freeradius + wpa auth problem
Hi all,
I am having some troubles setting up freeradius2 + WPA enterprise onto backfire rc4.
I have installed and configiured properly ( I presume ) the service, but when I try to login with either raclient locally or any other wireless client ( xp, xubuntu, android gingerbread ) I get an error.
Basically it looks like when I put details about user and pass ( I am using clear text pass ) the server is not able to see my password and complains about a missing one, but I provide the right password of course.
These are some logs:
First I try with radclient locally :
echo "User-Name=gettons,Password=mypass"| radclient -x 127.0.0.1:1812 auth myclientpass
and I get:
rad_recv: Access-Request packet from host 127.0.0.1 port 50527, id=125, length=29
User-Name = "gettons"
Thu Jan 27 00:17:27 2011 : Info: +- entering group authorize {...}
Thu Jan 27 00:17:27 2011 : Info: ++[chap] returns noop
Thu Jan 27 00:17:27 2011 : Info: ++[mschap] returns noop
Thu Jan 27 00:17:27 2011 : Info: [eap] No EAP-Message, not doing EAP
Thu Jan 27 00:17:27 2011 : Info: ++[eap] returns noop
Thu Jan 27 00:17:27 2011 : Info: [files] users: Matched entry gettons at line 203
Thu Jan 27 00:17:27 2011 : Info: ++[files] returns ok
Thu Jan 27 00:17:27 2011 : Info: [pap] No clear-text password in the request. Not performing PAP.
Thu Jan 27 00:17:27 2011 : Info: ++[pap] returns noop
Thu Jan 27 00:17:27 2011 : Info: WARNING: Please update your configuration, and remove 'Auth-Type = Local'
Thu Jan 27 00:17:27 2011 : Info: WARNING: Use the PAP or CHAP modules instead.
Thu Jan 27 00:17:27 2011 : Info: No User-Password or CHAP-Password attribute in the request.
Thu Jan 27 00:17:27 2011 : Info: Cannot perform authentication.
Thu Jan 27 00:17:27 2011 : Info: Failed to authenticate the user.
Thu Jan 27 00:17:27 2011 : Auth: Login incorrect: [gettons/<no User-Password attribute>] (from client openget port 0)
Thu Jan 27 00:17:27 2011 : Info: Delaying reject of request 0 for 1 seconds
Thu Jan 27 00:17:27 2011 : Debug: Going to the next request
Thu Jan 27 00:17:27 2011 : Debug: Waking up in 0.9 seconds.
Thu Jan 27 00:17:28 2011 : Info: Sending delayed reject for request 0
It basically expects User-Password attribute. And this happens also with wireless clients...
But If try now from the server with radclient using User-Password attribute:
echo "User-Name=gettons,User-Password=mypass"| radclient -x 127.0.0.1:1812 auth myclientpass
it works.
So, the question is: how to tell the clients ( xp, xubuntu and any other wireless wpa enterprise capable device ) to provide the password with "User-Password" instead of just the "Password" attribute?
Or maybe, is there a way to change the default value it expects?
root@openget:/etc/freeradius2# cat /etc/config/wireless
config 'wifi-device' 'radio0'
option 'type' 'mac80211'
option 'macaddr' '00:24:a5:b0:06:5a'
list 'ht_capab' 'SHORT-GI-40'
list 'ht_capab' 'DSSS_CCK-40'
option 'channel' '4'
option 'hwmode' '11g'
option 'disabled' '0'
option 'wmm' '0'
config 'wifi-iface'
option 'device' 'radio0'
option 'network' 'guest'
option 'mode' 'ap'
option 'ssid' 'guestrad'
option 'encryption' 'wpa'
option 'server' '127.0.0.1'
option 'port' '1812'
option 'key' 'myclientpass'
root@openget:/etc/freeradius2# cat /etc/freeradius2/users
# DEFAULT
# Service-Type = Administrative-User
# On no match, the user is denied access.
gettons Cleartext-Password := "mypass"
Thanks in advance.
|