Pretty new to FR as well but from what it looks like to me is your using
Workstation login not user login. The portion
[suffix] No '@' in User-Name = "host/W400210.interoute.com", looking up
realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 198 length 31
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user. Authentication
may fail because of this.
++[pap] returns noop
Found Auth-Type = EAP
looks like your supplicant is sending workstation logins and your LDAP
server is rejecting them. I don't know though, I am not a big log reader, I
skim over them to find the error, I really need to get into them more:)
Brett Littrell
Network Manager
MUSD
CISSP, CCSP, CCVP, MCNE
>>> On Wednesday, February 16, 2011 at 1:38 AM, in message
>>> <[email protected]>, lucky79
>>> <[email protected]> wrote:
Hi Alan,
Thanks for quick reply
I have read the log several times however nothing points me to the right
direction...thats why I posted a question here...
when I use [email protected] I get access-reject as ntlm authentication
fails so from this point its working ok I guess. Also I dont think its a
certificate problem as I've got same results with linux / windows 7 clients.
>From the debug I see ntlm authentication went OK then EAP session does not
finish, but why this is happening? Do you think I am really facing the
certificate compatibility problem? Even its working fine with freeradius
1.1.7? I've tried to create a new one but same results...
Or have I missed anything else? Sorry FR 2.x.x is still new to me
Thanks
Lukas
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/Freeradius2-1-3-Fedora9-PEAP-AD-problem-tp2780544p3387353.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
