As François said, have a look at the packetfence.log file for the same time frame. Otherwise, please provide the log file (packetfence.log) and the full RADIUS debug cause there’s obviously some missing parts.
Just make sure to remove any sensitive information. Cheers! dw. -- Derek Wuelfrath [email protected] :: +1.514.447.4918 (x110) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) On Oct 11, 2013, at 11:03 AM, Francois Gaudreault <[email protected]> wrote: > Check in the packetfence.log, the answer is probably there. > > On 10/11/2013, 9:56 AM, Adam Smith -DoIT- wrote: >> I am trying to determine the cause of this reject. The user login is >> successful so I am not seeing the cause in the debug output. Only >> strange thing I see is MAC address is empty or invalid in this >> request. It could be normal on certain radius calls. >> >> Found Auth-Type = EAP >> # Executing group from file >> /usr/local/pf/raddb//sites-enabled/packetfence-tunnel >> +- entering group authenticate {...} >> [eap] Request found, released from the list >> [eap] EAP/mschapv2 >> [eap] processing type mschapv2 >> [eap] Freeing handler >> ++[eap] returns ok >> Login OK: [Domain\\TestUser] (from client 10.202.5.10 port 50001 cli >> B4-99-BA-EA-59-7B via TLS tunnel) >> # Executing section post-auth from file >> /usr/local/pf/raddb//sites-enabled/packetfence-tunnel >> +- entering group post-auth {...} >> ++[exec] returns noop >> ++? if (User-Name =~ /^[^\\]+[\\]+([^\\]+)/ ) >> ? Evaluating (User-Name =~ /^[^\\]+[\\]+([^\\]+)/) -> TRUE >> ++? if (User-Name =~ /^[^\\]+[\\]+([^\\]+)/ ) -> TRUE >> ++- entering if (User-Name =~ /^[^\\]+[\\]+([^\\]+)/ ) {...} >> expand: %{1} -> TestUser >> +++[request] returns noop >> ++- if (User-Name =~ /^[^\\]+[\\]+([^\\]+)/ ) returns noop >> rlm_perl: MAC address is empty or invalid in this request. It could be >> normal on certain radius calls >> rlm_perl: Added pair NAS-Port-Type = Ethernet >> rlm_perl: Added pair Service-Type = Framed-User >> rlm_perl: Added pair Calling-Station-Id = B4-99-BA-EA-59-7B >> rlm_perl: Added pair Calling-Station-Id = B4-99-BA-EA-59-7B >> rlm_perl: Added pair Called-Station-Id = 00-09-B7-8A-52-01 >> rlm_perl: Added pair Called-Station-Id = 00-09-B7-8A-52-01 >> rlm_perl: Added pair State = 0x680a4d98691857c0da24ca26959ca325 >> rlm_perl: Added pair FreeRADIUS-Proxied-To = 127.0.0.1 >> rlm_perl: Added pair Cisco-AVPair = >> audit-session-id=0ACA050A0000000A00159FD4 >> rlm_perl: Added pair User-Name = ABSmith >> rlm_perl: Added pair EAP-Message = 0x021200061a03 >> rlm_perl: Added pair EAP-Type = MS-CHAP-V2 >> rlm_perl: Added pair NAS-IP-Address = 10.202.5.10 >> rlm_perl: Added pair NAS-Port = 50001 >> rlm_perl: Added pair NAS-Port-Id = FastEthernet0/1 >> rlm_perl: Added pair Framed-MTU = 1500 >> rlm_perl: Added pair User-Name = Domain\\TestUser >> rlm_perl: Added pair MS-MPPE-Recv-Key = 0xa02fe78c167033f08d312fbe52e56c20 >> rlm_perl: Added pair EAP-Message = 0x03120004 >> rlm_perl: Added pair MS-MPPE-Send-Key = 0x6f9bc5fa7ab35a9471106bebdc9bb846 >> rlm_perl: Added pair MS-MPPE-Encryption-Types = 0x00000004 >> rlm_perl: Added pair Message-Authenticator = >> 0x00000000000000000000000000000000 >> rlm_perl: Added pair MS-MPPE-Encryption-Policy = 0x00000002 >> rlm_perl: Added pair Auth-Type = EAP >> ++[packetfence] returns reject >> >> >> ------------------------------------------------------------------------------ >> October Webinars: Code for Performance >> Free Intel webinars can help you accelerate application performance. >> Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from >> the latest Intel processors and coprocessors. See abstracts and register > >> http://pubads.g.doubleclick.net/gampad/clk?id=60134071&iu=/4140/ostg.clktrk >> >> >> _______________________________________________ >> PacketFence-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/packetfence-users > > > -- > Francois Gaudreault > Architecte de Solution Cloud | Cloud Solutions Architect > [email protected] > 514-629-6775 > - - - > CloudOps > 420 rue Guy > Montréal QC H3J 1S6 > www.cloudops.com > @CloudOps_ > > > ------------------------------------------------------------------------------ > October Webinars: Code for Performance > Free Intel webinars can help you accelerate application performance. > Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from > the latest Intel processors and coprocessors. See abstracts and register > > http://pubads.g.doubleclick.net/gampad/clk?id=60134071&iu=/4140/ostg.clktrk > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60135991&iu=/4140/ostg.clktrk _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
