Re: eap-mschapv2

To: "FreeRadius users mailing list" <freeradius-users@lists.freeradius.org>
Subject: Re: eap-mschapv2
From: "indira kolli" <indkolli@gmail.com>
Date: Thu, 17 Jan 2008 14:56:00 -0500
In-reply-to: <478E3A4E.8000702@deployingradius.com>
References: <8cea24f70801160547g453ed43eu41cdee98dbe80476@mail.gmail.com> <8cea24f70801160651m5826847cwc2ed4f53a6e8552f@mail.gmail.com> <478E2304.5080809@deployingradius.com> <8cea24f70801160846r61606fa6l228e4b517888dfb8@mail.gmail.com> <478E3A4E.8000702@deployingradius.com>
Reply-to: FreeRadius users mailing list <freeradius-users@lists.freeradius.org>

Hello Alan,

I finally got it working. I missed the reply to the second access-challenge.

One thing I am still not sure is about MPPE keys.

For us we are using only EAP-MSCHAPv2 without peap.

The authenticator needs the MPPE keys to authenticate the peer.

But in the EAP-MSCAHPv2 Access-Challenge or Access-accept don't see the keys. I see that the keys are generated for MSCHAPv2 but are

deleted before the request is sent.

Help is very much appreciated.

Thank you

Indi

On Jan 16, 2008 12:09 PM, Alan DeKok <aland@deployingradius.com> wrote:

indira kolli wrote:
> What is the expected callflow for EAP-MSCAHPv2

Read the specification, or the source code.

> Access-request
> Access-Challenge
> Access-request
> Access-Accept
>
> Why am I getting Access-challenge again

You're not saying which supplicant you're using.

Let me guess: you're writing your own, and trying to debug it using
FreeRADIUS. If that's true, I suggest that you go read the
wpa_supplicant source code. It implements EAP-MSCHAPv2 correctly.

If you're not writing your own supplicant, then the server is working
correctly. You may be surprised that more than one Access-Challenge is
being sent, but that is the Way It Works. If you care to know why, go
read the source code in rlm_eap_mschapv2.c

Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Follow-Ups:
- Re: eap-mschapv2
  - From: Alan DeKok <aland@deployingradius.com>

References:
- eap-mschapv2
  - From: "indira kolli" <indkolli@gmail.com>
- Re: eap-mschapv2
  - From: "indira kolli" <indkolli@gmail.com>
- Re: eap-mschapv2
  - From: Alan DeKok <aland@deployingradius.com>
- Re: eap-mschapv2
  - From: "indira kolli" <indkolli@gmail.com>
- Re: eap-mschapv2
  - From: Alan DeKok <aland@deployingradius.com>

Previous by Date: Freeradius +LDAP + Active Directory + Authenticate Only questions
Next by Date: Re: Rlm_sql in freeradius-1.1.7
Previous by Thread: Re: eap-mschapv2
Next by Thread: Re: eap-mschapv2
Freeradius-Users January 2008 archives indexes sorted by: [ thread ] [ subject ] [ author ] [ date ]
Freeradius-Users list archive Table of Contents
More information about the Freeradius-Users mailing list

This archive was generated by a fusion of Pipermail (Mailman edition) and MHonArc.