freeradius 2.0.4 and peap

Manuel Sánchez Cuenca msc at dif.um.es
Fri May 2 13:54:15 CEST 2008


Hello all,

I have installed freeradius 2.0.4 and now I'm trying to configure peap.

When I try to connect using a Windows XP laptop, the server rejects the
user.

The log shows this information:

  rlm_eap: processing type mschapv2
+- entering group MS-CHAP
  rlm_mschap: No Cleartext-Password configured.  Cannot create LM-Password.
  rlm_mschap: No Cleartext-Password configured.  Cannot create NT-Password.
  rlm_mschap: Told to do MS-CHAPv2 for lolo with NT-Password
  rlm_mschap: FAILED: No NT/LM-Password.  Cannot perform authentication.
  rlm_mschap: FAILED: MS-CHAP2-Response is incorrect
++[mschap] returns reject
  rlm_eap: Freeing handler
++[eap] returns reject
auth: Failed to validate the user.
Login incorrect: [lolo/<via Auth-Type = EAP>] (from client dame-ap port
0 via TLS tunnel)
  PEAP: Tunneled authentication was rejected.


The configuration files are the following:

* eap.conf

        eap {
              default_eap_type = peap
              . . .
              tls {
                        private_key_password = srvpwd
                        private_key_file = ${certdir}/server.pem
                        certificate_file = ${certdir}/server.pem
                        CA_file = ${cadir}/ca.pem
                        . . .
               }
               peap {
                        default_eap_type = mschapv2
                        copy_request_to_tunnel = no
                        use_tunneled_reply = no
                        virtual_server = "inner-tunnel"
                }
                mschapv2 {
                }


* users
         lolo     Cleartext-Password := "password"

* sites-enabled/default
          authorize {
              eap {
                  ok = return
              }
              ...
         }
         authenticate {
             eap
              ...
         }
          ...

Can anybody help me?

Thanks in advance.

-- 
-----------------------------
Manuel Sanchez Cuenca
Departamento de Ingenieria de la Informacion y las Comunicaciones
Departamento de Ingeniería y Tecnología de Computadores
Facultad de Informatica. Universidad de Murcia
Campus de Espinardo - 30080 Murcia (SPAIN)
Tel.: +34-968-364644    Fax: +34-968-364151
email: msc at dif.um.es  |  manuelsc at um.es
url: http://webs.um.es/manuelsc



More information about the Freeradius-Users mailing list