Re: Alfa&Ariss Client Heeeeeeeeeeeeelp!!!!!!!

Jos� Luis Solano Mon, 23 Feb 2004 08:02:26 -0800

Hi all,

Lionel, Jean-Paul and family I have had the changes and currently I think I
have the same configuration than Lionel and Jean-Paul, but my freeradius
don't run with TTLS and LDAP, the freeradius error is the following:


Note this lines:
rlm_ldap: user 888888888881 authorized to use remote access
ldap_release_conn: Release Id: 0
  modcall[authorize]: module "ldap" returns ok for request 22
modcall: group authorize returns updated for request 22
auth: Failed to validate the user.

I think the user 888888888881 is authorizated but NOT authenticate, isn't
it?

I remember you I use Secure W2 client. (PAP)


thanks in advance


[EMAIL PROTECTED] /]# rad_recv: Access-Request packet from host
192.168.49.252:1225, id=10, length=146
        User-Name = "888888888881"
        NAS-IP-Address = 192.168.49.252
        NAS-Port = 0
        Called-Station-Id = "00-80-C8-01-01-55"
        Calling-Station-Id = "00-0B-46-26-1C-44"
        NAS-Identifier = "DWL-1000AP+"
        Framed-MTU = 1380
        NAS-Port-Type = Wireless-802.11
        EAP-Message = 0x0201001101383838383838383838383831
        Message-Authenticator = 0xf5bdbb8b3ae83b0daec8d12cdaa2ecb3
modcall: entering group authorize for request 21
  modcall[authorize]: module "preprocess" returns ok for request 21
  modcall[authorize]: module "chap" returns noop for request 21
  modcall[authorize]: module "mschap" returns noop for request 21
    rlm_realm: No '@' in User-Name = "888888888881", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 21
  rlm_eap: EAP packet type response id 1 length 17
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 21
    users: Matched DEFAULT at 152
  modcall[authorize]: module "files" returns ok for request 21
rlm_ldap: - authorize
rlm_ldap: performing user authorization for 888888888881
radius_xlat:  '(uid=888888888881)'
radius_xlat:  'ou=Wireless,dc=sgi,dc=es'
ldap_get_conn: Got Id: 0
rlm_ldap: performing search in ou=Wireless,dc=sgi,dc=es, with filter
(uid=888888888881)
rlm_ldap: looking for check items in directory...
rlm_ldap: Adding radiusExpiration as Expiration, value 22 & op=21
rlm_ldap: Adding radiusAuthType as Auth-Type, value EAP & op=21
rlm_ldap: looking for reply items in directory...
rlm_ldap: user 888888888881 authorized to use remote access
ldap_release_conn: Release Id: 0
  modcall[authorize]: module "ldap" returns ok for request 21
modcall: group authorize returns updated for request 21
auth: Failed to validate the user.
Delaying request 21 for 1 seconds
Finished request 21
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 10 to 192.168.49.252:1225
        Reply-Message += "Password Has Expired\r\n"
Waking up in 4 seconds...
rad_recv: Access-Request packet from host 192.168.49.252:1225, id=11,
length=146
        User-Name = "888888888881"
        NAS-IP-Address = 192.168.49.252
        NAS-Port = 0
        Called-Station-Id = "00-80-C8-01-01-55"
        Calling-Station-Id = "00-0B-46-26-1C-44"
        NAS-Identifier = "DWL-1000AP+"
        Framed-MTU = 1380
        NAS-Port-Type = Wireless-802.11
        EAP-Message = 0x0201001101383838383838383838383831
        Message-Authenticator = 0xa2461b4adf3829ef9cc8c9d10cc37033
modcall: entering group authorize for request 22
  modcall[authorize]: module "preprocess" returns ok for request 22
  modcall[authorize]: module "chap" returns noop for request 22
  modcall[authorize]: module "mschap" returns noop for request 22
    rlm_realm: No '@' in User-Name = "888888888881", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 22
  rlm_eap: EAP packet type response id 1 length 17
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 22
    users: Matched DEFAULT at 152
  modcall[authorize]: module "files" returns ok for request 22
rlm_ldap: - authorize
rlm_ldap: performing user authorization for 888888888881
radius_xlat:  '(uid=888888888881)'
radius_xlat:  'ou=Wireless,dc=sgi,dc=es'
ldap_get_conn: Got Id: 0
rlm_ldap: performing search in ou=Wireless,dc=sgi,dc=es, with filter
(uid=888888888881)
rlm_ldap: looking for check items in directory...
rlm_ldap: Adding radiusExpiration as Expiration, value 22 & op=21
rlm_ldap: Adding radiusAuthType as Auth-Type, value EAP & op=21
rlm_ldap: looking for reply items in directory...
rlm_ldap: user 888888888881 authorized to use remote access
ldap_release_conn: Release Id: 0
  modcall[authorize]: module "ldap" returns ok for request 22
modcall: group authorize returns updated for request 22
auth: Failed to validate the user.
Delaying request 22 for 1 seconds
Finished request 22
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Cleaning up request 21 ID 10 with timestamp 403a2284
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 11 to 192.168.49.252:1225
        Reply-Message += "Password Has Expired\r\n"
Waking up in 4 seconds...
rad_recv: Access-Request packet from host 192.168.49.252:1225, id=12,
length=146
        User-Name = "888888888881"
        NAS-IP-Address = 192.168.49.252
        NAS-Port = 0
        Called-Station-Id = "00-80-C8-01-01-55"
        Calling-Station-Id = "00-0B-46-26-1C-44"
        NAS-Identifier = "DWL-1000AP+"
        Framed-MTU = 1380
        NAS-Port-Type = Wireless-802.11
        EAP-Message = 0x0201001101383838383838383838383831
        Message-Authenticator = 0xe2a546a1d8596e1437b9d629a2e8a7de
modcall: entering group authorize for request 23
  modcall[authorize]: module "preprocess" returns ok for request 23
  modcall[authorize]: module "chap" returns noop for request 23
  modcall[authorize]: module "mschap" returns noop for request 23
    rlm_realm: No '@' in User-Name = "888888888881", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 23
  rlm_eap: EAP packet type response id 1 length 17
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 23
    users: Matched DEFAULT at 152
  modcall[authorize]: module "files" returns ok for request 23
rlm_ldap: - authorize
rlm_ldap: performing user authorization for 888888888881
radius_xlat:  '(uid=888888888881)'
radius_xlat:  'ou=Wireless,dc=sgi,dc=es'
ldap_get_conn: Got Id: 0
rlm_ldap: performing search in ou=Wireless,dc=sgi,dc=es, with filter
(uid=888888888881)
rlm_ldap: looking for check items in directory...
rlm_ldap: Adding radiusExpiration as Expiration, value 22 & op=21
rlm_ldap: Adding radiusAuthType as Auth-Type, value EAP & op=21
rlm_ldap: looking for reply items in directory...
rlm_ldap: user 888888888881 authorized to use remote access
ldap_release_conn: Release Id: 0
  modcall[authorize]: module "ldap" returns ok for request 23
modcall: group authorize returns updated for request 23
auth: Failed to validate the user.
Delaying request 23 for 1 seconds
Finished request 23
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Cleaning up request 22 ID 11 with timestamp 403a2289
Sending Access-Reject of id 12 to 192.168.49.252:1225
        Reply-Message += "Password Has Expired\r\n"
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 23 ID 12 with timestamp 403a228d
Nothing to do.  Sleeping until we see a request.




