peap not working for windows XP client

tnt at kalik.net tnt at kalik.net
Sat Mar 14 12:55:29 CET 2009


>i want to implement peap  for my wifi connection. I have set up the access
>point(D-Link DWL 2100 AP) for using FreeRADIUS 2.1 For
>authentication.Whenever i send a request from the client to the server,the
>server fails to authenticate the client. What happens can be seen in the
>debug code attached below.The problem may be due to the fact that the server
>certificate used requires to be signed by special XP extensions but i am not
>sure about it.I am currently using the default certificates created when
>FreeRADIUS 2.1 is first installed.Can anyone please tell me why the error is
>occuring and what the remedy for this is??

It has nothing to do with certificates.

..
>[suffix] No '@' in User-Name = "ITDEPT.COM\scoe", looking up realm NULL
>[suffix] No such realm "NULL"
>++[suffix] returns noop

You left username as it is.

..
>[mschap] No Cleartext-Password configured.  Cannot create NT-Password.
>[mschap]   NT Domain delimeter found, should we have enabled
>with_ntdomain_hack?
>[mschap] Told to do MS-CHAPv2 for ITDEPT.COM\scoe with NT-Password
>[mschap] FAILED: No NT/LM-Password.  Cannot perform authentication.

Where is password for the user suposed to be? Is password under
ITDEPT.COM\scoe or just scoe? If you need to strip out the domain you
need to enable ntdomain (in authorize), add domain as local realm in
proxy.conf and nt_domain_hack (in reddb/modules/mschap).

Ivan Kalik
KJalik Informatika ISP




More information about the Freeradius-Users mailing list