Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Wireless ------- (Access Point : Smartbridges )-------- DNS server (FreeRadius PEAP).
Wirelss Client (XP)
192.168.2.0/24
|
|
=======================================================================
SmartBridge SB3210 Access Point |
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Wireless interface 192.168.2.10 |
Sub 255.255.255.0 |
_______________________________ |
Bridging Interface 192.168.0.3 |
Sub 255.255.255.0 |
GW 192.168.0.1 |
DNS : 192.168.1.4 |
DHCP : Disabled |
|
Security |
WPA - Radius |
|
Routing Table |
Destination Gateway Mask Flags Metric Interface Type|
192.168.2.0 * 255.255.255.0 U 0 Radio D |
192.168.0.0 * 255.255.255.0 U 0 Ethernet D |
224.0.0.0 * 240.0.0.0. U 0 Ethernet D |
default 192.168.0.1 0.0.0.0 UG 0 Ethernet D |
|
Add Static Route |
Network IP Address __.__.__.__ |
Gateway __.__.__.__ |
Mask __.__.__.__ |
Metric __ |
Interface [Radio / Ethernet] |
|
IP / Port Forwarding |
Application : _________________ |
Protocol : [TCP / UDP / BOTH ] |
Destination start port : ______ Destination End Port : ______ |
Destination IP Add : __.__.__.__ Destination Map Port : ______ |
|
Added List |
Sr.no Application Dest.start Dest.End Dest.Protocol Dest.IP:Map Port |
1 Radius 1812 1813 both 192.168.2.10 :1812|
|
========================================================================
|
|
+++++++++++++++++++++++++++++++++++++++++
eth0 192.168.0.1 +
+
Linux RHEL5 +
eth1 192.168.1.4 +
DNS, DHCP, Iptabels server, +
Apache (httpd). +
+++++++++++++++++++++++++++++++++++++++++
I suspect a few think that cause the errors
Wireless configuration or NAS hence NAS-IP-Address = 0.0.0.0
Its suppose to be some IP address like Wireless IP : 192.168.0.3
secondly MS-CHAP-Error = "\010E=691 R=1". I do not implement eDirect.
Thirdly, there is not NAS-Port?
Anyone have any idea what's wrong? ready don't know what to do now!
Here the FreeRadius Log:
Sending Access-Challenge of id 38 to 192.168.0.3 port 1025
EAP-Message = 0x010403fc1940020102020900f0dbe98bb952d8df300d06092a864886f70d0101050500308193310b300906035504061302 4944310e300c060355040813054b65707269310e300c06035504071305426174616d31153013060355040a130c6d61727369 6e646f2e636f6d3125302306092a864886f70d01090116166d617273696e646f2e636f6d40676d61696c2e636f6d31263024 0603550403131d4578616d706c6520436572746966696361746520417574686f72697479301e170d31303034303331353237 33355a170d3230303333313135323733355a308193310b3009060355040613024944310e300c060355040813054b65707269 310e300c
EAP-Message = 0x06035504071305426174616d31153013060355040a130c6d617273696e646f2e636f6d3125302306092a864886f70d0109 0116166d617273696e646f2e636f6d40676d61696c2e636f6d312630240603550403131d4578616d706c6520436572746966 696361746520417574686f7269747930820122300d06092a864886f70d01010105000382010f003082010a0282010100ebdc 67015ca784f67f3e56767b8baad92391129b5fb663f61285cceae01d786f27dfe08033079f4754070c33e4d482edc38e8c5e fc6acb06543b7e9926d5fb8ae4119effd874e718ad184e648167f5dfb17951d73a288f7a34a519c0e2057e820d0bea05ec02 90f1d68b
EAP-Message = 0xd8db26898f41278793f8b4634fee64e6b3c3683bbc983bf9cb5d46e19efab63b865c80ec964ce4b33610caafcf6aa9375b 4567556cacb1a1ae9e92fdea1314e01f631e9c5bb79805cb5a50db207f225974279baf4d4ca3d176a6a3e2265d3392d29be1 fb3355afa85c982aa5b255f07886738ebb51c6535be6c1036d2541dba262a4ae8db14cc28375b5628e29eb15836f38412683 7f0203010001a381fb3081f8301d0603551d0e04160414f2925e4d0aaf6704093b10b66ff9a3be7df032f03081c80603551d 230481c03081bd8014f2925e4d0aaf6704093b10b66ff9a3be7df032f0a18199a48196308193310b30090603550406130249 44310e30
EAP-Message = 0x0c060355040813054b65707269310e300c06035504071305426174616d31153013060355040a130c6d617273696e646f2e 636f6d3125302306092a864886f70d01090116166d617273696e646f2e636f6d40676d61696c2e636f6d3126302406035504 03131d4578616d706c6520436572746966696361746520417574686f72697479820900f0dbe98bb952d8df300c0603551d13 040530030101ff300d06092a864886f70d01010505000382010100b3660043e867e08612eb397c13a075a7f4c3cc82029779 b37697a46bda58340d7b22d0a92b6adda3d93e2b346aeccb08a399eb1f5a81fc4ca35faaa197bacac9ed80fa8c1eebbfb224 e325ce9c
EAP-Message = 0xe4e3d1001ac7c779
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x73bd279871b93eb1f96352cba5144b6d
Finished request 2.
