[RADIATOR] PEAP problem: EAP result: 1, EAP authentication is not permitted

Raúl Tejeda Calero raul.tejeda at satec.es
Mon Feb 7 10:19:12 CST 2011 

Hello Alan,

I tried it, but don´t work. I used an user "user-test" user-password: any

And the configuration file was "eap_peap.cfg" from goodies.

Any idea?

Mon Feb  7 17:17:02 2011: DEBUG: Packet dump:
*** Received from 10.223.0.4 port 32768 ....
Code:       Access-Request
Identifier: 99
Authentic:  <130>$<141><240><231><211><31><241><197><129><198><148><140>*<238><213>
Attributes:
	User-Name = "testuser1"
	Calling-Station-Id = "00-1a-73-8e-4a-0b"
	Called-Station-Id = "dc-7b-94-34-ab-f0:Prueba"
	NAS-Port = 13
	NAS-IP-Address = 10.223.0.4
	NAS-Identifier = "WLC-1"
	Airespace-WLAN-Id = 4
	Service-Type = Framed-User
	Framed-MTU = 1300
	NAS-Port-Type = Wireless-IEEE-802-11
	Tunnel-Type = 0:VLAN
	Tunnel-Medium-Type = 0:802
	Tunnel-Private-Group-ID = 509
	EAP-Message = <2><9><0>&<25><0><23><3><1><0><27><211>+<184>l<158>V<23><159>`<30>p<236>`<2><201><159><29><186><20><230>@<139><198>FN!<164>
	Message-Authenticator = <15><157><162><177>6<133>d<215>y<15><178><27>ot<233><221>

Mon Feb  7 17:17:02 2011: DEBUG: Handling request with Handler '', Identifier ''
Mon Feb  7 17:17:02 2011: DEBUG:  Deleting session for testuser1, <ip>, 13
Mon Feb  7 17:17:02 2011: DEBUG: Handling with Radius::AuthFILE: 
Mon Feb  7 17:17:02 2011: DEBUG: Handling with EAP: code 2, 9, 38, 25
Mon Feb  7 17:17:02 2011: DEBUG: Response type 25
Mon Feb  7 17:17:02 2011: DEBUG: EAP result: 1, PEAP Authentication Failure
Mon Feb  7 17:17:02 2011: DEBUG: AuthBy FILE result: REJECT, PEAP Authentication Failure
Mon Feb  7 17:17:02 2011: INFO: Access rejected for mikem: PEAP Authentication Failure
Mon Feb  7 17:17:02 2011: DEBUG: Packet dump:
*** Sending to 10.223.0.4 port 32768 ....
Code:       Access-Reject
Identifier: 99
Authentic:  b<252><7>H<206><193><206>O5<192>ve<2>w<142><128>
Attributes:
	EAP-Message = <4><9><0><4>
	Message-Authenticator = <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
	Reply-Message = "Request Denied"

________________________________________
De: Alan Buxey [A.L.M.Buxey at lboro.ac.uk]
Enviado el: lunes, 07 de febrero de 2011 15:59
Para: Raúl Tejeda Calero
CC: radiator at open.com.au
Asunto: Re: [RADIATOR] PEAP problem: EAP result: 1, EAP authentication is not permitted

Hi,

> the users file supplied with RADIATOR is filled with rather special
> users and purposes.  it would probably make life easier to create
> a nice clean users file for your usage..... with eg  'test-user-1'
> and other required parts (password, return attributes etc) rather
> then deal with the interesting issues that eg mikem and friends would
> give you (which are there for the supplied verification/test/benchmark
> tools!)

take the plain and basic PEAP configuration from the goodies directory
and configure for your local requirement - eg realm name or NAS/client IP
address) and then make a plain and simple users file.  eg

testuser1    User-Password = "takenoutofcontext"


this will work

alan

More information about the radiator mailing list