Tak, hasła są te same...
Troszkę dziwna sprawa, bo po 'show radius local-server statistics' dostaję:
Kod: Zaznacz cały
Successes : 0 Unknown usernames : 0
Client blocks : 0 Invalid passwords : 0
Unknown NAS : 0 Invalid packet from NAS: 0
NAS : 192.168.1.253
Successes : 0 Unknown usernames : 0
Client blocks : 0 Invalid passwords : 0
Corrupted packet : 0 Unknown RADIUS message : 0
No username attribute : 0 Missing auth attribute : 0
Shared key mismatch : 0 Invalid state attribute: 0
Unknown EAP message : 0 Unknown EAP auth type : 0
Username Successes Failures Blocks
user1 0 0 0
user2 0 0 0
Przyznaję, że nie sprawdzałem tego po użyciu komendy 'test...'... ale po próbie autentykacji klienta przez 802.1x/PEAP (od tego zaczynałem) wzrastał licznik 'Unknown usernames'... a tu zera...
Wyniki debugów:
z 'debug radius local-server...':
Kod: Zaznacz cały
*Mar 1 08:29:05.881: RADSRV 192.168.1.253> Code 1 Id 28 Len 51
*Mar 1 08:29:05.881: Auth E018B0 E018B4 E018B8 E018BC
*Mar 1 08:29:05.881: 2 - 8C 96 D7 2D 85 3F 6D 1B 8B 6C AB BE D8 C1 FA EA
*Mar 1 08:29:05.882: 1 - user1
*Mar 1 08:29:05.882: 4 - 192.168.1.253
*Mar 1 08:29:05.882: RADSRV 192.168.1.253< Code 3 Id 28 Len 88
*Mar 1 08:29:05.882: Auth E06234 E06238 E0623C E06240
*Mar 1 08:29:05.883: 24 - 00 90 70 B8 00 0A CE 48 00 90 70 B8 00 00 00 00 00
96 94 AC 00 00 00 00 00 00 00 00 00 00 00 00 91 E1 B6 73 54 CE 58 24 65 50 B1 54
74 42 E9 C9
*Mar 1 08:29:05.883: 80 - 61 45 D8 27 B7 59 E3 6E 99 7A 13 C2 7A 79 CC 5C
z 'debug radius authentication':
Kod: Zaznacz cały
*Mar 1 08:31:18.791: AAA/AUTHEN/LOGIN (00000000): Pick method list 'Permanent L
ocal'
*Mar 1 08:31:18.792: RADIUS/ENCODE(00000000): dropping service type, "radius-se
rver attribute 6 on-for-login-auth" is off
*Mar 1 08:31:18.792: RADIUS: Pick NAS IP for uid=0 tableid=0 cfg_addr=192.168.1
.253 best_addr=0.0.0.0
*Mar 1 08:31:18.792: RADIUS(00000000): sending
*Mar 1 08:31:18.792: RADIUS(00000000): Send Access-Request to 192.168.1.253:181
2 id 21645/43, len 51
*Mar 1 08:31:18.793: RADIUS: authenticator A6 F2 3C 38 C2 6D 9F DC - 6B A1 12
B6 CB E3 12 A1
*Mar 1 08:31:18.793: RADIUS: User-Password [2] 18 *
*Mar 1 08:31:18.793: RADIUS: User-Name [1] 7 "user1"
*Mar 1 08:31:18.793: RADIUS: NAS-IP-Address [4] 6 192.168.1.253
*Mar 1 08:31:18.794: RADIUS: Received from id 21645/43 192.168.1.253:1812, Acce
ss-Reject, len 88
*Mar 1 08:31:18.794: RADIUS: authenticator BA AD 27 BD 31 7A 52 52 - DE B6 A1
3F 60 72 08 74
*Mar 1 08:31:18.794: RADIUS: State [24] 50
*Mar 1 08:31:18.795: RADIUS: 00 90 70 B8 00 0A CE 48 00 90 70 B8 00 00 00 00
[??p????H??p?????]
*Mar 1 08:31:18.795: RADIUS: 00 96 94 AC 00 00 00 00 00 00 00 00 00 00 00 00
[????????????????]
*Mar 1 08:31:18.796: RADIUS: 91 E1 B6 73 54 CE 58 24 65 50 B1 54 74 42 E9 C9
[???sT?X$eP?TtB??]
*Mar 1 08:31:18.796: RADIUS: Message-Authenticato[80] 18 *
*Mar 1 08:31:18.796: RADIUS(00000000): Received from id 21645/43
*Mar 1 08:31:18.796: RADIUS(00000000): Unique id not in use
*Mar 1 08:31:18.796: RADIUS/DECODE(00000000): There is no RADIUS DB Some Radius
attributes may not be stored
*Mar 1 08:31:18.796: RADIUS: not a valid author-type 0!!