FreeRadius MAC address authorization (no authentication)
ramot.lubis at gmail.com
Fri Aug 8 10:48:25 CEST 2008
Thanks Alan, it was my mistake. I have fixed the openssl trouble. Now
PEAP is running. But I still have problem with authentication.
I put the log here. Please, tell me what my next mistake is.
rad_recv: Access-Request packet from host 10.0.0.2 port 1027, id=76, length=189
User-Name = "PIDEL-3C5B30E9C\\Administrator"
NAS-IP-Address = 10.0.0.2
NAS-Port = 0
Called-Station-Id = "00-1E-E5-9D-61-85:DEL_LR1"
Calling-Station-Id = "00-21-00-0B-68-E3"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020c00061900
State = 0x61fcdc3962f0c5fd5ac44742bec48a4e
Message-Authenticator = 0xf9de9a4b155e31af40d1602df959ad77
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
rlm_realm: No '@' in User-Name = "PIDEL-3C5B30E9C\Administrator",
looking up realm NULL
rlm_realm: No such realm "NULL"
++[suffix] returns noop
rlm_eap: EAP packet type response id 12 length 6
rlm_eap: Continuing tunnel setup.
++[eap] returns ok
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
rlm_eap: Request found, released from the list
rlm_eap: processing type peap
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 76 to 10.0.0.2 port 1027
EAP-Message = 0x010d00061900
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x61fcdc3965f1c5fd5ac44742bec48a4e
Finished request 9.
On Fri, Aug 8, 2008 at 3:06 PM, Alan DeKok <aland at deployingradius.com> wrote:
> Ramot Lubis wrote:
>> thanks Stefan.
>> it's already uncommented by default. I didn't change any default value
>> except the SQL authorization.
>> I wonder what might be the problem?
> You haven't installed the OpenSSL libraries and header files. As a
> result, FreeRADIUS wasn't built with support for PEAP.
> Run the server in debug mode, and read the output. When it's loading
> the EAP module, it will TELL YOU that it's not loading PEAP. It will
> also tell you why it's not loading PEAP.
> Alan DeKok.
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users