WPA problem

Giuseppina Venezia giusy.venezia at gmail.com
Tue Oct 3 15:48:20 CEST 2006 

Hello all,
I've chillispot + freeradius (with openldap), with chillispot in proxy mode.
I use WPA Enterprise and when I try to connect a client using WPA the
client can't connect but apparently freeradius give no error. (without
WPA all work perfectly).
I attach you full log of freeradius and chillispot,
if you can give me some help i'll be grate.
Hope you can help me.

My freeradius log:


Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1:1027, id=0, length=125
	User-Name = "prof1"
	EAP-Message = 0x0200000a0170726f6631
	Message-Authenticator = 0x862370a8c24c3cc15e9b7f7687d06281
	Calling-Station-Id = "00-17-F2-44-11-C2"
	Called-Station-Id = "00-50-BF-E3-E8-2A"
	NAS-Port-Type = Wireless-802.11
	NAS-Port = 2
	NAS-IP-Address = 0.0.0.0
	NAS-Identifier = "localhost"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
  modcall[authorize]: module "preprocess" returns ok for request 0
  modcall[authorize]: module "chap" returns noop for request 0
  modcall[authorize]: module "mschap" returns noop for request 0
    rlm_realm: No '@' in User-Name = "prof1", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 0
  rlm_eap: EAP packet type response id 0 length 10
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 0
    users: Matched entry DEFAULT at line 154
rlm_ldap: Entering ldap_groupcmp()
radius_xlat:  'ou=mydepartment,dc=mydomain,dc=it'
radius_xlat:  '(uid=prof1)'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to localhost:389, authentication 0
rlm_ldap: bind as cn=Manager,dc=mydomain,dc=it/PASSWORD to localhost:389
rlm_ldap: waiting for bind result ...
rlm_ldap: Bind was successful
rlm_ldap: performing search in ou=mydepartment,dc=mydomain,dc=it, with
filter (uid=prof1)
rlm_ldap: ldap_release_conn: Release Id: 0
radius_xlat:  '(|(&(objectClass=GroupOfNames)(member=cn\3dMaurizio
Costanzo\2cou\3dfaculty\2cou\3ddspsa\2cou\3dmydepartment\2cdc\3dmydomain\2cdc\3dit))(&(objectClass=GroupOfUniqueNames)(uniquemember=cn\3dMaurizio
Costanzo\2cou\3dfaculty\2cou\3ddspsa\2cou\3dmydepartment\2cdc\3dmydomain\2cdc\3dit)))'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in ou=mydepartment,dc=mydomain,dc=it, with
filter (&(cn=professor)(|(&(objectClass=GroupOfNames)(member=cn\3dMaurizio
Costanzo\2cou\3dfaculty\2cou\3ddspsa\2cou\3dmydepartment\2cdc\3dmydomain\2cdc\3dit))(&(objectClass=GroupOfUniqueNames)(uniquemember=cn\3dMaurizio
Costanzo\2cou\3dfaculty\2cou\3ddspsa\2cou\3dmydepartment\2cdc\3dmydomain\2cdc\3dit))))
rlm_ldap: object not found or got ambiguous search result
rlm_ldap: ldap_release_conn: Release Id: 0
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in cn=Maurizio
Costanzo,ou=faculty,ou=dspsa,ou=mydepartment,dc=mydomain,dc=it, with
filter (objectclass=*)
rlm_ldap::ldap_groupcmp: User found in group professor
rlm_ldap: ldap_release_conn: Release Id: 0
    users: Matched entry DEFAULT at line 176
  modcall[authorize]: module "files" returns ok for request 0
rlm_ldap: - authorize
rlm_ldap: performing user authorization for prof1
radius_xlat:  '(uid=prof1)'
radius_xlat:  'ou=mydepartment,dc=mydomain,dc=it'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: performing search in ou=mydepartment,dc=mydomain,dc=it, with
filter (uid=prof1)
rlm_ldap: checking if remote access for prof1 is allowed by userPassword
rlm_ldap: Added password a in check items
rlm_ldap: looking for check items in directory...
rlm_ldap: Adding radiusGroupName as Ldap-Group, value professor & op=21
rlm_ldap: Adding radiusCallingStationId as Calling-Station-Id, value
00-05-5D-25-12-5B & op=21
rlm_ldap: Adding radiusCallingStationId as Calling-Station-Id, value
00-02-C7-8F-A0-16 & op=21
rlm_ldap: Adding radiusCallingStationId as Calling-Station-Id, value
00-0B-6B-4A-22-E8 & op=21
rlm_ldap: Adding radiusCallingStationId as Calling-Station-Id, value
00-17-F2-44-11-C2 & op=21
rlm_ldap: Adding userPassword as User-Password, value a & op=21
rlm_ldap: looking for reply items in directory...
rlm_ldap: user prof1 authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
  modcall[authorize]: module "ldap" returns ok for request 0
rlm_checkval: Item Name: Calling-Station-Id, Value: 00-17-F2-44-11-C2
rlm_checkval: Value Name: Calling-Station-Id, Value: 00-05-5D-25-12-5B
rlm_checkval: Value Name: Calling-Station-Id, Value: 00-02-C7-8F-A0-16
rlm_checkval: Value Name: Calling-Station-Id, Value: 00-0B-6B-4A-22-E8
rlm_checkval: Value Name: Calling-Station-Id, Value: 00-17-F2-44-11-C2
  modcall[authorize]: module "checkval" returns ok for request 0
modcall: leaving group authorize (returns updated) for request 0
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 0
  rlm_eap: EAP Identity
  rlm_eap: processing type tls
  rlm_eap_tls: Initiate
  rlm_eap_tls: Start returned 1
  modcall[authenticate]: module "eap" returns handled for request 0
modcall: leaving group authenticate (returns handled) for request 0
Sending Access-Challenge of id 0 to 127.0.0.1 port 1027
	Service-Type == Framed-User
	EAP-Message = 0x010100061920
	Message-Authenticator = 0x00000000000000000000000000000000
	State = 0xb4d93d9a9cf87543d81689d41e41f3f4
Finished request 0


