No authentication method (AUth Type) problem.
Hi: I am a new guy to deal with freeradius/wireless stuff. I use freeradius 2.0.5 with LDAP back end. If I test with radtest (localhost) or with NTRadPing (from another WINXP machine)it works fine(return Access-Accept). But if I test with MAC Airport as a client and Netgear WG 302 as a AP it fails again and agian no matter how I adjust the configuration file around (e.g. eap.conf, sites-eabled/ldap, radiusd.conf etc.) Thanks in advance for any help/clue/guide. P.S. -----------Mac client settings: 802.1x enabled with PEAP(outer identity: none) and TTLS(inner auth: mschapv2 outer identity: none) Security: WPA enterprise -----------Netgear WG302 settings: Security: WPA with radius Data encrypt: TKIP+AES Auth server port: 1812 Acc server port: 1813 ----------- the info cut from the radiusd.-X output: rlm_ldap: looking for reply items in directory... WARNING: No "known good" password was found in LDAP. Are you sure that the user is configured correctly? rlm_ldap: user andyan authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 ++[ldap] returns ok ++[expiration] returns noop ++[logintime] returns noop ++[pap] returns noop auth: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user *(It might be problematic from here)* auth: Failed to validate the user. TTLS: Got tunneled Access-Reject rlm_eap: Handler failed in EAP/ttls rlm_eap: Failed in EAP select ++[eap] returns invalid auth: Failed to validate the user. Found Post-Auth-Type Reject +- entering group REJECT expand: %{User-Name} -> andyan attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Sending Access-Reject of id 23 to 10.10.10.228 port 1059 EAP-Message = 0x04050004 Message-Authenticator = 0x00000000000000000000000000000000 Finished request 5. Going to the next request ----------------- --
Yep, I got the same error with 2.0.5 (SQL, not LDAP). It might have something to do with the radgroupcheck table not having the Aut-Type set correctly (to EAP maybe?). Hadn't got time for testing that. Maybe you have some use for this information. Please post if it works! Jelle 2008/6/19 Andy An <andyan@eciad.ca>:
Hi: I am a new guy to deal with freeradius/wireless stuff.
I use freeradius 2.0.5 with LDAP back end. If I test with radtest (localhost) or with NTRadPing (from another WINXP machine)it works fine(return Access-Accept). But if I test with MAC Airport as a client and Netgear WG 302 as a AP it fails again and agian no matter how I adjust the configuration file around (e.g. eap.conf, sites-eabled/ldap, radiusd.conf etc.)
Thanks in advance for any help/clue/guide.
P.S. -----------Mac client settings: 802.1x enabled with PEAP(outer identity: none) and TTLS(inner auth: mschapv2 outer identity: none) Security: WPA enterprise
-----------Netgear WG302 settings: Security: WPA with radius Data encrypt: TKIP+AES Auth server port: 1812 Acc server port: 1813
----------- the info cut from the radiusd.-X output:
rlm_ldap: looking for reply items in directory... WARNING: No "known good" password was found in LDAP. Are you sure that the user is configured correctly? rlm_ldap: user andyan authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 ++[ldap] returns ok ++[expiration] returns noop ++[logintime] returns noop ++[pap] returns noop auth: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user *(It might be problematic from here)* auth: Failed to validate the user. TTLS: Got tunneled Access-Reject rlm_eap: Handler failed in EAP/ttls rlm_eap: Failed in EAP select ++[eap] returns invalid auth: Failed to validate the user. Found Post-Auth-Type Reject +- entering group REJECT expand: %{User-Name} -> andyan attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Sending Access-Reject of id 23 to 10.10.10.228 port 1059 EAP-Message = 0x04050004 Message-Authenticator = 0x00000000000000000000000000000000 Finished request 5. Going to the next request
-----------------
-- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Don't set Auth-Type. Don't delete parts of the debug if you don't know what is going on. What you have deleted is vital. Where is password suposed to be? Ivan Kalik Kalik Informatika ISP Dana 19/6/2008, "Jelle Langbroek" <jml@orkz.net> piše:
Yep, I got the same error with 2.0.5 (SQL, not LDAP). It might have something to do with the radgroupcheck table not having the Aut-Type set correctly (to EAP maybe?). Hadn't got time for testing that. Maybe you have some use for this information. Please post if it works!
