Problem with Freeradius+LDAP+wifi
Rafał Kamiński
rafal.kaminski at blstream.com
Mon Jan 15 14:42:59 CET 2007
Hello,
I have that configuration:
-server with Freeradius + connect with internal system and Ldap server
-Linksys WPA54G
-laptop with wifi
-PC with freebsd
when i testing connections from PC use radtest i was auth. by radius and
ldap server.
But when i want to use laptop and wifi i see some freeradius logs:
- i see that linksys connect to ldap.server over freeradius but user
(the same what on the pc auth) didn't be auth :(
LOGS:
rad_recv: Access-Request packet from host 192.168.1.245:3072, id=0,
length=119
User-Name = "rka"
NAS-IP-Address = 192.168.1.245
Called-Station-Id = "001217694588"
Calling-Station-Id = "000d93ee9b55"
NAS-Identifier = "001217694588"
NAS-Port = 32
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x0200000801726b61
Message-Authenticator = 0x31c848a6f4f552bd2024d49b5ffa79c4
Mon Jan 15 13:39:00 2007 : Debug: Processing the authorize section of
radiusd.conf
Mon Jan 15 13:39:00 2007 : Debug: modcall: entering group authorize for
request 2
Mon Jan 15 13:39:00 2007 : Debug: modsingle[authorize]: calling ldap
(rlm_ldap) for request 2
Mon Jan 15 13:39:00 2007 : Debug: rlm_ldap: - authorize
Mon Jan 15 13:39:00 2007 : Debug: rlm_ldap: performing user
authorization for rka
Mon Jan 15 13:39:00 2007 : Debug: radius_xlat: '(uid=rka)'
Mon Jan 15 13:39:00 2007 : Debug: radius_xlat: 'ou=Users,dc=domain'
Mon Jan 15 13:39:00 2007 : Debug: rlm_ldap: ldap_get_conn: Checking Id: 0
Mon Jan 15 13:39:00 2007 : Debug: rlm_ldap: ldap_get_conn: Got Id: 0
Mon Jan 15 13:39:00 2007 : Debug: rlm_ldap: performing search in
ou=Users,dc=blstream, with filter (uid=rka)
Mon Jan 15 13:39:00 2007 : Debug: rlm_ldap: looking for check items in
directory...
Mon Jan 15 13:39:00 2007 : Debug: rlm_ldap: looking for reply items in
directory...
Mon Jan 15 13:39:00 2007 : Debug: rlm_ldap: user rka authorized to use
remote access
Mon Jan 15 13:39:00 2007 : Debug: rlm_ldap: ldap_release_conn: Release Id: 0
Mon Jan 15 13:39:00 2007 : Debug: modsingle[authorize]: returned from
ldap (rlm_ldap) for request 2
Mon Jan 15 13:39:00 2007 : Debug: modcall[authorize]: module "ldap"
returns ok for request 2
Mon Jan 15 13:39:00 2007 : Debug: modcall: leaving group authorize
(returns ok) for request 2
Mon Jan 15 13:39:00 2007 : Debug: auth: No authenticate method
(Auth-Type) configuration found for the request: Rejecting the user
Mon Jan 15 13:39:00 2007 : Debug: auth: Failed to validate the user.
Mon Jan 15 13:39:00 2007 : Debug: Delaying request 2 for 1 seconds
Mon Jan 15 13:39:00 2007 : Debug: Finished request 2
Mon Jan 15 13:39:00 2007 : Debug: Going to the next request
Mon Jan 15 13:39:00 2007 : Debug: --- Walking the entire request list ---
Mon Jan 15 13:39:00 2007 : Debug: Waking up in 1 seconds...
Mon Jan 15 13:39:01 2007 : Debug: --- Walking the entire request list ---
Mon Jan 15 13:39:01 2007 : Debug: Waking up in 1 seconds...
Mon Jan 15 13:39:02 2007 : Debug: --- Walking the entire request list ---
Sending Access-Reject of id 0 to 192.168.1.245 port 3072
I set in /etc/freeradius/clients.conf
client 192.168.1.245 {
secret = password
shortname = ldap_test
}
Why ldap didn't want auth. me ? And it is so freak because when i used
PC with the same users ldap auth me.
BR,
--
Rafal Kaminski
http://blstream.com
email: rafal.kaminski at blstream.com
jid: rka at im.blstream.com
More information about the Freeradius-Users
mailing list