Calling-Station-Id Check Erroring
When I try to do MAC auth, it shows No User, though it works fine when I remove the Calling-Station-Id check item from MySQL. Debug shows quotes around MAC.I put MAC in database with and without quotes and still errors. Any ideas? Thanks! Eric SQL DATABASE: DEFAULT Fall-Through = Yes eric1328 Cleartext-Password := PASSWORD eric1328 Calling-Station-Id == 00-1C-B3-B1-3E-07 DEBUG: ++[auth_log] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "eric1328", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] EAP packet type response id 164 length 6 [eap] Continuing tunnel setup. ++[eap] returns ok Found Auth-Type = EAP +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS [peap] Received TLS ACK [peap] ACK handshake fragment handler [peap] eaptls_verify returned 1 [peap] eaptls_process returned 13 [peap] EAPTLS_HANDLED ++[eap] returns handled Sending Access-Challenge of id 98 to 192.168.0.1 port 21693 EAP-Message = 0x01a503fc194000f5762e66fa9d8422300d06092a864886f70d0101050500308193310b3009 060355040613024652310f300d06035504081306526164697573311230100603550407130953 6f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a 864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d 4578616d706c6520436572746966696361746520417574686f72697479301e170d3039303131 313139303133315a170d3130303131313139303133315a308193310b30090603550406130246 52310f300d060355040813065261646975733112301006035504 EAP-Message = 0x071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120 301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603 550403131d4578616d706c6520436572746966696361746520417574686f7269747930820122 300d06092a864886f70d01010105000382010f003082010a0282010100f1cbee04f9676e1c96 ebbe8d583605ad2deaf236abc16a11249f38d1677d43ea83dcceace1271e165fa2c7371e02c0 94dfdd082f17cfee16d6fb6a75e828d4e46437e8850eea413de14cc89d420c8fd641bec5b836 f93376071d6fc38250efcc850cfdf79e26a92c3909faa42cc2ef EAP-Message = 0x3b6535fd406d7a979ac98783eb6945a286d076aa1408b0c7de16e0ae23c70711049e7727c1 ff4a6c8f4854a6a278308de17d3175d2a4ba9d2f96278f84b96e8446bba5947820790093a125 a06bcc8f958f75027aa07da3463fadbd8c94b9c005a95a8308fda13544df89c4a00b9c762837 16be460a0d2ccf10bbd253047e0517a3be0598567f7828a42a2f49c22d4b8fcb0203010001a3 81fb3081f8301d0603551d0e04160414f95bfae9eee917ed848faa188aea05423fc10a2d3081 c80603551d230481c03081bd8014f95bfae9eee917ed848faa188aea05423fc10a2da18199a4 8196308193310b3009060355040613024652310f300d06035504 EAP-Message = 0x0813065261646975733112301006035504071309536f6d6577686572653115301306035504 0a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e40 6578616d706c652e636f6d312630240603550403131d4578616d706c65204365727469666963 61746520417574686f72697479820900f5762e66fa9d8422300c0603551d13040530030101ff 300d06092a864886f70d01010505000382010100514f7f2cb414fdba2fdf77e4f29fe5d7697f 933a0b6e5dd85355df5d1979147096260545f3dc2faf8e127292456eca6accb00a2a855ba96b 9a31fdd1fec998ac5028ad5bfb02ce0cc69d5a39ce28a8d3ae92 EAP-Message = 0xd12dca84626e1183 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x9a9af390993fea28ebd7065f57cfd5e2 Finished request 3. Going to the next request Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 192.168.0.1 port 21693, id=99, length=105 User-Name = "eric1328" NAS-IP-Address = 192.168.0.1 NAS-Port-Type = Wireless-802.11 Calling-Station-Id = "00-1C-B3-B1-3E-07" State = 0x9a9af390993fea28ebd7065f57cfd5e2 EAP-Message = 0x02a500061900 Message-Authenticator = 0x6b08abda82ea369fb42a1c300666c8a9 +- entering group authorize {...