Re: The EAP Saga begins.
rad_recv: Access-Request packet from host 192.168.0.250:1175, id=66, length=149 User-Name = "kurama" Cisco-AVPair = "ssid=Pukey" NAS-IP-Address = 192.168.0.250 Called-Station-Id = "004096285ceb" Calling-Station-Id = "00095b679ccf" NAS-Identifier = "AP340-285ceb" NAS-Port = 38 Framed-MTU = 1400 NAS-Port-Type = Wireless-802.11 Service-Type = Login-User EAP-Message = 0x024e000b016b7572616d61 Message-Authenticator = 0xa9ef47a3079c2a10a405828572e5931a Processing the authorize section of radiusd.conf modcall: entering group authorize for request 28 modcall[authorize]: module "preprocess" returns ok for request 28 rlm_ldap: - authorize rlm_ldap: performing user authorization for kurama radius_xlat: '(uid=kurama)' radius_xlat: 'dc=pukey' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: performing search in dc=pukey, with filter (uid=kurama) rlm_ldap: looking for check items in directory... rlm_ldap: Adding userPassword as User-Password, value supersecret & op=21 rlm_ldap: looking for reply items in directory... rlm_ldap: Adding radiusFilterId as Filter-Id, value Enterasys:version=1:policy=Enterprise User & op=11 rlm_ldap: user kurama authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns ok for request 28 modcall[authorize]: module "chap" returns noop for request 28 modcall[authorize]: module "mschap" returns noop for request 28 rlm_realm: No '@' in User-Name = "kurama", looking up realm NULL rlm_realm: Found realm "NULL" rlm_realm: Adding Stripped-User-Name = "kurama" rlm_realm: Proxying request from user kurama to realm NULL rlm_realm: Adding Realm = "NULL" rlm_realm: Authentication realm is LOCAL. modcall[authorize]: module "suffix" returns noop for request 28 rlm_eap: EAP packet type response id 78 length 11 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 28 modcall[authorize]: module "files" returns notfound for request 28 modcall: leaving group authorize (returns updated) for request 28 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 28 rlm_eap: EAP Identity rlm_eap: processing type tls rlm_eap_tls: Initiate rlm_eap_tls: Start returned 1 modcall[authenticate]: module "eap" returns handled for request 28 modcall: leaving group authenticate (returns handled) for request 28 Sending Access-Challenge of id 66 to 192.168.0.250 port 1175 Filter-Id = "Enterasys:version=1:policy=Enterprise User" EAP-Message = 0x014f00061920 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x6da2542209613e6e277dfd56deb50f0c Finished request 28 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 28 ID 66 with timestamp 45b79890 Nothing to do. Sleeping until we see a request. This uid does exist and has the NT and LM password attributes.
Evan Vittitow wrote:
This uid does exist and has the NT and LM password attributes.
If that output is all you see, then the client has stopped halfway through. Fix the client, whatever the problem is If it's a windows client, you're probably missing the magic oids. See the list archives.
participants (2)
-
Evan Vittitow -
Phil Mayers