Mschapv2 not working! Please help!

Fri Oct 17 10:56:15 CEST 2008

Hi,
PEAP MSCHAPv2 works well with Active Directory Backend. I am not sure of its
Authentication Process with users file.

Try with EAP MD5, it works well with Users file.

SYED
On Thu, Oct 16, 2008 at 5:21 PM, saini_jas16 <
jaswinder.kaur at northyorks.gov.uk> wrote:

>
> Hello All,
>
> I am trying to authenticate a Windows XP Client with the username and
> password configured in the Users file on the Radius Server.  I have tried
> saveral changes, but I am not able to get rid of this error. I am running
> freeradius 2.1.1 on Suse 10 SP1.
>
> Kindly Help, I am in urgent need of making this radius server up and
> running.
> Below is the error I am receiving.
>
>
> rad_recv: Access-Request packet from host 130.1.254.174 port 20000,
> id=212,
> length=182
>        NAS-Port-Id = "2049/1"
>        Calling-Station-Id = "00-1F-3B-70-5B-7F"
>        Called-Station-Id = "00-18-6E-30-70-C0:NYCC_TEST"
>        Service-Type = Framed-User
>        User-Name = "jaswinder"
>        State = 0x2aaca71b29aabed260fc846046180105
>        EAP-Message =
> 0x02060021198000000017150301001294659677442f8e7a361ee8ee93374c90ed53
>        NAS-Port-Type = Wireless-802.11
>        NAS-Identifier = "3Com"
>        NAS-IP-Address = 130.1.254.174
>        Message-Authenticator = 0xe42d1530c16b34c5b74bfb4c486083aa
> +- entering group authorize {...}
> ++[preprocess] returns ok
> ++[chap] returns noop
> ++[mschap] returns noop
> [suffix] No '@' in User-Name = "jaswinder", looking up realm NULL
> [suffix] No such realm "NULL"
> ++[suffix] returns noop
> [eap] EAP packet type response id 6 length 33
> [eap] Continuing tunnel setup.
> ++[eap] returns ok
> Found Auth-Type = EAP
> +- entering group authenticate {...}
> [eap] Request found, released from the list
> [eap] EAP/peap
> [eap] processing type peap
> [peap] processing EAP-TLS
>  TLS Length 23
> [peap] Length Included
> [peap] eaptls_verify returned 11
> [peap] <<< TLS 1.0 Alert [length 0002], fatal access_denied
> TLS Alert read:fatal:access denied
> [peap] WARNING: No data inside of the tunnel.
> [peap] eaptls_process returned 7
> [peap] EAPTLS_OK
> [peap] Session established.  Decoding tunneled attributes.
> [peap] Tunneled data is invalid.
> [eap] Handler failed in EAP/peap
> [eap] Failed in EAP select
> ++[eap] returns invalid
> Failed to authenticate the user.
> Using Post-Auth-Type Reject
> +- entering group REJECT {...}
> [attr_filter.access_reject]     expand: %{User-Name} -> jaswinder
>  attr_filter: Matched entry DEFAULT at line 11
> ++[attr_filter.access_reject] returns updated
> Delaying reject of request 5 for 1 seconds
> Going to the next request
>
> Any help is greatly appreciated.
> Thanks,
> Jas
> --
> View this message in context:
> http://www.nabble.com/Mschapv2-not-working%21-Please-help%21-tp20015619p20015619.html
> Sent from the FreeRadius - User mailing list archive at Nabble.com.
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20081017/c31d6f04/attachment.html>