windows xp sp2 EAP and radius
Sergey Velikanov
vgray at bk.ru
Thu Jun 30 13:47:59 CEST 2005
настраиваю работу EAP по
[url=http://www.alphacore.net/contrib/nantes-wireless/eap-tls-HOWTO.html]доке[/url]
проблема в том что если я выбираю
Smart Card or other Certificate на
[url=http://web.archive.org/web/20031206113912/http://www.impossiblereflex.com/8021x/images/xp6.JPG]картинке[/url]
то на радиусе я никаких запросов не вижу, если выбираю PEAP то запросы
начинают приходить, может у кого есть идеи? целый день над этим бьюсь
так и не получается заставить работать
hello I've setup my windows xp & freerafius to use EAP
(http://www.alphacore.net/contrib/nantes-wireless/eap-tls-HOWTO.html)
but if I select on my windows machine use "Smart Card or other
Certificate" I seen nothing on radius, if u choose PEAP on my radius I see
Cisco AP1300 log
Jun 30 11:12:38.947: RADIUS(00000035): Storing nasport 307 in rad_db
Jun 30 11:12:38.947: RADIUS(00000035): Config NAS IP: 192.168.10.100
Jun 30 11:12:38.948: RADIUS(00000035): Config NAS IP: 192.168.10.100
Jun 30 11:12:38.948: RADIUS(00000035): Send Access-Request to
192.168.11.2:1645 id 1645/56, len 157
Jun 30 11:12:38.950: RADIUS: Received from id 1645/56 192.168.11.2:1645,
Access-Challenge, len 64
Jun 30 11:12:38.950: RADIUS/DECODE: EAP-Message fragments, 6, total 6 bytes
Jun 30 11:12:38.986: RADIUS(00000035): Using existing nas_port 307
Jun 30 11:12:38.986: RADIUS(00000035): Config NAS IP: 192.168.10.100
Jun 30 11:12:38.986: RADIUS(00000035): Config NAS IP: 192.168.10.100
Jun 30 11:12:38.986: RADIUS(00000035): Send Access-Request to
192.168.11.2:1645 id 1645/57, len 156
Jun 30 11:12:38.988: RADIUS: Received from id 1645/57 192.168.11.2:1645,
Access-Challenge, len 64
Jun 30 11:12:38.988: RADIUS/DECODE: EAP-Message fragments, 6, total 6 bytes
Jun 30 11:12:39.007: RADIUS(00000035): Using existing nas_port 307
Jun 30 11:12:39.007: RADIUS(00000035): Config NAS IP: 192.168.10.100
Jun 30 11:12:39.007: RADIUS(00000035): Config NAS IP: 192.168.10.100
Jun 30 11:12:39.008: RADIUS(00000035): Send Access-Request to
192.168.11.2:1645 id 1645/58, len 230
Jun 30 11:12:39.047: RADIUS: Received from id 1645/58 192.168.11.2:1645,
Access-Challenge, len 1100
Jun 30 11:12:39.048: RADIUS/DECODE: EAP-Message fragments,
253+253+253+253+22, total 1034 bytes
Jun 30 11:12:39.131: RADIUS(00000035): Using existing nas_port 307
Jun 30 11:12:39.131: RADIUS(00000035): Config NAS IP: 192.168.10.100
Jun 30 11:12:39.131: RADIUS(00000035): Config NAS IP: 192.168.10.100
Jun 30 11:12:39.132: RADIUS(00000035): Send Access-Request to
192.168.11.2:1645 id 1645/59, len 156
Jun 30 11:12:39.134: RADIUS: Received from id 1645/59 192.168.11.2:1645,
Access-Challenge, len 821
Jun 30 11:12:39.135: RADIUS/DECODE: EAP-Message fragments, 253+253+253,
total 759 bytes
Jun 30 11:12:39.147: RADIUS(00000035): Using existing nas_port 307
Jun 30 11:12:39.147: RADIUS(00000035): Config NAS IP: 192.168.10.100
Jun 30 11:12:39.148: RADIUS(00000035): Config NAS IP: 192.168.10.100
Jun 30 11:12:39.148: RADIUS(00000035): Send Access-Request to
192.168.11.2:1645 id 1645/60, len 156
Jun 30 11:12:39.180: RADIUS: Received from id 1645/60 192.168.11.2:1645,
Access-Challenge, len 64
Jun 30 11:12:39.180: RADIUS/DECODE: EAP-Message fragments, 6, total 6 bytes
Jun 30 11:13:09.172: %DOT11-7-AUTH_FAILED: Station 0060.1d1e.245c
Authentication failedReceived disconnect from 192.168.10.100: Time-out
activated
and freeradius show the same, on every packet it say
> modcall[authenticate]: module "eap" returns handled for request 8
it never say "ok" and never send Reject or Accept packet
What is wrong?
I use radiusd: FreeRADIUS Version 1.0.4, for host , built on Jun 30 2005
at 15:08:01
More information about the Freeradius-Users
mailing list