help in setting up PEAP in freeRADIUS with winXp supplicant
Apangshu Saha
apangshu at gmail.com
Mon Jun 11 14:25:18 CEST 2007
Dear All,
I am a newbee in freeRADIUS and unable to setting up PEAP in freeRADIUS with
winXp supplicant.On the client side it always show attempting to
authenticate.I am getting the following lines at the last of the log file of
freeRADIUS.Help me to sort out
the problem please.
**************************log file*************************
modcall[authorize]: module "files" returns ok for request 4
rlm_pap: Found existing Auth-Type, not changing it.
modcall[authorize]: module "pap" returns noop for request 4
modcall: leaving group authorize (returns updated) for request 4
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 4
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake is finished
eaptls_verify returned 3
eaptls_process returned 3
rlm_eap_peap: EAPTLS_SUCCESS
modcall[authenticate]: module "eap" returns handled for request 4
modcall: leaving group authenticate (returns handled) for request 4
Sending Access-Challenge of id 0 to 192.168.6.14 port 2049
EAP-Message =
0x0105002019001703010015c37ca76db66f6a97fcfcf85e65a7e03d3e70fcf43d
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x5142c99b4f3e278d5f71af41f06e1e96
Finished request 4
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.6.14:2049, id=0,
length=180
User-Name = "administrator"
NAS-IP-Address = 192.168.6.14
Called-Station-Id = "0012172a3da3"
Calling-Station-Id = "00131008616c"
NAS-Identifier = "0012172a3da3"
NAS-Port = 5
Framed-MTU = 1400
State = 0x5142c99b4f3e278d5f71af41f06e1e96
NAS-Port-Type = Wireless-802.11
EAP-Message =
0x020500291900170301001e103d6d5ce7a04c446824e451f6b169ff53a8f48d18f614092295e6e1cdb6
Message-Authenticator = 0x45a325b094cfed83fdb2aad638a9fb12
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 5
modcall[authorize]: module "preprocess" returns ok for request 5
modcall[authorize]: module "mschap" returns noop for request 5
rlm_realm: No '@' in User-Name = "administrator", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 5
rlm_eap: EAP packet type response id 5 length 41
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 5
users: Matched entry DEFAULT at line 152
users: Matched entry administrator at line 215
modcall[authorize]: module "files" returns ok for request 5
rlm_pap: Found existing Auth-Type, not changing it.
modcall[authorize]: module "pap" returns noop for request 5
modcall: leaving group authorize (returns updated) for request 5
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 5
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: Identity - administrator
rlm_eap_peap: Tunneled data is valid.
PEAP: Got tunneled identity of administrator
PEAP: Setting default EAP type for tunneled EAP session.
PEAP: Setting User-Name to administrator
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 5
modcall[authorize]: module "preprocess" returns ok for request 5
modcall[authorize]: module "mschap" returns noop for request 5
rlm_realm: No '@' in User-Name = "administrator", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 5
rlm_eap: EAP packet type response id 5 length 18
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 5
users: Matched entry DEFAULT at line 152
users: Matched entry administrator at line 215
modcall[authorize]: module "files" returns ok for request 5
rlm_pap: Found existing Auth-Type, not changing it.
modcall[authorize]: module "pap" returns noop for request 5
modcall: leaving group authorize (returns updated) for request 5
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 5
rlm_eap: EAP Identity
rlm_eap: No such EAP type mschapv2
rlm_eap: Failed in EAP select
modcall[authenticate]: module "eap" returns invalid for request 5
modcall: leaving group authenticate (returns invalid) for request 5
auth: Failed to validate the user.
PEAP: Tunneled authentication was rejected.
rlm_eap_peap: FAILURE
modcall[authenticate]: module "eap" returns handled for request 5
modcall: leaving group authenticate (returns handled) for request 5
Sending Access-Challenge of id 0 to 192.168.6.14 port 2049
EAP-Message =
0x010600261900170301001b91727baee5568c72883984a71242056b8f336171f797c3646a85de
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x1654be07c4122f438449a5f35981dd27
Finished request 5
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.6.14:2049, id=0,
length=177
User-Name = "administrator"
NAS-IP-Address = 192.168.6.14
Called-Station-Id = "0012172a3da3"
Calling-Station-Id = "00131008616c"
NAS-Identifier = "0012172a3da3"
NAS-Port = 5
Framed-MTU = 1400
State = 0x1654be07c4122f438449a5f35981dd27
NAS-Port-Type = Wireless-802.11
EAP-Message =
0x020600261900170301001bdbac43bc04a3b2686dc05fc44cdb0a3922e36e0156ea45c11c188e
Message-Authenticator = 0x0150585836af2d8127b88cf51a3efbfd
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 6
modcall[authorize]: module "preprocess" returns ok for request 6
modcall[authorize]: module "mschap" returns noop for request 6
rlm_realm: No '@' in User-Name = "administrator", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 6
rlm_eap: EAP packet type response id 6 length 38
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 6
users: Matched entry DEFAULT at line 152
users: Matched entry administrator at line 215
modcall[authorize]: module "files" returns ok for request 6
rlm_pap: Found existing Auth-Type, not changing it.
modcall[authorize]: module "pap" returns noop for request 6
modcall: leaving group authorize (returns updated) for request 6
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 6
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: Received EAP-TLV response.
rlm_eap_peap: Tunneled data is valid.
rlm_eap_peap: Had sent TLV failure. User was rejcted rejected earlier in
this session.
rlm_eap: Handler failed in EAP/peap
rlm_eap: Failed in EAP select
modcall[authenticate]: module "eap" returns invalid for request 6
modcall: leaving group authenticate (returns invalid) for request 6
auth: Failed to validate the user.
Delaying request 6 for 1 seconds
Finished request 6
Going to the next request
Waking up in 6 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 0 to 192.168.6.14 port 2049
EAP-Message = 0x04060004
Message-Authenticator = 0x00000000000000000000000000000000
Cleaning up request 6 ID 0 with timestamp 466d3f35
Nothing to do. Sleeping until we see a request.
***********************log file*************************************
please help.
with regards...
apangshu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20070611/20abea88/attachment.html>
More information about the Freeradius-Users
mailing list