LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Configuring freeradius with wap-eap authentication (https://www.linuxquestions.org/questions/linux-newbie-8/configuring-freeradius-with-wap-eap-authentication-651742/)

nathan_sas 06-26-2008 01:49 AM
Configuring freeradius with wap-eap authentication
 
I am configuring our company's wireless network to use WAP-EAP Authentication using FreeRadius. I have test it and it is working fine with NTRadping (users are authenticated). But when im using TLS/EAP with openssl certificates. It is rejecting the users during authentication.
Message showing on radiusd -x follows:
==================================================================================================== ============================================================
rad_recv: Access-Request packet from host 10.0.0.37:3072, id=0, length=215
User-Name = "mydomain\\user"
NAS-IP-Address = 10.0.0.37
Called-Station-Id = "00904c910001"
Calling-Station-Id = "001841524966"
NAS-Identifier = "00904c910001"
NAS-Port = 61
Framed-MTU = 1400
State = 0xdb66dbd9934a265c53dcf62a4e4f896a
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x0201004e198000000044160301003f0100003b0301ee48cdf14c4b4a409cd37d3f41994a4e1ec3cff86a9f875b5d227ec3 7cd0d376000014002f003500040005000a000900640062000300060100
Message-Authenticator = 0x393ea855543fde0d70c3fd0ff22c5728
rlm_eap_tls: Length Included
(other): before/accept initialization
TLS_accept: before/accept initialization
TLS_accept: SSLv3 read client hello A
TLS_accept: SSLv3 write server hello A
TLS_accept: SSLv3 write certificate A
TLS_accept: SSLv3 write server done A
TLS_accept: SSLv3 flush data
TLS_accept:error in SSLv3 read client certificate A
Sending Access-Challenge of id 0 to 10.0.0.37:3072
EAP-Message = 0x010202d81900160301004a020000460301485f461d6c5fc79129048d67e47d6ee3bf0bfb38633a7815f10d14d9ce22ac29 20ade3a79a24fe7bb1d985df12ec5790c2089caeb5efb7eb05ffd60b7abc66541e002f0016030102750b00027100026e0002 6b30820267308201d0a003020
102020101300d06092a864886f70d01010405003076310b300906035504061302616531123010060355040813094265726b7 3686972653110300e060355040713074e657762757279310c300a060355040a1303676574310e300c0603550403130573616 d62613123302106092a864886f70d01090116146e617468616e5f736173407961686f6f2e636f6d301e

rad_recv: Access-Request packet from host 10.0.0.37:3072, id=0, length=215
User-Name = "mydomain\\user"
NAS-IP-Address = 10.0.0.37
Called-Station-Id = "00904c910001"
Calling-Station-Id = "001841524966"
NAS-Identifier = "00904c910001"
NAS-Port = 61
Framed-MTU = 1400
State = 0xdb66dbd9934a265c53dcf62a4e4f896a
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x0201004e198000000044160301003f0100003b0301ee48cdf14c4b4a409cd37d3f41994a4e1ec3cff86a9f875b5d227ec3 7cd0d376000014002f003500040005000a000900640062000300060100
Message-Authenticator = 0x393ea855543fde0d70c3fd0ff22c5728
rlm_eap_tls: Length Included
TLS_accept: SSLv3 read finished A
(other): ssl negotation finished successfully
Sending Access-Reject of ID 0 to 10.0.0.37:3072
EAP-Message = 0x040300004
Message Authenticator = 0x000000000000000000000000000000000

==========================================================================


All times are GMT -5. The time now is 03:41 PM.