====================================
My chilli log:

chilli.c: 3027: 0 (Success) ChilliSpot version 1.0 started.
tun.c: 653: 0 (Success) TX queue length set to 100chilli.c: 3162: 0
(Success) Waiting for client request...
chilli.c: 2424: 0 (Success) New DHCP request from
MAC=00-11-95-C2-93-0Achilli.c: 2430: 0 (Success) New DHCP connection
established
chilli.c: 2354: 0 (Success) DHCP requested IP address
chilli.c: 2394: 0 (Success) Client MAC=00-11-95-C2-93-0A assigned IP
192.168.182.10chilli.c: 2544: 0 (Success) cb_dhcp_data_ind. Packet
received. DHCP authstate: 5
chilli.c: 2547: 0 (Success) Received packet with spoofed source!!!
chilli.c: 1457: 0 (Success) Radius access request received!
chilli.c: 1484: 0 (Success) Calling Station ID is: chilli.c: 1485: 0
(Success) 0chilli.c: 1485: 0 (Success) 0chilli.c: 1485: 0 (Success)
-chilli.c: 1485: 0 (Success) 1chilli.c: 1485: 0 (Success) 7chilli.c:
1485: 0 (Success) -chilli.c: 1485: 0 (Success) Fchilli.c: 1485: 0
(Success) 2chilli.c: 1485: 0 (Success) -chilli.c: 1485: 0 (Success)
4chilli.c: 1485: 0 (Success) 4chilli.c: 1485: 0 (Success) -chilli.c:
1485: 0 (Success) 1chilli.c: 1485: 0 (Success) 1chilli.c: 1485: 0
(Success) -chilli.c: 1485: 0 (Success) Cchilli.c: 1485: 0 (Success)
2chilli.c: 1486: 0 (Success)
chilli.c: 1523: 0 (Success) Username is: chilli.c: 1524: 0 (Success)
pchilli.c: 1524: 0 (Success) rchilli.c: 1524: 0 (Success) ochilli.c:
1524: 0 (Success) fchilli.c: 1524: 0 (Success) 1chilli.c: 1524: 0
(Success) chilli.c: 1525: 0 (Success)
chilli.c: 2424: 0 (Success) New DHCP request from
MAC=00-17-F2-44-11-C2chilli.c: 2430: 0 (Success) New DHCP connection
established
chilli.c: 1854: 0 (Success) Received access request confirmation from
radius server
chilli.c: 1884: 0 (Success) Received access challenge from radius server
chilli.c: 2544: 0 (Success) cb_dhcp_data_ind. Packet received. DHCP authstate: 5
chilli.c: 2547: 0 (Success) Received packet with spoofed source!!!
radius.c: 1608: 0 (Success) Received unknown radius packet
11!chilli.c: 3267: 0 (Success) radius_proxy_ind() failed!chilli.c:
2544: 0 (Success) cb_dhcp_data_ind. Packet received. DHCP authstate: 5
chilli.c: 2547: 0 (Success) Received packet with spoofed source!!!
chilli.c: 1457: 0 (Success) Radius access request received!
chilli.c: 1484: 0 (Success) Calling Station ID is: chilli.c: 1485: 0
(Success) 0chilli.c: 1485: 0 (Success) 0chilli.c: 1485: 0 (Success)
-chilli.c: 1485: 0 (Success) 1chilli.c: 1485: 0 (Success) 7chilli.c:
1485: 0 (Success) -chilli.c: 1485: 0 (Success) Fchilli.c: 1485: 0
(Success) 2chilli.c: 1485: 0 (Success) -chilli.c: 1485: 0 (Success)
4chilli.c: 1485: 0 (Success) 4chilli.c: 1485: 0 (Success) -chilli.c:
1485: 0 (Success) 1chilli.c: 1485: 0 (Success) 1chilli.c: 1485: 0
