Hi All,
I've an issue about EAP in 802.1X. right now, I'm trying EAP-MD5 for
802.1X using freeradius 2.0.3 and procurve switch, sadly it doesn't
work. but when I 'am using freeradius 1.1.7 it works smoothly .... I've
tried not only using native windows XP SP 2 supplicant but also
wpa_supplicant. both don't work using freeradius2. I've also tried
reinstall the freeradius 2.0.3 ( i'm forget using mercurial ), I thought
I misconfigure something..but. even using "fresh from the oven"
configuration still just don't work. , here are the debug:
Sending duplicate reply to client test port 1024 - ID: 4
Cleaning up request 2 ID 4 with timestamp +46
Ready to process requests.
Framed-MTU = 1480
NAS-IP-Address = 192.168.12.130
NAS-Identifier = "ProCurve Switch 2650"
User-Name = "testing"
Service-Type = Framed-User
Framed-Protocol = PPP
NAS-Port = 1
NAS-Port-Type = Ethernet
NAS-Port-Id = "1"
Called-Station-Id = "00-1c-2e-73-85-00"
Calling-Station-Id = "00-0a-e4-13-58-c7"
Connect-Info = "CONNECT Ethernet 100Mbps Full duplex"
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "1"
EAP-Message = 0x023a000c0174657374696e67
Message-Authenticator = 0x55d6fa8c198752bd6c62c351b234a57b
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
rlm_realm: No '@' in User-Name = "testing", looking up realm NULL
rlm_realm: No such realm "NULL"
++[suffix] returns noop
rlm_eap: EAP packet type response id 58 length 12
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[unix] returns notfound
users: Matched entry testing at line 102
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
rlm_pap: Found existing Auth-Type, not changing it.
++[pap] returns noop
rad_check_password: Found Auth-Type EAP
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Replacing User-Password in config items with
Cleartext-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Please update your configuration so that the "known
good" !!!
!!! clear text password is in Cleartext-Password, and not in
User-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
auth: type "EAP"
+- entering group authenticate
rlm_eap: EAP Identity
rlm_eap: processing type md5
rlm_eap_md5: Issuing Challenge
++[eap] returns handled
Service-Type = Framed-User
Framed-Protocol = PPP
NAS-Port = 2
NAS-Port-Type = Ethernet
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "101"
EAP-Message = 0x013b001604101fee1ce904aea0659f790123de5bc761
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x9e1dcf679e26cbc870b5fae6a11d133d
Finished request 3.
Going to the next request
Waking up in 4.9 seconds.
Sending duplicate reply to client test port 1024 - ID: 4 <--- any
clue what is it ?
Cleaning up request 3 ID 4 with timestamp +56
Ready to process requests.
from the wpa_supplicant's debug it broke right before EAP message
method, so it (the supplicant) doesn't receive any MD5 Challenge from
radius. anyone have same problem? really appreciate for any help
Thank you
Ryan Setiawan H
--
DISCLAIMER:
The contents of this email and attachments are confidential and may be subject
to legal privilege. Any unauthorized use, copying, disclosure or communicating
any part of it to others is strictly prohibited and may be unlawful. If you are
not the intended recipient you must not use, copy, distribute or rely on this
email and should please return it immediately to the sender or notify us and
delete the email and any attachments from your system. We cannot accept
liability for loss or damage resulting from computer viruses. The integrity of
email across the Internet cannot be guaranteed and PT BANK NISP, Tbk. will not
accept liability for any claims arising as a result of the use of this medium
for transmissions by or to PT BANK NISP, Tbk.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
