vocera(with Peap)+AP+freeRADIUS
Hi, I am using freeRADIUS 1.1.7. Notebook with odyssey client (peap mschap-v2) can talk to freeRADUS well. But when I use Vocera client, which can support peap + mschap-v2, It does not work. debug message (see more debug message in attachment): ... rad_recv: Access-Request packet from host 10.50.1.38:1034, id=55, length=233 User-Name = "lwang" NAS-IP-Address = 10.50.1.38 NAS-Identifier = "QA-AP1-21f0" NAS-Port = 0 Called-Station-Id = "00-19-77-00-21-F5:vocera_test" Calling-Station-Id = "00-16-41-F7-F7-75" Framed-MTU = 1500 NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 11Mbps 802.11b" EAP-Message = 0x020a003919800000002f14030100010116030100248393f1d6391a86ab0605df998e0336f7c651a560328bf621b1ddebbfad332d8ea8796c49 State = 0xfd6f3b2761e20233acdc5d29ec63d11f Message-Authenticator = 0xc4ee170f5d47ee55bead80b4a36580cb Processing the authorize section of radiusd.conf modcall: entering group authorize for request 40 modcall[authorize]: module "preprocess" returns ok for request 40 radius_xlat: '/usr/local/var/log/radius/radacct/auth-detail-20080212' rlm_detail: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20080212 modcall[authorize]: module "auth_log" returns ok for request 40 modcall[authorize]: module "chap" returns noop for request 40 modcall[authorize]: module "mschap" returns noop for request 40 rlm_realm: No '@' in User-Name = "lwang", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 40 rlm_realm: No '\' in User-Name = "lwang", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "ntdomain" returns noop for request 40 rlm_eap: EAP packet type response id 10 length 57 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 40 users: Matched entry lwang at line 95 modcall[authorize]: module "files" returns ok for request 40 modcall: leaving group authorize (returns updated) for request 40 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 40 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001] rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished TLS_accept: SSLv3 read finished A (other): SSL negotiation finished successfully SSL Connection Established eaptls_process returned 13 rlm_eap_peap: EAPTLS_HANDLED rlm_eap: Freeing handler modcall[authenticate]: module "eap" returns reject for request 40 modcall: leaving group authenticate (returns reject) for request 40 auth: Failed to validate the user. Delaying request 40 for 1 seconds Finished request 40 Going to the next request Waking up in 5 seconds... rad_recv: Access-Request packet from host 10.50.1.38:1034, id=56, length=156 User-Name = "lwang" NAS-IP-Address = 10.50.1.38 NAS-Identifier = "QA-AP1-21f0" NAS-Port = 0 Called-Station-Id = "00-19-77-00-21-F5:vocera_test" Calling-Station-Id = "00-16-41-F7-F7-75" Framed-MTU = 1500 NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 11Mbps 802.11b" Message-Authenticator = 0x834864649ecf9fba4cbd71673b5bb042 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 41 modcall[authorize]: module "preprocess" returns ok for request 41 radius_xlat: '/usr/local/var/log/radius/radacct/auth-detail-20080212' rlm_detail: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20080212 modcall[authorize]: module "auth_log" returns ok for request 41 modcall[authorize]: module "chap" returns noop for request 41 modcall[authorize]: module "mschap" returns noop for request 41 rlm_realm: No '@' in User-Name = "lwang", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 41 rlm_realm: No '\' in User-Name = "lwang", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "ntdomain" returns noop for request 41 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 41 users: Matched entry lwang at line 95 modcall[authorize]: module "files" returns ok for request 41 modcall: leaving group authorize (returns ok) for request 41 auth: type Local auth: No User-Password or CHAP-Password attribute in the request auth: Failed to validate the user. Delaying request 41 for 1 seconds Finished request 41 Going to the next request Waking up in 5 seconds... rad_recv: Access-Request packet from host 10.50.1.38:1034, id=57, length=156 User-Name = "lwang" NAS-IP-Address = 10.50.1.38 NAS-Identifier = "QA-AP1-21f0" NAS-Port = 