} ++[preprocess] returns ok [auth_log] expand: /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/radius/radacct/192.168.0.1/auth-detail-20090128 [auth_log] /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/192.168.0.1/auth-detail-20090128 [auth_log] expand: %t -> Wed Jan 28 10:08:48 2009 ++[auth_log] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "eric1328", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] EAP packet type response id 165 length 6 [eap] Continuing tunnel setup. ++[eap] returns ok Found Auth-Type = EAP +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS [peap] Received TLS ACK [peap] ACK handshake fragment handler [peap] eaptls_verify returned 1 [peap] eaptls_process returned 13 [peap] EAPTLS_HANDLED ++[eap] returns handled Sending Access-Challenge of id 99 to 192.168.0.1 port 21693 EAP-Message = 0x01a600b519003c63087fd1ffa76eaead2ddca3501c2b0ad762482215581804242c0e3fa523 9347513a5fecb4860e64aa93af7b78509316c260bee87d3d9c71d5ff981dddbdee561dd35a9d 863bbb97ea2bcc7bf5be923833eba09620f3055eb4977d217781f01b5777e4dd4f0a3e8fad4b 98ac4f35519c4400deb13a663737e330dcc81852b807c34b8f287727394e8873b08059bebd25 26fc9af290c4b50f460db89aeb2ef70709904d86db16030100040e000000 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x9a9af3909e3cea28ebd7065f57cfd5e2 Finished request 4. Going to the next request Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 192.168.0.1 port 21693, id=100, length=437 User-Name = "eric1328" NAS-IP-Address = 192.168.0.1 NAS-Port-Type = Wireless-802.11 Calling-Station-Id = "00-1C-B3-B1-3E-07" State = 0x9a9af3909e3cea28ebd7065f57cfd5e2 EAP-Message = 0x02a60150198000000146160301010610000102010015e07115bcb9fbbc93abce7a91dd7369 ef22d52495326fa65147364304dbd31e06605bb2bf682c0d3504ec792f6eab09a924a2435e7a ae281d151de03c5fcc0e1d99cdcaa52e7fcc6e99228f299f974c0f3d769177a06d742493c06d 310bdf90212c49fedf90bd4d32156b5e1a64810144509c3cf29348dbe46888e4f349b486c6cc 545d8772004ef7299fb826e344364df4af4c06310581e58a96593935c8f3f13ef760497af2d6 a6467772f3eb116034298138b99bfd2cac344f5b70f094cf8c29c0c4d53e4d233be0688a20c4 4063f32857a137435819cb143926bf536a649fee46875dc8e428 EAP-Message = 0x1a91222d5ca7bf781c16628bf635acfbf1f5846c199745b61403010001011603010030be3c f7249124fb25b03a11b76b5fc07a589275055940a5d801209c599ae0de7b7e6bd7e15fb5d245 1ac2cd632ac23179 Message-Authenticator = 0xee555d72422495de2fbb5c975552cc09 +- entering group authorize {...} ++[preprocess] returns ok [auth_log] expand: /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/radius/radacct/192.168.0.1/auth-detail-20090128 [auth_log] /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/192.168.0.1/auth-detail-20090128 [auth_log] expand: %t -> Wed Jan 28 10:08:48 2009 ++[auth_log] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "eric1328", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] EAP packet type response id 166 length 253 [eap] Continuing tunnel setup. ++[eap] returns ok Found Auth-Type = EAP +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS TLS Length 326 [peap] Length Included [peap] eaptls_verify returned 11 [peap] <<< TLS 1.0 Handshake [length 0106], ClientKeyExchange [peap] TLS_accept: SSLv3 read client key exchange A [peap] <<< TLS 1.0 ChangeCipherSpec [length 0001] [peap] <<< TLS 1.0 Handshake [length 0010], Finished [peap] TLS_accept: SSLv3 read finished A [peap] >>> TLS 1.0 ChangeCipherSpec [length 0001] [peap] TLS_accept: SSLv3 write change cipher spec A [peap] >>> TLS 1.0 Handshake [length 0010], Finished [peap] TLS_accept: SSLv3 write finished A [peap] TLS_accept: SSLv3 flush data [peap] (other): SSL negotiation finished successfully SSL Connection Established [peap] eaptls_process returned 13 [peap] EAPTLS_HANDLED ++[eap] returns handled Sending Access-Challenge of id 100 to 192.168.0.1 port 21693 EAP-Message = 0x01a7004119001403010001011603010030c9a77ba3f2ef8689c1c1f357506c8ed32a474d47 36624bf52da7ad3e4d1025c601676fba45daafde076e8baf1ecbbb8a Message-Authenticator = 0x00000000000000000000000000000000 State = 0x9a9af3909f3dea28ebd7065f57cfd5e2 Finished request 5. Going to the next request Waking up in 4.7 seconds. rad_recv: Access-Request packet from host 192.168.0.1 port 21693, id=101, length=105 User-Name = "eric1328" NAS-IP-Address = 192.168.0.1 NAS-Port-Type = Wireless-802.11 Calling-Station-Id = "00-1C-B3-B1-3E-07" State = 0x9a9af3909f3dea28ebd7065f57cfd5e2 EAP-Message = 0x02a700061900 Message-Authenticator = 0x65fe256227f65fdf404f4543848b95af +- entering group authorize {...