FreeRadius 2.0.3 setup help
Alan DeKok
aland at deployingradius.com
Sun Jul 27 08:56:20 CEST 2008
Brooks, Kyle wrote:
> We have been trying to setup the new FreeRadius server, version 2.0.3 on Fedora 9. We are very close as during testing a user was able to authenticate to AD via LDAP. Radtest was ok, but there is no accept packet/acknowledgment sent back, so the network switch thinks the user hasn't been authenticated yet. Below is the radius log, sensitive information has been taken out. I'm hoping someone can help us figure out what we are doing wrong. The log below has been shorten.
See my web site for instructions on setting up and testing EAP.
> Sending Access-Challenge of id 21 to 10.0.1.9 port 1645
> EAP-Message = 0x0109005b19001703010050acf799d4d09f9221585544ed0d61e14e0eb13d4781dcbe9e6fe7423d1f1f6620939f16d7c7113f3c7be0735d0bcf4a463c760c12da2d85a850a3c22ed81efecdba83d919935cda81ca7bcc377b51825e
> Message-Authenticator = 0x00000000000000000000000000000000
> State = 0x87d5a69b81dcbf58ea7c4f63c1b50a12
> Finished request 6.
> Going to the next request
> Waking up in 4.8 seconds.
> Cleaning up request 0 ID 15 with timestamp +20
This is in the FAQ, and documented in the comments in raddb/eap.conf.
The client is Windows, and you likely haven't used the FreeRADIUS
certificate creation scripts. If you have used it, then see recent
posts to the list on other PEAP problems.
Or, maybe the switch is broken. 3Com seems to be having a lot of
trouble with older models.
Alan DeKok.
More information about the Freeradius-Users
mailing list