Wimax with Free radius

Mulindwa meric_l at yahoo.com
Tue Mar 6 06:31:27 CET 2012


Hi Alan,

Seems NAS is rejecting my request, what do you think could be the issue?


# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
[auth_log]     expand: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/196.0.4.18/auth-detail-20120306
[auth_log] /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/196.0.4.18/auth-detail-20120306
[auth_log]     expand: %t -> Tue Mar  6 08:40:50 2012
++[auth_log] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
++[wimax] returns ok
[suffix] Looking up realm "utmax" for User-Name = "cephascourts at utmax"
[suffix] Found realm "utmax"
[suffix] Adding Realm = "utmax"
[suffix] Authentication realm is LOCAL.
++[suffix] returns ok
[eap] EAP packet type response id 1 length 23
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] EAP Identity
[eap] processing type md5
rlm_eap_md5: Issuing Challenge
++[eap] returns handled
Sending Access-Challenge of id 255 to 196.0.4.18 port 10002
    EAP-Message = 0x010200160410ed1cb559afc9f370f07f43c455d550f0
    Message-Authenticator = 0x00000000000000000000000000000000
    State = 0x149f077f149d03c127633988497e8370
Finished request 4409.
Going to the next request
Sending delayed reject for request 4392
Sending Access-Reject of id 238 to 196.0.4.18 port 10002
    Message-Authenticator = 0x00000000000000000000000000000000
    EAP-Message = 0x04010004
Cleaning up request 4329 ID 175 with timestamp +262
rad_recv: Access-Request packet from host 196.0.4.18 port 10003, id=1, length=195
    User-Name = "ediofegirls at utmax"
    NAS-IP-Address = 192.168.224.70
    Calling-Station-Id = "0c4c39b783a9"
    NAS-Identifier = "WASN9770"
    Event-Timestamp = "Mar  6 2012 08:55:35 EAT"
    EAP-Message = 0x02010016016564696f66656769726c734075746d6178
    WiMAX-Release = "1.1"
    WiMAX-Accounting-Capabilities = Flow-Based
    WiMAX-BS-Id = 0x303030303038303366303230
    WiMAX-GMT-Timezone-offset = 10800
    NAS-Port-Type = Wireless-802.16
    WiMAX-Available-In-Client = 3
    Service-Type = Framed-User
    Message-Authenticator = 0x3aeebd33360c6a8807f5ed0edf2c7222
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
[auth_log]     expand: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /usr/local/var/log/radius/radacct/196.0.4.18/auth-detail-20120306
[auth_log] /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/196.0.4.18/auth-detail-20120306
[auth_log]     expand: %t -> Tue Mar  6 08:40:50 2012
++[auth_log] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
++[wimax] returns ok
[suffix] Looking up realm "utmax" for User-Name = "ediofegirls at utmax"
[suffix] Found realm "utmax"
[suffix] Adding Realm = "utmax"
[suffix] Authentication realm is LOCAL.
++[suffix] returns ok
[eap] EAP packet type response id 1 length 22
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] EAP Identity
[eap] processing type md5
rlm_eap_md5: Issuing Challenge
++[eap] returns handled
Sending Access-Challenge of id 1 to 196.0.4.18 port 10003
    EAP-Message = 0x01020016041098357cd07dee0e1ee8e0e64678987793
    Message-Authenticator = 0x00000000000000000000000000000000
    State = 0x67eaf21567e8f6a668a5c8815c961ad3
Finished request 4410.
Going to the next request
Cleaning up request 4330 ID 176 with timestamp +262
Sending delayed reject for request 4396
Sending Access-Reject of id 242 to 196.0.4.18 port 10002
    Message-Authenticator = 0x00000000000000000000000000000000
    EAP-Message = 0x04010004
Cleaning up request 4312 ID 158 with timestamp +261
Cleaning up request 4316 ID 162 with timestamp +261
Sending delayed reject for request 4400
Sending Access-Reject of id 246 to 196.0.4.18 port 10002
    Message-Authenticator = 0x00000000000000000000000000000000
    EAP-Message = 0x04010004
Cleaning up request 4320 ID 166 with timestamp +261
Cleaning up request 4331 ID 177 with timestamp +262
Cleaning up request 4333 ID 179 with timestamp +262
Cleaning up request 4334 ID 180 with timestamp +262
Sending delayed reject for request 4404
Sending Access-Reject of id 250 to 196.0.4.18 port 10002
    Message-Authenticator = 0x00000000000000000000000000000000
    EAP-Message = 0x04010004

 
Eric M


________________________________
 From: Alan DeKok <aland at deployingradius.com>
To: Mulindwa <meric_l at yahoo.com>; FreeRadius users mailing list <freeradius-users at lists.freeradius.org> 
Sent: Monday, March 5, 2012 2:28 PM
Subject: Re: Wimax with Free radius
 
Mulindwa wrote:
> Hallo there, i have an issue with my wimax setup, am trying to have my
> users authenticate using the wonderful freeradius but still failing.
> 
> Am suing WASN9970 and using freeradius 2.1.12,
> 
> When i turn on radius using radius-X, this is what  i get, and client
> never authenticates
> someone please come to my rescue

  The NAS isn't seeing the response from the RADIUS server.  This isn't
a RADIUS issue.  It's that your network is broken.

  Alan DeKok.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120305/e1f44de5/attachment-0001.html>


More information about the Freeradius-Users mailing list