(Success) -chilli.c: 1485: 0 (Success) Cchilli.c: 1485: 0 (Success)
2chilli.c: 1486: 0 (Success)
chilli.c: 1523: 0 (Success) Username is: chilli.c: 1524: 0 (Success)
pchilli.c: 1524: 0 (Success) rchilli.c: 1524: 0 (Success) ochilli.c:
1524: 0 (Success) fchilli.c: 1524: 0 (Success) 1chilli.c: 1524: 0
(Success) chilli.c: 1525: 0 (Success)
chilli.c: 1854: 0 (Success) Received access request confirmation from
radius server
chilli.c: 1884: 0 (Success) Received access challenge from radius server
chilli.c: 2544: 0 (Success) cb_dhcp_data_ind. Packet received. DHCP authstate: 5
chilli.c: 2547: 0 (Success) Received packet with spoofed source!!!
radius.c: 1608: 0 (Success) Received unknown radius packet
11!chilli.c: 3267: 0 (Success) radius_proxy_ind() failed!chilli.c:
2544: 0 (Success) cb_dhcp_data_ind. Packet received. DHCP authstate: 5
chilli.c: 2547: 0 (Success) Received packet with spoofed source!!!
chilli.c: 1457: 0 (Success) Radius access request received!
chilli.c: 1484: 0 (Success) Calling Station ID is: chilli.c: 1485: 0
(Success) 0chilli.c: 1485: 0 (Success) 0chilli.c: 1485: 0 (Success)
-chilli.c: 1485: 0 (Success) 1chilli.c: 1485: 0 (Success) 7chilli.c:
1485: 0 (Success) -chilli.c: 1485: 0 (Success) Fchilli.c: 1485: 0
(Success) 2chilli.c: 1485: 0 (Success) -chilli.c: 1485: 0 (Success)
4chilli.c: 1485: 0 (Success) 4chilli.c: 1485: 0 (Success) -chilli.c:
1485: 0 (Success) 1chilli.c: 1485: 0 (Success) 1chilli.c: 1485: 0
(Success) -chilli.c: 1485: 0 (Success) Cchilli.c: 1485: 0 (Success)
2chilli.c: 1486: 0 (Success)
chilli.c: 1523: 0 (Success) Username is: chilli.c: 1524: 0 (Success)
pchilli.c: 1524: 0 (Success) rchilli.c: 1524: 0 (Success) ochilli.c:
1524: 0 (Success) fchilli.c: 1524: 0 (Success) 1chilli.c: 1524: 0
(Success) chilli.c: 1525: 0 (Success)
chilli.c: 1854: 0 (Success) Received access request confirmation from
radius server
chilli.c: 1884: 0 (Success) Received access challenge from radius server
chilli.c: 2544: 0 (Success) cb_dhcp_data_ind. Packet received. DHCP authstate: 5
chilli.c: 2547: 0 (Success) Received packet with spoofed source!!!
radius.c: 1608: 0 (Success) Received unknown radius packet
11!chilli.c: 3267: 0 (Success) radius_proxy_ind() failed!chilli.c:
2544: 0 (Success) cb_dhcp_data_ind. Packet received. DHCP authstate: 5
chilli.c: 2547: 0 (Success) Received packet with spoofed source!!!
chilli.c: 1457: 0 (Success) Radius access request received!
chilli.c: 1484: 0 (Success) Calling Station ID is: chilli.c: 1485: 0
(Success) 0chilli.c: 1485: 0 (Success) 0chilli.c: 1485: 0 (Success)
-chilli.c: 1485: 0 (Success) 1chilli.c: 1485: 0 (Success) 7chilli.c:
1485: 0 (Success) -chilli.c: 1485: 0 (Success) Fchilli.c: 1485: 0
(Success) 2chilli.c: 1485: 0 (Success) -chilli.c: 1485: 0 (Success)