} ++[preprocess] returns ok [auth_log] expand: /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/radius/radacct/192.168.0.1/auth-detail-20090128 [auth_log] /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/192.168.0.1/auth-detail-20090128 [auth_log] expand: %t -> Wed Jan 28 10:08:48 2009 ++[auth_log] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "eric1328", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] EAP packet type response id 167 length 6 [eap] Continuing tunnel setup. ++[eap] returns ok Found Auth-Type = EAP +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS [peap] Received TLS ACK [peap] ACK handshake is finished [peap] eaptls_verify returned 3 [peap] eaptls_process returned 3 [peap] EAPTLS_SUCCESS ++[eap] returns handled Sending Access-Challenge of id 101 to 192.168.0.1 port 21693 EAP-Message = 0x01a8002b19001703010020bf063ab4620738f9eedd92219d0bece9fbeb543f33752c0e7f44 8525350354f0 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x9a9af3909c32ea28ebd7065f57cfd5e2 Finished request 6. Going to the next request Waking up in 4.7 seconds. rad_recv: Access-Request packet from host 192.168.0.1 port 21693, id=102, length=142 User-Name = "eric1328" NAS-IP-Address = 192.168.0.1 NAS-Port-Type = Wireless-802.11 Calling-Station-Id = "00-1C-B3-B1-3E-07" State = 0x9a9af3909c32ea28ebd7065f57cfd5e2 EAP-Message = 0x02a8002b19001703010020eccc437b43dd6a7c42d2de8276631dc72127ab1f9e42ff311be2 f1374d595f2a Message-Authenticator = 0xb1dd21f5d4c56f8e9deeea2a74b188c2 +- entering group authorize {...} ++[preprocess] returns ok [auth_log] expand: /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/radius/radacct/192.168.0.1/auth-detail-20090128 [auth_log] /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/192.168.0.1/auth-detail-20090128 [auth_log] expand: %t -> Wed Jan 28 10:08:48 2009 ++[auth_log] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "eric1328", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] EAP packet type response id 168 length 43 [eap] Continuing tunnel setup. ++[eap] returns ok Found Auth-Type = EAP +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS [peap] eaptls_verify returned 7 [peap] Done initial handshake [peap] eaptls_process returned 7 [peap] EAPTLS_OK [peap] Session established. Decoding tunneled attributes. [peap] Identity - eric1328 [peap] Got tunneled request EAP-Message = 0x02a8000d016572696331333238 server { PEAP: Got tunneled identity of eric1328 PEAP: Setting default EAP type for tunneled EAP session. PEAP: Setting User-Name to eric1328 Sending tunneled request EAP-Message = 0x02a8000d016572696331333238 FreeRADIUS-Proxied-To = 127.0.0.1 User-Name = "eric1328" server inner-tunnel { +- entering group authorize {...} ++[chap] returns noop ++[mschap] returns noop ++[unix] returns notfound [suffix] No '@' in User-Name = "eric1328", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop ++[control] returns noop [eap] EAP packet type response id 168 length 13 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] returns updated ++[files] returns noop [sql] expand: %{User-Name} -> eric1328 [sql] sql_set_user escaped user --> 'eric1328' rlm_sql (sql): Reserving sql socket id: 4 [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'eric1328' ORDER BY id [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'eric1328' ORDER BY priority rlm_sql (sql): Released sql socket id: 4 [sql] User eric1328 not found ++[sql] returns notfound ++[expiration] returns noop ++[logintime] returns noop ++[pap] returns noop Found Auth-Type = EAP +- entering group authenticate {...