troubles with eap-peap mschapv2
Phil Mayers
p.mayers at imperial.ac.uk
Tue Mar 12 16:15:22 CET 2013
On 12/03/13 14:23, Bertrand Poulet wrote:
> Tue Mar 12 15:10:20 2013 : Info: # Executing section authorize from file
When you make debug output, please just use:
radiusd -X
Don't use the other arguments; they just create noise and volume
(timestamps) that are basically irrelevant.
> Tue Mar 12 15:10:20 2013 : Info: +- entering group authenticate {...}
> Tue Mar 12 15:10:20 2013 : Info: [eap] EAP Identity
> Tue Mar 12 15:10:20 2013 : Info: [eap] processing type tls
> Tue Mar 12 15:10:20 2013 : Info: [tls] Initiate
> Tue Mar 12 15:10:20 2013 : Info: [tls] Start returned 1
> Tue Mar 12 15:10:20 2013 : Info: ++[eap] returns handled
> Sending Access-Challenge of id 247 to 172.20.100.53 port 1645
> EAP-Message = 0x010300061920
> Message-Authenticator = 0x00000000000000000000000000000000
> State = 0x131466f213177f9f58f8ed5fb507e76c
> Tue Mar 12 15:10:20 2013 : Info: Finished request 0.
> Tue Mar 12 15:10:20 2013 : Debug: Going to the next request
> Tue Mar 12 15:10:20 2013 : Debug: Waking up in 4.9 seconds.
> Tue Mar 12 15:10:25 2013 : Info: Cleaning up request 0 ID 247 with
> timestamp +8
> Tue Mar 12 15:10:25 2013 : Debug: WARNING:
> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
> Tue Mar 12 15:10:25 2013 : Debug: WARNING: !! EAP session for state
> 0x131466f213177f9f did not finish!
This fails really REALLY early in the EAP setup. The certs haven't even
been exchanged yet.
Start checking other things - check the network path, firewalls, MTU,
etc. because it doesn't look like you're receiving the PEAP start - just
the initial EAP identity.
More information about the Freeradius-Users
mailing list