eap-peap inner outer identity
A.L.M.Buxey at lboro.ac.uk
A.L.M.Buxey at lboro.ac.uk
Thu Apr 23 23:37:38 CEST 2009
Hi,
Per, if you read the debug log you will clearly
see the problem.
(cutting everything until the auth occurring.
> rad_recv: Access-Request packet from host 127.0.0.1 port 43395, id=1,
> length=168
> User-Name = "0016dbd4b7d5"
> User-Password = "0016dbd4b7d5"
> NAS-IP-Address = 192.168.1.1
> Called-Station-Id = "00-21-91-F3-D2-21:MY-radius"
> Calling-Station-Id = "00-16-EA-E5-C8-E6"
> NAS-Port-Type = Wireless-802.11
> Connect-Info = "CONNECT 11Mbps 802.11b"
> Message-Authenticator = 0xd33a8bb379cbb4798259751e0532df73
> +- entering group authorize {...}
> ++[preprocess] returns ok
> ++[chap] returns noop
> ++[mschap] returns noop
> [suffix] No '@' in User-Name = "0016dbd4b7d5", looking up realm NULL
> [suffix] No such realm "NULL"
> ++[suffix] returns noop
> [eap] No EAP-Message, not doing EAP
> ++[eap] returns noop
there. look. its not EAP. the server tells you this...and you can clearly
see this isnt EAP. this is just plain PAP - even worse, its nothing
to do with your username - this is a very dumb MAC address PAP.
you'd find that if you put
"0016dbd4b7d5" Cleartext-Password := "0016dbd4b7d5"
into your users file this would probably work straight away..but
do you want PAP - if you want EAP, configure your NAS to
do EAP (from the other log entries, looks like this NAS doesnt
send proper accounting data either)
alan
More information about the Freeradius-Users
mailing list