Jos� Luis Solano
SGI - Soluciones Globales Internet S.A.
Delegaci�n Regional Sur
[EMAIL PROTECTED]
(+34) 954.088.060
----- Original Message -----
From: "Jos� Luis Solano" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, February 23, 2004 4:06 PM
Subject: Re: Alfa&Ariss Client Heeeeeeeeeeeeelp!!!!!!!


> Thanks Alan!!!
>
>
> Jos� Luis Solano
> SGI - Soluciones Globales Internet S.A.
> Delegaci�n Regional Sur
> [EMAIL PROTECTED]
> (+34) 954.088.060
> ----- Original Message -----
> From: "Alan DeKok" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Monday, February 23, 2004 3:18 PM
> Subject: Re: Alfa&Ariss Client Heeeeeeeeeeeeelp!!!!!!!
>
>
> > =?iso-8859-1?Q?Jos=E9_Luis_Solano?= <[EMAIL PROTECTED]> wrote:
> > > -have you changed anything in dictionary file?
> >
> >   Don't edit the dictionary files.  99.99999% of the time, it's the
> > wrong thing to do.
> >
> >   Alan DeKok.
> >
> > -
> > List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
> >
>
>
> -
> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
>


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Alfa&Ariss Client Heeeeeeeeeeeeelp!!!!!!!

Reply via email to