Cisco WLC4402 - 802.1X - Android - Tunnel-Priv-Group-ID Failure

Arran Cudbard-Bell a.cudbardb at googlemail.com
Wed Aug 11 00:30:33 CEST 2010


> 
> 
> When Joining from my Android, it comes accross as:
> 
> Tue Aug 10 11:26:53 2010
>        User-Name = "1fT6ESzC4Dbj9oIpiJjjfg=="
> 
> (A few chars changed to prevent the username from being figured out)
> 
> This somehow is authenticating correctly because I get an IP address (in the incorrect vlan) and can surf the net, and if I mistype the password I get an authentication failure.
> However when it tries to do a match for the username to determine their group/vlan it fails because we don't have any users with that user name.
> 
> Has anyone seen this before or have any leads I should follow?

Do a promiscuous packet capture and verify the Outer Identity the Android phone is sending in the EAP-Identity-Response. If it matches the User-Name above then you've found your problem.


-Arran



More information about the Freeradius-Users mailing list