wrt54g and freeradius

Gustavo Marcello pruebas at agro.uba.ar
Thu Jul 30 18:03:51 CEST 2009 

This is the complete out of freeradius -X...



rad_recv: Access-Request packet from host 10.1.100.4 port 2048, id=0, 
length=121
        User-Name = "pepe"
        NAS-IP-Address = 10.1.100.4
        Called-Station-Id = "002369490b7b"
        Calling-Station-Id = "001de0249d5b"
        NAS-Identifier = "002369490b7b"
        NAS-Port = 34
        Framed-MTU = 1400
        NAS-Port-Type = Wireless-802.11
        EAP-Message = 0x020000090170657065
        Message-Authenticator = 0x199111463bd0fbb17cc6f7c7cca296c0
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
    rlm_realm: No '@' in User-Name = "pepe", looking up realm NULL
    rlm_realm: No such realm "NULL"
++[suffix] returns noop
  rlm_eap: EAP packet type response id 0 length 9
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[unix] returns notfound
++[files] returns noop
        expand: %{User-Name} -> pepe
rlm_sql (sql): sql_set_user escaped user --> 'pepe'
rlm_sql (sql): Reserving sql socket id: 4
        expand: SELECT id, username, attribute, value, op           FROM 
radcheck           WHERE username = '%{SQL-User-Name}'           ORDER 
BY id -> SELECT id, username, attribute, value, op           FROM 
radcheck           WHERE username = 'pepe'           ORDER BY id
rlm_sql_mysql: query:  SELECT id, username, attribute, value, 
op           FROM radcheck           WHERE username = 'pepe'           
ORDER BY id
rlm_sql (sql): User found in radcheck table
        expand: SELECT id, username, attribute, value, op           FROM 
radreply           WHERE username = '%{SQL-User-Name}'           ORDER 
BY id -> SELECT id, username, attribute, value, op           FROM 
radreply           WHERE username = 'pepe'           ORDER BY id
rlm_sql_mysql: query:  SELECT id, username, attribute, value, 
op           FROM radreply           WHERE username = 'pepe'           
ORDER BY id
        expand: SELECT groupname           FROM usergroup           
WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> 
SELECT groupname           FROM usergroup           WHERE username = 
'pepe'           ORDER BY priority
rlm_sql_mysql: query:  SELECT groupname           FROM 
usergroup           WHERE username = 'pepe'           ORDER BY priority
rlm_sql (sql): Released sql socket id: 4
++[sql] returns ok
++[expiration] returns noop
++[logintime] returns noop
rlm_pap: Found existing Auth-Type, not changing it.
++[pap] returns noop
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
  rlm_eap: EAP Identity
  rlm_eap: processing type md5
rlm_eap_md5: Issuing Challenge
++[eap] returns handled
Sending Access-Challenge of id 0 to 10.1.100.4 port 2048
        EAP-Message = 0x0101001604104fac8e1ba0cc711fccd80c8003211c3c
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x102df74b102cf319cc7f1766ffcb4a81
Finished request 10.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.1.100.4 port 2048, id=0, 
length=136
Cleaning up request 10 ID 0 with timestamp +307
        User-Name = "pepe"
        NAS-IP-Address = 10.1.100.4
        Called-Station-Id = "002369490b7b"
        Calling-Station-Id = "001de0249d5b"
        NAS-Identifier = "002369490b7b"
        NAS-Port = 34
        Framed-MTU = 1400
        State = 0x102df74b102cf319cc7f1766ffcb4a81
        NAS-Port-Type = Wireless-802.11
        EAP-Message = 0x020100060319
        Message-Authenticator = 0x48a397b472491fe98149d6233fe8708c
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
    rlm_realm: No '@' in User-Name = "pepe", looking up realm NULL
    rlm_realm: No such realm "NULL"
++[suffix] returns noop
  rlm_eap: EAP packet type response id 1 length 6
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[unix] returns notfound
++[files] returns noop
        expand: %{User-Name} -> pepe
rlm_sql (sql): sql_set_user escaped user --> 'pepe'
rlm_sql (sql): Reserving sql socket id: 3
        expand: SELECT id, username, attribute, value, op           FROM 
radcheck           WHERE username = '%{SQL-User-Name}'           ORDER 
BY id -> SELECT id, username, attribute, value, op           FROM 
radcheck           WHERE username = 'pepe'           ORDER BY id
rlm_sql_mysql: query:  SELECT id, username, attribute, value, 
op           FROM radcheck           WHERE username = 'pepe'           
ORDER BY id
rlm_sql (sql): User found in radcheck table
        expand: SELECT id, username, attribute, value, op           FROM 
radreply           WHERE username = '%{SQL-User-Name}'           ORDER 
BY id -> SELECT id, username, attribute, value, op           FROM 
radreply           WHERE username = 'pepe'           ORDER BY id
rlm_sql_mysql: query:  SELECT id, username, attribute, value, 
op           FROM radreply           WHERE username = 'pepe'           
ORDER BY id
        expand: SELECT groupname           FROM usergroup           
WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> 
SELECT groupname           FROM usergroup           WHERE username = 
'pepe'           ORDER BY priority
rlm_sql_mysql: query:  SELECT groupname           FROM 
usergroup           WHERE username = 'pepe'           ORDER BY priority
rlm_sql (sql): Released sql socket id: 3
++[sql] returns ok
++[expiration] returns noop
++[logintime] returns noop
rlm_pap: Found existing Auth-Type, not changing it.
++[pap] returns noop
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
+- entering group authenticate
  rlm_eap: Request found, released from the list
  rlm_eap: EAP NAK
 rlm_eap: NAK asked for unsupported type 25
 rlm_eap: No common EAP types found.
  rlm_eap: Failed in EAP select
++[eap] returns invalid
auth: Failed to validate the user.
Login incorrect: [pepe/<via Auth-Type = EAP>] (from client routers-agro 
port 34 cli 001de0249d5b)
  Found Post-Auth-Type Reject
+- entering group REJECT
        expand: %{User-Name} -> pepe
 attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 11 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 11
Sending Access-Reject of id 0 to 10.1.100.4 port 2048
        EAP-Message = 0x04010004
        Message-Authenticator = 0x00000000000000000000000000000000
Waking up in 4.9 seconds.





Ivan Kalik escribió:
>> I need to contact someone who knows how to do or able to use a lynksys
>> WRT54G to authenticate users against a freeradius server, I am having
>> trouble implementing it.
>> I already have the freeradius to work well with a mysql database and try
>> radtest works fine. But wanting to do this through the WRT54G does not
>> work.
>> I need someone who can help me. (I have the default configuration files.)
>>     
>
> Post the debug of the EAP request.
>
> Ivan Kalik
> Kalik Informatika ISP
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>

More information about the Freeradius-Users mailing list