Help with peap-eap/mschapv2

Phil Mayers p.mayers at imperial.ac.uk
Sun Jan 7 12:50:47 CET 2007


adreas Polyxronopoulos wrote:

> rad_recv: Access-Request packet from host 10.0.0.10:3794, id=160, length=132
>         NAS-IP-Address = 10.0.0.10
>         NAS-Port-Type = Wireless-802.11
>         NAS-Port = 1
>         Framed-MTU = 1400
>         User-Name = "someone"
>         Calling-Station-Id = "00166f122595"
>         Called-Station-Id = "000d545c4190"
>         NAS-Identifier = "3Com Access Point"
>         EAP-Message = 0x0201000c01736f6d656f6e65
>         Message-Authenticator = 0x160e121c6c28afb7f18ee9f0862390d0
>   Processing the authorize section of radiusd.conf
> modcall: entering group authorize for request 0
>   modcall[authorize]: module "preprocess" returns ok for request 0
>   modcall[authorize]: module "mschap" returns noop for request 0
>     rlm_realm: No '@' in User-Name = "someone", looking up realm NULL
>     rlm_realm: No such realm "NULL"
>   modcall[authorize]: module "suffix" returns noop for request 0
>   rlm_eap: EAP packet type response id 1 length 12
>   rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
>   modcall[authorize]: module "eap" returns updated for request 0
>     users: Matched entry DEFAULT at line 155
>     users: Matched entry someone at line 219
>   modcall[authorize]: module "files" returns ok for request 0
> modcall: leaving group authorize (returns updated) for request 0
>   rad_check_password:  Found Auth-Type Local

Don't set Auth-Type to Local. Don't set it to anything in fact. In 99% 
of cases, a correctly configured server will set it just fine itself, 
and attempting to fiddle with it will break things.

Most likely one of the two entries in the "users" file in line 155 or 
219 is causing it to break.

Your users file only needs:

username	User-Password := "thepassword"




More information about the Freeradius-Users mailing list