Hi there, I have been googling and searching the archives for help - no luck so far.
I am trying to get Mac OS X 10.5.4 Server to authenticate against the Open Directory in order to provide "http://eduroam.org"; service - so far with no luck. I AM able to authenticate against my hardcoded users in the /users file so I know that part (most?) of the setup is working (firewall, proxying etc). Running radiusd in debug mode: (sudo /usr/sbin/radiusd -X -f) gives this good debug info (please help me find my problem as I am not yet an expert within the RADIUS - yet :-) Testclient is also Mac OS X 10.5.4 though a Client - not a Server :) rad_recv: Access-Request packet from host 130.225.242.107:1814, id=26, length=201 Received packet from 130.225.242.107 with invalid Message-Authenticator! (Shared secret is incorrect.) Dropping packet without response. Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... rad_recv: Access-Request packet from host 130.225.242.107:1814, id=27, length=201 Received packet from 130.225.242.107 with invalid Message-Authenticator! (Shared secret is incorrect.) Dropping packet without response. Finished request 1 Going to the next request --- Walking the entire request list --- Waking up in 4 seconds... rad_recv: Access-Request packet from host 130.225.242.107:1814, id=28, length=201 Received packet from 130.225.242.107 with invalid Message-Authenticator! (Shared secret is incorrect.) Dropping packet without response. Finished request 2 Going to the next request --- Walking the entire request list --- Waking up in 2 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 26 with timestamp 48b8514f Waking up in 2 seconds... --- Walking the entire request list --- Cleaning up request 1 ID 27 with timestamp 48b85151 Waking up in 2 seconds... --- Walking the entire request list --- Cleaning up request 2 ID 28 with timestamp 48b85153 Nothing to do. Sleeping until we see a request. rad_recv: Access-Request packet from host 130.225.242.106:1814, id=19, length=201 User-Name = "[EMAIL PROTECTED]" Calling-Station-Id = "00-14-51-7F-C3-A2" Called-Station-Id = "00-0B-85-84-19-E0:eduroam" NAS-Port = 29 NAS-IP-Address = 172.17.1.4 NAS-Identifier = "Cisco_ea:68:a3" Airespace-Wlan-Id = 3 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-802.11 Tunnel-Type:0 = VLAN Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Private-Group-Id:0 = "\000800" EAP-Message = 0x0203001501746573747573657240627269632e646b Message-Authenticator = 0x5216ae078ddb62a4e787498caba6c2f6 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 3 modcall[authorize]: module "preprocess" returns ok for request 3 modcall[authorize]: module "chap" returns noop for request 3 modcall[authorize]: module "mschap" returns noop for request 3 rlm_realm: Looking up realm "bric.dk" for User-Name = "[EMAIL PROTECTED]" rlm_realm: Found realm "bric.dk" rlm_realm: Adding Stripped-User-Name = "testuser" rlm_realm: Proxying request from user testuser to realm bric.dk rlm_realm: Adding Realm = "bric.dk" rlm_realm: Authentication realm is LOCAL. modcall[authorize]: module "suffix" returns noop for request 3 rlm_eap: EAP packet type response id 3 length 21 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 3 users: Matched entry DEFAULT at line 153 users: Matched entry DEFAULT at line 172 modcall[authorize]: module "files" returns ok for request 3 rlm_opendirectory: The SACL group "com.apple.access_radius" does not exist on this system. rlm_opendirectory: The host 130.225.242.106 does not have an access group. rlm_opendirectory: no access control groups, all users allowed. modcall[authorize]: module "opendirectory" returns ok for request 3 modcall: leaving group authorize (returns updated) for request 3 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 3 rlm_eap: EAP Identity rlm_eap: processing type tls rlm_eap_tls: Initiate rlm_eap_tls: Start returned 1 modcall[authenticate]: module "eap" returns handled for request 3 modcall: leaving group authenticate (returns handled) for request 3 Sending Access-Challenge of id 19 to 130.225.242.106 port 1814 Framed-IP-Address = 255.255.255.254 Framed-MTU = 576 Service-Type = Framed-User EAP-Message = 0x010400061520 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x6b55b82a65c27423545059bd72c3a1a3 Finished request 3 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... rad_recv: Access-Request packet from host 130.225.242.106:1814, id=20, length=310 User-Name = "[EMAIL PROTECTED]" Calling-Station-Id = "00-14-51-7F-C3-A2" Called-Station-Id = "00-0B-85-84-19-E0:eduroam" NAS-Port = 29 NAS-IP-Address = 172.17.1.4 NAS-Identifier = "Cisco_ea:68:a3" Airespace-Wlan-Id = 3 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-802.11 Tunnel-Type:0 = VLAN Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Private-Group-Id:0 = "\000800" EAP-Message = 0x0204007015800000006616030100610100005d030148b8515f5a170a84693976f3002d3d2f17b996dfb6a11461d76e12aa04c823b1000036002f000500040035000a000900030008000600320033003800390016001500140013001200110034003a0018001b001a0017001900010100 State = 0x6b55b82a65c27423545059bd72c3a1a3 Message-Authenticator = 0x2290f9444384fa8a336e277b8f63f4a5 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 4 modcall[authorize]: module "preprocess" returns ok for request 4 modcall[authorize]: module "chap" returns noop for request 4 modcall[authorize]: module "mschap" returns noop for request 4 rlm_realm: Looking up realm "bric.dk" for User-Name = "[EMAIL PROTECTED]" rlm_realm: Found realm "bric.dk" rlm_realm: Adding Stripped-User-Name = "testuser" rlm_realm: Proxying request from user testuser to realm bric.dk rlm_realm: Adding Realm = "bric.dk" rlm_realm: Authentication realm is LOCAL. modcall[authorize]: module "suffix" returns noop for request 4 rlm_eap: EAP packet type response id 4 length 112 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 4 users: Matched entry DEFAULT at line 153 users: Matched entry DEFAULT at line 172 modcall[authorize]: module "files" returns ok for request 4 rlm_opendirectory: The SACL group "com.apple.access_radius" does not exist on this system. rlm_opendirectory: The host 130.225.242.106 does not have an access group. rlm_opendirectory: no access control groups, all users allowed. modcall[authorize]: module "opendirectory" returns ok for request 4 modcall: leaving group authorize (returns updated) for request 4 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 4 rlm_eap: Request found, released from the list rlm_eap: EAP/ttls rlm_eap: processing type ttls rlm_eap_ttls: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 (other): before/accept initialization TLS_accept: before/accept initialization rlm_eap_tls: <<< TLS 1.0 Handshake [length 0061], ClientHello TLS_accept: SSLv3 read client hello A rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello TLS_accept: SSLv3 write server hello A rlm_eap_tls: >>> TLS 1.0 Handshake [length 0205], Certificate TLS_accept: SSLv3 write certificate A rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone TLS_accept: SSLv3 write server done A TLS_accept: SSLv3 flush data TLS_accept: Need to read more data: SSLv3 read client certificate A In SSL Handshake Phase In SSL Accept mode eaptls_process returned 13 modcall[authenticate]: module "eap" returns handled for request 4 modcall: leaving group authenticate (returns handled) for request 4 Sending Access-Challenge of id 20 to 130.225.242.106 port 1814 Framed-IP-Address = 255.255.255.254 Framed-MTU = 576 Service-Type = Framed-User EAP-Message = 0x0105026c158000000262160301004a02000046030148b8515fe87904cb4446203056b73fd1aa5ba41024828ee331b8ec32a39a1e5b20cef766ec6a5dce450efd2bb291ec7b40b0f4030813d956b6caf6653d6165e6f8002f0016030102050b0002010001fe0001fb308201f730820160a00302010202043d6c7d37300b06092a864886f70d0101053030310d300b06035504030c0474657374310d300b060355040a0c04427269633110300e060355040b0c07627269632e646b301e170d3037313232303030313935355a170d3038313131383231303734305a3030310d300b06035504030c0474657374310d300b060355040a0c0442726963311030 EAP-Message = 0x0e060355040b0c07627269632e646b30819f300d06092a864886f70d010101050003818d0030818902818100b528df96ddfa57a15ea58d4e10a91abaf7593617eb2678914c78a75f7a46f1871b1f6ed38cd1cfa5f6f98cb40d439d8b065dab0225408e6e5089b6bff5a5f8188d9ed6e48eb7890c1a05d38babe9d5f7e8824400e8d84713c1eb3bed51958cec1f2bffd25c58ee07f0c8c86ba191bdeae66859cde52751dc3679d4363a0e75170203010001a320301e300b0603551d0f0404030202b4300f0603551d130101ff04053003010100300d06092a864886f70d010105050003818100174fa69b358ee0e1e5334a00b51cbe7544cde878d7c81e EAP-Message = 0x8f7f6e4baf89af1d373dbfe40df55287642014d4918bec674b195de4d5ebcd57496fb21acffdcc4947db69f77a837ff8337c302cb8daef2c2273b33f92d0b5565939dc09fadd01e3bac3f88eb1a14e3d18aa2f66fedac03fda91cc14e9bc346acce1dc7295f117ef3316030100040e000000 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xa7a08498b7d8fd373619e637a6b9497f Finished request 4 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 130.225.242.106:1814, id=21, length=406 User-Name = "[EMAIL PROTECTED]" Calling-Station-Id = "00-14-51-7F-C3-A2" Called-Station-Id = "00-0B-85-84-19-E0:eduroam" NAS-Port = 29 NAS-IP-Address = 172.17.1.4 NAS-Identifier = "Cisco_ea:68:a3" Airespace-Wlan-Id = 3 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-802.11 Tunnel-Type:0 = VLAN Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Private-Group-Id:0 = "\000800" EAP-Message = 0x020500d01580000000c616030100861000008200809c6256be59d58444084217ef937e20ab4e9addb1d7a71164b4bdb4dd90f9c51cebc2c3d0f966d9ae13036119cf961595f38b28ea311c563f363836b99c0eff13b77e110076d212203447dcd9889852f9f8d2b00a161bebe33abca071a91f9020d16a4493c0f823809ad6c3f27235f881029ca6dbe15ccef1c1ee9fd8b7e01e5a14030100010116030100309904a5ef25e86c0ff9c272ad5540fc6e6c9cb1c478a821a9e403953262bd772da137dd3360670763c1b23de636783813 State = 0xa7a08498b7d8fd373619e637a6b9497f Message-Authenticator = 0xa300f3c74dfa418d42a8476478f7004f Processing the authorize section of radiusd.conf modcall: entering group authorize for request 5 modcall[authorize]: module "preprocess" returns ok for request 5 modcall[authorize]: module "chap" returns noop for request 5 modcall[authorize]: module "mschap" returns noop for request 5 rlm_realm: Looking up realm "bric.dk" for User-Name = "[EMAIL PROTECTED]" rlm_realm: Found realm "bric.dk" rlm_realm: Adding Stripped-User-Name = "testuser" rlm_realm: Proxying request from user testuser to realm bric.dk rlm_realm: Adding Realm = "bric.dk" rlm_realm: Authentication realm is LOCAL. modcall[authorize]: module "suffix" returns noop for request 5 rlm_eap: EAP packet type response id 5 length 208 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 5 users: Matched entry DEFAULT at line 153 users: Matched entry DEFAULT at line 172 modcall[authorize]: module "files" returns ok for request 5 rlm_opendirectory: The SACL group "com.apple.access_radius" does not