Jelle
2008/6/19 Andy An <andyan@eciad.ca>:
Hi: I am a new guy to deal with freeradius/wireless stuff.
I use freeradius 2.0.5 with LDAP back end. If I test with radtest (localhost) or with NTRadPing (from another WINXP machine)it works fine(return Access-Accept). But if I test with MAC Airport as a client and Netgear WG 302 as a AP it fails again and agian no matter how I adjust the configuration file around (e.g. eap.conf, sites-eabled/ldap, radiusd.conf etc.)
Thanks in advance for any help/clue/guide.
P.S. -----------Mac client settings: 802.1x enabled with PEAP(outer identity: none) and TTLS(inner auth: mschapv2 outer identity: none) Security: WPA enterprise
-----------Netgear WG302 settings: Security: WPA with radius Data encrypt: TKIP+AES Auth server port: 1812 Acc server port: 1813
----------- the info cut from the radiusd.-X output:
rlm_ldap: looking for reply items in directory... WARNING: No "known good" password was found in LDAP. Are you sure that the user is configured correctly? rlm_ldap: user andyan authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 ++[ldap] returns ok ++[expiration] returns noop ++[logintime] returns noop ++[pap] returns noop auth: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user *(It might be problematic from here)* auth: Failed to validate the user. TTLS: Got tunneled Access-Reject rlm_eap: Handler failed in EAP/ttls rlm_eap: Failed in EAP select ++[eap] returns invalid auth: Failed to validate the user. Found Post-Auth-Type Reject +- entering group REJECT expand: %{User-Name} -> andyan attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Sending Access-Reject of id 23 to 10.10.10.228 port 1059 EAP-Message = 0x04050004 Message-Authenticator = 0x00000000000000000000000000000000 Finished request 5. Going to the next request
-----------------
-- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi Andy, Getting this same error before and I was missing raddb/sites-available/inner-tunnel file. Thanks Raja Andy An wrote:
Hi: I am a new guy to deal with freeradius/wireless stuff.
I use freeradius 2.0.5 with LDAP back end. If I test with radtest (localhost) or with NTRadPing (from another WINXP machine)it works fine(return Access-Accept). But if I test with MAC Airport as a client and Netgear WG 302 as a AP it fails again and agian no matter how I adjust the configuration file around (e.g. eap.conf, sites-eabled/ldap, radiusd.conf etc.)
Thanks in advance for any help/clue/guide.
P.S. -----------Mac client settings: 802.1x enabled with PEAP(outer identity: none) and TTLS(inner auth: mschapv2 outer identity: none) Security: WPA enterprise
-----------Netgear WG302 settings: Security: WPA with radius Data encrypt: TKIP+AES Auth server port: 1812 Acc server port: 1813
----------- the info cut from the radiusd.-X output:
rlm_ldap: looking for reply items in directory... WARNING: No "known good" password was found in LDAP. Are you sure that the user is configured correctly? rlm_ldap: user andyan authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 ++[ldap] returns ok ++[expiration] returns noop ++[logintime] returns noop ++[pap] returns noop auth: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user *(It might be problematic from here)* auth: Failed to validate the user. TTLS: Got tunneled Access-Reject rlm_eap: Handler failed in EAP/ttls rlm_eap: Failed in EAP select ++[eap] returns invalid auth: Failed to validate the user. Found Post-Auth-Type Reject +- entering group REJECT expand: %{User-Name} -> andyan attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Sending Access-Reject of id 23 to 10.10.10.228 port 1059 EAP-Message = 0x04050004 Message-Authenticator = 0x00000000000000000000000000000000 Finished request 5. Going to the next request
-----------------
-- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- View this message in context: http://www.nabble.com/No-authentication-method-%28AUth-Type%29-problem.-tp18... Sent from the FreeRadius - User mailing list archive at Nabble.com.
participants (4)
-
Andy An -
Ivan Kalik -
Jelle Langbroek -
Raja Peer