Louis, Is it possible to have local users (accounts self-registered on the captive portal stored on the pf sql db) with MAC-auth on wireless using the FreeRADIUS module?
-Jason -----Original Message----- From: Louis Munro [mailto:[email protected]] Sent: Wednesday, February 12, 2014 9:38 AM To: [email protected] Subject: Re: [PacketFence-users] 802.1x radius request reject. And another thing. If by "created a user" you mean created a local user, that is not going to work. PEAP authentication is usually meant to be used against an external authentication source (e.g. and Active-Directory server). I suppose it could be configured to query a different source for the Cleartext-password or NT-password, but that is an exercise left to the reader. The short of it is: if you want PEAP, use an Active-Directory server and configure mschap according to the instructions in the PacketFence guide. If you want local users, use MAC-auth and send them to the captive portal where they will have to authenticate using the credentials you created. Regards, -- Louis Munro [email protected] :: www.inverse.ca +1.514.447.4918 *125 :: +1 (866) 353-6153 Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) On 2014-02-12, at 9:16 , Louis Munro <[email protected]> wrote: Your answer lies below. You are failing MSCHAP authentication. Did you configure the FreeRADIUS mschap module? -- Louis Munro [email protected] :: www.inverse.ca <http://www.inverse.ca/> +1.514.447.4918 *125 :: +1 (866) 353-6153 Inverse inc. :: Leaders behind SOGo (www.sogo.nu <http://www.sogo.nu/> ) and PacketFence (www.packetfence.org <http://www.packetfence.org/> ) On 2014-02-12, at 0:36 , sampath jayashantha <[email protected]> wrote: [eap] processing type mschapv2 [mschapv2] # Executing group from file /usr/local/pf/raddb/sites-enabled/packetfence-tunnel [mschapv2] +- entering group MS-CHAP {...} [mschap] No Cleartext-Password configured. Cannot create LM-Password. [mschap] No Cleartext-Password configured. Cannot create NT-Password. [mschap] Creating challenge hash with username: sampath [mschap] Client is using MS-CHAPv2 for sampath, we need NT-Password [mschap] FAILED: No NT/LM-Password. Cannot perform authentication. [mschap] FAILED: MS-CHAP2-Response is incorrect ++[mschap] returns reject [eap] Freeing handler ++[eap] returns reject Failed to authenticate the user. Login incorrect: [sampath] (from client 192.168.13.45 port 50004 cli 78-45-C4-B5-AC-41 via TLS tunnel) ------------------------------------------------------------------------------ Android apps run on BlackBerry 10 Introducing the new BlackBerry 10.2.1 Runtime for Android apps. Now with support for Jelly Bean, Bluetooth, Mapview and more. Get your Android app in front of a whole new audience. Start now. http://pubads.g.doubleclick.net/gampad/clk?id=124407151&iu=/4140/ostg.clktrk_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ Android apps run on BlackBerry 10 Introducing the new BlackBerry 10.2.1 Runtime for Android apps. Now with support for Jelly Bean, Bluetooth, Mapview and more. Get your Android app in front of a whole new audience. Start now. http://pubads.g.doubleclick.net/gampad/clk?id=124407151&iu=/4140/ostg.clktrk _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