} [eap] EAP Identity [eap] processing type mschapv2 rlm_eap_mschapv2: Issuing Challenge ++[eap] returns handled } # server inner-tunnel [peap] Got tunneled reply code 11 EAP-Message = 0x01a900221a01a9001d10505da5e75208728e4183ed570f1f71476572696331333238 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xbae8d73eba41cd116372880e81164985 [peap] Got tunneled reply RADIUS code 11 EAP-Message = 0x01a900221a01a9001d10505da5e75208728e4183ed570f1f71476572696331333238 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xbae8d73eba41cd116372880e81164985 [peap] Got tunneled Access-Challenge ++[eap] returns handled Sending Access-Challenge of id 102 to 192.168.0.1 port 21693 EAP-Message = 0x01a9004b19001703010040d087142a3fe21435656348569a3b0e0c5ea4bff508b77bec644a 0d94edc3c0e0e70e5000b9d27d965b670cd1894dd78f8b0609441c64bb5804bc092ee9b5cda5 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x9a9af3909d33ea28ebd7065f57cfd5e2 Finished request 7. Going to the next request Waking up in 4.6 seconds. rad_recv: Access-Request packet from host 192.168.0.1 port 21693, id=103, length=206 User-Name = "eric1328" NAS-IP-Address = 192.168.0.1 NAS-Port-Type = Wireless-802.11 Calling-Station-Id = "00-1C-B3-B1-3E-07" State = 0x9a9af3909d33ea28ebd7065f57cfd5e2 EAP-Message = 0x02a9006b190017030100603aee6bf19ded97d3b37a40a5de93b752ddc952a08cd203826107 234fe48d6c3f06259ab839dc022c651d85faeba18ea1a372f7beb5b7e0879ab851a19a349418 2cc1af62c02a209d4c5fd21be0f2631b5aa8197cf039805b8660b038a1366dd6 Message-Authenticator = 0x892144a42db4aad9a9a8376fcf99ee31 +- entering group authorize {...} ++[preprocess] returns ok [auth_log] expand: /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/radius/radacct/192.168.0.1/auth-detail-20090128 [auth_log] /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/192.168.0.1/auth-detail-20090128 [auth_log] expand: %t -> Wed Jan 28 10:08:48 2009 ++[auth_log] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "eric1328", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] EAP packet type response id 169 length 107 [eap] Continuing tunnel setup. ++[eap] returns ok Found Auth-Type = EAP +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS [peap] eaptls_verify returned 7 [peap] Done initial handshake [peap] eaptls_process returned 7 [peap] EAPTLS_OK [peap] Session established. Decoding tunneled attributes. [peap] EAP type mschapv2 [peap] Got tunneled request EAP-Message = 0x02a900431a02a9003e31af02a5a673cf93e8cf0f0180c90d630e0000000000000000922331 ae61edd2595c25e9db4613992ef9e8124dc11ed2eb006572696331333238 server { PEAP: Setting User-Name to eric1328 Sending tunneled request EAP-Message = 0x02a900431a02a9003e31af02a5a673cf93e8cf0f0180c90d630e0000000000000000922331 ae61edd2595c25e9db4613992ef9e8124dc11ed2eb006572696331333238 FreeRADIUS-Proxied-To = 127.0.0.1 User-Name = "eric1328" State = 0xbae8d73eba41cd116372880e81164985 server inner-tunnel { +- entering group authorize {...} ++[chap] returns noop ++[mschap] returns noop ++[unix] returns notfound [suffix] No '@' in User-Name = "eric1328", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop ++[control] returns noop [eap] EAP packet type response id 169 length 67 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] returns updated ++[files] returns noop [sql] expand: %{User-Name} -> eric1328 [sql] sql_set_user escaped user --> 'eric1328' rlm_sql (sql): Reserving sql socket id: 3 [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'eric1328' ORDER BY id [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'eric1328' ORDER BY priority rlm_sql (sql): Released sql socket id: 3 [sql] User eric1328 not found ++[sql] returns notfound ++[expiration] returns noop ++[logintime] returns noop ++[pap] returns noop Found Auth-Type = EAP +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/mschapv2 [eap] processing type mschapv2 [mschapv2] +- entering group MS-CHAP {...