Re: [PacketFence-users] Failure to authenticate the user - user rejected

Wed, 03 Jul 2019 17:55:31 -0700 

Hello Eugene,
in the realm config assign the correct domain to the null realm and restart radius. 

Regards

Fabrice

Le 19-06-30 à 15 h 16, E.P. via PacketFence-users a écrit :


Guys,


Please point my eyes in the right direction in the attempt to 
understand what’s wrong.



Perhaps it has been discussed before here in this list but I failed to 
find an advice that would lead to a fix.



I followed the standard procedure to configure PF for out-of-band 
authentication with RADIUS, i.e.


REALM, Authentication source and rules are created, PF has joined the AD.

Pftest shows matching on authentication and rules usage.


Trying to authenticate a user via prepared wireless infrastructure and 
failing.


The error message in radius.log file:


/Jun 30 19:06:15 PacketFence-ZEN auth[14695]: (12) mschap: ERROR: 
Program returned code (1) and output 'Reading winbind reply failed! 
(0xc0000001)'/



/Jun 30 19:06:15 PacketFence-ZEN auth[14695]: (12)   Login incorrect 
(mschap: Program returned code (1) and output 'Reading winbind reply 
failed! (0xc0000001)'):/



/[it.tech] (from client 172.19.254.2 port 0 cli 18:81:0e:7c:3c:ed via 
TLS tunnel)/


//


More details about this failure confirm it (from Auditing section of 
RADIUS tab )


RADIUS Request

/NAS-Port-Type = Wireless-802.11/

/Acct-Session-Id = "7CF82607D10A8E1F"/

/Service-Type = Framed-User/

/Called-Station-Id = "1a:e8:29:95:52:a8:Staff"/

/State = 0xca4368e4ca1a724922f2ea060748e538/

/FreeRADIUS-Proxied-To = 127.0.0.1/

/WLAN-Group-Cipher = 1027076/

/WLAN-Pairwise-Cipher = 1027076/

/Called-Station-SSID = "Staff"/

/Connect-Info = "CONNECT 0Mbps 802.11b"/

/Realm = "null"/

/EAP-Type = MSCHAPv2/

/NAS-IP-Address = 172.19.254.2/

/Calling-Station-Id = "18:81:0e:7c:3c:ed"/

/MS-CHAP-User-Name = "it.tech"/

/MS-CHAP-Challenge = 0xb89fd532c49532ed8705862bf6d1a71d/

/User-Name = "it.tech"/

/NAS-Identifier = "18E8299352A8E540DB07"/

/Event-Timestamp = "Jun 30 2019 19:06:45 UTC"/


/EAP-Message = 
0x025900421a0259003d3117654048664c8c6cca60cf392f53009b0000000000000000a3e45e992bc0d9f32f0f1c21da7d122062526a5801d58f200069742e74656368/



/MS-CHAP2-Response = 
0x597417654048664c8c6cca60cf392f53009b0000000000000000a3e45e992bc0d9f32f0f1c21da7d122062526a5801d58f20/


/Stripped-User-Name = "it.tech"/

/Framed-MTU = 1400/

/WLAN-AKM-Suite = 1027073/


/Module-Failure-Message = "mschap: Program returned code (1) and 
output 'Reading winbind reply failed! (0xc0000001)'"/



/Module-Failure-Message = "mschap: Reading winbind reply failed! 
(0xc0000001)"/


/User-Password = "******"/


/Module-Failure-Message = "Failed retrieving values required to 
evaluate condition"/


/SQL-User-Name = "it.tech"/

Eugene



_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users






















					Reply via email to