Hello.
I have a windows XP supplicant, a Cisco catalyst 3750, I think properly configured to send authentication
requests to a freeradius server.
version freeradius-0.9.3
The problem is that authentication is not succesfull. It tells that no User-Password attribute is present in the request... I write to the list because I Am stuck with this problem.
192.84.x.y is the Cisco Catalyst NAS.
Here is the log:
rad_recv: Access-Request packet from host 192.84.x.y:1812, id=47, length=107
NAS-IP-Address = 192.84.x.y
NAS-Port-Type = Async
User-Name = "veraldi"
Calling-Station-Id = "\010"
Service-Type = Framed-User
Framed-MTU = 1500
Calling-Station-Id = "08-00-46-69-d7-19"
EAP-Message = 0x0200000c01766572616c6469
Message-Authenticator = 0x77a1fa3c987c43a57314e6974a95845c
modcall: entering group authorize for request 5
modcall[authorize]: module "preprocess" returns ok for request 5
modcall[authorize]: module "auth_log" returns ok for request 5
rlm_eap: EAP packet type notification id 0 length 12
rlm_eap: EAP Start not found
modcall[authorize]: module "eap" returns updated for request 5
users: Matched veraldi at 90
modcall[authorize]: module "files" returns ok for request 5
modcall: group authorize returns updated for request 5
rad_check_password: Found Auth-Type EAP
rad_check_password: Found Auth-Type Local
Warning: Found 2 auth-types on request for user 'veraldi'
auth: type Local
auth: No User-Password or CHAP-Password attribute in the request
auth: Failed to validate the user.
Login incorrect: [veraldi/<no User-Password attribute>] (from client sw-v port 0 cli ?)
Delaying request 5 for 1 seconds
Finished request 5
If I Try with radtest on the radius server host, authenteication looks liek succesfull instead:
rad_recv: Access-Request packet from host 127.0.0.1:49939, id=202, length=59
User-Name = "veraldi"
User-Password = "testing"
NAS-IP-Address = 255.255.255.255
NAS-Port = 10
modcall: entering group authorize for request 2
modcall[authorize]: module "preprocess" returns ok for request 2
radius_xlat: '/var/log/radacct/127.0.0.1/auth-detail-20040204'
rlm_detail: /var/log/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/radacct/127.0.0.1/auth-detail-20040204
modcall[authorize]: module "auth_log" returns ok for request 2
modcall[authorize]: module "eap" returns noop for request 2
users: Matched veraldi at 90
modcall[authorize]: module "files" returns ok for request 2
modcall: group authorize returns ok for request 2
rad_check_password: Found Auth-Type Local
auth: type Local
auth: user supplied User-Password matches local User-Password
Login OK: [veraldi/testing] (from client localhost port 10)
Sending Access-Accept of id 202 to 127.0.0.1:49939
Finished request 2
anyone has some hints to give me? Maybe someone who is succesfull with a Cisco NAS ?
thanks
Rick
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