Going to the next request
Waking up in 4.7 seconds.
rad_recv: Access-Request packet from host 192.168.0.3 port 1025, id=40, length=181
User-Name = "GRACELIA-4E4DD9\\gracelia"
NAS-IP-Address = 0.0.0.0
Framed-MTU = 1488
Called-Station-Id = "00:00:10:00:00:00"
Calling-Station-Id = "00:10:00:10:00:08"
NAS-Port-Type = Wireless-802.11
NAS-Identifier = "127.0.0.1"
Connect-Info = "CONNECT 11Mbps 802.11b"
State = 0x73bd279871b93eb1f96352cba5144b6d
EAP-Message = 0x020400061900
Message-Authenticator = 0xbc48e50a1f2ab04aeeed9c87aebba1f8
+- entering group authorize {...}
++[preprocess] returns ok
[auth_log] expand: /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/radius/radacct/192.168.0.3/auth-detail-20100519
[auth_log] /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/192.168.0.3/auth-detail-20100519
[auth_log] expand: %t -> Wed May 19 11:32:32 2010
++[auth_log] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "GRACELIA-4E4DD9\gracelia", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 4 length 6
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] Received TLS ACK
[peap] ACK handshake fragment handler
[peap] eaptls_verify returned 1
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 40 to 192.168.0.3 port 1025
EAP-Message = 0x010502cc19002374f11dd6b0708640efd6b2de11978560442a9e3c8793f9881f4c925d79947a804e9cf80f7113c7431598 721c990dc9f18e63f703a5a2ab33f3da3178e91cebbe8b826f7926e55579c70f958803395c8510a8f1c95a7761507c72f685 0e517aa4a859a4c5708029538d938dc3f4fba1d97d74dce4932b1a7e10bfbdb921d4608b70672b09bbe3125004c179f4af87 cba3843fd42fc4ac27b7a14c3edc57fad76ea2bd2a1737fe8141aed3160301020d0c00020900808f4e860d256fc16a1a2e5f 0bc7c3803a712266a5af98229883324fbb0628ac32499d74a94559c852c137f6ac623bed51acc87a48c9d108ae9e04cfbd98 744a963c
EAP-Message = 0x7b0b1ca9ebfe4d580c6896123092842d004c80b73083f3c5d85330d2407de02c0cd9465fbdec9ad1fa84f9cdba01f18a4e c0acf5734d5188cc90aa412843cb0001020080741260d389c7fd1061a0dbee8e4c392bbb8dfe954d5ee4f68057250264e929 d573d6847c98f6caad55b98f1ccedeabcab1e7095a0760d95ce3fa67b0d3d74dab7bd4a8528c77e717655cd391fa6b3779f4 36c755463bb24c0435592efd99885d0108160b414cbc970ea2e2ad7492eb4b2e5a78b542cfca091f0526f13226a1e4010030 f7c88bfb10728bee51b42d3711ec35249b07bf4295b00eef7f7e57fa7c713d0b87667b0e37a67383ca462a8b6ad27fca5399 0cdc5bc6
EAP-Message = 0xed3d2099c536a6cf386e59c571e46ed3bc5bcc9ca3bec405ab15ffe7632749d239e92254bed906e2f2b4fd43e801527a8a 717895b29163c58fd46ea23c76dd222b30a1d25c74daaa43c9dcfab6269334334a4d1f6b03db5ff1ebe8bd0f4450da87a90b 4f7a3db24abafcc47be11b978740a4f8117b75d4f7070de9b152bfdbbe69d76bab30f8f780700dcbddad76b53ff7530349eb 727f3ed68839211c93ff86f5e07c4cbecdc7ff34a3c847c23598c45d6aea37661c1cafb2b0d82a1ba2168e04f337069ea7a7 c71b16030100040e000000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x73bd279870b83eb1f96352cba5144b6d
Finished request 3.
