所以,基本上,这就是问题所在:
FreeRadius 正确连接到客户端并看到它们,但每当我尝试授权时,在 PEAP-init 阶段处理失败:
rad_recv: Access-Request packet from host 10.1.36.25 port 2053, id=19, length=228
User-Name = "ru_maniac"
NAS-IP-Address = 10.1.36.25
NAS-Port = 0
Called-Station-Id = "00-24-01-E6-D7-43:tfmesi free"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x0208005019001703010020c7b067e61886bc85574f48b8c7c81050fb54a8c89c7be26ce36525f01bd9a36f1703010020753af16f7c672d5dbc12ce54d0bffe9620dd50b0fb3c46fa49a5cde0dd6436a3
State = 0x9f375109983f484ca41e3db5b2ba597f
Message-Authenticator = 0x3aab9ba1db8b0f091d6db862885d620b
# Executing section authorize from file /etc/freeradius/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "ru_maniac", looking up realm NULL
[suffix] Found realm "DEFAULT"
[suffix] Adding Stripped-User-Name = "ru_maniac"
[suffix] Adding Realm = "DEFAULT"
[suffix] Authentication realm is LOCAL.
++[suffix] returns ok
[eap] EAP packet type response id 8 length 80
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
# Executing group from file /etc/freeradius/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] eaptls_verify returned 7
[peap] Done initial handshake
[peap] eaptls_process returned 7
[peap] EAPTLS_OK
[peap] Session established. Decoding tunneled attributes.
[peap] Peap state send tlv failure
[peap] Received EAP-TLV response.
[peap] The users session was previously rejected: returning reject (again.)
[peap] *** This means you need to read the PREVIOUS messages in the debug output
[peap] *** to find out the reason why the user was rejected.
[peap] *** Look for "reject" or "fail". Those earlier messages will tell you.
[peap] *** what went wrong, and how to fix the problem.
[eap] Handler failed in EAP/peap
[eap] Failed in EAP select
系统是 Debian Squeeze 6.01,Freeradius - 来自 Squeeze repos 的 2.10.1 - 因为 Squeeze,正如 FR 网站所说,它支持 TLS 和 SSL。
什么可能是问题,我该如何解决?任何帮助将不胜感激。