=?iso-8859-1?Q?Probl=E9m_authenticaton_EAP=2DLEAP_=28Eap=2Dleap_will_not?= =?iso-8859-1?Q?_be_in_production_but_in_test_currently=29?=

Tue, 22 Feb 2005 08:51:22 -0800 

hello, 
I have a problem on Freeradius 1.0.2.
I have two configuration:
1- PDA microsoft pocket PC ---> AP Cisco ---> Freeradius 1.0.2 
2- PDA microsoft pocket PC 2003 ---> AP Cisco --> Freeradius 1.0.2

The configuration one functions without problem in EAP-LEAP.
An error on the configuration two saying to me that the request EAP is not 
recognized whereas my configuration PDA is the same as that which functions.
Have an idea ??
herewith the debug

DEBUG SOLUTION ONE ----> OK
rad_recv: Access-Request packet from host 200.0.110.200:21647, id=22, length=134
        User-Name = "interne"
        Framed-MTU = 1400
        Called-Station-Id = "000d.eded.7584"
        Calling-Station-Id = "0002.b3e1.534e"
        Service-Type = Login-User
        Message-Authenticator = 0x0dcf19abbdaed8fa099bd9090ce51cb8
        EAP-Message = 0x0202000c01696e7465726e65
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 227
        NAS-IP-Address = 200.0.110.200
        NAS-Identifier = "AP_Radius"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 30
  modcall[authorize]: module "preprocess" returns ok for request 30
  modcall[authorize]: module "chap" returns noop for request 30
  modcall[authorize]: module "mschap" returns noop for request 30
    rlm_realm: No '@' in User-Name = "interne", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 30
  rlm_eap: EAP packet type response id 2 length 12
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 30
    users: Matched entry interne at line 99
  modcall[authorize]: module "files" returns ok for request 30
modcall: group authorize returns updated for request 30
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 30
  rlm_eap: EAP Identity
  rlm_eap: processing type leap
  rlm_eap_leap: Stage 2
  rlm_eap_leap: Issuing AP Challenge
  rlm_eap_leap: Successfully initiated
  modcall[authenticate]: module "eap" returns handled for request 30
modcall: group authenticate returns handled for request 30
Sending Access-Challenge of id 22 to 200.0.110.200:21647
        EAP-Message = 0x01030017110100085783023ddd6fd37c696e7465726e65
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x434ed93c4c2ead59aaf5ee2be8776661
Finished request 30
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 200.0.110.200:21647, id=23, length=179
        User-Name = "interne"
        Framed-MTU = 1400
        Called-Station-Id = "000d.eded.7584"
        Calling-Station-Id = "0002.b3e1.534e"
        Service-Type = Login-User
        Message-Authenticator = 0x614b20ae77549b698d6fe190920da0ce
        EAP-Message = 
0x0203002711010018602e7d34fec6d96d618c57176c86e4b9558daaedcd5f8fe4696e7465726e65
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 227
        State = 0x434ed93c4c2ead59aaf5ee2be8776661
        NAS-IP-Address = 200.0.110.200
        NAS-Identifier = "AP_Radius"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 31
  modcall[authorize]: module "preprocess" returns ok for request 31
  modcall[authorize]: module "chap" returns noop for request 31
  modcall[authorize]: module "mschap" returns noop for request 31
    rlm_realm: No '@' in User-Name = "interne", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 31
  rlm_eap: EAP packet type response id 3 length 39
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 31
    users: Matched entry interne at line 99
  modcall[authorize]: module "files" returns ok for request 31
modcall: group authorize returns updated for request 31
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 31
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/leap
  rlm_eap: processing type leap
  rlm_eap_leap: Stage 4
  rlm_eap_leap: NtChallengeResponse from AP is valid
  rlm_eap: Underlying EAP-Type set EAP ID to 4
  modcall[authenticate]: module "eap" returns ok for request 31
modcall: group authenticate returns ok for request 31
Sending Access-Challenge of id 23 to 200.0.110.200:21647
        EAP-Message = 0x03040004
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x07329ecca5fa59a8c3ced0e46567536e
Finished request 31
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 200.0.110.200:21647, id=24, length=163
        User-Name = "interne"
        Framed-MTU = 1400
        Called-Station-Id = "000d.eded.7584"
        Calling-Station-Id = "0002.b3e1.534e"
        Service-Type = Login-User
        Message-Authenticator = 0xd751613ff2715a837acdf5562ba9fa11
        EAP-Message = 0x0104001711010008c390addbd5c3bd8f696e7465726e65
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 227
        State = 0x07329ecca5fa59a8c3ced0e46567536e
        NAS-IP-Address = 200.0.110.200
        NAS-Identifier = "AP_Radius"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 32
  modcall[authorize]: module "preprocess" returns ok for request 32
  modcall[authorize]: module "chap" returns noop for request 32
  modcall[authorize]: module "mschap" returns noop for request 32
    rlm_realm: No '@' in User-Name = "interne", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 32
  rlm_eap: EAP packet type request id 4 length 23
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 32
    users: Matched entry interne at line 99
  modcall[authorize]: module "files" returns ok for request 32
modcall: group authorize returns updated for request 32
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 32
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/leap
  rlm_eap: processing type leap
  rlm_eap_leap: Stage 6
  rlm_eap: Freeing handler
  modcall[authenticate]: module "eap" returns handled for request 32
modcall: group authenticate returns handled for request 32
Sending Access-Accept of id 24 to 200.0.110.200:21647
        Cisco-AVPair += 
"leap:session-key=\200\005\017c\321X|\017\314l\023L\251X=&\271u_4[\341\227\305\331\240P)'Y\270\242\377\321"
        EAP-Message = 
0x0205002711010018a2746a89b4e14592c211cb46e671e9b20bcd40d087967614696e7465726e65
        Message-Authenticator = 0x00000000000000000000000000000000
        User-Name = "interne"


