XP auth + PEAP (debik)
mat yuh
yusshalimee at yahoo.com
Wed Dec 7 08:40:28 CET 2005
heh.. sorry.. forgot to attach files
--- debik <debik at vp.pl> wrote:
> Could you sent me your configs.
> A would like to lokk how you use other
> authentication.
> ----- Original Message -----
> From: "mat yuh" <yusshalimee at yahoo.com>
> To: <freeradius-users at lists.freeradius.org>
> Sent: Tuesday, December 06, 2005 10:50 AM
> Subject: Re: XP auth + PEAP (debik)
>
>
> > i'm also have a problem to make PEAP works with XP
> > SP2.The PAP, EAP-tls, EAP-ttls work very well.i
> > realise that freeradius gives me this error :
> >
> > rlm_mschap: No User-Password configured. Cannot
> > create LM-Password.
> > rlm_mschap: No User-Password configured. Cannot
> > create NT-Password.
> > rlm_mschap: Told to do MS-CHAPv2 for nurah with
> > NT-Password
> > rlm_mschap: FAILED: No NT/LM-Password. Cannot
> perform
> > authentication.
> > rlm_mschap: FAILED: MS-CHAP2-Response is incorrect
> > modcall[authenticate]: module "mschap" returns
> reject
> > for request 6
> > modcall: leaving group MS-CHAP (returns reject)
> for
> > request 6
> >
> >
> > i do read the maillist and search on google but
> cant
> > make XP SP2 Work with PEAP. i'm using several NAS
> such
> > as SMC BARRICADE 2804WBR and Linksys WRT54G. i do
> > configure default_eap_type = peap in eap.conf and
> have
> > a plain text password in users file :
> >
> > nurah User-Password == "mypasswd"
> >
> > ** i make a new users file and put nurah user only
> in
> > it
> >
> > here is my complete debug message :
> >
> >
> > -----------------------
> >
> > Initializing the thread pool...
> > Listening on authentication address * port 1812
> > Listening on accounting address * port 1813
> > Listening on proxy address * port 1814
> > Ready to process requests.
> > Nothing to do. Sleeping until we see a request.
> > Processing the authorize section of radiusd.conf
> > modcall: entering group authorize for request 0
> > modcall[authorize]: module "preprocess" returns
> ok
> > for request 0
> > modcall[authorize]: module "chap" returns noop
> for
> > request 0
> > modcall[authorize]: module "mschap" returns noop
> for
> > request 0
> > modcall[authorize]: module "chap" returns noop
> for
> > request 0
> > modcall[authorize]: module "unix" returns updated
> > for request 0
> > rlm_realm: No '@' in User-Name = "nurah",
> looking
> > up realm NULL
> > rlm_realm: No such realm "NULL"
> > modcall[authorize]: module "suffix" returns noop
> for
> > request 0
> > rlm_eap: EAP packet type response id 7 length 10
> > rlm_eap: No EAP Start, assuming it's an on-going
> EAP
> > conversation
> > modcall[authorize]: module "eap" returns updated
> for
> > request 0
> > users: Matched entry nurah at line 9
> > modcall[authorize]: module "files" returns ok for
> > request 0
> > modcall[authorize]: module "expiration" returns
> noop
> > for request 0
> > modcall[authorize]: module "logintime" returns
> noop
> > for request 0
> > rlm_pap: Found existing Auth-Type, not changing
> it.
> > modcall[authorize]: module "pap" returns noop for
> > request 0
> > modcall: leaving group authorize (returns updated)
> for
> > request 0
> > rad_check_password: Found Auth-Type EAP
> > auth: type "EAP"
> > Processing the authenticate section of
> radiusd.conf
> > modcall: entering group authenticate for request 0
> > rlm_eap: EAP Identity
> > rlm_eap: processing type tls
> > rlm_eap_tls: Initiate
> > rlm_eap_tls: Start returned 1
> > modcall[authenticate]: module "eap" returns
> handled
> > for request 0
> > modcall: leaving group authenticate (returns
> handled)
> > for request 0
> > Finished request 0
> > Going to the next request
> > --- Walking the entire request list ---
> > Waking up in 5 seconds...
> > Processing the authorize section of radiusd.conf
> > modcall: entering group authorize for request 1
> > modcall[authorize]: module "preprocess" returns
> ok
> > for request 1
> > modcall[authorize]: module "chap" returns noop
> for
> > request 1
> > modcall[authorize]: module "mschap" returns noop
> for
> > request 1
> > modcall[authorize]: module "chap" returns noop
> for
> > request 1
> > modcall[authorize]: module "unix" returns updated
> > for request 1
> > rlm_realm: No '@' in User-Name = "nurah",
> looking
> > up realm NULL
> > rlm_realm: No such realm "NULL"
> > modcall[authorize]: module "suffix" returns noop
> for
> > request 1
> > rlm_eap: EAP packet type response id 8 length 65
> > rlm_eap: No EAP Start, assuming it's an on-going
> EAP
> > conversation
> > modcall[authorize]: module "eap" returns updated
> for
> > request 1
> > users: Matched entry nurah at line 9
> > modcall[authorize]: module "files" returns ok for
> > request 1
> > modcall[authorize]: module "expiration" returns
> noop
> > for request 1
> > modcall[authorize]: module "logintime" returns
> noop
> > for request 1
> > rlm_pap: Found existing Auth-Type, not changing
> it.
> > modcall[authorize]: module "pap" returns noop for
> > request 1
> > modcall: leaving group authorize (returns updated)
> for
> > request 1
> > rad_check_password: Found Auth-Type EAP
> > auth: type "EAP"
> > Processing the authenticate section of
> radiusd.conf
> > modcall: entering group authenticate for request 1
> > rlm_eap: Request found, released from the list
> > rlm_eap: EAP/peap
> > rlm_eap: processing type peap
> > rlm_eap_peap: Authenticate
> > rlm_eap_tls: processing TLS
> > rlm_eap_tls: Length Included
> > eaptls_verify returned 11
> > (other): before/accept initialization
> > TLS_accept: before/accept initialization
> > rlm_eap_tls: <<< TLS 1.0 Handshake [length 0032],
> > ClientHello
> > TLS_accept: SSLv3 read client hello A
> > rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a],
> > ServerHello
> > TLS_accept: SSLv3 write server hello A
> > rlm_eap_tls: >>> TLS 1.0 Handshake [length 06cc],
> > Certificate
> > TLS_accept: SSLv3 write certificate A
> > rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004],
> > ServerHelloDone
> > TLS_accept: SSLv3 write server done A
> > TLS_accept: SSLv3 flush data
> > TLS_accept:error in SSLv3 read client
> certificate
> > A
> > In SSL Handshake Phase
> > In SSL Accept mode
>
=== message truncated ===
__________________________________________
Yahoo! DSL Something to write home about.
Just $16.99/mo. or less.
dsl.yahoo.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: nurah.zip
Type: application/zip
Size: 27508 bytes
Desc: 3306999592-nurah.zip
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20051206/2cb56a21/attachment.zip>
More information about the Freeradius-Users
mailing list