap: user rka authorized to use remote access Mon Jan 15 13:39:00 2007 : Debug: rlm_ldap: ldap_release_conn: Release Id: 0 Mon Jan 15 13:39:00 2007 : Debug: modsingle[authorize]: returned from ldap (rlm_ldap) for request 2 Mon Jan 15 13:39:00 2007 : Debug: modcall[authorize]: module "ldap" returns ok for request 2 Mon Jan 15 13:39:00 2007 : Debug: modcall: leaving group authorize (returns ok) for request 2 Mon Jan 15 13:39:00 2007 : Debug: auth: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user Mon Jan 15 13:39:00 2007 : Debug: auth: Failed to validate the user. Mon Jan 15 13:39:00 2007 : Debug: Delaying request 2 for 1 seconds Mon Jan 15 13:39:00 2007 : Debug: Finished request 2 Mon Jan 15 13:39:00 2007 : Debug: Going to the next request Mon Jan 15 13:39:00 2007 : Debug: --- Walking the entire request list --- Mon Jan 15 13:39:00 2007 : Debug: Waking up in 1 seconds... Mon Jan 15 13:39:01 2007 : Debug: --- Walking the entire request list --- Mon Jan 15 13:39:01 2007 : Debug: Waking up in 1 seconds... Mon Jan 15 13:39:02 2007 : Debug: --- Walking the entire request list --- Sending Access-Reject of id 0 to 192.168.1.245 port 3072 I set in /etc/freeradius/clients.conf client 192.168.1.245 { secret = password shortname = ldap_test } Why ldap didn't want auth. me ? And it is so freak because when i used PC with the same users ldap auth me. BR, -- Rafal Kaminski http://blstream.com email: rafal.kaminski@blstream.com jid: rka@im.blstream.com
authorize (returns ok) for request 2 Mon Jan 15 13:39:00 2007 : Debug: auth: No authenticate method (Auth-Type) configuration found for the request: Rejecting
Is 'eap' listed in our authorize section. It should be since this is an EAP request and Freeradius needs a way to set Auth-Type to EAP to proceed. Thibault
Is 'eap' listed in our authorize section. It should be since this is an EAP request and Freeradius needs a way to set Auth-Type to EAP to proceed.
in authorize section i have: authorize { preprocess eap ldap } in auth section authentication { Auth-Type LDAP { ldap } } and in eap.conf i have: eap { default_eap_type = md5 timer_expire = 60 md5 { } } Maybe some suggest ? BR, -- Rafal Kaminski http://blstream.com email: rafal.kaminski@blstream.com jid: rka@im.blstream.com
Rafa? Kamin'ski wrote:
in authorize section i have:
authorize { preprocess eap ldap }
http://deployingradius.com/documents/configuration/setup.html You've spent a lot of time editing the config file, in a way that breaks it. Don't do that. Start off with the default configuration, and make gradual changes until you have what you want.
