Guys,
Please point my eyes in the right direction in the attempt to understand
what's wrong.
Perhaps it has been discussed before here in this list but I failed to find
an advice that would lead to a fix.
I followed the standard procedure to configure PF for out-of-band
authentication with RADIUS, i.e.
REALM, Authentication source and rules are created, PF has joined the AD.
Pftest shows matching on authentication and rules usage.
Trying to authenticate a user via prepared wireless infrastructure and
failing.
The error message in radius.log file:
Jun 30 19:06:15 PacketFence-ZEN auth[14695]: (12) mschap: ERROR: Program
returned code (1) and output 'Reading winbind reply failed! (0xc001)'
Jun 30 19:06:15 PacketFence-ZEN auth[14695]: (12) Login incorrect (mschap:
Program returned code (1) and output 'Reading winbind reply failed!
(0xc001)'):
[it.tech] (from client 172.19.254.2 port 0 cli 18:81:0e:7c:3c:ed via TLS
tunnel)
More details about this failure confirm it (from Auditing section of RADIUS
tab )
RADIUS Request
NAS-Port-Type = Wireless-802.11
Acct-Session-Id = "7CF82607D10A8E1F"
Service-Type = Framed-User
Called-Station-Id = "1a:e8:29:95:52:a8:Staff"
State = 0xca4368e4ca1a724922f2ea060748e538
FreeRADIUS-Proxied-To = 127.0.0.1
WLAN-Group-Cipher = 1027076
WLAN-Pairwise-Cipher = 1027076
Called-Station-SSID = "Staff"
Connect-Info = "CONNECT 0Mbps 802.11b"
Realm = "null"
EAP-Type = MSCHAPv2
NAS-IP-Address = 172.19.254.2
Calling-Station-Id = "18:81:0e:7c:3c:ed"
MS-CHAP-User-Name = "it.tech"
MS-CHAP-Challenge = 0xb89fd532c49532ed8705862bf6d1a71d
User-Name = "it.tech"
NAS-Identifier = "18E8299352A8E540DB07"
Event-Timestamp = "Jun 30 2019 19:06:45 UTC"
EAP-Message =
0x025900421a0259003d3117654048664c8c6cca60cf392f53009ba3e45e
992bc0d9f32f0f1c21da7d122062526a5801d58f200069742e74656368
MS-CHAP2-Response =
0x597417654048664c8c6cca60cf392f53009ba3e45e992bc0d9f32f0f1c
21da7d122062526a5801d58f20
Stripped-User-Name = "it.tech"
Framed-MTU = 1400
WLAN-AKM-Suite = 1027073
Module-Failure-Message = "mschap: Program returned code (1) and output
'Reading winbind reply failed! (0xc001)'"
Module-Failure-Message = "mschap: Reading winbind reply failed!
(0xc001)"
User-Password = "**"
Module-Failure-Message = "Failed retrieving values required to evaluate
condition"
SQL-User-Name = "it.tech"
Eugene
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users