[ previous ] [ next ] [ threads ]
 
 From:  Wilfried QUET <wquet at utc dot fr>
 To:  Wilfried QUET <wquet at utc dot fr>
 Cc:  Jonathan De Graeve <Jonathan dot De dot Graeve at imelda dot be>, m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] authentication on freeradius problem
 Date:  Mon, 12 Jun 2006 17:42:32 +0200 
Wilfried QUET a écrit :

> Jonathan De Graeve a écrit :
>
>>>-----Oorspronkelijk bericht-----
>>>Van: Wilfried QUET [mailto:wquet at utc dot fr]
>>>Verzonden: woensdag 7 juni 2006 17:29
>>>Aan: m0n0wall at lists dot m0n0 dot ch
>>>Onderwerp: [m0n0wall] authentication on freeradius problem
>>>
>>>Hello,
>>>
>>>I'm trying to authenticate the users on Captive Portal, with a radius
>>>server : freeradius.
>>>The freeradius configuration is Ok with other application : EAP access
>>>on wifi, VPN access
>>>Example of user's file entry  :
>>>toto       Auth-Type := PAP, User-Password := "KitPrRtufGTyw"
>>>             Service-Type = Framed-User
>>>
>>>When a client try to authenticate on Captive portal, the log in
>>>freeradius are OK :  Auth: Login OK: [toto] (from client monowall port
>>>2397 cli 192.168.1.254).
>>>    
>>>
>>
>>There seems to be something wrong, this is what I got in my config:
>>
>>Auth: Login OK: [jonathan] (from client hotspot-1 port 9 cli
>>00:60:97:62:de:5d)
>>
>>The CLI should be the MAC, not the IP...
>>  
>>
> Yes , but why?
>
>>  
>>
>>>But the user's authentication is wrong in Monowall
>>>
>>>Captive portal log entry :
>>>ERROR: toto, 02:03:04:05:07:88,192.168.1.254 Error sending request: No
>>>valid RADIUS responses received
>>>    
>>>
>>
>>Is your mac obfuscated?
>>  
>>
> I disabled the option "Mac-Filtering" and the result is the same.
>
> Everything  seems to be OK in Freeradius :
> Mon Jun 12 17:16:33 2006 : Debug:   modcall[authenticate]: module 
> "pap" returns ok for request 2
> Mon Jun 12 17:16:33 2006 : Debug: modcall: leaving group PAP (returns 
> ok) for request 2
> Sending Access-Accept of id 234 to 172.16.130.112 port 1182
>         Service-Type = Framed-User
>
>
> I don't understand , i'm sure that the login , password, Shared secret 
> are OK
>
>>J. 
>>
>>
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>  
>>
>
>
>-- 
> ----------------------------------------
>| Wilfried QUET                          |
>| Université de Technologie de Compiègne |
>| Service Informatique                   |
>| tél. :  03 44 23 49 90                 |
>| port.:  06 22 20 59 83                 |
>| fax  :  03 44 23 46 77                 |
>| mail :  wquet at utc dot fr                   |
> ----------------------------------------
>


-- 
 ----------------------------------------
| Wilfried QUET                          |
| Université de Technologie de Compiègne |
| Service Informatique                   |
| tél. :  03 44 23 49 90                 |
| port.:  06 22 20 59 83                 |
| fax  :  03 44 23 46 77                 |
| mail :  wquet at utc dot fr                   |
 ----------------------------------------