标题: 请教两个问题:关于无线局域网和Radius+MD5认证 [打印本页] 作者: f117down 时间: 2007-09-06 14:38 标题: 请教两个问题:关于无线局域网和Radius+MD5认证 1,要完成一个WLAN接入过程的模拟,现在的问题是客户端发出来的EAP-MD5数据包只能发送到AP上,我希望AP把这些MAC层的广播包转发到通过网线与AP相连的服务器上,请大侠们指点一二!!!\r\n\r\n如果有WDS功能是否能够实现??\r\n\r\n\r\n2,现在已经搭建了一套radius+mysql的认证环境,进行eap-md5验证,\r\n但是不管客户端发送的用户名是什么radius得到的总是:User-Name = \"\\025\\004\"\r\n以下是radiusd -X 时候打印的结果,很奇怪,是不是我的配置有问题??\r\n客户端截包证明客户端没有问题。\r\n请各位指教!!!\r\n\r\nrad_recv: Access-Request packet from host 192.168.1.1:65474, id=13, length=106\r\n User-Name = \"\\025\\004\"\r\n NAS-Port-Type = Wireless-802.11\r\n NAS-IP-Address = 192.168.1.1\r\n Framed-MTU = 1400\r\n State = 0x71c37a927721937df22ef09493641486\r\n EAP-Message = 0x0202001a0410ee0c60f285703ba80e6448dbabe0ed0674657374\r\n Message-Authenticator = 0xac2574c87e3704b2711eff04cde3a7d7\r\n Processing the authorize section of radiusd.conf\r\nmodcall: entering group authorize for request 11\r\n modcall[authorize]: module \"preprocess\" returns ok for request 11\r\n modcall[authorize]: module \"chap\" returns noop for request 11\r\n modcall[authorize]: module \"mschap\" returns noop for request 11\r\n rlm_realm: No \'@\' in User-Name = \"??\", looking up realm NULL\r\n rlm_realm: No such realm \"NULL\"\r\n modcall[authorize]: module \"suffix\" returns noop for request 11\r\n rlm_eap: EAP packet type response id 2 length 26\r\n rlm_eap: No EAP Start, assuming it\'s an on-going EAP conversation\r\n modcall[authorize]: module \"eap\" returns updated for request 11\r\n modcall[authorize]: module \"files\" returns notfound for request 11\r\nradius_xlat: \'\\025\\004\'\r\nrlm_sql (sql): sql_set_user escaped user --> \'\\025\\004\'\r\nradius_xlat: \'SELECT id, UserName, Attribute, Value, op FROM radcheck WHERE Username = \r\n\r\n\'=5C=5C025=5C=5C004\' ORDER BY id\'\r\nrlm_sql (sql): Reserving sql socket id: 3\r\nrlm_sql (sql): User \\025\\004 not found in radcheck\r\nradius_xlat: \'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op \r\n\r\nFROM radgroupcheck,usergroup WHERE usergroup.Username = \'=5C=5C025=5C=5C004\' AND usergroup.GroupName = \r\n\r\nradgroupcheck.GroupName ORDER BY radgroupcheck.id\'\r\nradius_xlat: \'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op \r\n\r\nFROM radgroupreply,usergroup WHERE usergroup.Username = \'=5C=5C025=5C=5C004\' AND usergroup.GroupName = \r\n\r\nradgroupreply.GroupName ORDER BY radgroupreply.id\'\r\nrlm_sql (sql): User \\025\\004 not found in radgroupcheck\r\nrlm_sql (sql): Released sql socket id: 3\r\nrlm_sql (sql): User not found\r\n modcall[authorize]: module \"sql\" returns notfound for request 11\r\nrlm_pap: WARNING! No \"known good\" password found for the user. Authentication may fail because of this.\r\n modcall[authorize]: module \"pap\" returns noop for request 11\r\nmodcall: leaving group authorize (returns updated) for request 11\r\n rad_check_password: Found Auth-Type EAP\r\nauth: type \"EAP\"\r\n Processing the authenticate section of radiusd.conf\r\nmodcall: entering group authenticate for request 11\r\n rlm_eap: Request found, released from the list\r\n rlm_eap: EAP/md5\r\n rlm_eap: processing type md5\r\nrlm_eap_md5: User-Password is required for EAP-MD5 authentication\r\nrlm_eap: Handler failed in EAP/md5\r\n rlm_eap: Failed in EAP select\r\n modcall[authenticate]: module \"eap\" returns invalid for request 11\r\nmodcall: leaving group authenticate (returns invalid) for request 11\r\nauth: Failed to validate the user.\r\nDelaying request 11 for 1 seconds\r\nFinished request 11\r\nGoing to the next request\r\nWaking up in 6 seconds...\r\n--- Walking the entire request list ---\r\nCleaning up request 10 ID 12 with timestamp 46dc1473\r\nSending Access-Reject of id 13 to 192.168.1.1 port 65474\r\n EAP-Message = 0x04020004\r\n Message-Authenticator = 0x00000000000000000000000000000000\r\nCleaning up request 11 ID 13 with timestamp 46dc1473\r\nNothing to do. Sleeping until we see a request.作者: f117down 时间: 2007-09-07 15:39 大侠们帮帮忙呀!!作者: laodongmo 时间: 2007-09-10 11:01 好啊看看
大侠们帮帮忙呀!!