Here is the output of Cisco debugging with "use_tunneled_reply = yes": http://dpaste.com/113022/
Again, I really appreciate your help. -William On Sun, Jan 25, 2009 at 18:29, <[email protected]> wrote: >>I have modified eap.conf and added "use_tunneled_reply = yes" in the >>peap section. I have previously tried this, and obtained the same >>results. Whenever a client tries to login, they get cycled from >>authenticating/connecting very quickly. I've posted an example output >>from a radius debug: http://dpaste.com/112927/ >> > > You are getting an Access-Accept with VLAN attributes now: > > Sending Access-Accept of id 199 to 10.0.0.254 port 1645 > Tunnel-Medium-Type:0 = IEEE-802 > Tunnel-Type:0 = VLAN > Tunnel-Private-Group-Id:0 = "100" > User-Name = "wgraeber" > MS-MPPE-Recv-Key = > 0x8d9a0e99e52c18b817039f9d503bbd00d66c3cf3927d2528460 > 7bb4c52ab58f1 > MS-MPPE-Send-Key = > 0x5b07ed87b3ddd6c9fe6186c9443d80cca1b7e24f393f854f585 > 59d26a1100bfb > EAP-Message = 0x030a0004 > Message-Authenticator = 0x00000000000000000000000000000000 > > But AP is unhappy. Do debug dot11 aaa and see what is it complaining > about. It's missing something (probably Service-Type). > > Ivan Kalik > Kalik Informatika ISP > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
