Help with proxy settings please
lmgo5991
lmgo at gcal.ac.uk
Thu Jan 12 17:08:27 CET 2012
Hi Phil,
Thanks for you quick response. Just to clarify what we have succeeded in t=
o date:
1. Install Samba done
2. Join Samba to the domain done
3. Start winbind done
4. Configure FreeRADIUS to use ntlm_auth to check MSCHAP against the
AD controllers done
After finding the updated changes for fr v2 we ran the radius -X are are no=
w receiving the following:-
rad_recv: Access-Request packet from host 10.1.5.4 port 32768, id=3D193, le=
ngth=3D256
User-Name =3D "radldapuser at gcu.ac.uk"
Calling-Station-Id =3D "00:24:2c:7a:d8:7d"
Called-Station-Id =3D "00:26:cb:80:33:20:eduroam"
NAS-Port =3D 29
Cisco-AVPair =3D "audit-session-id=3D0a0105040000026d4f0f0224"
NAS-IP-Address =3D 10.1.5.4
NAS-Identifier =3D "CLIC_WiSM_A"
Airespace-Wlan-Id =3D 9
Service-Type =3D Framed-User
Framed-MTU =3D 1300
NAS-Port-Type =3D Wireless-802.11
Tunnel-Type:0 =3D VLAN
Tunnel-Medium-Type:0 =3D IEEE-802
Tunnel-Private-Group-Id:0 =3D "914"
EAP-Message =3D 0x0202001a017261646c64617075736572406763752e61632e7=
56b
Message-Authenticator =3D 0x569f3fe4b0f6cc0bacb1451b037bb5e3
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/=
default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] Looking up realm "gcu.ac.uk" for User-Name =3D "radldapuser at gcu.ac=
.uk"
[suffix] Found realm "GCU.AC.UK"
[suffix] Adding Stripped-User-Name =3D "radldapuser"
[suffix] Adding Realm =3D "GCU.AC.UK"
[suffix] Proxying request from user radldapuser to realm GCU.AC.UK
[suffix] Preparing to proxy authentication request to realm "GCU.AC.UK"
++[suffix] returns updated
[eap] Request is supposed to be proxied to Realm GCU.AC.UK. Not doing EAP.
++[eap] returns noop
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
WARNING: Empty pre-proxy section. Using default return values.
Sending Access-Request of id 98 to 10.1.1.78 port 1812
User-Name =3D "radldapuser"
Calling-Station-Id =3D "00:24:2c:7a:d8:7d"
Called-Station-Id =3D "00:26:cb:80:33:20:eduroam"
NAS-Port =3D 29
Cisco-AVPair =3D "audit-session-id=3D0a0105040000026d4f0f0224"
NAS-IP-Address =3D 10.1.5.4
NAS-Identifier =3D "CLIC_WiSM_A"
Airespace-Wlan-Id =3D 9
Service-Type =3D Framed-User
Framed-MTU =3D 1300
NAS-Port-Type =3D Wireless-802.11
Tunnel-Type:0 =3D VLAN
Tunnel-Medium-Type:0 =3D IEEE-802
Tunnel-Private-Group-Id:0 =3D "914"
EAP-Message =3D 0x0202001a017261646c64617075736572406763752e61632e7=
56b
Message-Authenticator =3D 0x00000000000000000000000000000000
Proxy-State =3D 0x313933
Proxying request 0 to home server 10.1.1.78 port 1812
Sending Access-Request of id 98 to 10.1.1.78 port 1812
User-Name =3D "radldapuser"
Calling-Station-Id =3D "00:24:2c:7a:d8:7d"
Called-Station-Id =3D "00:26:cb:80:33:20:eduroam"
NAS-Port =3D 29
Cisco-AVPair =3D "audit-session-id=3D0a0105040000026d4f0f0224"
NAS-IP-Address =3D 10.1.5.4
NAS-Identifier =3D "CLIC_WiSM_A"
Airespace-Wlan-Id =3D 9
Service-Type =3D Framed-User
Framed-MTU =3D 1300
NAS-Port-Type =3D Wireless-802.11
Tunnel-Type:0 =3D VLAN
Tunnel-Medium-Type:0 =3D IEEE-802
Tunnel-Private-Group-Id:0 =3D "914"
EAP-Message =3D 0x0202001a017261646c64617075736572406763752e61632e7=
56b
Message-Authenticator =3D 0x00000000000000000000000000000000
Proxy-State =3D 0x313933
Going to the next request
Waking up in 0.9 seconds.
Waking up in 12.9 seconds.
rad_recv: Access-Request packet from host 10.1.5.4 port 32768, id=3D193, le=
ngth=3D256
Sending duplicate proxied request to home server 10.1.1.78 port 1812 - ID: =
98
Sending Access-Request of id 98 to 10.1.1.78 port 1812
User-Name =3D "radldapuser"
Calling-Station-Id =3D "00:24:2c:7a:d8:7d"
Called-Station-Id =3D "00:26:cb:80:33:20:eduroam"
NAS-Port =3D 29
Cisco-AVPair =3D "audit-session-id=3D0a0105040000026d4f0f0224"
NAS-IP-Address =3D 10.1.5.4
NAS-Identifier =3D "CLIC_WiSM_A"
Airespace-Wlan-Id =3D 9
Service-Type =3D Framed-User
Framed-MTU =3D 1300
NAS-Port-Type =3D Wireless-802.11
Tunnel-Type:0 =3D VLAN
Tunnel-Medium-Type:0 =3D IEEE-802
Tunnel-Private-Group-Id:0 =3D "914"
EAP-Message =3D 0x0202001a017261646c64617075736572406763752e61632e7=
56b
Message-Authenticator =3D 0x00000000000000000000000000000000
Proxy-State =3D 0x313933
Waking up in 12.0 seconds.
