Need help to test EAP-MD5
Nilanjan Sarkar
nilanjans at condornetworks.com
Wed Dec 12 14:43:47 CET 2007
Hi Friends,
I want to test radiusd with radeapclient. I am following from radeapclient
man page, and using "./radeapclient -x localhost auth testing123 <req.txt".
req.txt is like this,
User-Name = "bob"
EAP-MD5-Password = "hello"
NAS-IP-Address = marajade.sandelman.ottawa.on.c
EAP-Code = Response
EAP-Id = 210
EAP-Type-Identity = "bob"
Message-Authenticator = 0x00
NAS-Port = 0
But radeapclient is getting access-reject with Failure EAP-Code from radiusd
(running like ./radiusd -X in another console).
==============
+++> About to send encoded packet:
User-Name = "bob"
EAP-MD5-Password = "hello"
NAS-IP-Address = 255.255.255.255
EAP-Code = Response
EAP-Id = 210
EAP-Type-Identity = "bob"
Message-Authenticator = 0x00
NAS-Port = 0
Sending Access-Request of id 116 to 127.0.0.1 port 1812
User-Name = "bob"
NAS-IP-Address = 255.255.255.255
Message-Authenticator = 0x00000000000000000000000000000000
NAS-Port = 0
EAP-Message = 0x02d2000801626f62
rad_recv: Access-Challenge packet from host 127.0.0.1:1812, id=116,
length=80
EAP-Message = 0x01d30016041066eb786fd424a0ee6f85a194ea8c9d30
Message-Authenticator = 0x323ec83f657e741fc131ba05f1bac39f
State = 0xa3e884a46fc0e687c2bce84c917cc61e
<+++ EAP decoded packet:
EAP-Message = 0x01d30016041066eb786fd424a0ee6f85a194ea8c9d30
Message-Authenticator = 0x323ec83f657e741fc131ba05f1bac39f
State = 0xa3e884a46fc0e687c2bce84c917cc61e
EAP-Id = 211
EAP-Code = Request
EAP-Type-MD5 = 0x1066eb786fd424a0ee6f85a194ea8c9d30
+++> About to send encoded packet:
User-Name = "bob"
EAP-MD5-Password = "hello"
NAS-IP-Address = 255.255.255.255
EAP-Code = Response
EAP-Id = 211
Message-Authenticator = 0x00000000000000000000000000000000
NAS-Port = 0
EAP-Type-MD5 = 0x108d31440ff81df18a9294cd9bd36bdce6
State = 0xa3e884a46fc0e687c2bce84c917cc61e
Sending Access-Request of id 117 to 127.0.0.1 port 1812
User-Name = "bob"
NAS-IP-Address = 255.255.255.255
Message-Authenticator = 0x00000000000000000000000000000000
NAS-Port = 0
State = 0xa3e884a46fc0e687c2bce84c917cc61e
EAP-Message = 0x02d3001604108d31440ff81df18a9294cd9bd36bdce6
Re-sending Access-Request of id 117 to 127.0.0.1 port 1812
User-Name = "bob"
EAP-MD5-Password = "hello"
NAS-IP-Address = 255.255.255.255
EAP-Code = Response
EAP-Id = 211
Message-Authenticator = 0x00000000000000000000000000000000
NAS-Port = 0
EAP-Type-MD5 = 0x108d31440ff81df18a9294cd9bd36bdce6
State = 0xa3e884a46fc0e687c2bce84c917cc61e
EAP-Message = 0x02d3001604108d31440ff81df18a9294cd9bd36bdce6
rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=117, length=44
EAP-Message = 0x04d30004
Message-Authenticator = 0x083613356791ba254aa786ddbb62d393
<+++ EAP decoded packet:
EAP-Message = 0x04d30004
Message-Authenticator = 0x083613356791ba254aa786ddbb62d393
EAP-Id = 211
EAP-Code = Failure
==============
I have added in radiusd.conf the following info
eap {
default_eap_type = md5
md5 {
}
====================================
My queries are as following..
Do I need to add any md5 related attributes in server configuration?
I have found in some file like digest-auth-MD5
"<>/freeradius-1.1.7/src/tests", but not sure how to inform radiusd server
about this file. Also do not find any documentation about usage of
"digest-auth-MD5".
Any information/help regarding this is highly appreciated.
Kind Regards,
Nilanjan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20071212/945399cf/attachment.html>
More information about the Freeradius-Users
mailing list