Hi Artur,
> Problem 2:
> You get an Access Reject even if the identification
> information is correct. In the server log you can see a weird
> Notification message.
>
> Workaround:
> In your user config (users file of the server configuration)
> remove the "Reply-Message" attribute for the concerned user.
> This is currently a bug. Some APs (e.g. Cisco) send out a
> Notification downstream to the user on receiving a
> "Reply-Message" attribute in the "Radius Response". The
> WindoWs XP supplicant answers with an "EAP Notification" type
> message instead of "EAP MD5 Challenge" message which should
> be issued. FreeRadius server currently rejects every incoming
> EAP notification.
Is there any way of sending a Reply-Message is the current scenario? I'm using a Cisco 350 series access point and FreeRadius version 0.7. I'm using a custom 802.1x supplicant for Windows 2000, but the behaviour seems to be the same. I'm using the Reply-Mesasge attribute to send a EAP-Notification. Just a simple plain text message, that pops ups as a EAP-Notification window on the client side. The problem I'm having is that, client gets authenticated and then the notification window pops up. Till here its ok, but then I get a access-reject message from the server and the client gets de-authenticated. This happens almost immediatelty after the notification message pops up. Any ideas why this is so. What are the sequence of messages that are exchanged for the 'reply-message' attribute?
Thanks,
Sachin Mody
