Hi,
I was able to get Radius running with EAP/TLS. But when I get my Windows XP
logon through 802.11 (with root.der and
cert-clt.p12 installed), after couple rounds of exchanges of info with Radius server,
I got :
"rlm_eap_tls: Invalid ACK received
modcall[authenticate]: module "eap" returns invalid"
end up with "Access-Reject"
I cut out part of the log info as below. Does anyone encounter this problem? What
causing it? What's the fix? Please
help. Thanks.
-Paul
Called-Station-Id = "004096495de0"
Calling-Station-Id = "0006250baad2"
NAS-Identifier = "AP350-495de0"
NAS-Port = 37
Framed-MTU = 1400
State =
0xdbe3f75a75d354c306c7870c1762e63dc8d4d23d9ec744a89fcd5df6fd96d72d69fecdab
NAS-Port-Type = Wireless-802.11
Service-Type = Login-User
EAP-Message = "\002\272\000\006\r"
Message-Authenticator = 0x7c7f78aa5e807d1d3ed5aaddbca89613
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
modcall[authorize]: module "eap" returns updated
rlm_realm: No '@' in User-Name = "kevin", looking up realm NULL
rlm_realm: No such realm NULL
modcall[authorize]: module "suffix" returns noop
users: Matched kevin at 95
modcall[authorize]: module "files" returns ok
modcall: group authorize returns updated
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - tls
rlm_eap: processing type tls
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: Invalid ACK received
modcall[authenticate]: module "eap" returns invalid
modcall: group authenticate returns invalid
auth: Failed to validate the user.
Delaying request 2 for 1 seconds
Finished request 2
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 66.135.138.204:19375, id=56, length=183
Sending Access-Reject of id 56 to 66.135.138.204:19375
EAP-Message = "\004\272\000\004"
Message-Authenticator = 0x00000000000000000000000000000000
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
