Mschapv2 not working! Please help!

saini_jas16 jaswinder.kaur at northyorks.gov.uk
Thu Oct 16 17:21:45 CEST 2008


Hello All,

I am trying to authenticate a Windows XP Client with the username and
password configured in the Users file on the Radius Server.  I have tried
saveral changes, but I am not able to get rid of this error. I am running
freeradius 2.1.1 on Suse 10 SP1.

Kindly Help, I am in urgent need of making this radius server up and
running.
Below is the error I am receiving. 


rad_recv: Access-Request packet from host 130.1.254.174 port 20000, id=212,
length=182
        NAS-Port-Id = "2049/1"
        Calling-Station-Id = "00-1F-3B-70-5B-7F"
        Called-Station-Id = "00-18-6E-30-70-C0:NYCC_TEST"
        Service-Type = Framed-User
        User-Name = "jaswinder"
        State = 0x2aaca71b29aabed260fc846046180105
        EAP-Message =
0x02060021198000000017150301001294659677442f8e7a361ee8ee93374c90ed53
        NAS-Port-Type = Wireless-802.11
        NAS-Identifier = "3Com"
        NAS-IP-Address = 130.1.254.174
        Message-Authenticator = 0xe42d1530c16b34c5b74bfb4c486083aa
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "jaswinder", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 6 length 33
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
  TLS Length 23
[peap] Length Included
[peap] eaptls_verify returned 11
[peap] <<< TLS 1.0 Alert [length 0002], fatal access_denied
TLS Alert read:fatal:access denied
[peap] WARNING: No data inside of the tunnel.
[peap] eaptls_process returned 7
[peap] EAPTLS_OK
[peap] Session established.  Decoding tunneled attributes.
[peap] Tunneled data is invalid.
[eap] Handler failed in EAP/peap
[eap] Failed in EAP select
++[eap] returns invalid
Failed to authenticate the user.
Using Post-Auth-Type Reject
+- entering group REJECT {...}
[attr_filter.access_reject]     expand: %{User-Name} -> jaswinder
 attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 5 for 1 seconds
Going to the next request

Any help is greatly appreciated.
Thanks,
Jas
-- 
View this message in context: http://www.nabble.com/Mschapv2-not-working%21-Please-help%21-tp20015619p20015619.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.




More information about the Freeradius-Users mailing list