I think I see the issue now, but I don't know how to fix... Please help! Localhost test yields:
Thu Oct 4 15:37:03 2012 : Auth: Login OK: [guest/password] (from client localhost port 12) Thu Oct 4 15:37:03 2012 : Info: rlm_perl: MAC address is empty or invalid in this request. It could be normal on certain radius calls Thu Oct 4 15:37:17 2012 : Auth: Login incorrect: [guest/<via Auth-Type = EAP>] (from client WLC port 13 cli 00-88-10-88-59-88 via TLS tunnel) Thu Oct 4 15:37:17 2012 : Auth: Login incorrect: [guest/<via Auth-Type = EAP>] (from client WLC port 13 cli 00-88-10-88-59-88) So the password being passed along is not the actual password, but "<via Auth-Type = EAP>" ? Where have I gone wrong? -----Original Message----- From: Thomas Tsai [mailto:[email protected]] Sent: Thursday, October 04, 2012 3:36 PM To: '[email protected]' Subject: [PacketFence-users] Cisco WLC 5508 wireless auth to PF FreeRadius Now that I finally figured out the issue with the freeradius config I had, I have the following dilemma. I've configured the WLC per the specifications outlined in the packetfence network device configuration pdf guide (which is very detailed and up to date). Now that I have started internal testing, I have run into an issue where the client cannot connect. The client sees a prompt for username / password upon joining the SSID that is configured for packetfence (SSID created for "Secure method"). Once the client enters in credentials and submits, I see the following in the /usr/local/pf/log/radius.log log: Thu Oct 4 15:29:29 2012 : Auth: Login incorrect: [guest] (from client WLC port 13 cli 00-88-10-88-59-88 via TLS tunnel) Thu Oct 4 15:29:29 2012 : Auth: Login incorrect: [guest] (from client WLC port 13 cli 00-88-10-88-59-88) Thu Oct 4 15:30:26 2012 : Auth: Login OK: [guest] (from client localhost port 12) Currently, I am using local file for authentication (so the users file /usr/local/pf/raddb/users) Which contains the following: DEFAULT EAP-Message !* "", Auth-Type := Accept "guest" Cleartext-Password := "password" Any suggestions anyone? ********************************************** Email Disclaimer: This email, including attachments, may contain proprietary, confidential or privileged information. If you are not the intended recipient, please (i) do not use, disclose, save or retransmit this message or any attachments, (ii) alert the sender by reply email and (iii) destroy or delete this message and any attachments. Delivery of this email to a person other than the intended recipient(s) shall not constitute a waiver of privilege or confidentiality. CP Investments, member FINRA and SIPC, serves as placement agent for investment products advised by Canyon Capital Advisors LLC. This email is not intended to be an offer to sell or a solicitation of an offer to buy any security in any jurisdiction. We review and retain electronic communications traveling through our network. ********************************************** ------------------------------------------------------------------------------ Don't let slow site performance ruin your business. Deploy New Relic APM Deploy New Relic app performance management and know exactly what is happening inside your Ruby, Python, PHP, Java, and .NET app Try New Relic at no cost today and get our sweet Data Nerd shirt too! http://p.sf.net/sfu/newrelic-dev2dev _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ Don't let slow site performance ruin your business. Deploy New Relic APM Deploy New Relic app performance management and know exactly what is happening inside your Ruby, Python, PHP, Java, and .NET app Try New Relic at no cost today and get our sweet Data Nerd shirt too! http://p.sf.net/sfu/newrelic-dev2dev _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