Going to the next request
Waking up in 4.7 seconds.
rad_recv: Access-Request packet from host 192.168.0.3 port 1025, id=42, length=375
User-Name = "GRACELIA-4E4DD9\\gracelia"
NAS-IP-Address = 0.0.0.0
Framed-MTU = 1488
Called-Station-Id = "00:00:10:00:00:00"
Calling-Station-Id = "00:10:00:10:00:08"
NAS-Port-Type = Wireless-802.11
NAS-Identifier = "127.0.0.1"
Connect-Info = "CONNECT 11Mbps 802.11b"
State = 0x73bd279870b83eb1f96352cba5144b6d
EAP-Message = 0x020500c81980000000be16030100861000008200804971ade53be6bcebffc084f2c3724e36877a322ed8f8629a15d3aa0b 9b0b5f5f22934f81fd253da2447e1a2cc2a022a0ce78526761ebe3309db257a1cad3e222828e85bcad464e99a2adfa6c89e1 83b5ac59e9906aafb4cd49b2c43ab00ea268335f44c8af91fbf998c42f3baffed564c57be048a9375400ccd844cedfb4a4f3 1403010001011603010028b0ed7f85718cfd03886475a13b51a3f62c91f724a86656d84bc1b6fc02159cb0d9f5a0b061a2e3 5c
Message-Authenticator = 0x2c59c0fd3562d87fb77b1a2cc9732992
+- entering group authorize {...}
++[preprocess] returns ok
[auth_log] expand: /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/radius/radacct/192.168.0.3/auth-detail-20100519
[auth_log] /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/192.168.0.3/auth-detail-20100519
[auth_log] expand: %t -> Wed May 19 11:32:33 2010
++[auth_log] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "GRACELIA-4E4DD9\gracelia", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 5 length 200
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
TLS Length 190
[peap] Length Included
[peap] eaptls_verify returned 11
[peap] <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange
[peap] TLS_accept: SSLv3 read client key exchange A
[peap] <<< TLS 1.0 ChangeCipherSpec [length 0001]
[peap] <<< TLS 1.0 Handshake [length 0010], Finished
[peap] TLS_accept: SSLv3 read finished A
[peap] >>> TLS 1.0 ChangeCipherSpec [length 0001]
[peap] TLS_accept: SSLv3 write change cipher spec A
[peap] >>> TLS 1.0 Handshake [length 0010], Finished
[peap] TLS_accept: SSLv3 write finished A
[peap] TLS_accept: SSLv3 flush data
[peap] (other): SSL negotiation finished successfully
SSL Connection Established
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 42 to 192.168.0.3 port 1025
EAP-Message = 0x0106003919001403010001011603010028654e5b6ee248fef071ed5bbc91972b1f5cb993d5b2863e6c5bfd37183b061a71 c5af6b2ff130634a
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x73bd279877bb3eb1f96352cba5144b6d
Finished request 4.
Going to the next request
Waking up in 4.6 seconds.
rad_recv: Access-Request packet from host 192.168.0.3 port 1025, id=44, length=181
User-Name = "GRACELIA-4E4DD9\\gracelia"
NAS-IP-Address = 0.0.0.0
Framed-MTU = 1488
Called-Station-Id = "00:00:10:00:00:00"
Calling-Station-Id = "00:10:00:10:00:08"
NAS-Port-Type = Wireless-802.11
NAS-Identifier = "127.0.0.1"
Connect-Info = "CONNECT 11Mbps 802.11b"
State = 0x73bd279877bb3eb1f96352cba5144b6d
EAP-Message = 0x020600061900
Message-Authenticator = 0x544fd6a7d6ad2f2ccac2e9aed3a06acf
+- entering group authorize {...}
++[preprocess] returns ok
[auth_log] expand: /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/radius/radacct/192.168.0.3/auth-detail-20100519
[auth_log] /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/192.168.0.3/auth-detail-20100519
[auth_log] expand: %t -> Wed May 19 11:32:33 2010
++[auth_log] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "GRACELIA-4E4DD9\gracelia", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 6 length 6
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] Received TLS ACK
[peap] ACK handshake is finished
[peap] eaptls_verify returned 3
[peap] eaptls_process returned 3
[peap] EAPTLS_SUCCESS
++[eap] returns handled
Sending Access-Challenge of id 44 to 192.168.0.3 port 1025
EAP-Message = 0x0107002b190017030100201148b34d507a70cb2efd1379ce0bcdc6add56e8c92fa2eeb939546554c1d6d70
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x73bd279876ba3eb1f96352cba5144b6d
Finished request 5.
