Radius client can not connected!
Kwok Sianbin
sianbin_kwok at yahoo.com
Mon Aug 11 06:38:09 CEST 2008
Hi all,
Need help.
I'd been doing this for sometimes and can't get it solved.
Client try to communicate with server but just can't get it connected.
here are the message:
Waking up in 4.7 seconds.
User-Name = "testing"
NAS-IP-Address = 0.0.0.0
Framed-MTU = 1488
Called-Station-Id = "00:30:1a:29:03:66"
Calling-Station-Id = "00:1c:f0:10:56:b8"
NAS-Port-Type = Wireless-802.11
NAS-Identifier = "127.0.0.1"
Connect-Info = "CONNECT 11Mbps 802.11b"
State = 0x50713d8653743023ce88a0c1a1b930fe
EAP-Message =
0x020505c50d80000005bb160301058b0b00037b0003780003753082037130820259a003020102020102300d06092a864886f70d01010405003070310b3009060355040613024652310f300d0603550408130652616469757331153013060355040a130c4578616d706c6520496e632e311730150603550403140e4d6172734e65745f5365727665723120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d301e170d3038303730383032323630315a170d3131303730383032323630315a306f310b3009060355040613024652310f300d0603550408130652616469757331153013060355040a130c4578616d706c6520
EAP-Message =
0x496e632e311730150603550403140e4d6172734e65745f436c69656e74311f301d06092a864886f70d010901161075736572406578616d706c652e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100d9c82149515d4198e7647e1dd2fdaba3dd274d89fe59259ea656b5550118896812a05a0bad9307dda14f88582a1cfd1b8f475aabfc4e7ee2618d195fdb4fed673093982696a14d7a929c8590bfb32a930ee363d15a2ddadaf398d497527addbb88562c48803840ac7ab5cfd47709718078cee8489a415783ff1149bd2d8c4abd5ed1c83811392890b60e65dcfe3fae892d4ab0e3f98506387d47094656bb
EAP-Message =
0xc7b5fdebc4b342b797d0dcc7a3fdd68cfa52490ec10a1e4a5d9cc82decc3f7340611755269c937f882478b6a875c460ea997351f33291f4f94bc7661b7f76a5457479f72639fc9acf815aa5ed438309a1695ffe34f1f967ad8f0b63d2e72f71240050203010001a317301530130603551d25040c300a06082b06010505070302300d06092a864886f70d010104050003820101008cb12a5b0e048b822dd0e435fdb3c808a183a2bfe5b8970d24c8d7d8de6183ac6bd0978accaa284093f927e49b512056fd5850cd2211016f0d68099bc90a2bf2fb93ab3f6a2552fe2b094ffb8830aabe7d00871f1f8b882d3bfec10f73a7af1688a51a2e915597276d
EAP-Message =
0x0e2c716dbd340dba22124f473ea8396e799c6de451101cb64cc0e8913535dc79d23e6194878814e7d6baa7a1ba616947cfe5d368a83f5db7e71e95e9b90f189033e9851b1d8419c4ab78b988ca9c4ff1163ed3e390e486bfc803e176cb108e7c31b51c5b618e644a046f7a60f232b0d57c47f1626a96115e83d457a3ad661c064986ebdd3629ef50b6a0d67e7b923d4a0d288b3652d98e1000010201003c14f10ae05a07ca00d74116971fd5d146e8640db1f58ebebf6e49c7cd8dabe98da7b6461af55c77e5fbde2336eb2914ceb3a6e09cdb6a46989cd9e22983bc672387ff0483700a70e396a9f844edd9ac4bb95c4b2a3bc45755d9408e41b37034
EAP-Message =
0x32c84f5b11d84870904e298defb383734235d6f67c9d9c0dfe20ed207fa3fe539571566103e2f55ee41cd3c7d6d9019f224594853387f67ccf453aa85ead173fa5059922888c7de3a689745cdc800423fc43522a91ee235704264a60eec90c62d01fde3cdda4f81666c26f8681c08b4a18b447d9971270ce92391e5c54f2537b3f7ff791fe7863daa40f6e0e244a02dab97755b4de554a21973a34dab24815ae0f00010201001b8569aff3bd371c1c7d782df9db0e00468d7806f2b5307f49dd2d4c5507aec96fe0db1fa401a613e021eec225eedf95303d1b2af768c011541086e89933d72b07d56d5a588e96d79906e1672e016fd5694fe694990ded
EAP-Message =
0x9dc92e8f839a0e40cc7a7563476be125135d91d45ed4b5c978273b5e1d0e30cb655d8d1a011fe0d7c93e21603ee63e618566dbf126d95e68f8bf1e2bfbf8145a3894ddeb74923d45fbac9fdbde4cd7bf070931c74a4a7d3153a4e5de2d74c4f6f6191e639f57d2d18a256f240726a7b3100fec13048cddc9a99f594c82742aeb918959fe193bd1cb691a81fbf413aaba7e57cca12151350d96dc18a4b0af99d63cb68c1a5214a087a21403010001011603010020251f2329bd8931db05f4268228c4258ec07f3d2bb9281b1b83b584b08b75214d
Message-Authenticator = 0xd97d042e7cb701a8720f28f6c5f1292b
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
rlm_realm: No '@' in User-Name = "testing", looking up realm NULL
rlm_realm: No such realm "NULL"
++[suffix] returns noop
rlm_eap: EAP packet type response id 5 length 253
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[unix] returns notfound
users: Matched entry testing at line 91
expand: Hello, %{User-Name} -> Hello, testing
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
rlm_pap: Found existing Auth-Type, not changing it.
++[pap] returns noop
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
rlm_eap: Request found, released from the list
rlm_eap: EAP/tls
rlm_eap: processing type tls
rlm_eap_tls: Authenticate
rlm_eap_tls: processing TLS
TLS Length 1467
rlm_eap_tls: Length Included
eaptls_verify returned 11
rlm_eap_tls: <<< TLS 1.0 Handshake [length 037f], Certificate
--> verify error:num=20:unable to get local issuer certificate
rlm_eap_tls: >>> TLS 1.0 Alert [length 0002], fatal unknown_ca
TLS Alert write:fatal:unknown CA
TLS_accept:error in SSLv3 read client certificate B
rlm_eap: SSL error error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned
rlm_eap_tls: SSL_read failed in a system call (-1), TLS session fails.
eaptls_process returned 13
rlm_eap: Freeing handler
++[eap] returns reject
auth: Failed to validate the user.
Login incorrect: [testing/<via Auth-Type = EAP>] (from client private-network-1 port 0 cli 00:1c:f0:10:56:b8)
Found Post-Auth-Type Reject
+- entering group REJECT
expand: %{User-Name} -> testing
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 4 for 1 seconds
Going to the next request
radtest testing testing123-1 localhost 0 testing123
User-Name = "testing"
User-Password = "testing123"
NAS-IP-Address = 192.168.1.5
NAS-Port = 0
Reply-Message = "Hello, testing"
Here another error when I do radtest to localhost by return 192.168.1.5
Where should I go to fix those problem?
I browse a lot but just have no clue where did I get wrong!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080810/04d07209/attachment.html>
More information about the Freeradius-Users
mailing list