in auth section
authentication { Auth-Type LDAP {
ldap
} }
And no "eap". Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog
Hello, I change my set and now i have that problem: rad_recv: Access-Request packet from host 192.168.1.245:3072, id=0, length=135 User-Name = "rka" NAS-IP-Address = 192.168.1.245 Called-Station-Id = "001217694588" Calling-Station-Id = "0014a41e7112" NAS-Identifier = "001217694588" NAS-Port = 61 Framed-MTU = 1400 State = 0xc278794268fad26149d90a3209f98f21 NAS-Port-Type = Wireless-802.11 EAP-Message = 0x020100060319 Message-Authenticator = 0x29e1dbe751ff97581d9c6a0a7b4a30c5 Tue Jan 16 09:45:50 2007 : Debug: Processing the authorize section of radiusd.conf Tue Jan 16 09:45:50 2007 : Debug: modcall: entering group authorize for request 9 Tue Jan 16 09:45:50 2007 : Debug: modsingle[authorize]: calling preprocess (rlm_preprocess) for request 9 Tue Jan 16 09:45:50 2007 : Debug: modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 9 Tue Jan 16 09:45:50 2007 : Debug: modcall[authorize]: module "preprocess" returns ok for request 9 Tue Jan 16 09:45:50 2007 : Debug: modsingle[authorize]: calling ldap (rlm_ldap) for request 9 Tue Jan 16 09:45:50 2007 : Debug: rlm_ldap: - authorize Tue Jan 16 09:45:50 2007 : Debug: rlm_ldap: performing user authorization for rka Tue Jan 16 09:45:50 2007 : Debug: radius_xlat: '(uid=rka)' Tue Jan 16 09:45:50 2007 : Debug: radius_xlat: 'ou=Users,dc=domain' Tue Jan 16 09:45:50 2007 : Debug: rlm_ldap: ldap_get_conn: Checking Id: 0 Tue Jan 16 09:45:50 2007 : Debug: rlm_ldap: ldap_get_conn: Got Id: 0 Tue Jan 16 09:45:50 2007 : Debug: rlm_ldap: performing search in ou=Users,dc=blstream, with filter (uid=rka) Tue Jan 16 09:45:50 2007 : Debug: rlm_ldap: looking for check items in directory... Tue Jan 16 09:45:50 2007 : Debug: rlm_ldap: looking for reply items in directory... Tue Jan 16 09:45:50 2007 : Debug: rlm_ldap: user rka authorized to use remote access Tue Jan 16 09:45:50 2007 : Debug: rlm_ldap: ldap_release_conn: Release Id: 0 Tue Jan 16 09:45:50 2007 : Debug: modsingle[authorize]: returned from ldap (rlm_ldap) for request 9 Tue Jan 16 09:45:50 2007 : Debug: modcall[authorize]: module "ldap" returns ok for request 9 Tue Jan 16 09:45:50 2007 : Debug: modsingle[authorize]: calling eap (rlm_eap) for request 9 Tue Jan 16 09:45:50 2007 : Debug: rlm_eap: EAP packet type response id 1 length 6 Tue Jan 16 09:45:50 2007 : Debug: rlm_eap: No EAP Start, assuming it's an on-going EAP conversation Tue Jan 16 09:45:50 2007 : Debug: modsingle[authorize]: returned from eap (rlm_eap) for request 9 Tue Jan 16 09:45:50 2007 : Debug: modcall[authorize]: module "eap" returns updated for request 9 Tue Jan 16 09:45:50 2007 : Debug: modcall: leaving group authorize (returns updated) for request 9 Tue Jan 16 09:45:50 2007 : Debug: rad_check_password: Found Auth-Type EAP Tue Jan 16 09:45:50 2007 : Debug: auth: type "EAP" Tue Jan 16 09:45:50 2007 : Debug: Processing the authenticate section of radiusd.conf Tue Jan 16 09:45:50 2007 : Debug: modcall: entering group authenticate for request 9 Tue Jan 16 09:45:50 2007 : Debug: modsingle[authenticate]: calling eap (rlm_eap) for request 9 Tue Jan 16 09:45:50 2007 : Debug: rlm_eap: Request found, released from the list Tue Jan 16 09:45:50 2007 : Debug: rlm_eap: EAP NAK Tue Jan 16 09:45:50 2007 : Debug: rlm_eap: EAP-NAK asked for EAP-Type/peap Tue Jan 16 09:45:50 2007 : Debug: rlm_eap: No such EAP type peap Tue Jan 16 09:45:50 2007 : Debug: rlm_eap: Failed in EAP select Tue Jan 16 09:45:50 2007 : Debug: modsingle[authenticate]: returned from eap (rlm_eap) for request 9 Tue Jan 16 09:45:50 2007 : Debug: modcall[authenticate]: module "eap" returns invalid for request 9 Tue Jan 16 09:45:50 2007 : Debug: modcall: leaving group authenticate (returns invalid) for request 9 Tue Jan 16 09:45:50 2007 : Debug: auth: Failed to validate the user. Tue Jan 16 09:45:50 2007 : Debug: Delaying request 9 for 1 seconds Tue Jan 16 09:45:50 2007 : Debug: Finished request 9 Tue Jan 16 09:45:50 2007 : Debug: Going to the next request Tue Jan 16 09:45:50 2007 : Debug: rl_next: returning NULL Tue Jan 16 09:45:50 2007 : Debug: Waking up in 6 seconds... Tue Jan 16 09:45:56 2007 : Debug: --- Walking the entire request list --- Sending Access-Reject of id 0 to 192.168.1.245 port 3072 EAP-Message = 0x04010004 Message-Authenticator = 0x00000000000000000000000000000000 Where is the problem ? -- Rafal Kaminski http://blstream.com email: rafal.kaminski@blstream.com jid: rka@im.blstream.com
Tue Jan 16 09:45:50 2007 : Debug: modcall: entering group authenticate for request 9 Tue Jan 16 09:45:50 2007 : Debug: modsingle[authenticate]: calling eap (rlm_eap) for request 9 Tue Jan 16 09:45:50 2007 : Debug: rlm_eap: Request found, released from the list Tue Jan 16 09:45:50 2007 : Debug: rlm_eap: EAP NAK Tue Jan 16 09:45:50 2007 : Debug: rlm_eap: EAP-NAK asked for EAP-Type/peap Tue Jan 16 09:45:50 2007 : Debug: rlm_eap: No such EAP type peap
Do you have peap configured in your eap.conf file ? Could you post this file ? Thibault
Could you post this file ?
I have only: eap { default_eap_type = tls tls { tls_cacertfile = /etc/freeradius/cert/ca.pem tls_certfile = /etc/freeradius/cert/radius.crt tls_keyfile = /etc/freeradius/cert/radius.key } } BR, Rafal Kaminski
Could you post this file ?
I have only:
eap {
default_eap_type = tls
tls {
tls_cacertfile = /etc/freeradius/cert/ca.pem
tls_certfile = /etc/freeradius/cert/radius.crt
tls_keyfile = /etc/freeradius/cert/radius.key
}
}
You're lacking the peap sub part: peap { # The tunneled EAP session needs a default # EAP type which is separate from the one for # the non-tunneled EAP module. Inside of the # PEAP tunnel, we recommend using MS-CHAPv2, # as that is the default type supported by # Windows clients. default_eap_type = mschapv2 # the PEAP module also has these configuration # items, which are the same as for TTLS. copy_request_to_tunnel = yes use_tunneled_reply = yes # When the tunneled session is proxied, the # home server may not understand EAP-MSCHAP-V2. # Set this entry to "no" to proxy the tunneled # EAP-MSCHAP-V2 as normal MSCHAPv2. # proxy_tunneled_request_as_eap = yes } Why have you deleted this entry? When you don't want to use a feature, just comment the section it'll make it easier to update the configuration in the future.
BR,
Rafal Kaminski
HTH, Thibault
Rafa? Kamin'ski wrote:
Tue Jan 16 09:45:50 2007 : Debug: rlm_eap: EAP-NAK asked for EAP-Type/peap Tue Jan 16 09:45:50 2007 : Debug: rlm_eap: No such EAP type peap ... Where is the problem ?