4chilli.c: 1485: 0 (Success) 4chilli.c: 1485: 0 (Success) -chilli.c:
1485: 0 (Success) 1chilli.c: 1485: 0 (Success) 1chilli.c: 1485: 0
(Success) -chilli.c: 1485: 0 (Success) Cchilli.c: 1485: 0 (Success)
2chilli.c: 1486: 0 (Success)
chilli.c: 1523: 0 (Success) Username is: chilli.c: 1524: 0 (Success)
pchilli.c: 1524: 0 (Success) rchilli.c: 1524: 0 (Success) ochilli.c:
1524: 0 (Success) fchilli.c: 1524: 0 (Success) 1chilli.c: 1524: 0
(Success) chilli.c: 1525: 0 (Success)
chilli.c: 1854: 0 (Success) Received access request confirmation from
radius server
chilli.c: 1884: 0 (Success) Received access challenge from radius server
chilli.c: 2544: 0 (Success) cb_dhcp_data_ind. Packet received. DHCP authstate: 5
chilli.c: 2547: 0 (Success) Received packet with spoofed source!!!
radius.c: 1608: 0 (Success) Received unknown radius packet
11!chilli.c: 3267: 0 (Success) radius_proxy_ind() failed!chilli.c:
2544: 0 (Success) cb_dhcp_data_ind. Packet received. DHCP authstate: 5
chilli.c: 2547: 0 (Success) Received packet with spoofed source!!!
chilli.c: 1457: 0 (Success) Radius access request received!
chilli.c: 1484: 0 (Success) Calling Station ID is: chilli.c: 1485: 0
(Success) 0chilli.c: 1485: 0 (Success) 0chilli.c: 1485: 0 (Success)
-chilli.c: 1485: 0 (Success) 1chilli.c: 1485: 0 (Success) 7chilli.c:
1485: 0 (Success) -chilli.c: 1485: 0 (Success) Fchilli.c: 1485: 0
(Success) 2chilli.c: 1485: 0 (Success) -chilli.c: 1485: 0 (Success)
4chilli.c: 1485: 0 (Success) 4chilli.c: 1485: 0 (Success) -chilli.c:
1485: 0 (Success) 1chilli.c: 1485: 0 (Success) 1chilli.c: 1485: 0
(Success) -chilli.c: 1485: 0 (Success) Cchilli.c: 1485: 0 (Success)
2chilli.c: 1486: 0 (Success)
chilli.c: 1523: 0 (Success) Username is: chilli.c: 1524: 0 (Success)
pchilli.c: 1524: 0 (Success) rchilli.c: 1524: 0 (Success) ochilli.c:
1524: 0 (Success) fchilli.c: 1524: 0 (Success) 1chilli.c: 1524: 0
(Success) chilli.c: 1525: 0 (Success)
chilli.c: 1854: 0 (Success) Received access request confirmation from
radius server
chilli.c: 1884: 0 (Success) Received access challenge from radius server
chilli.c: 2544: 0 (Success) cb_dhcp_data_ind. Packet received. DHCP authstate: 5
chilli.c: 2547: 0 (Success) Received packet with spoofed source!!!
radius.c: 1608: 0 (Success) Received unknown radius packet
11!chilli.c: 3267: 0 (Success) radius_proxy_ind() failed!chilli.c:
2544: 0 (Success) cb_dhcp_data_ind. Packet received. DHCP authstate: 5
chilli.c: 2547: 0 (Success) Received packet with spoofed source!!!
chilli.c: 1457: 0 (Success) Radius access request received!
chilli.c: 1484: 0 (Success) Calling Station ID is: chilli.c: 1485: 0
(Success) 0chilli.c: 1485: 0 (Success) 0chilli.c: 1485: 0 (Success)
-chilli.c: 1485: 0 (Success) 1chilli.c: 1485: 0 (Succes

More information about the Freeradius-Users mailing list