0 Called-Station-Id = "00-19-77-00-21-F5:vocera_test" Calling-Station-Id = "00-16-41-F7-F7-75" Framed-MTU = 1500 NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 11Mbps 802.11b" Message-Authenticator = 0xfe7dea9b1f1eb6e620980f6f09a97012 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 42 modcall[authorize]: module "preprocess" returns ok for request 42 radius_xlat: '/usr/local/var/log/radius/radacct/auth-detail-20080212' rlm_detail: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20080212 modcall[authorize]: module "auth_log" returns ok for request 42 modcall[authorize]: module "chap" returns noop for request 42 modcall[authorize]: module "mschap" returns noop for request 42 rlm_realm: No '@' in User-Name = "lwang", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 42 rlm_realm: No '\' in User-Name = "lwang", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "ntdomain" returns noop for request 42 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 42 users: Matched entry lwang at line 95 modcall[authorize]: module "files" returns ok for request 42 modcall: leaving group authorize (returns ok) for request 42 auth: type Local auth: No User-Password or CHAP-Password attribute in the request auth: Failed to validate the user. Delaying request 42 for 1 seconds Finished request 42 Going to the next request --- Walking the entire request list --- Sending Access-Reject of id 51 to 10.50.1.38 port 1034 Sending Access-Reject of id 55 to 10.50.1.38 port 1034 EAP-Message = 0x040a0004 Message-Authenticator = 0x00000000000000000000000000000000 Sending Access-Reject of id 56 to 10.50.1.38 port 1034 --------------------------------- 雅虎邮箱传递新年祝福,个性贺卡送亲朋! rad_recv: Access-Request packet from host 10.50.1.38:1034, id=51, length=184 User-Name = "lwang" NAS-IP-Address = 10.50.1.38 NAS-Identifier = "QA-AP1-21f0" NAS-Port = 0 Called-Station-Id = "00-19-77-00-21-F5:vocera_test" Calling-Station-Id = "00-16-41-F7-F7-75" Framed-MTU = 1500 NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 11Mbps 802.11b" EAP-Message = 0x0205000819801503 State = 0xe84cfd135516709bf6abae7113b60657 Message-Authenticator = 0xa133f6434f2160a46099f9e0b27ed064 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 36 modcall[authorize]: module "preprocess" returns ok for request 36 radius_xlat: '/usr/local/var/log/radius/radacct/auth-detail-20080212' rlm_detail: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20080212 modcall[authorize]: module "auth_log" returns ok for request 36 modcall[authorize]: module "chap" returns noop for request 36 modcall[authorize]: module "mschap" returns noop for request 36 rlm_realm: No '@' in User-Name = "lwang", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 36 rlm_realm: No '\' in User-Name = "lwang", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "ntdomain" returns noop for request 36 rlm_eap: EAP packet type response id 5 length 8 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 36 users: Matched entry lwang at line 95 modcall[authorize]: module "files" returns ok for request 36 modcall: leaving group authorize (returns updated) for request 36 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 36 rlm_eap: Request not found in the list rlm_eap: Either EAP-request timed out OR EAP-response to an unknown EAP-request rlm_eap: Failed in handler modcall[authenticate]: module "eap" returns invalid for request 36 modcall: leaving group authenticate (returns invalid) for request 36 auth: Failed to validate the user. Delaying request 36 for 1 seconds Finished request 36 Going to the next request Waking up in 5 seconds... rad_recv: Access-Request packet from host 10.50.1.38:1034, id=52, length=168 User-Name = "lwang" NAS-IP-Address = 10.50.1.38 NAS-Identifier = "QA-AP1-21f0" NAS-Port = 0 Called-Station-Id = "00-19-77-00-21-F5:vocera_test" Calling-Station-Id = "00-16-41-F7-F7-75" Framed-MTU = 1500 NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 11Mbps 802.11b" EAP-Message = 0x0207000a016c77616e67 Message-Authenticator = 0xd91d607c57472b2b534944a8d6630d0e Processing the authorize section of radiusd.conf modcall: entering group authorize for request 37 modcall[authorize]: module "preprocess" returns ok for