Going to the next request
Waking up in 4.5 seconds.
rad_recv: Access-Request packet from host 192.168.0.3 port 1025, id=46, length=263
User-Name = "GRACELIA-4E4DD9\\gracelia"
NAS-IP-Address = 0.0.0.0
Framed-MTU = 1488
Called-Station-Id = "00:00:10:00:00:00"
Calling-Station-Id = "00:10:00:10:00:08"
NAS-Port-Type = Wireless-802.11
NAS-Identifier = "127.0.0.1"
Connect-Info = "CONNECT 11Mbps 802.11b"
State = 0x73bd279876ba3eb1f96352cba5144b6d
EAP-Message = 0x02070058190017030100183c528aa0e5ebc5af87ddc810c814fb0cd09373bfdae36d4817030100304a1021dd65609521b6 6e12d01ec0be84d302d5b6f69850061cbc37a5c73e7ecee1219494f33c4fdb887f8bb92b01968c
Message-Authenticator = 0x13e4f7a9d1e58c6de8b6b115bd5a82b9
+- entering group authorize {...}
++[preprocess] returns ok
[auth_log] expand: /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/radius/radacct/192.168.0.3/auth-detail-20100519
[auth_log] /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/192.168.0.3/auth-detail-20100519
[auth_log] expand: %t -> Wed May 19 11:32:33 2010
++[auth_log] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "GRACELIA-4E4DD9\gracelia", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 7 length 88
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] eaptls_verify returned 7
[peap] Done initial handshake
[peap] eaptls_process returned 7
[peap] EAPTLS_OK
[peap] Session established. Decoding tunneled attributes.
[peap] Identity - GRACELIA-4E4DD9\gracelia
[peap] Got tunneled request
EAP-Message = 0x0207001d0147524143454c49412d3445344444395c67726163656c6961
server {
PEAP: Got tunneled identity of GRACELIA-4E4DD9\gracelia
PEAP: Setting default EAP type for tunneled EAP session.
PEAP: Setting User-Name to GRACELIA-4E4DD9\gracelia
Sending tunneled request
EAP-Message = 0x0207001d0147524143454c49412d3445344444395c67726163656c6961
FreeRADIUS-Proxied-To = 127.0.0.1
User-Name = "GRACELIA-4E4DD9\\gracelia"
server inner-tunnel {
+- entering group authorize {...}
++[chap] returns noop
++[mschap] returns noop
++[unix] returns notfound
[suffix] No '@' in User-Name = "GRACELIA-4E4DD9\gracelia", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
++[control] returns noop
[eap] EAP packet type response id 7 length 29
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
[files] users: Matched entry GRACELIA-4E4DD9\gracelia at line 94
[files] expand: Hello, %{User-Name} -> Hello, GRACELIA-4E4DD9\gracelia
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] Found existing Auth-Type, not changing it.
++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] EAP Identity
[eap] processing type mschapv2
rlm_eap_mschapv2: Issuing Challenge
++[eap] returns handled
} # server inner-tunnel
[peap] Got tunneled reply code 11
Reply-Message = "Hello, GRACELIA-4E4DD9\\gracelia"
EAP-Message = 0x010800321a0108002d107a42333d5241931274a11c7a4c5e9bcf47524143454c49412d3445344444395c67726163656c69 61
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x903896fd90308c035f9e5f144e4ca6d3
[peap] Got tunneled reply RADIUS code 11
Reply-Message = "Hello, GRACELIA-4E4DD9\\gracelia"
EAP-Message = 0x010800321a0108002d107a42333d5241931274a11c7a4c5e9bcf47524143454c49412d3445344444395c67726163656c69 61
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x903896fd90308c035f9e5f144e4ca6d3
[peap] Got tunneled Access-Challenge
++[eap] returns handled
Sending Access-Challenge of id 46 to 192.168.0.3 port 1025
EAP-Message = 0x01080053190017030100486f59f3981d974346ddd4f0e84b1478201e806f386226159056421d226c48fae03bac2ad77ad4 9401625e5995fc025cdc874c7fcb74f2e1ec1155c80f39722d29815a5c5b43f77bc8
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x73bd279875b53eb1f96352cba5144b6d
Finished request 6.
