eap md5 and cisco 1250 ap?
Jonathan D. Proulx
jon at csail.mit.edu
Fri Oct 10 18:08:35 CEST 2008
Hi All,
I'm trying to get am MacOS 10.5 client to connect to a cisco 1250 ap
running IOS 12.4(10b) authenticating against Freeradius 1.1.7 on
Ubuntu (8.04).
Yeh md5 is a bad idea, but it should be a simple first step. The only
changes I made to the default Freeradius config were to add the client
info for the 1250 and one user:
jon Cleartext-Password := "password"
Freeradius sends:
Sending Access-Accept of id 56 to 192.168.32.10 port 1645
EAP-Message = 0x03020004
Message-Authenticator = 0x00000000000000000000000000000000
User-Name = "jon"
Finished request 95
Which the AP sees:
*Mar 1 17:13:08.871: RADIUS: Received from id 1645/54
192.168.32.34:1812, Access-Accept, len 49
*Mar 1 17:13:08.871: RADIUS: authenticator 80 F5 FE FA 84 E9 7A EB -
C9 D0 0C F2 E5 07 9C 02
*Mar 1 17:13:08.871: RADIUS: EAP-Message [79] 6
*Mar 1 17:13:08.871: RADIUS: 03 02 00 04 [????]
*Mar 1 17:13:08.871: RADIUS: Message-Authenticato[80] 18
*Mar 1 17:13:08.871: RADIUS: 61 20 78 47 53 68 E0 80 20 7F 10 04 95
CE 64 9D [a xGSh?? ?????d?]
*Mar 1 17:13:08.871: RADIUS: User-Name [1] 5 "jon"
*Mar 1 17:13:08.871: RADIUS(000000B0): Received from id 1645/54
*Mar 1 17:13:08.871: RADIUS/DECODE: EAP-Message fragments, 4, total 4
bytes
*Mar 1 17:13:09.919: %DOT11-7-AUTH_FAILED: Station 001e.c2b7.f0de
Authentication failed
But note the AUTH_FAILED at the. The Mac client then just spins
retrying athentication.
I must be missing something so stupidly obvious noone else has ever
missed it, as I can't seem to find anyone onlline who's had trouble
with simple md5 auth...
Help? Thanks,
-Jon
More information about the Freeradius-Users
mailing list