request 37 radius_xlat: '/usr/local/var/log/radius/radacct/auth-detail-20080212' rlm_detail: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20080212 modcall[authorize]: module "auth_log" returns ok for request 37 modcall[authorize]: module "chap" returns noop for request 37 modcall[authorize]: module "mschap" returns noop for request 37 rlm_realm: No '@' in User-Name = "lwang", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 37 rlm_realm: No '\' in User-Name = "lwang", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "ntdomain" returns noop for request 37 rlm_eap: EAP packet type response id 7 length 10 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 37 users: Matched entry lwang at line 95 modcall[authorize]: module "files" returns ok for request 37 modcall: leaving group authorize (returns updated) for request 37 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 37 rlm_eap: EAP Identity rlm_eap: processing type md5 rlm_eap_md5: Issuing Challenge modcall[authenticate]: module "eap" returns handled for request 37 modcall: leaving group authenticate (returns handled) for request 37 Sending Access-Challenge of id 52 to 10.50.1.38 port 1034 EAP-Message = 0x0108001604104a82c158ba7bb7e572bf085b0ae2a3ce Message-Authenticator = 0x00000000000000000000000000000000 State = 0x5b52e8b66679defae03d024f61db78a4 Finished request 37 Going to the next request Waking up in 5 seconds... rad_recv: Access-Request packet from host 10.50.1.38:1034, id=53, length=184 User-Name = "lwang" NAS-IP-Address = 10.50.1.38 NAS-Identifier = "QA-AP1-21f0" NAS-Port = 0 Called-Station-Id = "00-19-77-00-21-F5:vocera_test" Calling-Station-Id = "00-16-41-F7-F7-75" Framed-MTU = 1500 NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 11Mbps 802.11b" EAP-Message = 0x0208000803199fbb State = 0x5b52e8b66679defae03d024f61db78a4 Message-Authenticator = 0xf6e209d24fc80cc9a970212ec3452143 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 38 modcall[authorize]: module "preprocess" returns ok for request 38 radius_xlat: '/usr/local/var/log/radius/radacct/auth-detail-20080212' rlm_detail: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20080212 modcall[authorize]: module "auth_log" returns ok for request 38 modcall[authorize]: module "chap" returns noop for request 38 modcall[authorize]: module "mschap" returns noop for request 38 rlm_realm: No '@' in User-Name = "lwang", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 38 rlm_realm: No '\' in User-Name = "lwang", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "ntdomain" returns noop for request 38 rlm_eap: EAP packet type response id 8 length 8 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 38 users: Matched entry lwang at line 95 modcall[authorize]: module "files" returns ok for request 38 modcall: leaving group authorize (returns updated) for request 38 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 38 rlm_eap: Request found, released from the list rlm_eap: EAP NAK rlm_eap: EAP-NAK asked for EAP-Type/peap rlm_eap: processing type tls rlm_eap_tls: Initiate rlm_eap_tls: Start returned 1 modcall[authenticate]: module "eap" returns handled for request 38 modcall: leaving group authenticate (returns handled) for request 38 Sending Access-Challenge of id 53 to 10.50.1.38 port 1034 EAP-Message = 0x010900061920 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x1f71ceb729cf8dd843503ad3d1143fbd Finished request 38 Going to the next request Waking up in 5 seconds... rad_recv: Access-Request packet from host 10.50.1.38:1034, id=54, length=270 User-Name = "lwang" NAS-IP-Address = 10.50.1.38 NAS-Identifier = "QA-AP1-21f0" NAS-Port = 0 Called-Station-Id = "00-19-77-00-21-F5:vocera_test" Calling-Station-Id = "00-16-41-F7-F7-75" Framed-MTU = 1500 NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 11Mbps 802.11b" EAP-Message = 0x0209005e198000000054160301004f0100004b030100000b2e660b4d53b6904c9388b8333940d93bc9ddd92253aab97b6a046d003d2039ea6005dca4832f4ca678e7364aa617fa1a73d878d6d18fadd5214fe89e87d30004000500040100 State = 0x1f71ceb729cf8dd843503ad3d1143fbd Message-Authenticator = 0x9a47dcdd414b0e3405f5ba80472d5996 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 39 modcall[authorize]: module "preprocess" returns ok for request 39 radius_xlat: '/usr/local/var/log/radius/radacct/auth-detail-20080212' rlm_detail: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20080212 modcall[authorize]: module "auth_log" returns ok for request 39 modcall[authorize]: module "chap" returns noop for request 39 modcall[authorize]: module "mschap" returns noop for request 39 rlm_realm: No '@' in User-Name = "lwang", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 39 rlm_realm: No '\' in User-Name = "lwang", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "ntdomain" returns noop for request 39 rlm_eap: EAP packet type response id 9 length 94 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 39 users: Matched entry lwang at line 95 modcall[authorize]: module "files" returns ok for request 39 modcall: leaving group authorize (returns updated) for request 39 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 39 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 (other): before/accept initialization TLS_accept: before/accept initialization rlm_eap_tls: <<< TLS 1.0 Handshake [length 004f], ClientHello TLS_accept: SSLv3 read client hello A rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello TLS_accept: SSLv3 write server hello A rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001] TLS_accept: SSLv3 write change cipher spec A rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished TLS_accept: SSLv3 write finished A TLS_accept: SSLv3 flush data TLS_accept: Need to read more data: SSLv3 read finished A In SSL Handshake Phase In SSL Accept mode eaptls_process returned 13 rlm_eap_peap: EAPTLS_HANDLED modcall[authenticate]: module "eap" returns handled for request 39 modcall: leaving group authenticate (returns handled) for request 39 Sending Access-Challenge of id 54 to 10.50.1.38 port 1034 EAP-Message = 0x010a00841900160301004a02000046030147b20435b84f8a3cf519ad0182abd419e199aedc74339134db68fdaded807fb22039ea6005dca4832f4ca678e7364aa617fa1a73d878d6d18fadd5214fe89e87d30005001403010001011603010024ca6d41fd9f4101a29f5cf01683b78485d2275ea68bc1b30b0c5b0e7021280ae33c84373b Message-Authenticator = 0x00000000000000000000000000000000 State = 0xfd6f3b2761e20233acdc5d29ec63d11f Finished request 39 Going to the next request Waking up in 5 seconds... rad_recv: Access-Request packet from host 10.50.1.38:1034, id=55, length=233 User-Name = "lwang" NAS-IP-Address = 10.50.1.38 NAS-Identifier = "QA-AP1-21f0" NAS-Port = 0 Called-Station-Id = "00-19-77-00-21-F5:vocera_test" Calling-Station-Id = "00-16-41-F7-F7-75" Framed-MTU = 1500 NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 11Mbps 802.11b" EAP-Message = 0x020a003919800000002f14030100010116030100248393f1d6391a86ab0605df998e0336f7c651a560328bf621b1ddebbfad332d8ea8796c49 State = 0xfd6f3b2761e20233acdc5d29ec63d11f Message-Authenticator = 0xc4ee170f5d47ee55bead80b4a36580cb Processing the authorize section of radiusd.conf modcall: entering group authorize for request 40 modcall[authorize]: module "preprocess" returns ok for request 40 radius_xlat: '/usr/local/var/log/radius/radacct/auth-detail-20080212' rlm_detail: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20080212 modcall[authorize]: module "auth_log" returns ok for request 40 modcall[authorize]: module "chap" returns noop for request 40 modcall[authorize]: module "mschap" returns noop for request 40 rlm_realm: No '@' in User-Name = "lwang", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 40 rlm_realm: No '\' in User-Name = "lwang", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "ntdomain" returns noop for request 40 rlm_eap: EAP packet type response id 10 length 57 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 40 users: Matched entry lwang at line 95 modcall[authorize]: module "files" returns ok for request 40 modcall: leaving group authorize (returns updated) for request 40 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 40 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001] rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished TLS_accept: SSLv3 read finished A (other): SSL negotiation finished successfully SSL Connection Established eaptls_process returned 13 