Freeradius process crash receiving answers from Microsoft NPS Server

Mon Nov 14 10:04:31 CET 2011

Hi
Thanks for your answer.
I call the freeradius in debug mode and the result is "segmentation
fault". This is the  lines of log when the FR receives te accept
package from Microsoft NPS server (192.168.120.4).

Thaks a lot.

rad_recv: Access-Accept packet from host 192.168.120.4 port 1812,
id=199, length=282
	Proxy-State = 0x313134
	Filter-Id = "Cetemmsa"
	Framed-IP-Address = 255.255.255.254
	Tunnel-Medium-Type:0 = IEEE-802
	Tunnel-Private-Group-Id:0 = "910"
	Tunnel-Type:0 = VLAN
	Class = 0x6bf205b20000013700010200c0a8780400000000000000000000000001cca05f6e0a6b86000000000000005d
	MS-MPPE-Recv-Key = 0x212b3b07d70ff070d6a9fa87c78fa2c0
	MS-MPPE-Send-Key = 0x52efb626fc61ad8a5649234114ab5a6b
	MS-CHAP2-Success =
0x03533d46413337463335454242413131343446373546394336324538364242464533414244423336414237
	MS-CHAP-Domain = "\003NTCETEMMSA"
	MS-Link-Utilization-Threshold = 50
	MS-Link-Drop-Time-Limit = 120
Mon Nov 14 09:55:50 2011 : Info: # Executing section post-proxy from
file /etc/freeradius/sites-enabled/default
Mon Nov 14 09:55:50 2011 : Info: +- entering group post-proxy {...}
Mon Nov 14 09:55:50 2011 : Info: [eap] Doing post-proxy callback
Mon Nov 14 09:55:50 2011 : Info: [eap] Passing reply from proxy back
into the tunnel.
server inner-tunnel {
Mon Nov 14 09:55:50 2011 : Info: [eap] Passing reply back for EAP-MS-CHAP-V2
Mon Nov 14 09:55:50 2011 : Info: # Executing section post-proxy from
file /etc/freeradius/sites-enabled/inner-tunnel
Mon Nov 14 09:55:50 2011 : Info: +- entering group post-proxy {...}
Mon Nov 14 09:55:50 2011 : Info: ++[eap] returns noop
Mon Nov 14 09:55:50 2011 : Info:   WARNING: Empty post-auth section.
Using default return values.
Mon Nov 14 09:55:50 2011 : Info: # Executing section post-auth from
file /etc/freeradius/sites-enabled/inner-tunnel
} # server inner-tunnel
Mon Nov 14 09:55:50 2011 : Info: [eap] Final reply from tunneled session code 2
	Proxy-State = 0x313134
	Filter-Id = "Cetemmsa"
	Framed-IP-Address = 255.255.255.254
	Tunnel-Medium-Type:0 = IEEE-802
	Tunnel-Private-Group-Id:0 = "910"
	Tunnel-Type:0 = VLAN
	Class = 0x6bf205b20000013700010200c0a8780400000000000000000000000001cca05f6e0a6b86000000000000005d
	MS-MPPE-Recv-Key = 0x212b3b07d70ff070d6a9fa87c78fa2c0
	MS-MPPE-Send-Key = 0x52efb626fc61ad8a5649234114ab5a6b
	MS-CHAP2-Success =
0x03533d46413337463335454242413131343446373546394336324538364242464533414244423336414237
	MS-CHAP-Domain = "\003NTCETEMMSA"
	MS-Link-Utilization-Threshold = 50
	MS-Link-Drop-Time-Limit = 120
Mon Nov 14 09:55:50 2011 : Info: [eap] Got reply 2
 failed!

2011/11/13 Alexandre Chapellon <a.chapellon at horoa.net>
>
> Are you running freeradius with '-X'?
> If not try it, you should get more debug.
>
> regards
>
> Le 12/11/2011 20:35, IT Support a écrit :
>>
>> Good afternoon
>>
>> I'm a newbie with freeradius and I'm trying to configure a radius
>> proxy server that makes to a server microsoft radius nps.
>>
>> I have a Enterasys C3 switch that sends auth requests to my
>> Freeradius. If the request is for auth a MAC the FR auth locally, but
>> if  the request is for auth a windows user (EAP) the FR resend the
>> request to the Microsoft NPS radius server.
>>
>> I use Debian 6.0 and the debian package of FR (version is 2.1.10).
>>
>> The problem is that when the Microsoft RADIUS server returns an accept
>> packet, the freeradius server process dies. But if the answer is
>> reject, the process works properly.
>>
>> When the process dies, only appears in the syslog the following line:
>>
>> "November 11 16:20:35 debian-radius kernel: [2380.591594] freeradius
>> [1749]: segfault at 3934c708 b76fd497 ip sp error 4 in libfreeradius
>> b5ae4970-radius-2.1.10.so
>> [+1 b76ec000 E000]"
>>
>> Can anyone help me?
>>
>> Sorry for my poor English.
>>
>> Best greetings
>>
>> Toni
>>
>> -
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
> --
> <http://www.horoa.net>
>
> Alexandre Chapellon
>
> Ingénierie des systèmes open sources et réseaux.
> Follow me on twitter: @alxgomz <http://www.twitter.com/alxgomz>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>