Freeradius.net Authentication wrong
Serdar Metin
kingebeng at hotmail.com
Wed May 7 16:01:42 CEST 2014
hi,
i followed a couple of tutorials on the web for setting up the freeradius server on windows(7).
i can connect with the AP, and i see that the RADIUS is acces-REJECT every attempt i made.
i configured a couple of clients but no luck.
The output of the debug mode has been attached in this mail.
If you could just point me where to look, would be very appriciated! i just want to make some users with username and pasword like bob/bob mike/mike, for logging in the radius server. but somehow i fails to authenticate i think.
THX!
--------------------
Going to the next requestWaking up in 6 seconds...rad_recv: Access-Request packet from host 192.168.2.245:2052, id=4, length=177 User-Name = "bob" NAS-IP-Address = 192.168.2.245 NAS-Port = 0 Called-Station-Id = "C4-64-13-0C-2D-3F:ciscosboeler" Calling-Station-Id = "00-1F-3B-B2-F5-09" Framed-MTU = 1400 NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 0Mbps 802.11" EAP-Message = 0x0205001119800000000715030100020230 State = 0x548893238d27ece11880dca12aeac968 Message-Authenticator = 0x28f1188edd091a3de53af1afb35fca26 Processing the authorize section of radiusd.confmodcall: entering group authorize for request 4 modcall[authorize]: module "preprocess" returns ok for request 4radius_xlat: '../var/log/radius/radacct/192.168.2.245/auth-detail-20140507.log'
rlm_detail: ../var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d.log expands to ../var/log/radius/radacct/192.168.2.245/auth-detail-20140507.log modcall[authorize]: module "auth_log" returns ok for request 4 modcall[authorize]: module "chap" returns noop for request 4 modcall[authorize]: module "mschap" returns noop for request 4 rlm_realm: No '@' in User-Name = "bob", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 4 rlm_eap: EAP packet type response id 5 length 17 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 4 users: Matched entry bob at line 85 modcall[authorize]: module "files" returns ok for request 4rlm_pap: Found existing Auth-Type, not changing it. modcall[authorize]: module "pap" returns noop for request 4modcall: leaving group authorize (returns updated) for request 4 rad_check_password: Found Auth-Type EAPauth: type "EAP" Processing the authenticate section of radiusd.confmodcall: entering group authenticate for request 4 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLSrlm_eap_tls: Length Included eaptls_verify returned 11 rlm_eap_tls: <<< TLS 1.0 Alert [length 0002], fatal unknown_caTLS Alert read:fatal:unknown CA TLS_accept:failed in SSLv3 read client certificate Arlm_eap: SSL error error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown carlm_eap_tls: SSL_read failed inside of TLS (-1), TLS session fails. eaptls_process returned 13 rlm_eap_peap: EAPTLS_HANDLED rlm_eap: Freeing handler modcall[authenticate]: module "eap" returns reject for request 4modcall: leaving group authenticate (returns reject) for request 4auth: Failed to validate the user.Login incorrect: [bob/<no User-Password attribute>] (from client testing123 port 0 cli 00-1F-3B-B2-F5-09)Delaying request 4 for 1 secondsFinished request 4Going to the next requestWaking up in 6 seconds...rad_recv: Access-Request packet from host 192.168.2.245:2052, id=4, length=177Sending Access-Reject of id 4 to 192.168.2.245 port 2052 EAP-Message = 0x04050004 Message-Authenticator = 0x00000000000000000000000000000000--- Walking the entire request list ---Waking up in 3 seconds...--- Walking the entire request list ---Cleaning up request 0 ID 0 with timestamp 536a397bCleaning up request 1 ID 1 with timestamp 536a397bCleaning up request 2 ID 2 with timestamp 536a397bCleaning up request 3 ID 3 with timestamp 536a397bCleaning up request 4 ID 4 with timestamp 536a397bNothing to do. Sleeping until we see a request.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140507/4e64e1c4/attachment-0001.html>
More information about the Freeradius-Users
mailing list