} [mschap] No Cleartext-Password configured. Cannot create LM-Password. [mschap] No Cleartext-Password configured. Cannot create NT-Password. [mschap] Told to do MS-CHAPv2 for eric1328 with NT-Password [mschap] FAILED: No NT/LM-Password. Cannot perform authentication. [mschap] FAILED: MS-CHAP2-Response is incorrect ++[mschap] returns reject [eap] Freeing handler ++[eap] returns reject Failed to authenticate the user. Login incorrect: [eric1328] (from client private-network-1 port 0 via TLS tunnel) } # server inner-tunnel [peap] Got tunneled reply code 3 MS-CHAP-Error = "\251E=691 R=1" EAP-Message = 0x04a90004 Message-Authenticator = 0x00000000000000000000000000000000 [peap] Got tunneled reply RADIUS code 3 MS-CHAP-Error = "\251E=691 R=1" EAP-Message = 0x04a90004 Message-Authenticator = 0x00000000000000000000000000000000 [peap] Tunneled authentication was rejected. [peap] FAILURE ++[eap] returns handled Sending Access-Challenge of id 103 to 192.168.0.1 port 21693 EAP-Message = 0x01aa002b1900170301002048fa64ef04156959ee63b45c4fcc4e12accaaab2a60a2394ca2a 760f2e507884 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x9a9af3909230ea28ebd7065f57cfd5e2 Finished request 8. Going to the next request Waking up in 4.5 seconds. rad_recv: Access-Request packet from host 192.168.0.1 port 21693, id=104, length=142 User-Name = "eric1328" NAS-IP-Address = 192.168.0.1 NAS-Port-Type = Wireless-802.11 Calling-Station-Id = "00-1C-B3-B1-3E-07" State = 0x9a9af3909230ea28ebd7065f57cfd5e2 EAP-Message = 0x02aa002b190017030100202916f6564d6d9ba431acbff58f2f080c7400122e76e082424a7e e58e8e031db5 Message-Authenticator = 0xa714f18d12ee34c613cf1ca4610a715a +- entering group authorize {...} ++[preprocess] returns ok [auth_log] expand: /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/radius/radacct/192.168.0.1/auth-detail-20090128 [auth_log] /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/192.168.0.1/auth-detail-20090128 [auth_log] expand: %t -> Wed Jan 28 10:08:48 2009 ++[auth_log] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "eric1328", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] EAP packet type response id 170 length 43 [eap] Continuing tunnel setup. ++[eap] returns ok Found Auth-Type = EAP +- entering group authenticate {...} [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS [peap] eaptls_verify returned 7 [peap] Done initial handshake [peap] eaptls_process returned 7 [peap] EAPTLS_OK [peap] Session established. Decoding tunneled attributes. [peap] Received EAP-TLV response. [peap] Had sent TLV failure. User was rejected earlier in this session. [eap] Handler failed in EAP/peap [eap] Failed in EAP select ++[eap] returns invalid Failed to authenticate the user. Login incorrect: [eric1328] (from client private-network-1 port 0 cli 00-1C-B3-B1-3E-07) Using Post-Auth-Type Reject +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} -> eric1328 attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 9 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 9 Sending Access-Reject of id 104 to 192.168.0.1 port 21693 EAP-Message = 0x04aa0004 Message-Authenticator = 0x00000000000000000000000000000000
When I try to do MAC auth, it shows No User, though it works fine when I remove the Calling-Station-Id check item from MySQL. Debug shows quotes around MAC.I put MAC in database with and without quotes and still errors.
No quotes.
Any ideas?
Log into your database and post here the result of this query:
-> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'eric1328' ORDER BY id
Ivan Kalik Kalik Informatika ISP
participants (2)
-
Eric Geier -
tnt@kalik.net