Decoupled accounting

Devinder Singh devinbhullar at gmail.com
Tue Aug 4 03:34:19 CEST 2009


Hi Ivan

Ok i managed to install ca.der and client.p12 on my XP

When i run radiusd -X i get

rad_recv: Access-Request packet from host 203.121.4.59 port 6001,
id=30, length=216
        User-Name = "devinder at palettemm.com"
        NAS-IP-Address = 203.121.4.59
        Called-Station-Id = "00-20-a6-6c-49-9d:palstaff"
        Calling-Station-Id = "00-04-23-7b-56-b9"
        NAS-Identifier = "ORiNOCO-AP-700-6c-49-9d"
        State = 0xf30ae66df60debd09c91249e7b82f0a9
        Framed-MTU = 1400
        NAS-Port-Type = Wireless-802.11
        EAP-Message =
0x0207002c0d000116030100205a6f866d20eb642ddc9f404f90d8650422eb751e7bb0199a016bb14e384df6fa
        Message-Authenticator = 0x06206416bbe520db012eb924f72ba75e
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] Looking up realm "palettemm.com" for User-Name =
"devinder at palettemm.com"
[suffix] No such realm "palettemm.com"
++[suffix] returns noop
[eap] EAP packet type response id 7 length 44
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[unix] returns notfound
[files] users: Matched entry devinder at palettemm.com at line 94
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] eaptls_verify returned 7
[tls] Done initial handshake
[tls] <<< TLS 1.0 Handshake [length 03b2], Certificate
--> verify error:num=20:unable to get local issuer certificate
[tls] >>> TLS 1.0 Alert [length 0002], fatal unknown_ca
TLS Alert write:fatal:unknown CA
    TLS_accept:error in SSLv3 read client certificate B
rlm_eap: SSL error error:140890B2:SSL
routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned
SSL: SSL_read failed in a system call (-1), TLS session fails.
TLS receive handshake failed during operation
[tls] eaptls_process returned 4
[eap] Handler failed in EAP/tls
[eap] Failed in EAP select
++[eap] returns invalid
Failed to authenticate the user.
Using Post-Auth-Type Reject
+- entering group REJECT {...}
[attr_filter.access_reject]     expand: %{User-Name} -> devinder at palettemm.com
 attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 6 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 6
Sending Access-Reject of id 30 to 203.121.4.59 port 6001
        EAP-Message = 0x04070004
        Message-Authenticator = 0x00000000000000000000000000000000
Waking up in 3.8 seconds.
Cleaning up request 0 ID 24 with timestamp +83
Cleaning up request 1 ID 25 with timestamp +83
Cleaning up request 2 ID 26 with timestamp +83
Cleaning up request 3 ID 27 with timestamp +83
Cleaning up request 4 ID 28 with timestamp +83
Cleaning up request 5 ID 29 with timestamp +83
Waking up in 1.0 seconds.
Cleaning up request 6 ID 30 with timestamp +83
Ready to process requests.



Users File


"devinder at palettemm.com" Auth-Type := EAP

DEFAULT Auth-Type := Reject
        Reply-Message = "Authentication Failed"














2009/8/3 Ivan Kalik <tnt at kalik.net>:
>> Do i copy  this file to the XP and install ca.der
>>
>> ca.der and client.p12
>
> Yes.
>
> Ivan Kalik
> Kalik Informatika ISP
>
>



-- 
Devinder




More information about the Freeradius-Users mailing list