[strongSwan] XAuth-EAP method backend not supported: radius
WorkingMan
signup_mail2002 at yahoo.com
Mon Oct 21 19:50:52 CEST 2013
My setup works without RADIUS but once I add rightauth2=xauth-eap I get an
error which result in user authentication failure.
ipsec.conf:
keyexchange=ikev1
authby=xauthrsasig
rightauth=pubkey
rightauth2=xauth-eap
leftauth=pubkey
strongswan.conf
plugins {
eap-radius {
accounting = yes
servers {
rad1 {
address = <radius ip>
secret = <pswd>
}
}
}
}
logs says:
"XAuth-EAP method backend not supported: radius"
I read: http://wiki.strongswan.org/issues/307 but everything seems to be
setup correctly. That error message comes from xauth_eap.c from "process"
method, and when charon->eap->create_instance returns NULL.
listplugins shows that I have the required plugins enabled:
eap-radius:
EAP_SERVER:RAD
CUSTOM:eap-radius
XAUTH_SERVER:radius
CUSTOM:eap-radius
CUSTOM:eap-radius
HASHER:HASH_MD5
SIGNER:HMAC_MD5_128
RNG:RNG_WEAK
xauth-eap:
XAUTH_SERVER:eap
I am not sure where the issue is. On my local VMWare image where everything
is install on the same box, strongswan/freeradius, I don't have this issue.
I did some test with my VM. If radius's IP is not reachable or freeradius
server is not running it will say "RADIUS server not responding". So we can
rule out this scenario. It's almost telling me immediately something is
wrong (no retry logic at all). Both uses v5.1 (built from source).
Thanks, in advance.
More information about the Users
mailing list