Check in the packetfence.log, the answer is probably there.
On 10/11/2013, 9:56 AM, Adam Smith -DoIT- wrote:
> I am trying to determine the cause of this reject. The user login is
> successful so I am not seeing the cause in the debug output. Only
> strange thing I see is MAC address is empty or invalid in this
> request. It could be normal on certain radius calls.
>
> Found Auth-Type = EAP
> # Executing group from file
> /usr/local/pf/raddb//sites-enabled/packetfence-tunnel
> +- entering group authenticate {...}
> [eap] Request found, released from the list
> [eap] EAP/mschapv2
> [eap] processing type mschapv2
> [eap] Freeing handler
> ++[eap] returns ok
> Login OK: [Domain\\TestUser] (from client 10.202.5.10 port 50001 cli
> B4-99-BA-EA-59-7B via TLS tunnel)
> # Executing section post-auth from file
> /usr/local/pf/raddb//sites-enabled/packetfence-tunnel
> +- entering group post-auth {...}
> ++[exec] returns noop
> ++? if (User-Name =~ /^[^\\]+[\\]+([^\\]+)/ )
> ? Evaluating (User-Name =~ /^[^\\]+[\\]+([^\\]+)/) -> TRUE
> ++? if (User-Name =~ /^[^\\]+[\\]+([^\\]+)/ ) -> TRUE
> ++- entering if (User-Name =~ /^[^\\]+[\\]+([^\\]+)/ ) {...}
> expand: %{1} -> TestUser
> +++[request] returns noop
> ++- if (User-Name =~ /^[^\\]+[\\]+([^\\]+)/ ) returns noop
> rlm_perl: MAC address is empty or invalid in this request. It could be
> normal on certain radius calls
> rlm_perl: Added pair NAS-Port-Type = Ethernet
> rlm_perl: Added pair Service-Type = Framed-User
> rlm_perl: Added pair Calling-Station-Id = B4-99-BA-EA-59-7B
> rlm_perl: Added pair Calling-Station-Id = B4-99-BA-EA-59-7B
> rlm_perl: Added pair Called-Station-Id = 00-09-B7-8A-52-01
> rlm_perl: Added pair Called-Station-Id = 00-09-B7-8A-52-01
> rlm_perl: Added pair State = 0x680a4d98691857c0da24ca26959ca325
> rlm_perl: Added pair FreeRADIUS-Proxied-To = 127.0.0.1
> rlm_perl: Added pair Cisco-AVPair =
> audit-session-id=0ACA050A0000000A00159FD4
> rlm_perl: Added pair User-Name = ABSmith
> rlm_perl: Added pair EAP-Message = 0x021200061a03
> rlm_perl: Added pair EAP-Type = MS-CHAP-V2
> rlm_perl: Added pair NAS-IP-Address = 10.202.5.10
> rlm_perl: Added pair NAS-Port = 50001
> rlm_perl: Added pair NAS-Port-Id = FastEthernet0/1
> rlm_perl: Added pair Framed-MTU = 1500
> rlm_perl: Added pair User-Name = Domain\\TestUser
> rlm_perl: Added pair MS-MPPE-Recv-Key = 0xa02fe78c167033f08d312fbe52e56c20
> rlm_perl: Added pair EAP-Message = 0x03120004
> rlm_perl: Added pair MS-MPPE-Send-Key = 0x6f9bc5fa7ab35a9471106bebdc9bb846
> rlm_perl: Added pair MS-MPPE-Encryption-Types = 0x00000004
> rlm_perl: Added pair Message-Authenticator =
> 0x00000000000000000000000000000000
> rlm_perl: Added pair MS-MPPE-Encryption-Policy = 0x00000002
> rlm_perl: Added pair Auth-Type = EAP
> ++[packetfence] returns reject
>
>
> ------------------------------------------------------------------------------
> October Webinars: Code for Performance
> Free Intel webinars can help you accelerate application performance.
> Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from
> the latest Intel processors and coprocessors. See abstracts and register >
> http://pubads.g.doubleclick.net/gampad/clk?id=60134071&iu=/4140/ostg.clktrk
>
>
> _______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Francois Gaudreault
Architecte de Solution Cloud | Cloud Solutions Architect
[email protected]
514-629-6775
- - -
CloudOps
420 rue Guy
Montréal QC H3J 1S6
www.cloudops.com
@CloudOps_
------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60134071&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