rad_recv: Access-Request packet from host 10.1.5.4 port 32768, id=3D193, le=
ngth=3D256
Sending duplicate proxied request to home server 10.1.1.78 port 1812 - ID: =
98
Sending Access-Request of id 98 to 10.1.1.78 port 1812
User-Name =3D "radldapuser"
Calling-Station-Id =3D "00:24:2c:7a:d8:7d"
Called-Station-Id =3D "00:26:cb:80:33:20:eduroam"
NAS-Port =3D 29
Cisco-AVPair =3D "audit-session-id=3D0a0105040000026d4f0f0224"
NAS-IP-Address =3D 10.1.5.4
NAS-Identifier =3D "CLIC_WiSM_A"
Airespace-Wlan-Id =3D 9
Service-Type =3D Framed-User
Framed-MTU =3D 1300
NAS-Port-Type =3D Wireless-802.11
Tunnel-Type:0 =3D VLAN
Tunnel-Medium-Type:0 =3D IEEE-802
Tunnel-Private-Group-Id:0 =3D "914"
EAP-Message =3D 0x0202001a017261646c64617075736572406763752e61632e7=
56b
Message-Authenticator =3D 0x00000000000000000000000000000000
Proxy-State =3D 0x313933
Waking up in 9.9 seconds.
rad_recv: Access-Request packet from host 10.1.5.4 port 32768, id=3D193, le=
ngth=3D256
Sending duplicate proxied request to home server 10.1.1.78 port 1812 - ID: =
98
Sending Access-Request of id 98 to 10.1.1.78 port 1812
User-Name =3D "radldapuser"
Calling-Station-Id =3D "00:24:2c:7a:d8:7d"
Called-Station-Id =3D "00:26:cb:80:33:20:eduroam"
NAS-Port =3D 29
Cisco-AVPair =3D "audit-session-id=3D0a0105040000026d4f0f0224"
NAS-IP-Address =3D 10.1.5.4
NAS-Identifier =3D "CLIC_WiSM_A"
Airespace-Wlan-Id =3D 9
Service-Type =3D Framed-User
Framed-MTU =3D 1300
NAS-Port-Type =3D Wireless-802.11
Tunnel-Type:0 =3D VLAN
Tunnel-Medium-Type:0 =3D IEEE-802
Tunnel-Private-Group-Id:0 =3D "914"
EAP-Message =3D 0x0202001a017261646c64617075736572406763752e61632e7=
56b
Message-Authenticator =3D 0x00000000000000000000000000000000
Proxy-State =3D 0x313933
Waking up in 7.9 seconds.
rad_recv: Access-Request packet from host 10.1.5.4 port 32768, id=3D193, le=
ngth=3D256
Sending duplicate proxied request to home server 10.1.1.78 port 1812 - ID: =
98
Sending Access-Request of id 98 to 10.1.1.78 port 1812
User-Name =3D "radldapuser"
Calling-Station-Id =3D "00:24:2c:7a:d8:7d"
Called-Station-Id =3D "00:26:cb:80:33:20:eduroam"
NAS-Port =3D 29
Cisco-AVPair =3D "audit-session-id=3D0a0105040000026d4f0f0224"
NAS-IP-Address =3D 10.1.5.4
NAS-Identifier =3D "CLIC_WiSM_A"
Airespace-Wlan-Id =3D 9
Service-Type =3D Framed-User
Framed-MTU =3D 1300
NAS-Port-Type =3D Wireless-802.11
Tunnel-Type:0 =3D VLAN
Tunnel-Medium-Type:0 =3D IEEE-802
Tunnel-Private-Group-Id:0 =3D "914"
EAP-Message =3D 0x0202001a017261646c64617075736572406763752e61632e7=
56b
Message-Authenticator =3D 0x00000000000000000000000000000000
Proxy-State =3D 0x313933
Waking up in 5.9 seconds.
rad_recv: Access-Request packet from host 10.1.5.4 port 32768, id=3D193, le=
ngth=3D256
Sending duplicate proxied request to home server 10.1.1.78 port 1812 - ID: =
98
Sending Access-Request of id 98 to 10.1.1.78 port 1812
User-Name =3D "radldapuser"
Calling-Station-Id =3D "00:24:2c:7a:d8:7d"
Called-Station-Id =3D "00:26:cb:80:33:20:eduroam"
NAS-Port =3D 29
Cisco-AVPair =3D "audit-session-id=3D0a0105040000026d4f0f0224"
NAS-IP-Address =3D 10.1.5.4
NAS-Identifier =3D "CLIC_WiSM_A"
Airespace-Wlan-Id =3D 9
Service-Type =3D Framed-User
Framed-MTU =3D 1300
NAS-Port-Type =3D Wireless-802.11
Tunnel-Type:0 =3D VLAN
Tunnel-Medium-Type:0 =3D IEEE-802
Tunnel-Private-Group-Id:0 =3D "914"
EAP-Message =3D 0x0202001a017261646c64617075736572406763752e61632e7=
56b
Message-Authenticator =3D 0x00000000000000000000000000000000
Proxy-State =3D 0x313933
Waking up in 3.9 seconds.
Cleaning up request 0 ID 193 with timestamp +14
Marking home server 10.1.1.78 port 1812 as zombie (it looks like it is dead=
).
Ready to process requests.
We are trying to locate where we would reference our internal AD within eit=
her proxy.conf and/or clients.conf. or should ntlm do this automatically...=
..
Ps we are not trying to use ldap sorry for the mis leading test user id :).
Thanks
--
View this message in context: http://freeradius.1045715.n5.nabble.com/Help-with-proxy-settings-please-tp5139910p5140289.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
More information about the Freeradius-Users
mailing list