Mschapv2 not working! Please help!

saini_jas16 jaswinder.kaur at northyorks.gov.uk
Fri Oct 17 11:15:51 CEST 2008 

Hello,

I am sure it works well with Users file as well. I remember doing it in the
university. But I do not know y its not working this time. I will be
integrating this freeradius with Novell's edirectory in few days time, but I
wanted to test if its working or not before integrating with edirectory, as
that will be complex structure.

I have a tight dealine to finish it in. Kindly help me in eliminating the
error its showing.

Many Thanks,
Jas


Syed Anwarul Hasan wrote:
> 
> Hi,
> PEAP MSCHAPv2 works well with Active Directory Backend. I am not sure of
> its
> Authentication Process with users file.
> 
> Try with EAP MD5, it works well with Users file.
> 
> SYED
> On Thu, Oct 16, 2008 at 5:21 PM, saini_jas16 <
> jaswinder.kaur at northyorks.gov.uk> wrote:
> 
>>
>> Hello All,
>>
>> I am trying to authenticate a Windows XP Client with the username and
>> password configured in the Users file on the Radius Server.  I have tried
>> saveral changes, but I am not able to get rid of this error. I am running
>> freeradius 2.1.1 on Suse 10 SP1.
>>
>> Kindly Help, I am in urgent need of making this radius server up and
>> running.
>> Below is the error I am receiving.
>>
>>
>> rad_recv: Access-Request packet from host 130.1.254.174 port 20000,
>> id=212,
>> length=182
>>        NAS-Port-Id = "2049/1"
>>        Calling-Station-Id = "00-1F-3B-70-5B-7F"
>>        Called-Station-Id = "00-18-6E-30-70-C0:NYCC_TEST"
>>        Service-Type = Framed-User
>>        User-Name = "jaswinder"
>>        State = 0x2aaca71b29aabed260fc846046180105
>>        EAP-Message =
>> 0x02060021198000000017150301001294659677442f8e7a361ee8ee93374c90ed53
>>        NAS-Port-Type = Wireless-802.11
>>        NAS-Identifier = "3Com"
>>        NAS-IP-Address = 130.1.254.174
>>        Message-Authenticator = 0xe42d1530c16b34c5b74bfb4c486083aa
>> +- entering group authorize {...}
>> ++[preprocess] returns ok
>> ++[chap] returns noop
>> ++[mschap] returns noop
>> [suffix] No '@' in User-Name = "jaswinder", looking up realm NULL
>> [suffix] No such realm "NULL"
>> ++[suffix] returns noop
>> [eap] EAP packet type response id 6 length 33
>> [eap] Continuing tunnel setup.
>> ++[eap] returns ok
>> Found Auth-Type = EAP
>> +- entering group authenticate {...}
>> [eap] Request found, released from the list
>> [eap] EAP/peap
>> [eap] processing type peap
>> [peap] processing EAP-TLS
>>  TLS Length 23
>> [peap] Length Included
>> [peap] eaptls_verify returned 11
>> [peap] <<< TLS 1.0 Alert [length 0002], fatal access_denied
>> TLS Alert read:fatal:access denied
>> [peap] WARNING: No data inside of the tunnel.
>> [peap] eaptls_process returned 7
>> [peap] EAPTLS_OK
>> [peap] Session established.  Decoding tunneled attributes.
>> [peap] Tunneled data is invalid.
>> [eap] Handler failed in EAP/peap
>> [eap] Failed in EAP select
>> ++[eap] returns invalid
>> Failed to authenticate the user.
>> Using Post-Auth-Type Reject
>> +- entering group REJECT {...}
>> [attr_filter.access_reject]     expand: %{User-Name} -> jaswinder
>>  attr_filter: Matched entry DEFAULT at line 11
>> ++[attr_filter.access_reject] returns updated
>> Delaying reject of request 5 for 1 seconds
>> Going to the next request
>>
>> Any help is greatly appreciated.
>> Thanks,
>> Jas
>> --
>> View this message in context:
>> http://www.nabble.com/Mschapv2-not-working%21-Please-help%21-tp20015619p20015619.html
>> Sent from the FreeRadius - User mailing list archive at Nabble.com.
>>
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
> 
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
> 

-- 
View this message in context: http://www.nabble.com/Mschapv2-not-working%21-Please-help%21-tp20015619p20029803.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.

More information about the Freeradius-Users mailing list