Freeradius EAP authentication
Diego Chovares Moreno
dmasalaves at gmail.com
Tue Dec 1 11:38:37 CET 2009
Hello everyone, I am installing a RADIUS server on a ubuntu server with
freeradius. All tests are working properly except when I try to connect
through an access point. This is the debug that I get:
rad_recv: Access-Request packet from host 192.168.1.1 port 1084, id=1,
length=206
Message-Authenticator = 0x789bf39c8f59de88701888fc6ed3a2f2
Service-Type = Framed-User
User-Name = "diego\000"
Framed-MTU = 1488
State = 0x734ffec0734ee45437bb08e87fc6420c
Called-Station-Id = "00-15-E9-A3-01-CE:radius"
Calling-Station-Id = "00-15-AF-9F-8D-E0"
NAS-Identifier = "D-Link Access Point"
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 54Mbps 802.11g"
EAP-Message = 0x020100060319
NAS-IP-Address = 192.168.1.1
NAS-Port = 1
NAS-Port-Id = "STA port # 1"
+- entering group authorize {...}
++[preprocess] returns ok
++[mschap] returns noop
[suffix] No '@' in User-Name = "diego", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 1 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[unix] returns notfound
++[files] returns noop
expand: %{User-Name} -> diego
[sql] sql_set_user escaped user --> 'diego'
rlm_sql (sql): Reserving sql socket id: 3
expand: SELECT id, username, attribute, value, op FROM radcheck WHERE
username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute,
value, op FROM radcheck WHERE username = 'diego' ORDER BY id
[sql] User found in radcheck table
expand: SELECT id, username, attribute, value, op FROM radreply WHERE
username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute,
value, op FROM radreply WHERE username = 'diego' ORDER BY id
expand: SELECT groupname FROM radusergroup WHERE username =
'%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup
WHERE username = 'diego' ORDER BY priority
rlm_sql (sql): Released sql socket id: 3
++[sql] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] Found existing Auth-Type, not changing it.
++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP NAK
[eap] NAK asked for unsupported type 25
[eap] No common EAP types found.
[eap] Failed in EAP select
++[eap] returns invalid
Failed to authenticate the user.
Using Post-Auth-Type Reject
+- entering group REJECT {...}
expand: %{User-Name} -> diego
[sql] sql_set_user escaped user --> 'diego'
expand: %{User-Password} ->
expand: %{Chap-Password} ->
expand: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES (
'%{User-Name}', '%{%{User-Password}[image: Silbando
despreocupadamente]%{Chap-Password}}',
'%{reply:Packet-Type}', '%S') -> INSERT INTO radpostauth (username, pass,
reply, authdate) VALUES ( 'diego', '', 'Access-Reject', '2009-11-27
17:33:06')
rlm_sql (sql) in sql_postauth: query is INSERT INTO radpostauth (username,
pass, reply, authdate) VALUES ( 'diego', '', 'Access-Reject', '2009-11-27
17:33:06')
rlm_sql (sql): Reserving sql socket id: 2
rlm_sql (sql): Released sql socket id: 2
++[sql] returns ok
expand: %{User-Name} -> diego
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 1 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 1
Sending Access-Reject of id 1 to 192.168.1.1 port 1084
EAP-Message = 0x04010004
Message-Authenticator = 0x00000000000000000000000000000000
Waking up in 3.9 seconds.
Cleaning up request 0 ID 0 with timestamp +53
Waking up in 0.9 seconds.
Cleaning up request 1 ID 1 with timestamp +53
Ready to process requests.
I think the error occurs here:
[eap] EAP NAK
[eap] NAK asked for unsupported type 25
[eap] No common EAP types found.
[eap] Failed in EAP select
But I do not know how to fix it ... if anyone can help I would be extremely
grateful, as I have tried many things, but not fix.
Thanks in advance and greetings
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-devel/attachments/20091201/d3e73200/attachment.html>
More information about the Freeradius-Devel
mailing list