Hi again Sorry for the SPAM, I solved my problem after a while, the solution was to have a line like this in users:
dizzy Auth-Type := EAP, User-Password = "parola" On Mon, 22 Mar 2004, Mihai RUSU wrote: > Hi > > I have instaleld xsupplicant version 0.8b and freeradius 0.9.3 on gentoo > linux (from portage). I am trying to make my Linux system auth to a Cisco > 3550 switch. > > 1. radius configuration > - I have removed any trace of "unix" module (it didnt worked, probably > something to do with radius running as radiusd/radiusd) > - I have eap module as from the default radiusd.conf file > - I have configured in clients.conf the autheticator with "test123" > secret, nastype cisco > - in users I have this entry before any "DEFAULT" ones: > dizzy Auth-Type += Local, User-Password = "parola" > > 2. authenticator configuration: > - #sh dot1x > Sysauthcontrol = Enabled > Dot1x Protocol Version = 1 > Dot1x Oper Controlled Directions = Both > Dot1x Admin Controlled Directions = Both > - #sh running-config interface fastEthernet 0/10 > Building configuration... > > Current configuration : 110 bytes > ! > interface FastEthernet0/10 > switchport access vlan 2 > switchport mode access > dot1x port-control auto > end > > - I have configured radius-server with test123 key > > 3. client configuration > - eth1 is directly linked to interface 0/10 of the cisco switch > > I run xsupplicant like: > # xsupplicant -i eth1 -u dizzy -p parola -d 255 -m MD5 > > And I get: > (EAPMD5) Initalized > (EAPMS-CHAP) Initalized > Done with init. > Sending EAPOL-Start #1 > ## eap_decode_packet ##: Got an EAP request > ## eap_decode_packet ##: Type is Identity > Connection Established, authenticating... > ACQUIRED > ## eap_decode_packet ##: Got an EAP failure > Failed to Authenticate > CONNECTING > > RADIUS log says: > rad_recv: Access-Request packet from host <ip-cisco-removed>:1812, id=24, > length=100 > NAS-IP-Address = <ip-cisco-removed> > NAS-Port-Type = Async > User-Name = "dizzy" > Service-Type = Framed-User > Framed-MTU = 1500 > Calling-Station-Id = "00-50-8d-f9-2a-e8" > EAP-Message = 0x0200000a0164697a7a79 > Message-Authenticator = 0x605f11bd6926fbbe39dd75d41070183e > modcall: entering group authorize for request 0 > modcall[authorize]: module "preprocess" returns ok for request 0 > rlm_eap: EAP packet type notification id 0 length 10 > rlm_eap: EAP Start not found > modcall[authorize]: module "eap" returns updated for request 0 > rlm_realm: No '@' in User-Name = "dizzy", looking up realm NULL > rlm_realm: No such realm "NULL" > modcall[authorize]: module "suffix" returns noop for request 0 > users: Matched dizzy at 148 > modcall[authorize]: module "files" returns ok for request 0 > modcall: group authorize returns updated for request 0 > rad_check_password: Found Auth-Type EAP > rad_check_password: Found Auth-Type Local > Warning: Found 2 auth-types on request for user 'dizzy' > auth: type Local > auth: No User-Password or CHAP-Password attribute in the request > auth: Failed to validate the user. > Delaying request 0 for 1 seconds > Finished request 0 > Going to the next request > --- Walking the entire request list --- > Waking up in 1 seconds... > --- Walking the entire request list --- > Waking up in 1 seconds... > --- Walking the entire request list --- > Sending Access-Reject of id 24 to <ip-cisco-removed>:1812 > Waking up in 4 seconds... > --- Walking the entire request list --- > Cleaning up request 0 ID 24 with timestamp 405ee145 > Nothing to do. Sleeping until we see a request. > > Any ideea why it doesnt work ? Please tell me if you need any more > information, thanks! > > -- > Mihai RUSU Email: [EMAIL PROTECTED] > GPG : http://dizzy.roedu.net/dizzy-gpg.txt WWW: http://dizzy.roedu.net > "Linux is obsolete" -- AST > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > > -- Mihai RUSU Email: [EMAIL PROTECTED] GPG : http://dizzy.roedu.net/dizzy-gpg.txt WWW: http://dizzy.roedu.net "Linux is obsolete" -- AST - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
