> "Dudley Atkinson" <[EMAIL PROTECTED]> wrote: > > The User-Name = "PEAP-ABBAABBAABBA" is generated by the Cisco WLSE, > > and isn't a valid name - perhaps I need to work around this somehow? > > If it's only used for testing, list it in the "users" file. > > > I've read the docs but can't interpret what I'm seeing. How is the > > EAP-Message broken down to show the actual username and > password being > > sent by the client? > > It doesn't matter. The name is sent in the User-Name attribute. > > > Is the User-Name = "PEAP-ABBAABBAABBA" needed to start the > EAP decode? > > No. > > > Do I have to have a dummy "PEAP-ABBAABBAABBA" user to make > things go? > > Yes, if you want the test authentication to proceed. > > Alan DeKok. > >
Thanks Alan... I'm wondering if the WLSE is doing things right. I put this User-name into the user list, and retested. I get the usual debug, followed with: ---------------------------------------------- Remove PEAP-ABBAABBAABBA from user list Remove localusers from user list modcall[authorize]: module "dbm" returns ok for request 3 modcall: group group returns ok for request 3 modcall: group authorize returns updated for request 3 rad_check_password: Found Auth-Type Local auth: type Local auth: No User-Password or CHAP-Password attribute in the request auth: Failed to validate the user. Delaying request 3 for 1 seconds Finished request 3 Going to the next request Waking up in 4 seconds... --- Walking the entire request list --- Sending Access-Reject of id 1 to 10.0.1.5:32854 ----------------------------------------------- Is this WLSE client misbehaving (I configured in it a username/password different from this crazy one)? What should be embedded in the EAP-Message? Is anyone using the Cisco WLSE and successfully testing PEAP functionality with it? Thanks! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html