802.1x on Active Directory: no errors in debug but auth fails

Alan Buxey A.L.M.Buxey at lboro.ac.uk
Mon Feb 7 12:13:33 CET 2011


Hi,

> } # server inner-tunnel
> [peap] Got tunneled reply code 11
>         EAP-Message =
> 0x010a00331a0309002e533d4341303635413435333430423234384542433237433546463731
> 3133303545423545354633383131
>         Message-Authenticator = 0x00000000000000000000000000000000
>         State = 0x37523e803658245973dcd634f3fc6f7a
> [peap] Got tunneled reply RADIUS code 11
>         EAP-Message =
> 0x010a00331a0309002e533d4341303635413435333430423234384542433237433546463731
> 3133303545423545354633383131
>         Message-Authenticator = 0x00000000000000000000000000000000
>         State = 0x37523e803658245973dcd634f3fc6f7a
> [peap] Got tunneled Access-Challenge
> ++[eap] returns handled
> Sending Access-Challenge of id 54 to 10.63.1.207 port 1025
>         EAP-Message =
> 0x010a004a1900170301003f89859944848beaa1a1150d04b44af7343d3f0867517b48dcfa7c
> 1a3a38468e2c7f73a4a6d760ee589d34d3ae808c8fe81be20e246f39c054d1efa38ae39490
>         Message-Authenticator = 0x00000000000000000000000000000000
>         State = 0xc2330ef2ca39179b10e022abbe73f133

..this is where it ends - an access challenge never gets responded to.  do you have the
CA of the RADIUS server installed on the client? 

alan



More information about the Freeradius-Users mailing list