exist on this system. rlm_opendirectory: The host 130.225.242.106 does not have an access group. rlm_opendirectory: no access control groups, all users allowed. modcall[authorize]: module "opendirectory" returns ok for request 5 modcall: leaving group authorize (returns updated) for request 5 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 5 rlm_eap: Request found, released from the list rlm_eap: EAP/ttls rlm_eap: processing type ttls rlm_eap_ttls: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange TLS_accept: SSLv3 read client key exchange A rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001] rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished TLS_accept: SSLv3 read finished A rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001] TLS_accept: SSLv3 write change cipher spec A rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished TLS_accept: SSLv3 write finished A TLS_accept: SSLv3 flush data (other): SSL negotiation finished successfully SSL Connection Established eaptls_process returned 13 modcall[authenticate]: module "eap" returns handled for request 5 modcall: leaving group authenticate (returns handled) for request 5 Sending Access-Challenge of id 21 to 130.225.242.106 port 1814 Framed-IP-Address = 255.255.255.254 Framed-MTU = 576 Service-Type = Framed-User EAP-Message = 0x0106004515800000003b14030100010116030100307324aca9a0624587c31701d7b81b24d1e2c097d5ce09f15c0453da9c701026b1becb4154c55342e02d2ce85c2b40ea23 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xcfb62e9c7f0b887914d1f617cc70a339 Finished request 5 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 130.225.242.106:1814, id=22, length=357 User-Name = "[EMAIL PROTECTED]" Calling-Station-Id = "00-14-51-7F-C3-A2" Called-Station-Id = "00-0B-85-84-19-E0:eduroam" NAS-Port = 29 NAS-IP-Address = 172.17.1.4 NAS-Identifier = "Cisco_ea:68:a3" Airespace-Wlan-Id = 3 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-802.11 Tunnel-Type:0 = VLAN Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Private-Group-Id:0 = "\000800" EAP-Message = 0x0206009f1580000000951703010090b7d3eb1b77b7775c8190cebfb411d21e6627e9821f86d356f60efbea7c6497dc66664ceb21febfbf59b80227b6cb777d2e4c6051e8af54229d35c254d796f4d6f0e1bfe716919511042be43818729094631ebcff50c771ffc2e6df73e0c709c28830d6b82db4df8110839e0c4b153b28030486f23d112d509b68e612d592eabf5f202b68c70ddfaf2da06d3e441a8eff State = 0xcfb62e9c7f0b887914d1f617cc70a339 Message-Authenticator = 0x4d0c9e4196d02fceeaf413d2586fefbf Processing the authorize section of radiusd.conf modcall: entering group authorize for request 6 modcall[authorize]: module "preprocess" returns ok for request 6 modcall[authorize]: module "chap" returns noop for request 6 modcall[authorize]: module "mschap" returns noop for request 6 rlm_realm: Looking up realm "bric.dk" for User-Name = "[EMAIL PROTECTED]" rlm_realm: Found realm "bric.dk" rlm_realm: Adding Stripped-User-Name = "testuser" rlm_realm: Proxying request from user testuser to realm bric.dk rlm_realm: Adding Realm = "bric.dk" rlm_realm: Authentication realm is LOCAL. modcall[authorize]: module "suffix" returns noop for request 6 rlm_eap: EAP packet type response id 6 length 159 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 6 users: Matched entry DEFAULT at line 153 users: Matched entry DEFAULT at line 172 modcall[authorize]: module "files" returns ok for request 6 rlm_opendirectory: The SACL group "com.apple.access_radius" does not exist on this system. rlm_opendirectory: The host 130.225.242.106 does not have an access group. rlm_opendirectory: no access control groups, all users allowed. modcall[authorize]: