3com wx - peap-mschapv2 - freeradius - mysql
Phil Mayers
p.mayers at imperial.ac.uk
Sat Jun 10 12:28:36 CEST 2006
news.gmane.org wrote:
>
> However, now I have checked "users" file; there was some DEFAULT row.
> Now I have correct it.
> I have tried to modify the "Auth-Type" in radcheck table to: EAP (was
> Local), but the result is similar. Have you any idea what is wrong now?
Just for info - you should NOT set Auth-Type. You don't need to.
Correctly configured, the server will set it correctly. Only VERY
specialist applications require setting Auth-Type
As for below - the NAS stops talking to the server. Find out why. I
believe there's some case where the server certificate needs the
so-called "magic OIDs" or windows will stop half-way through a PEAP
setup. Search the list archives for details.
> modcall: entering group authenticate for request 9
> rlm_eap: Request found, released from the list
> rlm_eap: EAP/peap
> rlm_eap: processing type peap
> rlm_eap_peap: Authenticate
> rlm_eap_tls: processing TLS
> rlm_eap_tls: Received EAP-TLS ACK message
> rlm_eap_tls: ack handshake fragment handler
> eaptls_verify returned 1
> eaptls_process returned 13
> rlm_eap_peap: EAPTLS_HANDLED
> modcall[authenticate]: module "eap" returns handled for request 9
> modcall: group authenticate returns handled for request 9
> Sending Access-Challenge of id 36 to xxx.xxx.xxx.xxx:20002
> Service-Type := Framed-User
> Tunnel-Type:0 := VLAN
> Tunnel-Private-Group-Id:0 := "ifac"
> EAP-Message = 0x010c00061900
> Message-Authenticator = 0x00000000000000000000000000000000
> State = 0xfbbcc6567f4091f2cbd3633228aec4bc
> Finished request 9
> Going to the next request
> Waking up in 6 seconds...
> --- Walking the entire request list ---
> Cleaning up request 5 ID 32 with timestamp 44898894
> Cleaning up request 6 ID 33 with timestamp 44898894
> Cleaning up request 7 ID 34 with timestamp 44898894
> Cleaning up request 8 ID 35 with timestamp 44898894
> Cleaning up request 9 ID 36 with timestamp 44898894
> Nothing to do. Sleeping until we see a request.
More information about the Freeradius-Users
mailing list