Re: EAP/Password File problems - EAP-TTLS - Tru64

Mon, 14 Jan 2002 09:06:22 -0800 


--On Wednesday, January 02, 2002 2:42 PM -0500 [EMAIL PROTECTED] wrote:

> Brandon Saunders <[EMAIL PROTECTED]> wrote:
>> I am testing my wireless access point against a test freeradius server
>> complied with the EAP module.  I am using the UNIX user files as the
>> authentication source.  When a client tries to authenticate, the access
>> point sends the EAP message encapsulated in RADIUS.
>
>   Right now, the server only supports EAP-MD5.
>
>   You'll have to do PAP authentication to authenticate against
> /etc/passwd.
>
>   If you're using the radius 'users' file, then EAP-MD5 should work.
>

Could you elaborate on this so that even I can understand? Are you saying
I can use /etc/passwd if I have the users file set up right? Or are you
saying that I have to add each user to the users file individually?


In my Users file I have this:

DEFAULT  Auth-Type := EAP


Here is the debugging output from radiusd:


rad_recv: Access-Request packet from host 129.24.17.184:1338, id=128, length=121
        User-Name = "chuckp"
        NAS-IP-Address = cirt-0045.unm.edu
        Called-Station-Id = "0040963204c3"
        Calling-Station-Id = "004096355da6"
        NAS-Identifier = "cirttest"
        NAS-Port = 29
        Framed-MTU = 1400
        NAS-Port-Type = Wireless-802.11
        EAP-Message = "\002%\000\013\001chuckp"
        Message-Authenticator = 0xf5c85910439187275e1b45b3f892fbb2
modcall: entering group authorize
  modcall[authorize]: module "eap" returns updated
  modcall[authorize]: module "preprocess" returns ok
  modcall[authorize]: module "suffix" returns ok
    users: Matched DEFAULT at 1
  modcall[authorize]: module "files" returns ok
modcall: group authorize returns updated
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate
rlm_eap: Invalid user, authentication failed
  modcall[authenticate]: module "eap" returns invalid
modcall: group authenticate returns invalid
auth: Failed to validate the user.
Login incorrect: [chuckp] (from nas wless port 29 cli 004096355da6)
Sending Access-Reject of id 128 to 129.24.17.185:1338




                                chuck
                                [EMAIL PROTECTED]


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html























					Reply via email to