The client is requesting to do PEAP, and you didn't configure peap in eap.conf. See the Wiki & various howto's. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog
Sic :( I set eap with tls, because when i connect from PC i saw in debug TLS. Then i set tls in eap, but when i started freeraius (freeradius -XXX -A) i saw: Error: rlm_eap: Failed to link EAP-Type/tls: rlm_eap_tls.so: cannot open shared object file: No such file or directory Error: radiusd.conf[661]: eap: Module instantiation failed. Error: radiusd.conf[1767] Unknown module "eap". Error: radiusd.conf[1713] Failed to parse authenticate section. where is the problem ? BR -- Rafal Kaminski http://blstream.com email: rafal.kaminski@blstream.com jid: rka@im.blstream.com
Oki, i compile freeradius with tls eap, but now i have that problem when i want start freeradius: Tue Jan 16 13:49:16 2007 : Debug: Module: Loaded eap Tue Jan 16 13:49:16 2007 : Debug: eap: default_eap_type = "tls" Tue Jan 16 13:49:16 2007 : Debug: eap: timer_expire = 60 Tue Jan 16 13:49:16 2007 : Debug: eap: ignore_unknown_eap_types = no Tue Jan 16 13:49:16 2007 : Debug: eap: cisco_accounting_username_bug = no Tue Jan 16 13:49:16 2007 : Debug: tls: rsa_key_exchange = no Tue Jan 16 13:49:16 2007 : Debug: tls: dh_key_exchange = yes Tue Jan 16 13:49:16 2007 : Debug: tls: rsa_key_length = 512 Tue Jan 16 13:49:16 2007 : Debug: tls: dh_key_length = 512 Tue Jan 16 13:49:16 2007 : Debug: tls: verify_depth = 0 Tue Jan 16 13:49:16 2007 : Debug: tls: CA_path = "(null)" Tue Jan 16 13:49:16 2007 : Debug: tls: pem_file_type = yes Tue Jan 16 13:49:16 2007 : Debug: tls: private_key_file = "/etc/freeradius/cert/radius.key" Tue Jan 16 13:49:16 2007 : Debug: tls: certificate_file = "/etc/freeradius/cert/radius.crt" Tue Jan 16 13:49:16 2007 : Debug: tls: CA_file = "/etc/freeradius/cert/ca.pem" Tue Jan 16 13:49:16 2007 : Debug: tls: private_key_password = "(null)" Tue Jan 16 13:49:16 2007 : Debug: tls: dh_file = "(null)" Tue Jan 16 13:49:16 2007 : Debug: tls: random_file = "(null)" Tue Jan 16 13:49:16 2007 : Debug: tls: fragment_size = 1024 Tue Jan 16 13:49:16 2007 : Debug: tls: include_length = yes Tue Jan 16 13:49:16 2007 : Debug: tls: check_crl = no Tue Jan 16 13:49:16 2007 : Debug: tls: check_cert_cn = "(null)" Tue Jan 16 13:49:16 2007 : Debug: tls: cipher_list = "(null)" Tue Jan 16 13:49:16 2007 : Debug: tls: check_cert_issuer = "(null)" Tue Jan 16 13:49:16 2007 : Info: rlm_eap_tls: Loading the certificate file as a chain Tue Jan 16 13:49:16 2007 : Error: rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0) Tue Jan 16 13:49:16 2007 : Error: rlm_eap_tls: Error loading randomness Tue Jan 16 13:49:16 2007 : Error: rlm_eap: Failed to initialize type tls Tue Jan 16 13:49:16 2007 : Error: radiusd.conf[10]: eap: Module instantiation failed. Tue Jan 16 13:49:16 2007 : Error: radiusd.conf[1767] Unknown module "eap". Tue Jan 16 13:49:16 2007 : Error: radiusd.conf[1720] Failed to parse authenticate section. What is that error :( ?? -- Rafal Kaminski http://blstream.com email: rafal.kaminski@blstream.com jid: rka@im.blstream.com