DEBUG SOLUTION TWO ----> KO

rad_recv: Access-Request packet from host 200.0.110.200:21646, id=249, 
length=173
        User-Name = "test"
        Framed-MTU = 1400
        Called-Station-Id = "000d.eded.7584"
        Calling-Station-Id = "0009.2d0e.04fa"
        Service-Type = Login-User
        Message-Authenticator = 0xbe965e3e54ebf603218021b1ad239e19
        EAP-Message = 
0x0203002411010018d650481cc53131452c35ad2800e00afb5819d1f074497c8b74657374
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 217
        State = 0x017e5bf07733f9422007480c49d9134f
        NAS-IP-Address = 200.0.110.200
        NAS-Identifier = "AP_Radius"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
  modcall[authorize]: module "preprocess" returns ok for request 1
  modcall[authorize]: module "chap" returns noop for request 1
  modcall[authorize]: module "mschap" returns noop for request 1
    rlm_realm: No '@' in User-Name = "test", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 1
  rlm_eap: EAP packet type response id 3 length 36
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 1
    users: Matched entry test at line 105
  modcall[authorize]: module "files" returns ok for request 1
modcall: group authorize returns updated for request 1
  rad_check_password:  Found Auth-Type eap
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 1
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/leap
  rlm_eap: processing type leap
  rlm_eap_leap: Stage 4
  rlm_eap_leap: NtChallengeResponse from AP is valid
  rlm_eap: Underlying EAP-Type set EAP ID to 4
  modcall[authenticate]: module "eap" returns ok for request 1
modcall: group authenticate returns ok for request 1
Sending Access-Challenge of id 249 to 200.0.110.200:21646
        EAP-Message = 0x03040004
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0x5fe1da6a989f2c1a35b07c8e49e93004
Finished request 1
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 200.0.110.200:21646, id=250, 
length=157
        User-Name = "test"
        Framed-MTU = 1400
        Called-Station-Id = "000d.eded.7584"
        Calling-Station-Id = "0009.2d0e.04fa"
        Service-Type = Login-User
        Message-Authenticator = 0xf85391ce3d9ac66acef0bde8a8bf3fa4
        EAP-Message = 0x010300141101000867935ad6df79f84674657374
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 217
        State = 0x5fe1da6a989f2c1a35b07c8e49e93004
        NAS-IP-Address = 200.0.110.200
        NAS-Identifier = "AP_Radius"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 2
  modcall[authorize]: module "preprocess" returns ok for request 2
  modcall[authorize]: module "chap" returns noop for request 2
  modcall[authorize]: module "mschap" returns noop for request 2
    rlm_realm: No '@' in User-Name = "test", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 2
  rlm_eap: EAP packet type request id 3 length 20
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 2
    users: Matched entry test at line 105
  modcall[authorize]: module "files" returns ok for request 2
modcall: group authorize returns updated for request 2
  rad_check_password:  Found Auth-Type eap
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 2
  rlm_eap: Request not found in the list
rlm_eap: Either EAP-request timed out OR EAP-response to an unknown EAP-request
  rlm_eap: Failed in handler
  modcall[authenticate]: module "eap" returns invalid for request 2
modcall: group authenticate returns invalid for request 2
auth: Failed to validate the user.
Delaying request 2 for 1 seconds
Finished request 2
Going to the next request

thank you for your assistance



Patrice PAPOT
Ing�nieur T�l�com et R�seau
SNCM
61, BD des Dames
13002 Marseille
Tel : 04-91-56-36-52
Fax : 04-91-56-36-65
Email : [EMAIL PROTECTED]



BEGIN:VCARD
VERSION:2.1
X-GWTYPE:USER
FN:PAPOT, Patrice
EMAIL;WORK;PREF;NGW:[EMAIL PROTECTED]
N:PAPOT;Patrice
ORG:Sncm
END:VCARD

Reply via email to