Failed to authenticate the user.

Paweł Pogorzelski ppogorzelski at gmail.com
Sun Aug 30 15:17:17 CEST 2009


Hi!

I have problem with user authentication.
I have Freeradius 2.1.5 with Daloradius and meru controller
here is log from freeradius -X

-------------------------
rad_recv: Access-Request packet from host 192.168.1.17 port 32768,
id=151, length=281
	User-Name = "test at test.pl"
	NAS-IP-Address = 192.168.1.17
	NAS-Port = 4097
	Called-Station-Id = "00-02-B6-35-D2-D2:eduroam_secure"
	Calling-Station-Id = "00-13-E8-82-90-FD"
	Framed-MTU = 1250
	NAS-Port-Type = Wireless-802.11
	Connect-Info = "CONNECT 802.11b/g"
	EAP-Message = 0x02040060190017030100203f76662de7ba5ad6abd3ddd6e1c9d1e3ce30c9a7c8c3d75d2f72704e3f1dfb741703010030022f4ed8866f1068cb5e6ba40fda334eefba9d407ef8c915bf3b7c14b3019e11c9add4a556e43c6c993f1e18262484d6
	State = 0x611ce3106318fa3ccfeca13fec4558b9
	Message-Authenticator = 0x6d9a86305cb15774a87d56fa5e9288e6
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] Looking up realm "test.pl" for User-Name = "test at test.pl"
[suffix] Found realm "test.pl"
[suffix] Adding Realm = "test.pl"
[suffix] Authentication realm is LOCAL.
++[suffix] returns ok
[eap] EAP packet type response id 4 length 96
[eap] Continuing tunnel setup.
++[eap] returns ok
++[files] returns noop
[sql] 	expand: %{User-Name} -> test at test.pl
[sql] sql_set_user escaped user --> 'test at test.pl'
rlm_sql (sql): Reserving sql socket id: 4
[sql] 	expand: SELECT id, username, attribute, value, op
FROM radcheck           WHERE username = '%{SQL-User-Name}'
ORDER BY id -> SELECT id, username, attribute, value, op
FROM radcheck           WHERE username = 'test at test.pl'
ORDER BY id
[sql] User found in radcheck table
[sql] 	expand: SELECT id, username, attribute, value, op
FROM radreply           WHERE username = '%{SQL-User-Name}'
ORDER BY id -> SELECT id, username, attribute, value, op
FROM radreply           WHERE username = 'test at test.pl'
ORDER BY id
[sql] 	expand: SELECT groupname           FROM radusergroup
WHERE username = '%{SQL-User-Name}'           ORDER BY priority ->
SELECT groupname           FROM radusergroup           WHERE username
= 'test at test.pl'           ORDER BY priority
rlm_sql (sql): Released sql socket id: 4
++[sql] returns ok
++? if ("%{control:Proxy-To-Realm}" == 'mojman')
	expand: %{control:Proxy-To-Realm} ->
? Evaluating ("%{control:Proxy-To-Realm}" == 'mojman') -> FALSE
++? if ("%{control:Proxy-To-Realm}" == 'mojman') -> FALSE
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] eaptls_verify returned 7
[peap] Done initial handshake
[peap] eaptls_process returned 7
[peap] EAPTLS_OK
[peap] Session established.  Decoding tunneled attributes.
[peap] Received EAP-TLV response.
[peap] Success
[peap] FAIL: Forcibly stopping session resumption as it is not allowed.
[eap] Freeing handler
++[eap] returns reject
Failed to authenticate the user.
Using Post-Auth-Type Reject
  WARNING: Unknown value specified for Post-Auth-Type.  Cannot perform
requested action.
Delaying reject of request 32 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 32
Sending Access-Reject of id 151 to 192.168.1.17 port 32768
	EAP-Message = 0x04040004
	Message-Authenticator = 0x00000000000000000000000000000000
Waking up in 3.6 seconds.
---------------------------------

Please help



More information about the Freeradius-Users mailing list