rlm_eap_peap: EAPTLS_HANDLED rlm_eap: Freeing handler modcall[authenticate]: module "eap" returns reject for request 40 modcall: leaving group authenticate (returns reject) for request 40 auth: Failed to validate the user. Delaying request 40 for 1 seconds Finished request 40 Going to the next request Waking up in 5 seconds... rad_recv: Access-Request packet from host 10.50.1.38:1034, id=56, length=156 User-Name = "lwang" NAS-IP-Address = 10.50.1.38 NAS-Identifier = "QA-AP1-21f0" NAS-Port = 0 Called-Station-Id = "00-19-77-00-21-F5:vocera_test" Calling-Station-Id = "00-16-41-F7-F7-75" Framed-MTU = 1500 NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 11Mbps 802.11b" Message-Authenticator = 0x834864649ecf9fba4cbd71673b5bb042 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 41 modcall[authorize]: module "preprocess" returns ok for request 41 radius_xlat: '/usr/local/var/log/radius/radacct/auth-detail-20080212' rlm_detail: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20080212 modcall[authorize]: module "auth_log" returns ok for request 41 modcall[authorize]: module "chap" returns noop for request 41 modcall[authorize]: module "mschap" returns noop for request 41 rlm_realm: No '@' in User-Name = "lwang", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 41 rlm_realm: No '\' in User-Name = "lwang", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "ntdomain" returns noop for request 41 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 41 users: Matched entry lwang at line 95 modcall[authorize]: module "files" returns ok for request 41 modcall: leaving group authorize (returns ok) for request 41 auth: type Local auth: No User-Password or CHAP-Password attribute in the request auth: Failed to validate the user. Delaying request 41 for 1 seconds Finished request 41 Going to the next request Waking up in 5 seconds... rad_recv: Access-Request packet from host 10.50.1.38:1034, id=57, length=156 User-Name = "lwang" NAS-IP-Address = 10.50.1.38 NAS-Identifier = "QA-AP1-21f0" NAS-Port = 0 Called-Station-Id = "00-19-77-00-21-F5:vocera_test" Calling-Station-Id = "00-16-41-F7-F7-75" Framed-MTU = 1500 NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 11Mbps 802.11b" Message-Authenticator = 0xfe7dea9b1f1eb6e620980f6f09a97012 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 42 modcall[authorize]: module "preprocess" returns ok for request 42 radius_xlat: '/usr/local/var/log/radius/radacct/auth-detail-20080212' rlm_detail: /usr/local/var/log/radius/radacct/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/auth-detail-20080212 modcall[authorize]: module "auth_log" returns ok for request 42 modcall[authorize]: module "chap" returns noop for request 42 modcall[authorize]: module "mschap" returns noop for request 42 rlm_realm: No '@' in User-Name = "lwang", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 42 rlm_realm: No '\' in User-Name = "lwang", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "ntdomain" returns noop for request 42 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 42 users: Matched entry lwang at line 95 modcall[authorize]: module "files" returns ok for request 42 modcall: leaving group authorize (returns ok) for request 42 auth: type Local auth: No User-Password or CHAP-Password attribute in the request auth: Failed to validate the user. Delaying request 42 for 1 seconds Finished request 42 Going to the next request --- Walking the entire request list --- Sending Access-Reject of id 51 to 10.50.1.38 port 1034 Sending Access-Reject of id 55 to 10.50.1.38 port 1034 EAP-Message = 0x040a0004 Message-Authenticator = 0x00000000000000000000000000000000 Sending Access-Reject of id 56 to 10.50.1.38 port 1034
Hangjun He wrote:
Hi, I am using freeRADIUS 1.1.7. Notebook with odyssey client (peap mschap-v2) can talk to freeRADUS well. But when I use Vocera client, which can support peap + mschap-v2, It does not work.
Something weird is going on:
SSL Connection Established eaptls_process returned 13 rlm_eap_peap: EAPTLS_HANDLED rlm_eap: Freeing handler modcall[authenticate]: module "eap" returns reject for request 40
Weird. I'd suggest trying 2.0.2. Alan DeKok.
participants (2)
-
Alan DeKok -
Hangjun He