Sorry for my all post :( I set peap/eap/tls and i start freeradius but when user on laptop with wifi want to auth. to radius over linksys, in log is: rad_recv: Access-Request packet from host 192.168.1.245:3072, id=0, length=167 User-Name = "lpa" NAS-IP-Address = 192.168.1.245 Called-Station-Id = "001217694588" Calling-Station-Id = "0014a41e7112" NAS-Identifier = "001217694588" NAS-Port = 61 Framed-MTU = 1400 State = 0xd7a7e508bf067ebf840f706609179973 NAS-Port-Type = Wireless-802.11 EAP-Message = 0x020800261900170301001b0a80b340ff12abb3c834cd77d204562a8b8514d1823bfd2b9ecbf2 Message-Authenticator = 0x242aac203af35c0d27c38f590d032df8 Tue Jan 16 14:35:56 2007 : Debug: Processing the authorize section of radiusd.conf Tue Jan 16 14:35:56 2007 : Debug: modcall: entering group authorize for request 19 Tue Jan 16 14:35:56 2007 : Debug: modsingle[authorize]: calling preprocess (rlm_preprocess) for request 19 Tue Jan 16 14:35:56 2007 : Debug: modsingle[authorize]: returned from preprocess (rlm_preprocess) for request 19 Tue Jan 16 14:35:56 2007 : Debug: modcall[authorize]: module "preprocess" returns ok for request 19 Tue Jan 16 14:35:56 2007 : Debug: modsingle[authorize]: calling ldap (rlm_ldap) for request 19 Tue Jan 16 14:35:56 2007 : Debug: rlm_ldap: - authorize Tue Jan 16 14:35:56 2007 : Debug: rlm_ldap: performing user authorization for lpa Tue Jan 16 14:35:56 2007 : Debug: radius_xlat: '(uid=lpa)' Tue Jan 16 14:35:56 2007 : Debug: radius_xlat: 'ou=Users,dc=domain' Tue Jan 16 14:35:56 2007 : Debug: rlm_ldap: ldap_get_conn: Checking Id: 0 Tue Jan 16 14:35:56 2007 : Debug: rlm_ldap: ldap_get_conn: Got Id: 0 Tue Jan 16 14:35:56 2007 : Debug: rlm_ldap: performing search in ou=Users,dc=blstream, with filter (uid=lpa) Tue Jan 16 14:35:56 2007 : Debug: rlm_ldap: looking for check items in directory... Tue Jan 16 14:35:56 2007 : Debug: rlm_ldap: looking for reply items in directory... Tue Jan 16 14:35:56 2007 : Debug: rlm_ldap: user lpa authorized to use remote access Tue Jan 16 14:35:56 2007 : Debug: rlm_ldap: ldap_release_conn: Release Id: 0 Tue Jan 16 14:35:56 2007 : Debug: modsingle[authorize]: returned from ldap (rlm_ldap) for request 19 Tue Jan 16 14:35:56 2007 : Debug: modcall[authorize]: module "ldap" returns ok for request 19 Tue Jan 16 14:35:56 2007 : Debug: modsingle[authorize]: calling eap (rlm_eap) for request 19 Tue Jan 16 14:35:56 2007 : Debug: rlm_eap: EAP packet type response id 8 length 38 Tue Jan 16 14:35:56 2007 : Debug: rlm_eap: No EAP Start, assuming it's an on-going EAP conversation Tue Jan 16 14:35:56 2007 : Debug: modsingle[authorize]: returned from eap (rlm_eap) for request 19 Tue Jan 16 14:35:56 2007 : Debug: modcall[authorize]: module "eap" returns updated for request 19 Tue Jan 16 14:35:56 2007 : Debug: modcall: leaving group authorize (returns updated) for request 19 Tue Jan 16 14:35:56 2007 : Debug: rad_check_password: Found Auth-Type EAP Tue Jan 16 14:35:56 2007 : Debug: auth: type "EAP" Tue Jan 16 14:35:56 2007 : Debug: Processing the authenticate section of radiusd.conf Tue Jan 16 14:35:56 2007 : Debug: modcall: entering group authenticate for request 19 Tue Jan 16 14:35:56 2007 : Debug: modsingle[authenticate]: calling eap (rlm_eap) for request 19 Tue Jan 16 