Please help with my EAP config - PEAP/MSCHAP
Alan DeKok
aland at deployingradius.com
Tue Oct 23 15:02:28 CEST 2007
Nyle wrote:
> I'm trying to set up Freeradius on SuSe 9 to authenticate against LDAP on
> the same box. I can use radtest locally and ntradping from a remote
> workstation and receive an accept. So it looks like it's configured well
> enough for the direct LDAP with clients.conf. However, when I try and use a
> Windows XP Pro client with my 3COM AP it returned a reject. I've tried
> searching on the what appears to be the errors in the below log but nothing
> seems to stand out. I'm sure it's something simple I missed when following
> the online setup guides that are supposed to walk you through. I've checked
> and re-checked my eap.conf and rediusd.conf.
There's a lot of this error: Maybe you want to check that out.
> rlm_ldap: performing search in ou=TechSupport,ou=JeffS,o=Jeff, with filter
> (cn=auser)
> rlm_ldap: checking if remote access for auser is allowed by wirelessAccess
> rlm_ldap: Error reading Universal Password.Return Code = -16049
> rlm_ldap: looking for check items in directory...
> rlm_ldap: looking for reply items in directory...
And there's no "known good" password found for the user.
> rlm_mschap: No User-Password configured. Cannot create LM-Password.
> rlm_mschap: No User-Password configured. Cannot create NT-Password.
> rlm_mschap: Told to do MS-CHAPv2 for auser with NT-Password
> rlm_mschap: FAILED: No NT/LM-Password. Cannot perform authentication.
Tell the server what the users correct password is.
Alan DeKok.
More information about the Freeradius-Users
mailing list