More information:
I checked rlm_eap_tls-0.8-pre.so using ldd and found that "libssl.so.0.9.8 => not
found". Is this normal? If not, how to
fix it? Thanks.
[root@curve EAP]# ldd /usr/local/lib/rlm_eap_tls-0.8-pre.so
libssl.so.0.9.8 => not found
libcrypto.so.0.9.8 => not found
libnsl.so.1 => /lib/libnsl.so.1 (0x40025000)
libresolv.so.2 => /lib/libresolv.so.2 (0x4003a000)
libpthread.so.0 => /lib/i686/libpthread.so.0 (0x4004b000)
libc.so.6 => /lib/i686/libc.so.6 (0x42000000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x80000000)
-----Original Message-----
From: Ynjiun P. Wang [mailto:ypw@;worldnet.att.net]
Sent: Wednesday, November 13, 2002 3:15 PM
To: [EMAIL PROTECTED]
Subject: EAP/TLS
Hi,
I was able to get Radius running with EAP/TLS. But when I get my Windows XP
logon through 802.11 (with root.der and
cert-clt.p12 installed), after couple rounds of exchanges of info with Radius server,
I got :
"rlm_eap_tls: Invalid ACK received
modcall[authenticate]: module "eap" returns invalid"
end up with "Access-Reject"
I cut out part of the log info as below. Does anyone encounter this problem? What
causing it? What's the fix? Please
help. Thanks.
-Paul
Called-Station-Id = "004096495de0"
Calling-Station-Id = "0006250baad2"
NAS-Identifier = "AP350-495de0"
NAS-Port = 37
Framed-MTU = 1400
State =
0xdbe3f75a75d354c306c7870c1762e63dc8d4d23d9ec744a89fcd5df6fd96d72d69fecdab
NAS-Port-Type = Wireless-802.11
Service-Type = Login-User
EAP-Message = "\002\272\000\006\r"
Message-Authenticator = 0x7c7f78aa5e807d1d3ed5aaddbca89613
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
modcall[authorize]: module "eap" returns updated
rlm_realm: No '@' in User-Name = "kevin", looking up realm NULL
rlm_realm: No such realm NULL
modcall[authorize]: module "suffix" returns noop
users: Matched kevin at 95
modcall[authorize]: module "files" returns ok
modcall: group authorize returns updated
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - tls
rlm_eap: processing type tls
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: Invalid ACK received
modcall[authenticate]: module "eap" returns invalid
modcall: group authenticate returns invalid
auth: Failed to validate the user.
Delaying request 2 for 1 seconds
Finished request 2
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 66.135.138.204:19375, id=56, length=183
Sending Access-Reject of id 56 to 66.135.138.204:19375
EAP-Message = "\004\272\000\004"
Message-Authenticator = 0x00000000000000000000000000000000
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