14:35:56 2007 : Debug: rlm_eap: Request found, released from the list Tue Jan 16 14:35:56 2007 : Debug: rlm_eap: EAP/peap Tue Jan 16 14:35:56 2007 : Debug: rlm_eap: processing type peap Tue Jan 16 14:35:56 2007 : Debug: rlm_eap_peap: Authenticate Tue Jan 16 14:35:56 2007 : Debug: rlm_eap_tls: processing TLS Tue Jan 16 14:35:56 2007 : Debug: eaptls_verify returned 7 Tue Jan 16 14:35:56 2007 : Debug: rlm_eap_tls: Done initial handshake Tue Jan 16 14:35:56 2007 : Debug: eaptls_process returned 7 Tue Jan 16 14:35:56 2007 : Debug: rlm_eap_peap: EAPTLS_OK Tue Jan 16 14:35:56 2007 : Debug: rlm_eap_peap: Session established. Decoding tunneled attributes. PEAP tunnel data in 0000: 02 08 00 0b 21 80 03 00 02 00 02 Tue Jan 16 14:35:56 2007 : Debug: rlm_eap_peap: Received EAP-TLV response. Tue Jan 16 14:35:56 2007 : Debug: rlm_eap_peap: Tunneled data is valid. Tue Jan 16 14:35:56 2007 : Debug: rlm_eap_peap: Had sent TLV failure. User was rejcted rejected earlier in this session. Tue Jan 16 14:35:56 2007 : Debug: rlm_eap: Handler failed in EAP/peap Tue Jan 16 14:35:56 2007 : Debug: rlm_eap: Failed in EAP select Tue Jan 16 14:35:56 2007 : Debug: modsingle[authenticate]: returned from eap (rlm_eap) for request 19 Tue Jan 16 14:35:56 2007 : Debug: modcall[authenticate]: module "eap" returns invalid for request 19 Tue Jan 16 14:35:56 2007 : Debug: modcall: leaving group authenticate (returns invalid) for request 19 Tue Jan 16 14:35:56 2007 : Debug: auth: Failed to validate the user. Tue Jan 16 14:35:56 2007 : Debug: Delaying request 19 for 1 seconds Tue Jan 16 14:35:56 2007 : Debug: Finished request 19 Tue Jan 16 14:35:56 2007 : Debug: Going to the next request Tue Jan 16 14:35:56 2007 : Debug: rl_next: returning NULL Tue Jan 16 14:35:56 2007 : Debug: Waking up in 6 seconds... Tue Jan 16 14:36:02 2007 : Debug: --- Walking the entire request list --- Sending Access-Reject of id 0 to 192.168.1.245 port 3072 EAP-Message = 0x04080004 Message-Authenticator = 0x00000000000000000000000000000000 I have question: what is this: rlm_eap_peap: Had sent TLV failure. User was rejcted rejected earlier in this session. ??? I think it is the problem with reject :( -- Rafal Kaminski http://blstream.com email: rafal.kaminski@blstream.com jid: rka@im.blstream.com
Rafa? Kamin'ski wrote:
Sorry for my all post :(
PEAP tunnel data in 0000: 02 08 00 0b 21 80 03 00 02 00 02 Tue Jan 16 14:35:56 2007 : Debug: rlm_eap_peap: Received EAP-TLV response. Tue Jan 16 14:35:56 2007 : Debug: rlm_eap_peap: Tunneled data is valid. Tue Jan 16 14:35:56 2007 : Debug: rlm_eap_peap: Had sent TLV failure. User was rejcted rejected earlier in this session.
Read the REST of the debug log to see what's going on.
I have question: what is this: rlm_eap_peap: Had sent TLV failure. User was rejcted rejected earlier in this session. ???
I think it is the problem with reject :(
Yes... did you read the earlier debug messages? You were very careful to remove almost all useful information from your post. This makes it nearly impossible to help you. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog
participants (4)
-
Alan DeKok -
Rafa? Kamin'ski -
Rafał Kamiński -
Thibault Le Meur