Configuring freeradius with wap-eap authentication
I am configuring our company's wireless network to use WAP-EAP Authentication using FreeRadius. I have test it and it is working fine with NTRadping (users are authenticated). But when im using TLS/EAP with openssl certificates. It is rejecting the users during authentication.
Message showing on radiusd -x follows: ==================================================================================================== ============================================================ rad_recv: Access-Request packet from host 10.0.0.37:3072, id=0, length=215 User-Name = "mydomain\\user" NAS-IP-Address = 10.0.0.37 Called-Station-Id = "00904c910001" Calling-Station-Id = "001841524966" NAS-Identifier = "00904c910001" NAS-Port = 61 Framed-MTU = 1400 State = 0xdb66dbd9934a265c53dcf62a4e4f896a NAS-Port-Type = Wireless-802.11 EAP-Message = 0x0201004e198000000044160301003f0100003b0301ee48cdf14c4b4a409cd37d3f41994a4e1ec3cff86a9f875b5d227ec3 7cd0d376000014002f003500040005000a000900640062000300060100 Message-Authenticator = 0x393ea855543fde0d70c3fd0ff22c5728 rlm_eap_tls: Length Included (other): before/accept initialization TLS_accept: before/accept initialization TLS_accept: SSLv3 read client hello A TLS_accept: SSLv3 write server hello A TLS_accept: SSLv3 write certificate A TLS_accept: SSLv3 write server done A TLS_accept: SSLv3 flush data TLS_accept:error in SSLv3 read client certificate A Sending Access-Challenge of id 0 to 10.0.0.37:3072 EAP-Message = 0x010202d81900160301004a020000460301485f461d6c5fc79129048d67e47d6ee3bf0bfb38633a7815f10d14d9ce22ac29 20ade3a79a24fe7bb1d985df12ec5790c2089caeb5efb7eb05ffd60b7abc66541e002f0016030102750b00027100026e0002 6b30820267308201d0a003020 102020101300d06092a864886f70d01010405003076310b300906035504061302616531123010060355040813094265726b7 3686972653110300e060355040713074e657762757279310c300a060355040a1303676574310e300c0603550403130573616 d62613123302106092a864886f70d01090116146e617468616e5f736173407961686f6f2e636f6d301e rad_recv: Access-Request packet from host 10.0.0.37:3072, id=0, length=215 User-Name = "mydomain\\user" NAS-IP-Address = 10.0.0.37 Called-Station-Id = "00904c910001" Calling-Station-Id = "001841524966" NAS-Identifier = "00904c910001" NAS-Port = 61 Framed-MTU = 1400 State = 0xdb66dbd9934a265c53dcf62a4e4f896a NAS-Port-Type = Wireless-802.11 EAP-Message = 0x0201004e198000000044160301003f0100003b0301ee48cdf14c4b4a409cd37d3f41994a4e1ec3cff86a9f875b5d227ec3 7cd0d376000014002f003500040005000a000900640062000300060100 Message-Authenticator = 0x393ea855543fde0d70c3fd0ff22c5728 rlm_eap_tls: Length Included TLS_accept: SSLv3 read finished A (other): ssl negotation finished successfully Sending Access-Reject of ID 0 to 10.0.0.37:3072 EAP-Message = 0x040300004 Message Authenticator = 0x000000000000000000000000000000000 ========================================================================== |
All times are GMT -5. The time now is 03:41 PM. |