question about windows users
Ivan Kalik
tnt at kalik.net
Thu May 14 15:14:05 CEST 2009
>>>What "doesn't work"? Post the debug.
> server:
> I dont change in my config file, is the same like in first message,
>
> client (win xp):
> I have local connection->authentication->method->eap(peap)->properties:
> validate server cert (marked checkbox),
> marked cacert.pem,
> secured password eap-mschapv2 - use my windows logon
>
> it work's properly, but only with correct user/pass in
> /etc/freeradius/users
> file
OK. That's PEAP.
>
> now I change
> local connection->authentication->method->smart card or other
> certificate->properities:
> validate server cert (marked checkbox),
> marked cacert.pem,
> local connection->authentication->keep in memory inf about users for
> aditional network connection (unmarked checkbox - when marked nothing
> happend at all)
>
> debug
>
> Listening on authentication *:1812
> Listening on accounting *:1813
> Ready to process requests.
> rad_recv: Access-Request packet from host 192.168.5.206:1812, id=37,
> length=159
> NAS-IP-Address = 192.168.5.206
> NAS-Port = 50046
> NAS-Port-Type = Ethernet
> User-Name = "PC-01\\Administrator"
> Called-Station-Id = "00-0C-30-81-9B-EE"
> Calling-Station-Id = "00-0A-E4-13-1A-02"
> Service-Type = Framed-User
> Framed-MTU = 1500
> EAP-Message =
> 0x0200001b014e4c504c2d4943455c41646d696e6973747261746f72
> Message-Authenticator = 0x2430d7c8a84cc54874addee9104cf076
> rlm_eap: Identity does not match User-Name, setting from EAP Identity.
The name on the certificate is not the same as that User-Name. Fix that.
Ivan Kalik
Kalik Informatika ISP
More information about the Freeradius-Users
mailing list