problems with authorization PEAP - EAP-MSCHAPv2 clients

Madwifi Wireless madwifi at vermark.com
Mon Oct 27 18:27:55 CET 2008


I am not an expert on this but I think here is the problem.  Under *eap* 
you have this:

	######## eap #######
	eap {
		default_eap_type = md5
		timer_expire     = 60
		ignore_unknown_eap_types = no
		cisco_accounting_username_bug = no


I think you want to change it to:

	######## eap #######
	eap {
		default_eap_type = *mschapv2*
		timer_expire     = 60
		ignore_unknown_eap_types = no
		cisco_accounting_username_bug = no



That seem to work for me.  Give it a try. I have test FR 2.1.1 with that 
configuration. Client is Win XP SP3


Lukas Lisa wrote:
> Hello,
> I would like to authorize windows clients access to 3com Baseline
> Switch 2948 SFP against FreeRADIUS server 2.0.5.
>
> Windows are cofigured to use PEAP - EAP-MSCHAPv2.
> Server certificate was created with bootstrap script (xpextensions
> are included).
>
> I tried windows xp sp3 and linux (wpa_supplicant) client and both
> cause the same server output and authorization can't pass.
> Testing tools eapol_test, radeapclient and jRadiusSimulator can pass
> all tests fine.
>
> EAP - MD5 Challenge works fine.
>
> Attaching radiusd.conf and radius -X output.
> Thanks for help.
>
>   
> ------------------------------------------------------------------------
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html



More information about the Freeradius-Users mailing list