comments inline.
I'm trying to authenticate a client with EAP-MD5. I followed directives coming from the link
http://www.freeradius.org/doc/EAP-MD5.html, but I have some problems. In attach is reported the output of radiusd -X. Could someone give a little look to it and help me to understand the meaning of those messages? I don't understand for example why there are message related to rlm_chap whereas rlm_eap is not mentioned.
Thanks in advance,
emi
i think that your authenticate/authorize sections are not properly configured since the eap module is not involved in request processing.
check the configuration.
ciao artur
------------------------------------------------------------------------
rad_recv: Access-Request packet from host 172.31.71.202:1212, id=186, length=144 User-Name = "pippo" Cisco-AVPair = "ssid=tsunami" NAS-IP-Address = 172.31.71.202 Called-Station-Id = "000bfd04198e" Calling-Station-Id = "000b46563147" NAS-Identifier = "AP1200-04198e" NAS-Port = 37 Framed-MTU = 1400 NAS-Port-Type = Wireless-802.11 EAP-Message = "\002\002\000\n\001pippo" Message-Authenticator = 0x66fe8b278590ec51c42880de858063e1 modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok rlm_chap: Could not find proper Chap-Password attribute in request modcall[authorize]: module "chap" returns noop modcall[authorize]: module "mschap" returns notfound modcall[authorize]: module "eap" returns updated rlm_realm: No '@' in User-Name = "pippo", looking up realm NULL rlm_realm: No such realm NULL modcall[authorize]: module "suffix" returns noop users: Matched pippo at 65 modcall[authorize]: module "files" returns ok modcall: group authorize returns updated rad_check_password: Found Auth-Type EAP rad_check_password: Found Auth-Type Local Warning: Found 2 auth-types on request for user 'pippo' auth: type Local auth: No User-Password or CHAP-Password attribute in the request auth: Failed to validate the user. Delaying request 4 for 1 seconds Finished request 4 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Sending Access-Reject of id 186 to 172.31.71.202:1212 Waking up in 4 seconds... --- Walking the entire request list --- Cleaning up request 4 ID 186 with timestamp 3e63636b Nothing to do. Sleeping until we see a request.
-- Artur Hecker D�partement Informatique et R�seaux, ENST Paris http://www.infres.enst.fr/~hecker
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