Going to the next request
Waking up in 4.5 seconds.
rad_recv: Access-Request packet from host 192.168.0.3 port 1025, id=48, length=303
User-Name = "GRACELIA-4E4DD9\\gracelia"
NAS-IP-Address = 0.0.0.0
Framed-MTU = 1488
Called-Station-Id = "00:00:10:00:00:00"
Calling-Station-Id = "00:10:00:10:00:08"
NAS-Port-Type = Wireless-802.11
NAS-Identifier = "127.0.0.1"
Connect-Info = "CONNECT 11Mbps 802.11b"
State = 0x73bd279875b53eb1f96352cba5144b6d
EAP-Message = 0x0208008019001703010018f5b1d65c4ba3f9ea138b1af8789f9f3fb7969005c876e86317030100589f5190a7f24e29d802 68390a1c8ec8d0f9f54c75e2c2af0617e90d98ce1dd374f4f4c5f68d1242e8028d6d3b482637d547b77848c079cd41318478 c2be342ec92f21336f310d106f834c687154463acdfe16dee5f628b25d
Message-Authenticator = 0x2aaba34d54a546f219517fabb7d276a6
+- entering group authorize {...}
++[preprocess] returns ok
[auth_log] expand: /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/radius/radacct/192.168.0.3/auth-detail-20100519
[auth_log] /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/192.168.0.3/auth-detail-20100519
[auth_log] expand: %t -> Wed May 19 11:32:33 2010
++[auth_log] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "GRACELIA-4E4DD9\gracelia", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 8 length 128
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] eaptls_verify returned 7
[peap] Done initial handshake
[peap] eaptls_process returned 7
[peap] EAPTLS_OK
[peap] Session established. Decoding tunneled attributes.
[peap] EAP type mschapv2
[peap] Got tunneled request
EAP-Message = 0x020800471a02080042310be4bdddde252242e04e348510d4ea7d0000000000000000c677b9802342af732ee685a59acc4d f60fd84a62743e4bc8006d617273696e646f2e636f6d
server {
PEAP: Setting User-Name to GRACELIA-4E4DD9\gracelia
Sending tunneled request
EAP-Message = 0x020800471a02080042310be4bdddde252242e04e348510d4ea7d0000000000000000c677b9802342af732ee685a59acc4d f60fd84a62743e4bc8006d617273696e646f2e636f6d
FreeRADIUS-Proxied-To = 127.0.0.1
User-Name = "GRACELIA-4E4DD9\\gracelia"
State = 0x903896fd90308c035f9e5f144e4ca6d3
server inner-tunnel {
+- entering group authorize {...}
++[chap] returns noop
++[mschap] returns noop
++[unix] returns notfound
[suffix] No '@' in User-Name = "GRACELIA-4E4DD9\gracelia", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
++[control] returns noop
[eap] EAP packet type response id 8 length 71
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
[files] users: Matched entry GRACELIA-4E4DD9\gracelia at line 94
[files] expand: Hello, %{User-Name} -> Hello, GRACELIA-4E4DD9\gracelia
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] Found existing Auth-Type, not changing it.
++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/mschapv2
[eap] processing type mschapv2
[mschapv2] +- entering group MS-CHAP {...}
[mschap] NT Domain delimeter found, should we have enabled with_ntdomain_hack?
[mschap] Told to do MS-CHAPv2 for GRACELIA-4E4DD9\gracelia with NT-Password
[mschap] FAILED: MS-CHAP2-Response is incorrect
++[mschap] returns reject
[eap] Freeing handler
++[eap] returns reject
Failed to authenticate the user.
Login incorrect: [GRACELIA-4E4DD9\\gracelia] (from client radius port 0 via TLS tunnel)
} # server inner-tunnel
[peap] Got tunneled reply code 3
Reply-Message = "Hello, GRACELIA-4E4DD9\\gracelia"
MS-CHAP-Error = "\010E=691 R=1"
EAP-Message = 0x04080004
Message-Authenticator = 0x00000000000000000000000000000000
[peap] Got tunneled reply RADIUS code 3
Reply-Message = "Hello, GRACELIA-4E4DD9\\gracelia"
MS-CHAP-Error = "\010E=691 R=1"
EAP-Message = 0x04080004
Message-Authenticator = 0x00000000000000000000000000000000
[peap] Tunneled authentication was rejected.
