Cannot authenticate using PEAPv0 and Windows XP SP3 native supplicant

tnt at kalik.net tnt at kalik.net
Tue Mar 17 11:47:15 CET 2009


>I spent 3 weeks trying to make FreeRadius work with PEAPv0 and WinXP SP3
>native supplicant. I can authenticate using local flat file or ntlm_auth but
>authentication from WinXP doesn't work.
>
>++[mschap] returns ok
>MSCHAP Success
>++[eap] returns handled
>} # server inner-tunnel
>[peap] Got tunneled reply code 11
> Session-Timeout = 3600
> EAP-Message =
>0x010900331a0308002e533d44433931383941374635313542394346464639383937373438323335334139383045384331343134
> Message-Authenticator = 0x00000000000000000000000000000000
> State = 0x8514698c841d73de6383db5f8319a5b1
>[peap] Got tunneled reply RADIUS code 11
> Session-Timeout = 3600
> EAP-Message =
>0x010900331a0308002e533d44433931383941374635313542394346464639383937373438323335334139383045384331343134
> Message-Authenticator = 0x00000000000000000000000000000000
> State = 0x8514698c841d73de6383db5f8319a5b1
>[peap] Got tunneled Access-Challenge
>++[eap] returns handled
>Sending Access-Challenge of id 160 to 10.112.250.68 port 1645
> EAP-Message =
>0x0109004a1900170301003f6145ec30002debef77be6fabe99fbe76b3510591ae8dfd4bb27523dbefd8970ce673f9bcd55ac41603f5163ef61aaba69c074a5cb60d0c7b9c23856fe47a96
> Message-Authenticator = 0x00000000000000000000000000000000
> State = 0xcdfe2065caf73973f250f474980ad2ad
>Finished request 7.
>Going to the next request
>Waking up in 4.9 seconds.

ntlm_auth authenticates the user but exchange can't complete after that.
This was noted previously on the list. Most people resolved this by
reverting to stable Samba version. Samba 3.2.x seem to be the problem.

Ivan Kalik
Kalik Informatika ISP




More information about the Freeradius-Users mailing list