Alan,
Thanks for the info. I will include an entire list of the RADIUS responses to a
single login request. I am using the instructions available on Andreas Wolf's
site for setting up an OS X client, AirPort Basestation and Radius.
The rex.
Tue Nov 9 11:42:46 2004 : Debug: Nothing to do. Sleeping until we see a
request.
rad_recv: Access-Request packet from host 10.51.254.29:1026, id=126, length=190
Framed-MTU = 1466
NAS-IP-Address = 10.0.1.1
NAS-Identifier = "Alpha Test Base Station"
User-Name = "shay"
Service-Type = Framed-User
NAS-Port = 256
NAS-Port-Type = Ethernet
NAS-Port-Id = "wl0"
Called-Station-Id = "00-03-93-eb-f4-bb"
Calling-Station-Id = "00-0d-93-84-a4-11"
Connect-Info = "CONNECT Ethernet 54Mbps Half duplex"
EAP-Message = 0x020100090173686179
Message-Authenticator = 0xf07d66ad6f003db3b153dfc017304fd1
Tue Nov 9 11:52:52 2004 : Debug: modcall: entering group authorize for request
5
Tue Nov 9 11:52:52 2004 : Debug: modsingle[authorize]: calling preprocess
(rlm_preprocess) for request 5
Tue Nov 9 11:52:52 2004 : Debug: modsingle[authorize]: returned from
preprocess (rlm_preprocess) for request 5
Tue Nov 9 11:52:52 2004 : Debug: modcall[authorize]: module "preprocess"
returns ok for request 5
Tue Nov 9 11:52:52 2004 : Debug: modsingle[authorize]: calling chap
(rlm_chap) for request 5
Tue Nov 9 11:52:52 2004 : Debug: modsingle[authorize]: returned from chap
(rlm_chap) for request 5
Tue Nov 9 11:52:52 2004 : Debug: modcall[authorize]: module "chap" returns
noop for request 5
Tue Nov 9 11:52:52 2004 : Debug: modsingle[authorize]: calling mschap
(rlm_mschap) for request 5
Tue Nov 9 11:52:52 2004 : Debug: modsingle[authorize]: returned from mschap
(rlm_mschap) for request 5
Tue Nov 9 11:52:52 2004 : Debug: modcall[authorize]: module "mschap" returns
noop for request 5
Tue Nov 9 11:52:52 2004 : Debug: modsingle[authorize]: calling suffix
(rlm_realm) for request 5
Tue Nov 9 11:52:52 2004 : Debug: rlm_realm: No '@' in User-Name = "shay",
looking up realm NULL
Tue Nov 9 11:52:52 2004 : Debug: rlm_realm: No such realm "NULL"
Tue Nov 9 11:52:52 2004 : Debug: modsingle[authorize]: returned from suffix
(rlm_realm) for request 5
Tue Nov 9 11:52:52 2004 : Debug: modcall[authorize]: module "suffix" returns
noop for request 5
Tue Nov 9 11:52:52 2004 : Debug: modsingle[authorize]: calling eap (rlm_eap)
for request 5
Tue Nov 9 11:52:52 2004 : Debug: rlm_eap: EAP packet type response id 1
length 9
Tue Nov 9 11:52:52 2004 : Debug: rlm_eap: No EAP Start, assuming it's an
on-going EAP conversation
Tue Nov 9 11:52:52 2004 : Debug: modsingle[authorize]: returned from eap
(rlm_eap) for request 5
Tue Nov 9 11:52:52 2004 : Debug: modcall[authorize]: module "eap" returns
updated for request 5
Tue Nov 9 11:52:52 2004 : Debug: modsingle[authorize]: calling files
(rlm_files) for request 5
Tue Nov 9 11:52:52 2004 : Debug: users: Matched DEFAULT at 152
Tue Nov 9 11:52:52 2004 : Debug: users: Matched DEFAULT at 171
Tue Nov 9 11:52:52 2004 : Debug: users: Matched shay at 216
Tue Nov 9 11:52:52 2004 : Debug: modsingle[authorize]: returned from files
(rlm_files) for request 5
Tue Nov 9 11:52:52 2004 : Debug: modcall[authorize]: module "files" returns
ok for request 5
Tue Nov 9 11:52:52 2004 : Debug: modcall: group authorize returns updated for
request 5
Tue Nov 9 11:52:52 2004 : Debug: rad_check_password: Found Auth-Type EAP
Tue Nov 9 11:52:52 2004 : Debug: auth: type "EAP"
Tue Nov 9 11:52:52 2004 : Debug: modcall: entering group authenticate for
request 5
Tue Nov 9 11:52:52 2004 : Debug: modsingle[authenticate]: calling eap
(rlm_eap) for request 5
Tue Nov 9 11:52:52 2004 : Debug: rlm_eap: EAP Identity
Tue Nov 9 11:52:52 2004 : Debug: rlm_eap: processing type md5
Tue Nov 9 11:52:52 2004 : Info: rlm_eap_md5: Issuing Challenge
Tue Nov 9 11:52:52 2004 : Debug: Not-EAP proxy set. Not composing EAP
Tue Nov 9 11:52:52 2004 : Debug: modsingle[authenticate]: returned from eap
(rlm_eap) for request 5
Tue Nov 9 11:52:52 2004 : Debug: modcall[authenticate]: module "eap" returns
handled for request 5
Tue Nov 9 11:52:52 2004 : Debug: modcall: group authenticate returns handled
for request 5
Tue Nov 9 11:52:52 2004 : Debug: There was no response configured: rejecting
request 5
Tue Nov 9 11:52:52 2004 : Debug: Server rejecting request 5.
Tue Nov 9 11:52:52 2004 : Debug: Finished request 5
Tue Nov 9 11:52:52 2004 : Debug: Going to the next request
Tue Nov 9 11:52:52 2004 : Debug: --- Walking the entire request list ---
Tue Nov 9 11:52:52 2004 : Debug: Waking up in 1 seconds...
rad_recv: Access-Request packet from host 10.51.254.29:1026, id=126, length=190
Sending Access-Reject of id 126 to 10.51.254.29:1026
Reply-Message = "Hello, %u"
Tue Nov 9 11:52:53 2004 : Debug: --- Walking the entire request list ---
Tue Nov 9 11:52:53 2004 : Debug: Waking up in 5 seconds...
Tue Nov 9 11:52:58 2004 : Debug: --- Walking the entire request list ---
Tue Nov 9 11:52:58 2004 : Debug: Cleaning up request 5 ID 126 with timestamp
41912014
Tue Nov 9 11:52:58 2004 : Debug: Nothing to do. Sleeping until we see a
request.
> [EMAIL PROTECTED] wrote:
> > I have FreeRadius 1.0.1 compiled and installed on OS 10.3. I am able
> > to authenticate a local user, but when I attempt to use TLS I get the
> > following information from radtest...
>
> >
> > Tue Nov 9 09:11:55 2004 : Debug: rlm_eap: EAP Identity
> > Tue Nov 9 09:11:55 2004 : Debug: rlm_eap: processing type md5
>
> Well, you're not using EAP-TLS.
>
> > Any guidance or suggestions would be greatly appreciated.
>
> What do you think is wrong? What do you expect the server to do?
>
> What you've posted is a piece from the middle of the server doing
> something. Without knowing the larger context, it's impossible to say
> if anything is going wrong, or if the server is doing what you expect.
>
> Alan DeKok.
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