[peap] FAILURE
++[eap] returns handled
Sending Access-Challenge of id 48 to 192.168.0.3 port 1025
EAP-Message = 0x0109002b190017030100200eaeca51af41abb55948fb1bcd8027578dbcfcf2d3c7b9ccc071a2704eb6e3ee
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x73bd279874b43eb1f96352cba5144b6d
Finished request 7.
Going to the next request
Waking up in 4.4 seconds.
rad_recv: Access-Request packet from host 192.168.0.3 port 1025, id=50, length=247
User-Name = "GRACELIA-4E4DD9\\gracelia"
NAS-IP-Address = 0.0.0.0
Framed-MTU = 1488
Called-Station-Id = "00:00:10:00:00:00"
Calling-Station-Id = "00:10:00:10:00:08"
NAS-Port-Type = Wireless-802.11
NAS-Identifier = "127.0.0.1"
Connect-Info = "CONNECT 11Mbps 802.11b"
State = 0x73bd279874b43eb1f96352cba5144b6d
EAP-Message = 0x0209004819001703010018e18c4fa14b7ac7e79812eba0eb3d965bc1d177eaae9044a2170301002006657b40483d11fdf6 b473904953585ddb1d5561f70af4904ab971c1eb5d9082
Message-Authenticator = 0x024b616ff4b1c86100040ec8d36f9512
+- entering group authorize {...}
++[preprocess] returns ok
[auth_log] expand: /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d -> /var/log/radius/radacct/192.168.0.3/auth-detail-20100519
[auth_log] /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/192.168.0.3/auth-detail-20100519
[auth_log] expand: %t -> Wed May 19 11:32:33 2010
++[auth_log] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "GRACELIA-4E4DD9\gracelia", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 9 length 72
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] eaptls_verify returned 7
[peap] Done initial handshake
[peap] eaptls_process returned 7
[peap] EAPTLS_OK
[peap] Session established. Decoding tunneled attributes.
[peap] Received EAP-TLV response.
[peap] Had sent TLV failure. User was rejected earlier in this session.
[eap] Handler failed in EAP/peap
[eap] Failed in EAP select
++[eap] returns invalid
Failed to authenticate the user.
Login incorrect: [GRACELIA-4E4DD9\\gracelia] (from client radius port 0 cli 00:1c:f0:10:56:b8)
Using Post-Auth-Type Reject
+- entering group REJECT {...}
[attr_filter.access_reject] expand: %{User-Name} -> GRACELIA-4E4DD9\gracelia
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 8 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 8
Sending Access-Reject of id 50 to 192.168.0.3 port 1025
EAP-Message = 0x04090004
Message-Authenticator = 0x00000000000000000000000000000000
Waking up in 3.3 seconds.
Cleaning up request 0 ID 34 with timestamp +15
Cleaning up request 1 ID 36 with timestamp +15
Waking up in 0.1 seconds.
Cleaning up request 2 ID 38 with timestamp +15
Cleaning up request 3 ID 40 with timestamp +15
Cleaning up request 4 ID 42 with timestamp +16
Waking up in 0.1 seconds.
Cleaning up request 5 ID 44 with timestamp +16
Cleaning up request 6 ID 46 with timestamp +16
Cleaning up request 7 ID 48 with timestamp +16
Waking up in 1.1 seconds.
Cleaning up request 8 ID 50 with timestamp +16
Ready to process requests.
Your post is marked "[SOLVED]", yet I can scarcely find a question in it, let alone a answer. If you meant this to be marked "[SOLVED]", please provide the solution.
OTOH, if you still need help; perhaps the following advice would help you Edit your OP into a form that would get you an answer:
Learn about pastebins & "Code:" blocks --
86% of your post, 424 out of 692 lines, is taken up w/ a "Here the FreeRadius Log:" entry that obscures your question, it belongs in a pastebin.
The 1st 56 lines of your post looked like gibberish, until I pasted them into Kwrite, then I saw that they are an elaborate ASCII art diagram. Unfortunately, at LQ you have to put your ASCII art in a "Code:" block to preserve the spacing. BTW, yours is wide & long enough to deserve its own (separate) pastebin entry.
On the plus side, it's a serious & interesting question.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
