Problem with EAP Identity

[Michael Schwartzkopff]

Hi,


I stumbled upon a strange behaviour of my switches. I want to configure
802.1x. In the first packet the Switch sends:

Debug: (7) Received Access-Request Id 81 from x.x.x.46:36296 to
x.x.x.154:1812 length 152
Debug: (7)   User-Name = "3464A9D11215"

The debug goes on:

Debug: (7) eap: Peer sent packet with method EAP Identity (1)
Debug: (7) eap: EAP session adding &reply:State = 0x45e56b9d45e46617
Debug: (7)     modsingle[authenticate]: returned from eap (rlm_eap)
Debug: (7)     [eap] = handled

The next request from the switch is:

Debug: (8) Received Access-Request Id 82 from x.x.x.46:36296 to
x.x.x.154:1812 length 167
Debug: (8)   User-Name = "host/test at xxx.xx"
(...)
Debug: (8)   State = 0x45e56b9d45e46617718e28efb749ef6f

and then the RADIUS server complains:

Debug: (8) eap: Previous EAP request found for state 0x45e56b9d45e46617,
released from the list
Debug: (8) eap: Identity does not match User-Name.  Authentication failed
Debug: (8) eap: Failed in handler

Can anyone explain what happens here? Does the switch change the
User-Name within the RADIUS / EAP session? Is this a bug of the switch?
Or does something other happen here?


Thanks for any hints.

Mit freundlichen Grüßen,

-- 

[*] sys4 AG
 
https://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG,80333 München
 
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief
Aufsichtsratsvorsitzender: Florian Kirstein


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20210112/540f60fd/attachment.sig>