3.0.9: eap: Failed continuing EAP MD5 (4) session. EAP sub-module failed

Sat Jul 25 23:19:41 CEST 2015

Looking at the log of the failed attempt and the successful one, I notice
the MAC address changed for the device.. which I don't understand either:

3.0.9:
Sat Jul 25 12:47:51 2015 : Debug: (1088) Virtual server inner-tunnel
received request
Sat Jul 25 12:47:51 2015 : Debug: (1088)   EAP-Message =
0x020c00160410773180e3db4e21865d6c12e7a27b3c34
Sat Jul 25 12:47:51 2015 : Debug: (1088)   FreeRADIUS-Proxied-To = 127.0.0.1
Sat Jul 25 12:47:51 2015 : Debug: (1088)   User-Name = "beh43"
Sat Jul 25 12:47:51 2015 : Debug: (1088)   State =
0xb5c7569eb4cb52806a1338fccd86de7c
Sat Jul 25 12:47:51 2015 : Debug: (1088)   Chargeable-User-Identity = 0x00
Sat Jul 25 12:47:51 2015 : Debug: (1088)   Location-Capable = Civix-Location
Sat Jul 25 12:47:51 2015 : Debug: (1088)   Calling-Station-Id =
"90-68-c3-9a-d4-1c"
Sat Jul 25 12:47:51 2015 : Debug: (1088)   Called-Station-Id =
"58-97-1e-56-f5-40:SaxaNet"
Sat Jul 25 12:47:51 2015 : Debug: (1088)   NAS-Port = 13
Sat Jul 25 12:47:51 2015 : Debug: (1088)   NAS-IP-Address = 10.128.254.50
Sat Jul 25 12:47:51 2015 : Debug: (1088)   NAS-Identifier = "TRB-WLAN-WISM6"
Sat Jul 25 12:47:51 2015 : Debug: (1088)   Service-Type = Framed-User
Sat Jul 25 12:47:51 2015 : Debug: (1088)   Framed-MTU = 1300
Sat Jul 25 12:47:51 2015 : Debug: (1088)   NAS-Port-Type = Wireless-802.11
Sat Jul 25 12:47:51 2015 : Debug: (1088)   Tunnel-Type:0 = VLAN
Sat Jul 25 12:47:51 2015 : Debug: (1088)   Tunnel-Medium-Type:0 = IEEE-802
Sat Jul 25 12:47:51 2015 : Debug: (1088)   Tunnel-Private-Group-Id:0 = "41"
Sat Jul 25 12:47:51 2015 : Debug: (1088)   Event-Timestamp = "Jul 25 2015
12:47:51 EDT"
Sat Jul 25 12:47:51 2015 : Debug: (1088) server inner-tunnel {

3.0.8:
Sat Jul 25 12:52:12 2015 : Debug: (2534) Virtual server inner-tunnel
received request
Sat Jul 25 12:52:12 2015 : Debug: (2534)   EAP-Message = 0x020c00061a03
Sat Jul 25 12:52:12 2015 : Debug: (2534)   FreeRADIUS-Proxied-To = 127.0.0.1
Sat Jul 25 12:52:12 2015 : Debug: (2534)   User-Name = 'beh43'
Sat Jul 25 12:52:12 2015 : Debug: (2534)   State =
0xa5b14de2a4bd57e0f825470d2b800156
Sat Jul 25 12:52:12 2015 : Debug: (2534)   Chargeable-User-Identity = 0x00
Sat Jul 25 12:52:12 2015 : Debug: (2534)   Location-Capable = Civix-Location
Sat Jul 25 12:52:12 2015 : Debug: (2534)   Calling-Station-Id =
'18-cf-5e-91-36-3c'
Sat Jul 25 12:52:12 2015 : Debug: (2534)   Called-Station-Id =
'1c-e6-c7-f0-c6-50:SaxaNet'
Sat Jul 25 12:52:12 2015 : Debug: (2534)   NAS-Port = 13
Sat Jul 25 12:52:12 2015 : Debug: (2534)   NAS-IP-Address = 10.128.254.50
Sat Jul 25 12:52:12 2015 : Debug: (2534)   NAS-Identifier = 'TRB-WLAN-WISM6'
Sat Jul 25 12:52:12 2015 : Debug: (2534)   Service-Type = Framed-User
Sat Jul 25 12:52:12 2015 : Debug: (2534)   Framed-MTU = 1300
Sat Jul 25 12:52:12 2015 : Debug: (2534)   NAS-Port-Type = Wireless-802.11
Sat Jul 25 12:52:12 2015 : Debug: (2534)   Tunnel-Type:0 = VLAN
Sat Jul 25 12:52:12 2015 : Debug: (2534)   Tunnel-Medium-Type:0 = IEEE-802
Sat Jul 25 12:52:12 2015 : Debug: (2534)   Tunnel-Private-Group-Id:0 = '41'
Sat Jul 25 12:52:12 2015 : Debug: (2534)   Event-Timestamp = 'Jul 25 2015
12:52:12 EDT'

On Sat, Jul 25, 2015 at 5:08 PM, Mohamed Lrhazi <
Mohamed.Lrhazi at georgetown.edu> wrote:

> Sorry Alan,  I don't know! How do I find out? The clients are Cisco
> wireless controllers.
>
> On Sat, Jul 25, 2015 at 4:29 PM, Alan DeKok <aland at deployingradius.com>
> wrote:
>
>> On Jul 25, 2015, at 1:03 PM, Mohamed Lrhazi <
>> Mohamed.Lrhazi at georgetown.edu> wrote:
>> > Any idea why 3.0.9 would reject an ldap user with the above error, while
>> > 3.0.8 would successfully authenticate them? The two servers have the
>> same
>> > config files.
>>
>>   No idea.
>>
>>   Which supplicant are you using?
>>
>>   Alan DeKok.
>>
>>
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>
>
>