It looks like you haven't configured sql (and password is in the database).
Ivan Kalik Kalik Informatika ISP Dana 27/3/2008, "Mikael Syska" <[EMAIL PROTECTED]> piše: >Hi, > >Thanks, that seemed to get me a bit further to the end .... now I got this: >+----+----------+--------------------+----+-------+ >| id | username | attribute | op | value | >+----+----------+--------------------+----+-------+ >| 2 | 44 | Cleartext-Password | := | 4444 | >+----+----------+--------------------+----+-------+ > >Here is where its failing: >++[eap] returns updated >++[files] returns noop >++[expiration] returns noop >++[logintime] returns noop >++[pap] returns noop > WARNING: You set Proxy-To-Realm = LOCAL, but it is a LOCAL realm! >Cancelling invalid proxy request. > rad_check_password: Found Auth-Type EAP >auth: type "EAP" >+- entering group authenticate > rlm_eap: Request found, released from the list > rlm_eap: EAP/mschapv2 > rlm_eap: processing type mschapv2 >+- entering group MS-CHAP > rlm_mschap: No Cleartext-Password configured. Cannot create LM-Password. > rlm_mschap: No Cleartext-Password configured. Cannot create NT-Password. > rlm_mschap: Told to do MS-CHAPv2 for 44 with NT-Password > rlm_mschap: FAILED: No NT/LM-Password. Cannot perform authentication. > rlm_mschap: FAILED: MS-CHAP2-Response is incorrect >++[mschap] returns reject > rlm_eap: Freeing handler >++[eap] returns reject >auth: Failed to validate the user. >Login incorrect: [44/<via Auth-Type = EAP>] (from client ap30 port 0) > PEAP: Tunneled authentication was rejected. > rlm_eap_peap: FAILURE >++[eap] returns handled > EAP-Message = >0x010b002b190017030100206f04599b56f9940737b9c497b35f5f64e78bceb46ce824932fe2d58d5d3850de > Message-Authenticator = 0x00000000000000000000000000000000 > State = 0x5856f36f505dea9c1496d5ca0872b221 >Finished request 20. >Going to the next request >Waking up in 3.9 seconds. > >So ... what do I need to set ... I'm not sure were I can read about >this, so this mailing list is my only hope ... :-) Maybe its something >about what Alan wrote: > >>hi, >> >>trying to authenticate Vista against a plain password? PEAP doesnt >>work like this. you could put an NThash into the database instead.. >>or try using SecureW2 or other asupplicant that does EAP-TTLS/PAP >>alan > >But I'm not sure ... its still all very new to me ... > >If you need more information, just say so ... and I will get it. > >best regards >Mikael Syska > >On Thu, Mar 27, 2008 at 6:38 AM, Alan DeKok <[EMAIL PROTECTED]> wrote: >> Mikael Syska wrote: >> > I'm using default setup, only uncomment the sql in the default >> "sites-enabled" >> > >> > Running version: 2.0.3 >> >> I think you have to copy "sites-available/inner-tunnel" from the tar >> file to /etc/raddb. It isn't installed by default in 2.0.3, but it *is* >> referenced. Sorry... >> >> This is fixed in CVS head. >> >> Alan DeKok. >> - >> List info/subscribe/unsubscribe? See >> http://www.freeradius.org/list/usershtml >> >- >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