module "opendirectory" returns ok for request 6 modcall: leaving group authorize (returns updated) for request 6 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 6 rlm_eap: Request found, released from the list rlm_eap: EAP/ttls rlm_eap: processing type ttls rlm_eap_ttls: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 eaptls_process returned 7 rlm_eap_ttls: Session established. Proceeding to decode tunneled attributes. TTLS: Got tunneled request User-Name = "[EMAIL PROTECTED]" MS-CHAP-Challenge = 0x63a3c34cf7df7e1ce1847c548b4c01c7 MS-CHAP2-Response = 0xe1006877cd5e3a28368d5bf9531c77e811a700000000000000004016c5470ee27eb869fd7d9d0093ffa247bdb4e6a2b89fe4 FreeRADIUS-Proxied-To = 127.0.0.1 TTLS: Sending tunneled request User-Name = "[EMAIL PROTECTED]" MS-CHAP-Challenge = 0x63a3c34cf7df7e1ce1847c548b4c01c7 MS-CHAP2-Response = 0xe1006877cd5e3a28368d5bf9531c77e811a700000000000000004016c5470ee27eb869fd7d9d0093ffa247bdb4e6a2b89fe4 FreeRADIUS-Proxied-To = 127.0.0.1 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 6 modcall[authorize]: module "preprocess" returns ok for request 6 modcall[authorize]: module "chap" returns noop for request 6 rlm_mschap: Found MS-CHAP attributes. Setting 'Auth-Type = mschap' modcall[authorize]: module "mschap" returns ok for request 6 rlm_realm: Looking up realm "bric.dk" for User-Name = "[EMAIL PROTECTED]" rlm_realm: Found realm "bric.dk" rlm_realm: Adding Stripped-User-Name = "testuser" rlm_realm: Proxying request from user testuser to realm bric.dk rlm_realm: Adding Realm = "bric.dk" rlm_realm: Authentication realm is LOCAL. modcall[authorize]: module "suffix" returns noop for request 6 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 6 users: Matched entry DEFAULT at line 153 users: Matched entry DEFAULT at line 236 radius_xlat: '[EMAIL PROTECTED]' modcall[authorize]: module "files" returns ok for request 6 rlm_opendirectory: The SACL group "com.apple.access_radius" does not exist on this system. rlm_opendirectory: The host 127.0.0.1 does not have an access group. rlm_opendirectory: no access control groups, all users allowed. modcall[authorize]: module "opendirectory" returns ok for request 6 modcall: leaving group authorize (returns ok) for request 6 rad_check_password: Found Auth-Type MS-CHAP auth: type "MS-CHAP" Processing the authenticate section of radiusd.conf modcall: entering group MS-CHAP for request 6 rlm_mschap: No User-Password configured. Cannot create LM-Password. rlm_mschap: No User-Password configured. Cannot create NT-Password. rlm_mschap: Told to do MS-CHAPv2 for [EMAIL PROTECTED] with NT-Password rlm_mschap: No NT-Password configured. Trying DirectoryService Authentication. rlm_mschap: getUserNodeRef(): dsGetRecordList() status = 0, recCount=0 rlm_osx_od: ds_mschap_auth: getUserNodeRef failed modcall[authenticate]: module "mschap" returns fail for request 6 modcall: leaving group MS-CHAP (returns fail) for request 6 auth: Failed to validate the user. Login incorrect: [EMAIL PROTECTED]/<no User-Password attribute>] (from client localhost port 0) TTLS: Got tunneled reply RADIUS code 3 User-Name = "[EMAIL PROTECTED]" TTLS: Got tunneled Access-Reject rlm_eap: Handler failed in EAP/ttls rlm_eap: Failed in EAP select modcall[authenticate]: module "eap" returns invalid for request 6 modcall: leaving group authenticate (returns invalid) for request 6 auth: Failed to validate the user. Login incorrect: [EMAIL PROTECTED]/<no User-Password attribute>] (from client tld-1 port 29 cli 00-14-51-7F-C3-A2) Delaying request 6 for 1 seconds Finished request 6 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Waking