Hi to all freeradius users: I'm working on setting it up to authenticate users (windows XP) to our wireless network which I succesfully completed, when I run radiusd -X (debug) my output is as follow: rad_recv: Access-Request packet from host 172.16.x.x port 1029, id=13, length=229 Message-Authenticator = 0x8fc8a30cc4c74e50a1bab260971c63d1 Service-Type = Framed-User User-Name = "CAMINOSCA\\samuel.barriga" Framed-MTU = 1488 State = 0x37f6879135fb9ef39d433a1d3d148b7b Called-Station-Id = "00-1E-58-A3-C9-1C:FREERADIUS" Calling-Station-Id = "00-11-95-DF-71-29" NAS-Identifier = "D-Link Access Point" NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 54Mbps 802.11g" EAP-Message = 0x020d00061900 NAS-IP-Address = 172.16.x.x NAS-Port = 1 NAS-Port-Id = "STA port # 1" # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default.original +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop ++[digest] returns noop [suffix] No '@' in User-Name = "CAMINOSCA\samuel.barriga", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] EAP packet type response id 13 length 6 [eap] Continuing tunnel setup. ++[eap] returns ok Found Auth-Type = EAP # Executing group from file /usr/local/etc/raddb/sites-enabled/default.original +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS [peap] Received TLS ACK [peap] ACK handshake fragment handler [peap] eaptls_verify returned 1 [peap] eaptls_process returned 13 [peap] EAPTLS_HANDLED ++[eap] returns handled Sending Access-Challenge of id 13 to 172.16.3.8 port 1029 EAP-Message = 0x010e00061900 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x37f6879134f89ef39d433a1d3d148b7b Finished request 19. Going to the next request Waking up in 4.9 seconds. Cleaning up request 16 ID 10 with timestamp +252 Cleaning up request 17 ID 11 with timestamp +252 Cleaning up request 18 ID 12 with timestamp +252 Cleaning up request 19 ID 13 with timestamp +252 WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING: !! EAP session for state 0x37f6879134f89ef3 did not finish! WARNING: !! Please read http://wiki.freeradius.org/Certificate_Compatibility WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Ready to process requests. I tried everything and according to the debug output this is what I am getting, and the wiki page said that I should check into the certificates, I erase the the clients certificates reinstalled and I have the same output, plese can some one give me a hand. Thank you Saludos cordiales, Samuel I. Barriga Dpto. Sistemas EMAIL: samuel.barriga@caminosca-sa.com Mariana de Jesús E7 -248 y La Pradera PBX:+ 593 2 2236759 Ext. 215 Fax: + 593 2 2564193 www.caminosca.com
Samuel Isaias Barriga Perez wrote:
I'm working on setting it up to authenticate users (windows XP) to our wireless network which I succesfully completed, when I run radiusd -X (debug) my output is as follow: ... I tried everything and according to the debug output this is what I am getting, and the wiki page said that I should check into the certificates, I erase the the clients certificates reinstalled and I have the same output, plese can some one give me a hand.
The wiki page doesn't say to erase and re-install the client certificates. The wiki page *does* include a reference to my web site, which has *explicit* and *detailed* instructions for debugging EAP. This is documented. Stop asking questions. Instead, read the documentation and follow its instructions. Honestly, it isn't hard. Alan DeKok.
participants (2)
-
Alan DeKok -
Samuel Isaias Barriga Perez