cannot login to wpa2 enterprise with ar750 wierless repeater 3.104
setup
Backgound
freeraidus3 running on openwrt 19.07.3
peap and mschapv2
android devices and ios devices login fine.
windows 10 and apple ios fine.
Gli-net router fails authenticaion. (watching debug log running service from command line)
anyideas why?
(6) Received Access-Request Id 19 from 192.168.77.1:36520 to 192.168.77.1:1812 length 185
(6) User-Name = "bob"
(6) Called-Station-Id = "54-A0-50-xx-xx-xx:Bored_yet"
(6) NAS-Port-Type = Wireless-802.11
(6) Service-Type = Framed-User
(6) NAS-Port = 1
(6) Calling-Station-Id = "E4-95-6E-xx-xx-DC"
(6) Connect-Info = "CONNECT 54Mbps 802.11g"
(6) Acct-Session-Id = "8D37BB33456EDB1C"
(6) Attr-186 = 0x000fac04
(6) Attr-187 = 0x000fac04
(6) Attr-188 = 0x000fac01
(6) Framed-MTU = 1400
(6) EAP-Message = 0x02da000801626f62
(6) Message-Authenticator = 0x43d19e6f6f589d2283ae7b0f95ecc8e2
(6) # Executing section authorize from file /etc/freeradius3/sites-enabled/default
(6) authorize {
(6) policy filter_username {
(6) if (&User-Name) {
(6) if (&User-Name) -> TRUE
(6) if (&User-Name) {
(6) if (&User-Name =~ / /) {
(6) if (&User-Name =~ / /) -> FALSE
(6) if (&User-Name =~ /@[^@]*@/ ) {
(6) if (&User-Name =~ /@[^@]*@/ ) -> FALSE
(6) if (&User-Name =~ /\.\./ ) {
(6) if (&User-Name =~ /\.\./ ) -> FALSE
(6) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) {
(6) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE
(6) if (&User-Name =~ /\.$/) {
(6) if (&User-Name =~ /\.$/) -> FALSE
(6) if (&User-Name =~ /@\./) {
(6) if (&User-Name =~ /@\./) -> FALSE
(6) } # if (&User-Name) = notfound
(6) } # policy filter_username = notfound
(6) [preprocess] = ok
(6) [chap] = noop
(6) [mschap] = noop
(6) [digest] = noop
(6) suffix: Checking for suffix after "@"
(6) suffix: No '@' in User-Name = "bob", looking up realm NULL
(6) suffix: No such realm "NULL"
(6) [suffix] = noop
(6) eap: Peer sent EAP Response (code 2) ID 218 length 8
(6) eap: EAP-Identity reply, returning 'ok' so we can short-circuit the rest of authorize
(6) [eap] = ok
(6) } # authorize = ok
(6) Found Auth-Type = eap
(6) # Executing group from file /etc/freeradius3/sites-enabled/default
(6) authenticate {
(6) eap: Peer sent packet with method EAP Identity (1)
(6) eap: Calling submodule eap_md5 to process data
(6) eap_md5: Issuing MD5 Challenge
(6) eap: Sending EAP Request (code 1) ID 219 length 22
(6) eap: EAP session adding &reply:State = 0xacfbd477ac20d0ba
(6) [eap] = handled
(6) } # authenticate = handled
(6) Using Post-Auth-Type Challenge
(6) # Executing group from file /etc/freeradius3/sites-enabled/default
(6) Challenge { ... } # empty sub-section is ignored
(6) Sent Access-Challenge Id 19 from 192.168.77.1:1812 to 192.168.77.1:36520 length 0
(6) EAP-Message = 0x01db0016041021d53999db59c194361ba580d8f01a68
(6) Message-Authenticator = 0x00000000000000000000000000000000
(6) State = 0xacfbd477ac20d0baade9b311fc9f971b
(6) Finished request