up in 1 seconds... rad_recv: Access-Request packet from host 130.225.242.106:1814, id=23, length=357 User-Name = "[EMAIL PROTECTED]" Calling-Station-Id = "00-14-51-7F-C3-A2" Called-Station-Id = "00-0B-85-84-19-E0:eduroam" NAS-Port = 29 NAS-IP-Address = 172.17.1.4 NAS-Identifier = "Cisco_ea:68:a3" Airespace-Wlan-Id = 3 Service-Type = Framed-User Framed-MTU = 1300 NAS-Port-Type = Wireless-802.11 Tunnel-Type:0 = VLAN Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Private-Group-Id:0 = "\000800" EAP-Message = 0x0206009f1580000000951703010090b7d3eb1b77b7775c8190cebfb411d21e6627e9821f86d356f60efbea7c6497dc66664ceb21febfbf59b80227b6cb777d2e4c6051e8af54229d35c254d796f4d6f0e1bfe716919511042be43818729094631ebcff50c771ffc2e6df73e0c709c28830d6b82db4df8110839e0c4b153b28030486f23d112d509b68e612d592eabf5f202b68c70ddfaf2da06d3e441a8eff State = 0xcfb62e9c7f0b887914d1f617cc70a339 Message-Authenticator = 0x2535af39d3c8b25b89693657df5323ba Processing the authorize section of radiusd.conf modcall: entering group authorize for request 7 modcall[authorize]: module "preprocess" returns ok for request 7 modcall[authorize]: module "chap" returns noop for request 7 modcall[authorize]: module "mschap" returns noop for request 7 rlm_realm: Looking up realm "bric.dk" for User-Name = "[EMAIL PROTECTED]" rlm_realm: Found realm "bric.dk" rlm_realm: Adding Stripped-User-Name = "testuser" rlm_realm: Proxying request from user testuser to realm bric.dk rlm_realm: Adding Realm = "bric.dk" rlm_realm: Authentication realm is LOCAL. modcall[authorize]: module "suffix" returns noop for request 7 rlm_eap: EAP packet type response id 6 length 159 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 7 users: Matched entry DEFAULT at line 153 users: Matched entry DEFAULT at line 172 modcall[authorize]: module "files" returns ok for request 7 rlm_opendirectory: The SACL group "com.apple.access_radius" does not exist on this system. rlm_opendirectory: The host 130.225.242.106 does not have an access group. rlm_opendirectory: no access control groups, all users allowed. modcall[authorize]: module "opendirectory" returns ok for request 7 modcall: leaving group authorize (returns updated) for request 7 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 7 rlm_eap: Request not found in the list rlm_eap: Either EAP-request timed out OR EAP-response to an unknown EAP-request rlm_eap: Failed in handler modcall[authenticate]: module "eap" returns invalid for request 7 modcall: leaving group authenticate (returns invalid) for request 7 auth: Failed to validate the user. Login incorrect: [EMAIL PROTECTED]/<no User-Password attribute>] (from client tld-1 port 29 cli 00-14-51-7F-C3-A2) Delaying request 7 for 1 seconds Finished request 7 Going to the next request --- Walking the entire request list --- Sending Access-Reject of id 22 to 130.225.242.106 port 1814 EAP-Message = 0x04060004 Message-Authenticator = 0x00000000000000000000000000000000 Waking up in 1 seconds... --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Cleaning up request 3 ID 19 with timestamp 48b8515f Cleaning up request 4 ID 20 with timestamp 48b8515f Cleaning up request 5 ID 21 with timestamp 48b8515f Sending Access-Reject of id 23 to 130.225.242.106 port 1814 Waking up in 2 seconds... --- Walking the entire request list --- Cleaning up request 6 ID 22 with timestamp 48b85161 Waking up in 2 seconds... --- Walking the entire request list --- Cleaning up request 7 ID 23 with timestamp 48b85163 Nothing to do. Sleeping until we see a request. Any suggestion are more than welcome(!) TvE - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
