Problems proxying eap requests
Joseba Beltrán
joseba.beltran at gmail.com
Thu Dec 22 11:16:49 CET 2005
Hi all,
I have the following setup:
WiFi AP(10.0.0.10)-------------------(10.0.0.1)RADIUS
1--------------RADIUS 2 (public ip address)
I want to proxy requests from RADIUS1 to RADIUS2 in a WPA enviroment.
I've setup all the stuff and I can see that requests are proxied. If I
try to authenticate with an invalid username, I can see how RADIUS1
proxies the request, RADIUS2 denies with "Login incorrect", so
everything seems to work as expected.
The problem is when I try to authenticate a valid user. I can see the
request beeing proxied and a Access-Challenge packet beeing received,
but the process stalls.
Any help?
--------------------------------------------------------------------------------------------------------------------------------------------------------
rad_recv: Access-Request packet from host 10.0.0.10:2057, id=0, length=125
User-Name = "raul at 8"
NAS-IP-Address = 10.0.0.10
Called-Station-Id = "0014bf3c3c9f"
Calling-Station-Id = "000e354b8190"
NAS-Identifier = "0014bf3c3c9f"
NAS-Port = 26
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x0208000b017261756c4038
Message-Authenticator = 0x5010ed19e8f495cd797e557f31e46c5d
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 13
modcall[authorize]: module "preprocess" returns ok for request 13
rlm_realm: Looking up realm "8" for User-Name = "raul at 8"
rlm_realm: Found realm "8"
rlm_realm: Proxying request from user raul to realm 8
rlm_realm: Adding Realm = "8"
rlm_realm: Preparing to proxy authentication request to realm "8"
modcall[authorize]: module "suffix" returns updated for request 13
modcall[authorize]: module "chap" returns noop for request 13
modcall[authorize]: module "mschap" returns noop for request 13
modcall: group authorize returns updated for request 13
Sending Access-Request of id 13 to xxx.yyy.zzz.www:1812
User-Name = "raul at 8"
NAS-IP-Address = 10.0.0.10
Called-Station-Id = "0014bf3c3c9f"
Calling-Station-Id = "000e354b8190"
NAS-Identifier = "0014bf3c3c9f"
NAS-Port = 26
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x0208000b017261756c4038
Message-Authenticator = 0x00000000000000000000000000000000
Proxy-State = 0x30
--- Walking the entire request list ---
Waking up in 7 seconds...
rad_recv: Access-Challenge packet from host xxx.yyy.zzz.www:1812, id=13,
length=102
Acct-Interim-Interval = 120
WISPr-Redirection-URL = "http://www.google.com"
EAP-Message = 0x010900061920
Message-Authenticator = 0xf7471c7d0b32705947085a4651d5a38e
State = 0x536aab58a9bc0788890bfc27547e1f64
Proxy-State = 0x30
Sending Access-Challenge of id 0 to 10.0.0.10:2057
Acct-Interim-Interval = 120
WISPr-Redirection-URL = "http://www.google.com"
EAP-Message = 0x010900061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x536aab58a9bc0788890bfc27547e1f64
Finished request 13
Going to the next request
Waking up in 7 seconds...
--------------------------------------------------------------------------------------------------------------------------------------------------------
Thanks in advance!
More information about the Freeradius-Users
mailing list